180 private Secmod.DbMode nssDbMode = Secmod.DbMode.READ_WRITE; 181 182 // Whether the P11KeyStore should specify the CKA_NETSCAPE_DB attribute 183 // when creating private keys. Only valid if nssUseSecmod is true. 184 private boolean nssNetscapeDbWorkaround = true; 185 186 // Special init argument string for the NSS softtoken. 187 // This is used when using the NSS softtoken directly without secmod mode. 188 private String nssArgs; 189 190 // whether to use NSS trust attributes for the KeyStore of this provider 191 // this option is for internal use by the SunPKCS11 code only and 192 // works only for NSS providers created via the Secmod API 193 private boolean nssUseSecmodTrust = false; 194 195 // Flag to indicate whether the X9.63 encoding for EC points shall be used 196 // (true) or whether that encoding shall be wrapped in an ASN.1 OctetString 197 // (false). 198 private boolean useEcX963Encoding = false; 199 200 private Config(String filename, InputStream in) throws IOException { 201 if (in == null) { 202 if (filename.startsWith("--")) { 203 // inline config 204 String config = filename.substring(2).replace("\\n", "\n"); 205 reader = new StringReader(config); 206 } else { 207 in = new FileInputStream(expand(filename)); 208 } 209 } 210 if (reader == null) { 211 reader = new BufferedReader(new InputStreamReader(in)); 212 } 213 parsedKeywords = new HashSet<String>(); 214 st = new StreamTokenizer(reader); 215 setupTokenizer(); 216 parse(); 217 } 218 219 String getName() { 312 Secmod.DbMode getNssDbMode() { 313 return nssDbMode; 314 } 315 316 public boolean getNssNetscapeDbWorkaround() { 317 return nssUseSecmod && nssNetscapeDbWorkaround; 318 } 319 320 String getNssArgs() { 321 return nssArgs; 322 } 323 324 boolean getNssUseSecmodTrust() { 325 return nssUseSecmodTrust; 326 } 327 328 boolean getUseEcX963Encoding() { 329 return useEcX963Encoding; 330 } 331 332 private static String expand(final String s) throws IOException { 333 try { 334 return PropertyExpander.expand(s); 335 } catch (Exception e) { 336 throw new RuntimeException(e.getMessage()); 337 } 338 } 339 340 private void setupTokenizer() { 341 st.resetSyntax(); 342 st.wordChars('a', 'z'); 343 st.wordChars('A', 'Z'); 344 st.wordChars('0', '9'); 345 st.wordChars(':', ':'); 346 st.wordChars('.', '.'); 347 st.wordChars('_', '_'); 348 st.wordChars('-', '-'); 349 st.wordChars('/', '/'); 350 st.wordChars('\\', '\\'); 351 st.wordChars('$', '$'); 434 String mode = parseStringEntry(word); 435 if (mode.equals("readWrite")) { 436 nssDbMode = Secmod.DbMode.READ_WRITE; 437 } else if (mode.equals("readOnly")) { 438 nssDbMode = Secmod.DbMode.READ_ONLY; 439 } else if (mode.equals("noDb")) { 440 nssDbMode = Secmod.DbMode.NO_DB; 441 } else { 442 throw excToken("nssDbMode must be one of readWrite, readOnly, and noDb:"); 443 } 444 nssUseSecmod = true; 445 } else if (word.equals("nssNetscapeDbWorkaround")) { 446 nssNetscapeDbWorkaround = parseBooleanEntry(word); 447 nssUseSecmod = true; 448 } else if (word.equals("nssArgs")) { 449 parseNSSArgs(word); 450 } else if (word.equals("nssUseSecmodTrust")) { 451 nssUseSecmodTrust = parseBooleanEntry(word); 452 } else if (word.equals("useEcX963Encoding")) { 453 useEcX963Encoding = parseBooleanEntry(word); 454 } else { 455 throw new ConfigurationException 456 ("Unknown keyword '" + word + "', line " + st.lineno()); 457 } 458 parsedKeywords.add(word); 459 } 460 reader.close(); 461 reader = null; 462 st = null; 463 parsedKeywords = null; 464 if (name == null) { 465 throw new ConfigurationException("name must be specified"); 466 } 467 if (nssUseSecmod == false) { 468 if (library == null) { 469 throw new ConfigurationException("library must be specified"); 470 } 471 } else { 472 if (library != null) { 473 throw new ConfigurationException | 180 private Secmod.DbMode nssDbMode = Secmod.DbMode.READ_WRITE; 181 182 // Whether the P11KeyStore should specify the CKA_NETSCAPE_DB attribute 183 // when creating private keys. Only valid if nssUseSecmod is true. 184 private boolean nssNetscapeDbWorkaround = true; 185 186 // Special init argument string for the NSS softtoken. 187 // This is used when using the NSS softtoken directly without secmod mode. 188 private String nssArgs; 189 190 // whether to use NSS trust attributes for the KeyStore of this provider 191 // this option is for internal use by the SunPKCS11 code only and 192 // works only for NSS providers created via the Secmod API 193 private boolean nssUseSecmodTrust = false; 194 195 // Flag to indicate whether the X9.63 encoding for EC points shall be used 196 // (true) or whether that encoding shall be wrapped in an ASN.1 OctetString 197 // (false). 198 private boolean useEcX963Encoding = false; 199 200 // Flag to indicate whether NSS should favour performance (false) or 201 // memory footprint (true). 202 private boolean nssUseOptimizeSpace = false; 203 204 private Config(String filename, InputStream in) throws IOException { 205 if (in == null) { 206 if (filename.startsWith("--")) { 207 // inline config 208 String config = filename.substring(2).replace("\\n", "\n"); 209 reader = new StringReader(config); 210 } else { 211 in = new FileInputStream(expand(filename)); 212 } 213 } 214 if (reader == null) { 215 reader = new BufferedReader(new InputStreamReader(in)); 216 } 217 parsedKeywords = new HashSet<String>(); 218 st = new StreamTokenizer(reader); 219 setupTokenizer(); 220 parse(); 221 } 222 223 String getName() { 316 Secmod.DbMode getNssDbMode() { 317 return nssDbMode; 318 } 319 320 public boolean getNssNetscapeDbWorkaround() { 321 return nssUseSecmod && nssNetscapeDbWorkaround; 322 } 323 324 String getNssArgs() { 325 return nssArgs; 326 } 327 328 boolean getNssUseSecmodTrust() { 329 return nssUseSecmodTrust; 330 } 331 332 boolean getUseEcX963Encoding() { 333 return useEcX963Encoding; 334 } 335 336 boolean getNssUseOptimizeSpace() { 337 return nssUseOptimizeSpace; 338 } 339 340 private static String expand(final String s) throws IOException { 341 try { 342 return PropertyExpander.expand(s); 343 } catch (Exception e) { 344 throw new RuntimeException(e.getMessage()); 345 } 346 } 347 348 private void setupTokenizer() { 349 st.resetSyntax(); 350 st.wordChars('a', 'z'); 351 st.wordChars('A', 'Z'); 352 st.wordChars('0', '9'); 353 st.wordChars(':', ':'); 354 st.wordChars('.', '.'); 355 st.wordChars('_', '_'); 356 st.wordChars('-', '-'); 357 st.wordChars('/', '/'); 358 st.wordChars('\\', '\\'); 359 st.wordChars('$', '$'); 442 String mode = parseStringEntry(word); 443 if (mode.equals("readWrite")) { 444 nssDbMode = Secmod.DbMode.READ_WRITE; 445 } else if (mode.equals("readOnly")) { 446 nssDbMode = Secmod.DbMode.READ_ONLY; 447 } else if (mode.equals("noDb")) { 448 nssDbMode = Secmod.DbMode.NO_DB; 449 } else { 450 throw excToken("nssDbMode must be one of readWrite, readOnly, and noDb:"); 451 } 452 nssUseSecmod = true; 453 } else if (word.equals("nssNetscapeDbWorkaround")) { 454 nssNetscapeDbWorkaround = parseBooleanEntry(word); 455 nssUseSecmod = true; 456 } else if (word.equals("nssArgs")) { 457 parseNSSArgs(word); 458 } else if (word.equals("nssUseSecmodTrust")) { 459 nssUseSecmodTrust = parseBooleanEntry(word); 460 } else if (word.equals("useEcX963Encoding")) { 461 useEcX963Encoding = parseBooleanEntry(word); 462 } else if (word.equals("nssUseOptimizeSpace")) { 463 nssUseOptimizeSpace = parseBooleanEntry(word); 464 } else { 465 throw new ConfigurationException 466 ("Unknown keyword '" + word + "', line " + st.lineno()); 467 } 468 parsedKeywords.add(word); 469 } 470 reader.close(); 471 reader = null; 472 st = null; 473 parsedKeywords = null; 474 if (name == null) { 475 throw new ConfigurationException("name must be specified"); 476 } 477 if (nssUseSecmod == false) { 478 if (library == null) { 479 throw new ConfigurationException("library must be specified"); 480 } 481 } else { 482 if (library != null) { 483 throw new ConfigurationException |