180 private Secmod.DbMode nssDbMode = Secmod.DbMode.READ_WRITE;
181
182 // Whether the P11KeyStore should specify the CKA_NETSCAPE_DB attribute
183 // when creating private keys. Only valid if nssUseSecmod is true.
184 private boolean nssNetscapeDbWorkaround = true;
185
186 // Special init argument string for the NSS softtoken.
187 // This is used when using the NSS softtoken directly without secmod mode.
188 private String nssArgs;
189
190 // whether to use NSS trust attributes for the KeyStore of this provider
191 // this option is for internal use by the SunPKCS11 code only and
192 // works only for NSS providers created via the Secmod API
193 private boolean nssUseSecmodTrust = false;
194
195 // Flag to indicate whether the X9.63 encoding for EC points shall be used
196 // (true) or whether that encoding shall be wrapped in an ASN.1 OctetString
197 // (false).
198 private boolean useEcX963Encoding = false;
199
200 private Config(String filename, InputStream in) throws IOException {
201 if (in == null) {
202 if (filename.startsWith("--")) {
203 // inline config
204 String config = filename.substring(2).replace("\\n", "\n");
205 reader = new StringReader(config);
206 } else {
207 in = new FileInputStream(expand(filename));
208 }
209 }
210 if (reader == null) {
211 reader = new BufferedReader(new InputStreamReader(in));
212 }
213 parsedKeywords = new HashSet<String>();
214 st = new StreamTokenizer(reader);
215 setupTokenizer();
216 parse();
217 }
218
219 String getName() {
312 Secmod.DbMode getNssDbMode() {
313 return nssDbMode;
314 }
315
316 public boolean getNssNetscapeDbWorkaround() {
317 return nssUseSecmod && nssNetscapeDbWorkaround;
318 }
319
320 String getNssArgs() {
321 return nssArgs;
322 }
323
324 boolean getNssUseSecmodTrust() {
325 return nssUseSecmodTrust;
326 }
327
328 boolean getUseEcX963Encoding() {
329 return useEcX963Encoding;
330 }
331
332 private static String expand(final String s) throws IOException {
333 try {
334 return PropertyExpander.expand(s);
335 } catch (Exception e) {
336 throw new RuntimeException(e.getMessage());
337 }
338 }
339
340 private void setupTokenizer() {
341 st.resetSyntax();
342 st.wordChars('a', 'z');
343 st.wordChars('A', 'Z');
344 st.wordChars('0', '9');
345 st.wordChars(':', ':');
346 st.wordChars('.', '.');
347 st.wordChars('_', '_');
348 st.wordChars('-', '-');
349 st.wordChars('/', '/');
350 st.wordChars('\\', '\\');
351 st.wordChars('$', '$');
434 String mode = parseStringEntry(word);
435 if (mode.equals("readWrite")) {
436 nssDbMode = Secmod.DbMode.READ_WRITE;
437 } else if (mode.equals("readOnly")) {
438 nssDbMode = Secmod.DbMode.READ_ONLY;
439 } else if (mode.equals("noDb")) {
440 nssDbMode = Secmod.DbMode.NO_DB;
441 } else {
442 throw excToken("nssDbMode must be one of readWrite, readOnly, and noDb:");
443 }
444 nssUseSecmod = true;
445 } else if (word.equals("nssNetscapeDbWorkaround")) {
446 nssNetscapeDbWorkaround = parseBooleanEntry(word);
447 nssUseSecmod = true;
448 } else if (word.equals("nssArgs")) {
449 parseNSSArgs(word);
450 } else if (word.equals("nssUseSecmodTrust")) {
451 nssUseSecmodTrust = parseBooleanEntry(word);
452 } else if (word.equals("useEcX963Encoding")) {
453 useEcX963Encoding = parseBooleanEntry(word);
454 } else {
455 throw new ConfigurationException
456 ("Unknown keyword '" + word + "', line " + st.lineno());
457 }
458 parsedKeywords.add(word);
459 }
460 reader.close();
461 reader = null;
462 st = null;
463 parsedKeywords = null;
464 if (name == null) {
465 throw new ConfigurationException("name must be specified");
466 }
467 if (nssUseSecmod == false) {
468 if (library == null) {
469 throw new ConfigurationException("library must be specified");
470 }
471 } else {
472 if (library != null) {
473 throw new ConfigurationException
|
180 private Secmod.DbMode nssDbMode = Secmod.DbMode.READ_WRITE;
181
182 // Whether the P11KeyStore should specify the CKA_NETSCAPE_DB attribute
183 // when creating private keys. Only valid if nssUseSecmod is true.
184 private boolean nssNetscapeDbWorkaround = true;
185
186 // Special init argument string for the NSS softtoken.
187 // This is used when using the NSS softtoken directly without secmod mode.
188 private String nssArgs;
189
190 // whether to use NSS trust attributes for the KeyStore of this provider
191 // this option is for internal use by the SunPKCS11 code only and
192 // works only for NSS providers created via the Secmod API
193 private boolean nssUseSecmodTrust = false;
194
195 // Flag to indicate whether the X9.63 encoding for EC points shall be used
196 // (true) or whether that encoding shall be wrapped in an ASN.1 OctetString
197 // (false).
198 private boolean useEcX963Encoding = false;
199
200 // Flag to indicate whether NSS should favour performance (false) or
201 // memory footprint (true).
202 private boolean nssUseOptimizeSpace = false;
203
204 private Config(String filename, InputStream in) throws IOException {
205 if (in == null) {
206 if (filename.startsWith("--")) {
207 // inline config
208 String config = filename.substring(2).replace("\\n", "\n");
209 reader = new StringReader(config);
210 } else {
211 in = new FileInputStream(expand(filename));
212 }
213 }
214 if (reader == null) {
215 reader = new BufferedReader(new InputStreamReader(in));
216 }
217 parsedKeywords = new HashSet<String>();
218 st = new StreamTokenizer(reader);
219 setupTokenizer();
220 parse();
221 }
222
223 String getName() {
316 Secmod.DbMode getNssDbMode() {
317 return nssDbMode;
318 }
319
320 public boolean getNssNetscapeDbWorkaround() {
321 return nssUseSecmod && nssNetscapeDbWorkaround;
322 }
323
324 String getNssArgs() {
325 return nssArgs;
326 }
327
328 boolean getNssUseSecmodTrust() {
329 return nssUseSecmodTrust;
330 }
331
332 boolean getUseEcX963Encoding() {
333 return useEcX963Encoding;
334 }
335
336 boolean getNssUseOptimizeSpace() {
337 return nssUseOptimizeSpace;
338 }
339
340 private static String expand(final String s) throws IOException {
341 try {
342 return PropertyExpander.expand(s);
343 } catch (Exception e) {
344 throw new RuntimeException(e.getMessage());
345 }
346 }
347
348 private void setupTokenizer() {
349 st.resetSyntax();
350 st.wordChars('a', 'z');
351 st.wordChars('A', 'Z');
352 st.wordChars('0', '9');
353 st.wordChars(':', ':');
354 st.wordChars('.', '.');
355 st.wordChars('_', '_');
356 st.wordChars('-', '-');
357 st.wordChars('/', '/');
358 st.wordChars('\\', '\\');
359 st.wordChars('$', '$');
442 String mode = parseStringEntry(word);
443 if (mode.equals("readWrite")) {
444 nssDbMode = Secmod.DbMode.READ_WRITE;
445 } else if (mode.equals("readOnly")) {
446 nssDbMode = Secmod.DbMode.READ_ONLY;
447 } else if (mode.equals("noDb")) {
448 nssDbMode = Secmod.DbMode.NO_DB;
449 } else {
450 throw excToken("nssDbMode must be one of readWrite, readOnly, and noDb:");
451 }
452 nssUseSecmod = true;
453 } else if (word.equals("nssNetscapeDbWorkaround")) {
454 nssNetscapeDbWorkaround = parseBooleanEntry(word);
455 nssUseSecmod = true;
456 } else if (word.equals("nssArgs")) {
457 parseNSSArgs(word);
458 } else if (word.equals("nssUseSecmodTrust")) {
459 nssUseSecmodTrust = parseBooleanEntry(word);
460 } else if (word.equals("useEcX963Encoding")) {
461 useEcX963Encoding = parseBooleanEntry(word);
462 } else if (word.equals("nssUseOptimizeSpace")) {
463 nssUseOptimizeSpace = parseBooleanEntry(word);
464 } else {
465 throw new ConfigurationException
466 ("Unknown keyword '" + word + "', line " + st.lineno());
467 }
468 parsedKeywords.add(word);
469 }
470 reader.close();
471 reader = null;
472 st = null;
473 parsedKeywords = null;
474 if (name == null) {
475 throw new ConfigurationException("name must be specified");
476 }
477 if (nssUseSecmod == false) {
478 if (library == null) {
479 throw new ConfigurationException("library must be specified");
480 }
481 } else {
482 if (library != null) {
483 throw new ConfigurationException
|