4320N/A * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. 0N/A * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 0N/A * This code is free software; you can redistribute it and/or modify it 0N/A * under the terms of the GNU General Public License version 2 only, as 2362N/A * published by the Free Software Foundation. Oracle designates this 0N/A * particular file as subject to the "Classpath" exception as provided 2362N/A * by Oracle in the LICENSE file that accompanied this code. 0N/A * This code is distributed in the hope that it will be useful, but WITHOUT 0N/A * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 0N/A * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 0N/A * version 2 for more details (a copy is included in the LICENSE file that 0N/A * accompanied this code). 0N/A * You should have received a copy of the GNU General Public License version 0N/A * 2 along with this work; if not, write to the Free Software Foundation, 0N/A * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 2362N/A * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 2362N/A * or visit www.oracle.com if you need additional information or have any 0N/A * Configuration container and file parsing. 0N/A * @author Andreas Sterbenz 0N/A // same as allowSingleThreadedModules but controlled via a system property 0N/A // and applied to all providers. if set to false, no SunPKCS11 instances 0N/A // will accept single threaded modules regardless of the setting in their 0N/A String p =
"sun.security.pkcs11.allowSingleThreadedModules";
0N/A // temporary storage for configurations 0N/A // needed because the SunPKCS11 needs to call the superclass constructor 0N/A // in provider before accessing any instance variables 0N/A private final static boolean DEBUG =
false;
0N/A // Reader and StringTokenizer used during parsing 0N/A // name suffix of the provider 0N/A // name of the PKCS#11 library 0N/A // description to pass to the provider class 0N/A // slotID of the slot to use 0N/A // slot to use, specified as index in the slotlist 0N/A // set of enabled mechanisms (or null to use default) 0N/A // set of disabled mechanisms 0N/A // whether to print debug info during startup 0N/A // template manager, initialized from parsed attributes 0N/A // how to handle error during startup, one of ERR_ 0N/A // flag indicating whether the P11KeyStore should 0N/A // be more tolerant of input parameters 0N/A // flag indicating whether we need to explicitly cancel operations 0N/A // how often to test for token insertion, if no token is present 0N/A // flag inidicating whether to omit the call to C_Initialize() 0N/A // should be used only if we are running within a process that 0N/A // whether to allow modules that only support single threaded access. 0N/A // they cannot be used safely from multiple PKCS#11 consumers in the 0N/A // same process, for example NSS and SunPKCS11 0N/A // name of the C function that returns the PKCS#11 functionlist 0N/A // This option primarily exists for the deprecated 0N/A // Secmod.Module.getProvider() method. 0N/A // whether to use NSS secmod mode. Implicitly set if nssLibraryDirectory, 0N/A // nssSecmodDirectory, or nssModule is specified. 0N/A // location of the NSS library files (libnss3.so, etc.) 0N/A // location of secmod.db 0N/A // which NSS module to use 0N/A // Whether the P11KeyStore should specify the CKA_NETSCAPE_DB attribute 0N/A // when creating private keys. Only valid if nssUseSecmod is true. 0N/A // Special init argument string for the NSS softtoken. 0N/A // This is used when using the NSS softtoken directly without secmod mode. 0N/A // whether to use NSS trust attributes for the KeyStore of this provider 0N/A // this option is for internal use by the SunPKCS11 code only and 0N/A // works only for NSS providers created via the Secmod API 4426N/A // Flag to indicate whether the X9.63 encoding for EC points shall be used 4426N/A // (true) or whether that encoding shall be wrapped in an ASN.1 OctetString 0N/A // if neither is set, default to first slot 0N/A // XXX check ASCII table and add all other characters except special 0N/A throw excToken(
"nssDbMode must be one of readWrite, readOnly, and noDb:");
0N/A (
"library must not be specified in NSS mode");
0N/A (
"slot and slotListIndex must not be specified in NSS mode");
0N/A (
"nssArgs must not be specified in NSS mode");
0N/A +
"internal option and must not be specified in NSS mode");
0N/A // Parsing helper methods 0N/A // not a word token nor a string enclosed by double quotes 0N/A return ((
ch >=
'0') && (
ch <=
'9'));
0N/A // XXX proper hex parsing 0N/A // individual entry parsing methods 0N/A // replace "/$ISA/" with "/sparcv9/" on 64-bit Solaris SPARC 0N/A // and with "/amd64/" on Solaris AMD64. 0N/A // On all other platforms, just turn it into a "/" 4320N/A // Check to see if full path is specified to prevent the DLL 4320N/A "Absolute path required for library value: " +
lib);
0N/A (
"Only one of slot and slotListIndex must be specified");
0N/A throw excLine(
"Duplicate slotListIndex definition");
0N/A (
"Only one of slot and slotListIndex must be specified");
0N/A throw excLine(
"Expected 'compatibility', read " + s);
0N/A // generic secret keys are special 0N/A // They are used as MAC keys plus for the SSL/TLS (pre)master secrets 0N/A // all private and public keys 0N/A // additional attributes for RSA private keys 0N/A // additional attributes for RSA public keys 0N/A // additional attributes for DSA private keys 0N/A // additional attributes for DSA public keys 0N/A // additional attributes for DH private keys 0N/A // additional attributes for EC private keys 0N/A // additional attributes for EC public keys 0N/A throw excToken(
"Invalid value for handleStartupErrors:");