Information

0
Story Points

Technologies

Decompiled Java File
package sun.security.pkcs11;

import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.io.NotSerializableException;
import java.io.ObjectStreamException;
import java.io.Serializable;
import java.security.AccessController;
import java.security.AuthProvider;
import java.security.InvalidParameterException;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.PrivilegedAction;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.security.ProviderException;
import java.security.Security;
import java.security.SecurityPermission;
import java.security.Provider.Service;
import java.security.interfaces.DSAPrivateKey;
import java.security.interfaces.DSAPublicKey;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.ECPublicKey;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.text.MessageFormat;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Map.Entry;
import javax.crypto.interfaces.DHPrivateKey;
import javax.crypto.interfaces.DHPublicKey;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.login.FailedLoginException;
import javax.security.auth.login.LoginException;
import sun.security.ec.ECParameters;
import sun.security.pkcs11.Config;
import sun.security.pkcs11.JarVerifierImpl;
import sun.security.pkcs11.P11Cipher;
import sun.security.pkcs11.P11Digest;
import sun.security.pkcs11.P11ECDHKeyAgreement;
import sun.security.pkcs11.P11Key;
import sun.security.pkcs11.P11KeyAgreement;
import sun.security.pkcs11.P11KeyGenerator;
import sun.security.pkcs11.P11KeyPairGenerator;
import sun.security.pkcs11.P11Mac;
import sun.security.pkcs11.P11RSACipher;
import sun.security.pkcs11.P11SecretKeyFactory;
import sun.security.pkcs11.P11Signature;
import sun.security.pkcs11.P11TlsKeyMaterialGenerator;
import sun.security.pkcs11.P11TlsMasterSecretGenerator;
import sun.security.pkcs11.P11TlsPrfGenerator;
import sun.security.pkcs11.P11TlsRsaPremasterSecretGenerator;
import sun.security.pkcs11.Secmod;
import sun.security.pkcs11.Session;
import sun.security.pkcs11.Token;
import sun.security.pkcs11.Secmod.DbMode;
import sun.security.pkcs11.Secmod.Module;
import sun.security.pkcs11.Secmod.ModuleType;
import sun.security.pkcs11.wrapper.CK_C_INITIALIZE_ARGS;
import sun.security.pkcs11.wrapper.CK_INFO;
import sun.security.pkcs11.wrapper.CK_MECHANISM_INFO;
import sun.security.pkcs11.wrapper.CK_SLOT_INFO;
import sun.security.pkcs11.wrapper.Functions;
import sun.security.pkcs11.wrapper.PKCS11;
import sun.security.pkcs11.wrapper.PKCS11Exception;
import sun.security.util.Debug;
import sun.security.util.ResourcesMgr;

public final class SunPKCS11 extends AuthProvider {
   private static final long serialVersionUID = -1354835039035306505L;
   static final Debug debug = Debug.getInstance("sunpkcs11");
   private static int dummyConfigId;
   final PKCS11 p11;
   private final String configName;
   final Config config;
   final long slotID;
   private CallbackHandler pHandler;
   private final Object LOCK_HANDLER;
   final boolean removable;
   final Module nssModule;
   final boolean nssUseSecmodTrust;
   private volatile Token token;
   private SunPKCS11.TokenPoller poller;
   private static volatile boolean integrityVerified;
   private static final Map descriptors = new HashMap();
   private static final String MD = "MessageDigest";
   private static final String SIG = "Signature";
   private static final String KPG = "KeyPairGenerator";
   private static final String KG = "KeyGenerator";
   private static final String AGP = "AlgorithmParameters";
   private static final String KF = "KeyFactory";
   private static final String SKF = "SecretKeyFactory";
   private static final String CIP = "Cipher";
   private static final String MAC = "Mac";
   private static final String KA = "KeyAgreement";
   private static final String KS = "KeyStore";
   private static final String SR = "SecureRandom";

   Token getToken() {
      return this.token;
   }

   public SunPKCS11() {
      super("SunPKCS11-Dummy", 1.5D, "SunPKCS11-Dummy");
      this.LOCK_HANDLER = new Object();
      throw new ProviderException("SunPKCS11 requires configuration file argument");
   }

   public SunPKCS11(String var1) {
      this((String)checkNull(var1), (InputStream)null);
   }

   public SunPKCS11(InputStream var1) {
      this(getDummyConfigName(), (InputStream)checkNull(var1));
   }

   private static Object checkNull(Object var0) {
      if(var0 == null) {
         throw new NullPointerException();
      } else {
         return var0;
      }
   }

   private static synchronized String getDummyConfigName() {
      int var0 = ++dummyConfigId;
      return "---DummyConfig-" + var0 + "---";
   }

   /** @deprecated */
   @Deprecated
   public SunPKCS11(String var1, InputStream var2) {
      super("SunPKCS11-" + Config.getConfig(var1, var2).getName(), 1.6D, Config.getConfig(var1, var2).getDescription());
      this.LOCK_HANDLER = new Object();
      this.configName = var1;
      this.config = Config.removeConfig(var1);
      if(debug != null) {
         System.out.println("SunPKCS11 loading " + var1);
      }

      String var3 = this.config.getLibrary();
      String var4 = this.config.getFunctionList();
      long var5 = (long)this.config.getSlotID();
      int var7 = this.config.getSlotListIndex();
      boolean var8 = this.config.getNssUseSecmod();
      boolean var9 = this.config.getNssUseSecmodTrust();
      Module var10 = null;
      String var13;
      if(var8) {
         Secmod var11 = Secmod.getInstance();
         DbMode var12 = this.config.getNssDbMode();

         String var14;
         try {
            var13 = this.config.getNssLibraryDirectory();
            var14 = this.config.getNssSecmodDirectory();
            if(var11.isInitialized()) {
               String var15;
               if(var14 != null) {
                  var15 = var11.getConfigDir();
                  if(var15 != null && !var15.equals(var14)) {
                     throw new ProviderException("Secmod directory " + var14 + " invalid, NSS already initialized with " + var15);
                  }
               }

               if(var13 != null) {
                  var15 = var11.getLibDir();
                  if(var15 != null && !var15.equals(var13)) {
                     throw new ProviderException("NSS library directory " + var13 + " invalid, NSS already initialized with " + var15);
                  }
               }
            } else {
               if(var12 != DbMode.NO_DB) {
                  if(var14 == null) {
                     throw new ProviderException("Secmod not initialized and nssSecmodDirectory not specified");
                  }
               } else if(var14 != null) {
                  throw new ProviderException("nssSecmodDirectory must not be specified in noDb mode");
               }

               var11.initialize(var12, var14, var13);
            }
         } catch (IOException var20) {
            throw new ProviderException("Could not initialize NSS", var20);
         }

         List var26 = var11.getModules();
         if(this.config.getShowInfo()) {
            System.out.println("NSS modules: " + var26);
         }

         var14 = this.config.getNssModule();
         if(var14 == null) {
            var10 = var11.getModule(ModuleType.FIPS);
            if(var10 != null) {
               var14 = "fips";
            } else {
               var14 = var12 == DbMode.NO_DB?"crypto":"keystore";
            }
         }

         if(var14.equals("fips")) {
            var10 = var11.getModule(ModuleType.FIPS);
            var9 = true;
            var4 = "FC_GetFunctionList";
         } else if(var14.equals("keystore")) {
            var10 = var11.getModule(ModuleType.KEYSTORE);
            var9 = true;
         } else if(var14.equals("crypto")) {
            var10 = var11.getModule(ModuleType.CRYPTO);
         } else if(var14.equals("trustanchors")) {
            var10 = var11.getModule(ModuleType.TRUSTANCHOR);
            var9 = true;
         } else {
            if(!var14.startsWith("external-")) {
               throw new ProviderException("Unknown NSS module: " + var14);
            }

            int var28;
            try {
               var28 = Integer.parseInt(var14.substring("external-".length()));
            } catch (NumberFormatException var19) {
               var28 = -1;
            }

            if(var28 < 1) {
               throw new ProviderException("Invalid external module: " + var14);
            }

            int var16 = 0;
            Iterator var17 = var26.iterator();

            while(var17.hasNext()) {
               Module var18 = (Module)var17.next();
               if(var18.getType() == ModuleType.EXTERNAL) {
                  ++var16;
                  if(var16 == var28) {
                     var10 = var18;
                     break;
                  }
               }
            }

            if(var10 == null) {
               throw new ProviderException("Invalid module " + var14 + ": only " + var16 + " external NSS modules available");
            }
         }

         if(var10 == null) {
            throw new ProviderException("NSS module not available: " + var14);
         }

         if(var10.hasInitializedProvider()) {
            throw new ProviderException("Secmod module already configured");
         }

         var3 = var10.libraryName;
         var7 = var10.slot;
      }

      this.nssUseSecmodTrust = var9;
      this.nssModule = var10;
      File var23 = new File(var3);
      if(!var23.getName().equals(var3) && !(new File(var3)).isFile()) {
         String var25 = "Library " + var3 + " does not exist";
         if(this.config.getHandleStartupErrors() == 1) {
            throw new ProviderException(var25);
         } else {
            throw new UnsupportedOperationException(var25);
         }
      } else {
         try {
            if(debug != null) {
               debug.println("Initializing PKCS#11 library " + var3);
            }

            CK_C_INITIALIZE_ARGS var24 = new CK_C_INITIALIZE_ARGS();
            var13 = this.config.getNssArgs();
            if(var13 != null) {
               var24.pReserved = var13;
            }

            var24.flags = 2L;

            PKCS11 var27;
            try {
               var27 = PKCS11.getInstance(var3, var4, var24, this.config.getOmitInitialize());
            } catch (PKCS11Exception var21) {
               if(debug != null) {
                  debug.println("Multi-threaded initialization failed: " + var21);
               }

               if(!this.config.getAllowSingleThreadedModules()) {
                  throw var21;
               }

               if(var13 == null) {
                  var24 = null;
               } else {
                  var24.flags = 0L;
               }

               var27 = PKCS11.getInstance(var3, var4, var24, this.config.getOmitInitialize());
            }

            this.p11 = var27;
            CK_INFO var29 = this.p11.C_GetInfo();
            if(var29.cryptokiVersion.major < 2) {
               throw new ProviderException("Only PKCS#11 v2.0 and later supported, library version is v" + var29.cryptokiVersion);
            } else {
               boolean var30 = this.config.getShowInfo();
               if(var30) {
                  System.out.println("Information for provider " + this.getName());
                  System.out.println("Library info:");
                  System.out.println(var29);
               }

               if(var5 < 0L || var30) {
                  long[] var31 = this.p11.C_GetSlotList(false);
                  if(var30) {
                     System.out.println("All slots: " + toString(var31));
                     var31 = this.p11.C_GetSlotList(true);
                     System.out.println("Slots with tokens: " + toString(var31));
                  }

                  if(var5 < 0L) {
                     if(var7 < 0 || var7 >= var31.length) {
                        throw new ProviderException("slotListIndex is " + var7 + " but token only has " + var31.length + " slots");
                     }

                     var5 = var31[var7];
                  }
               }

               this.slotID = var5;
               CK_SLOT_INFO var32 = this.p11.C_GetSlotInfo(var5);
               this.removable = (var32.flags & 2L) != 0L;
               this.initToken(var32);
               if(var10 != null) {
                  var10.setProvider(this);
               }

            }
         } catch (Exception var22) {
            if(this.config.getHandleStartupErrors() == 2) {
               throw new UnsupportedOperationException("Initialization failed", var22);
            } else {
               throw new ProviderException("Initialization failed", var22);
            }
         }
      }
   }

   private static String toString(long[] var0) {
      if(var0.length == 0) {
         return "(none)";
      } else {
         StringBuilder var1 = new StringBuilder();
         var1.append(var0[0]);

         for(int var2 = 1; var2 < var0.length; ++var2) {
            var1.append(", ");
            var1.append(var0[var2]);
         }

         return var1.toString();
      }
   }

   static void verifySelfIntegrity(Class var0) {
      if(!integrityVerified) {
         doVerifySelfIntegrity(var0);
      }
   }

   private static synchronized void doVerifySelfIntegrity(Class var0) {
      integrityVerified = JarVerifierImpl.doVerification(var0, "-----BEGIN CERTIFICATE-----\nMIICnTCCAlugAwIBAgICAh8wCwYHKoZIzjgEAwUAMIGQMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExEjAQBgNVBAcTCVBhbG8gQWx0bzEdMBsGA1UEChMUU3VuIE1pY3Jvc3lzdGVtcyBJbmMxIzAhBgNVBAsTGkphdmEgU29mdHdhcmUgQ29kZSBTaWduaW5nMRwwGgYDVQQDExNKQ0UgQ29kZSBTaWduaW5nIENBMB4XDTA1MTEyMzIyNDk0MVoXDTEwMTEyNzIyNDk0MVowYzEdMBsGA1UEChMUU3VuIE1pY3Jvc3lzdGVtcyBJbmMxIzAhBgNVBAsTGkphdmEgU29mdHdhcmUgQ29kZSBTaWduaW5nMR0wGwYDVQQDExRTdW4gTWljcm9zeXN0ZW1zIEluYzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA16bKo6tC3OHFDNfPXLKXMCMtIyeubNnsEtlvrH34HhfF+ZmpSliLCvQ15ms705vy4XgZUbZ3mgSOlLRMAGRo6596ePhc+0Z6yeKhbb3LZ8iz97ZIptkHGOshj9cfcSRPYmorUug9OsybMdIfQXazxT9mZJ9Yx5IDw6xak7kVbpUCAwEAAaOBiDCBhTARBglghkgBhvhCAQEEBAMCBBAwDgYDVR0PAQH/BAQDAgXgMB0GA1UdDgQWBBRI319jCbhc9DWJVltXgfrMybHNjzAfBgNVHSMEGDAWgBRl4vSGydNO8JFOWKJq9dh4WprBpjAgBgNVHREEGTAXgRV5dS1jaGluZy5wZW5nQHN1bi5jb20wCwYHKoZIzjgEAwUAAy8AMCwCFFBFmED9s3OoN9rbXfQV3+brJPW/AhQr+Wq1MlubAvnfjrlqeksh0QaDAQ==\n-----END CERTIFICATE-----");
      if(!integrityVerified) {
         throw new ProviderException("The SunPKCS11 provider may have been tampered with.");
      }
   }

   public boolean equals(Object var1) {
      return this == var1;
   }

   public int hashCode() {
      return System.identityHashCode(this);
   }

   private static String[] s(String var0) {
      return new String[]{var0};
   }

   private static String[] s(String var0, String var1) {
      return new String[]{var0, var1};
   }

   private static int[] m(long var0) {
      return new int[]{(int)var0};
   }

   private static int[] m(long var0, long var2) {
      return new int[]{(int)var0, (int)var2};
   }

   private static int[] m(long var0, long var2, long var4) {
      return new int[]{(int)var0, (int)var2, (int)var4};
   }

   private static int[] m(long var0, long var2, long var4, long var6) {
      return new int[]{(int)var0, (int)var2, (int)var4, (int)var6};
   }

   private static void d(String var0, String var1, String var2, int[] var3) {
      register(new SunPKCS11.Descriptor(var0, var1, var2, (String[])null, var3, null));
   }

   private static void d(String var0, String var1, String var2, String[] var3, int[] var4) {
      register(new SunPKCS11.Descriptor(var0, var1, var2, var3, var4, null));
   }

   private static void register(SunPKCS11.Descriptor var0) {
      for(int var1 = 0; var1 < var0.mechanisms.length; ++var1) {
         int var2 = var0.mechanisms[var1];
         Integer var3 = Integer.valueOf(var2);
         Object var4 = (List)descriptors.get(var3);
         if(var4 == null) {
            var4 = new ArrayList();
            descriptors.put(var3, var4);
         }

         ((List)var4).add(var0);
      }

   }

   private void createPoller() {
      if(this.poller == null) {
         SunPKCS11.TokenPoller var1 = new SunPKCS11.TokenPoller(this, null);
         Thread var2 = new Thread(var1, "Poller " + this.getName());
         var2.setDaemon(true);
         var2.setPriority(1);
         var2.start();
         this.poller = var1;
      }
   }

   private void destroyPoller() {
      if(this.poller != null) {
         this.poller.disable();
         this.poller = null;
      }

   }

   private boolean hasValidToken() {
      Token var1 = this.token;
      return var1 != null && var1.isValid();
   }

   synchronized void uninitToken(Token var1) {
      if(this.token == var1) {
         this.destroyPoller();
         this.token = null;
         AccessController.doPrivileged(new PrivilegedAction() {
            public Object run() {
               SunPKCS11.this.clear();
               return null;
            }
         });
         this.createPoller();
      }
   }

   private void initToken(CK_SLOT_INFO var1) throws PKCS11Exception {
      if(var1 == null) {
         var1 = this.p11.C_GetSlotInfo(this.slotID);
      }

      if(this.removable && (var1.flags & 1L) == 0L) {
         this.createPoller();
      } else {
         this.destroyPoller();
         boolean var2 = this.config.getShowInfo();
         if(var2) {
            System.out.println("Slot info for slot " + this.slotID + ":");
            System.out.println(var1);
         }

         final Token var3 = new Token(this);
         if(var2) {
            System.out.println("Token info for token in slot " + this.slotID + ":");
            System.out.println(var3.tokenInfo);
         }

         long[] var4 = this.p11.C_GetMechanismList(this.slotID);
         final HashMap var5 = new HashMap();

         label79:
         for(int var6 = 0; var6 < var4.length; ++var6) {
            long var7 = var4[var6];
            boolean var9 = this.config.isEnabled(var7);
            if(var2) {
               CK_MECHANISM_INFO var10 = this.p11.C_GetMechanismInfo(this.slotID, var7);
               System.out.println("Mechanism " + Functions.getMechanismName(var7) + ":");
               if(!var9) {
                  System.out.println("DISABLED in configuration");
               }

               System.out.println(var10);
            }

            if(var9 && var7 >>> 32 == 0L) {
               int var19 = (int)var7;
               Integer var11 = Integer.valueOf(var19);
               List var12 = (List)descriptors.get(var11);
               if(var12 != null) {
                  Iterator var13 = var12.iterator();

                  while(true) {
                     while(true) {
                        if(!var13.hasNext()) {
                           continue label79;
                        }

                        SunPKCS11.Descriptor var14 = (SunPKCS11.Descriptor)var13.next();
                        Integer var15 = (Integer)var5.get(var14);
                        if(var15 == null) {
                           var5.put(var14, var11);
                        } else {
                           int var16 = var15.intValue();

                           for(int var17 = 0; var17 < var14.mechanisms.length; ++var17) {
                              int var18 = var14.mechanisms[var17];
                              if(var19 == var18) {
                                 var5.put(var14, var11);
                                 break;
                              }

                              if(var16 == var18) {
                                 break;
                              }
                           }
                        }
                     }
                  }
               }
            }
         }

         AccessController.doPrivileged(new PrivilegedAction() {
            public Object run() {
               Iterator var1 = var5.entrySet().iterator();

               while(var1.hasNext()) {
                  Entry var2 = (Entry)var1.next();
                  SunPKCS11.Descriptor var3x = (SunPKCS11.Descriptor)var2.getKey();
                  int var4 = ((Integer)var2.getValue()).intValue();
                  SunPKCS11.P11Service var5x = var3x.service(var3, var4);
                  SunPKCS11.this.putService(var5x);
               }

               if((var3.tokenInfo.flags & 1L) != 0L && SunPKCS11.this.config.isEnabled(2147483424L) && !var3.sessionManager.lowMaxSessions()) {
                  SunPKCS11.this.putService(new SunPKCS11.P11Service(var3, "SecureRandom", "PKCS11", "sun.security.pkcs11.P11SecureRandom", (String[])null, 2147483424L));
               }

               if(SunPKCS11.this.config.isEnabled(2147483425L)) {
                  SunPKCS11.this.putService(new SunPKCS11.P11Service(var3, "KeyStore", "PKCS11", "sun.security.pkcs11.P11KeyStore", SunPKCS11.s("PKCS11-" + SunPKCS11.this.config.getName()), 2147483425L));
               }

               return null;
            }
         });
         this.token = var3;
      }
   }

   public void login(Subject var1, CallbackHandler var2) throws LoginException {
      SecurityManager var3 = System.getSecurityManager();
      if(var3 != null) {
         if(debug != null) {
            debug.println("checking login permission");
         }

         var3.checkPermission(new SecurityPermission("authProvider." + this.getName()));
      }

      if(!this.hasValidToken()) {
         throw new LoginException("No token present");
      } else if((this.token.tokenInfo.flags & 4L) == 0L) {
         if(debug != null) {
            debug.println("login operation not required for token - ignoring login request");
         }

      } else {
         try {
            if(this.token.isLoggedInNow((Session)null)) {
               if(debug != null) {
                  debug.println("user already logged in");
               }

               return;
            }
         } catch (PKCS11Exception var18) {
            ;
         }

         char[] var4 = null;
         if((this.token.tokenInfo.flags & 256L) == 0L) {
            CallbackHandler var5 = this.getCallbackHandler(var2);
            if(var5 == null) {
               throw new LoginException("no password provided, and no callback handler available for retrieving password");
            }

            MessageFormat var6 = new MessageFormat(ResourcesMgr.getString("PKCS11 Token [providerName] Password: "));
            Object[] var7 = new Object[]{this.getName()};
            PasswordCallback var8 = new PasswordCallback(var6.format(var7), false);
            Callback[] var9 = new Callback[]{var8};

            try {
               var5.handle(var9);
            } catch (Exception var17) {
               LoginException var11 = new LoginException("Unable to perform password callback");
               var11.initCause(var17);
               throw var11;
            }

            var4 = var8.getPassword();
            var8.clearPassword();
            if(var4 == null && debug != null) {
               debug.println("caller passed NULL pin");
            }
         }

         Session var21 = null;

         try {
            try {
               var21 = this.token.getOpSession();
               this.p11.C_Login(var21.id(), 1L, var4);
               if(debug != null) {
                  debug.println("login succeeded");
               }

               return;
            } catch (PKCS11Exception var19) {
               if(var19.getErrorCode() != 256L) {
                  if(var19.getErrorCode() == 160L) {
                     FailedLoginException var23 = new FailedLoginException();
                     var23.initCause(var19);
                     throw var23;
                  }

                  LoginException var22 = new LoginException();
                  var22.initCause(var19);
                  throw var22;
               }
            }

            if(debug != null) {
               debug.println("user already logged in");
            }
         } finally {
            this.token.releaseSession(var21);
            if(var4 != null) {
               Arrays.fill(var4, ' ');
            }

         }

      }
   }

   public void logout() throws LoginException {
      SecurityManager var1 = System.getSecurityManager();
      if(var1 != null) {
         var1.checkPermission(new SecurityPermission("authProvider." + this.getName()));
      }

      if(this.hasValidToken()) {
         if((this.token.tokenInfo.flags & 4L) == 0L) {
            if(debug != null) {
               debug.println("logout operation not required for token - ignoring logout request");
            }

         } else {
            try {
               if(!this.token.isLoggedInNow((Session)null)) {
                  if(debug != null) {
                     debug.println("user not logged in");
                  }

                  return;
               }
            } catch (PKCS11Exception var9) {
               ;
            }

            Session var2 = null;

            try {
               var2 = this.token.getOpSession();
               this.p11.C_Logout(var2.id());
               if(debug != null) {
                  debug.println("logout succeeded");
               }

               return;
            } catch (PKCS11Exception var10) {
               if(var10.getErrorCode() != 257L) {
                  LoginException var4 = new LoginException();
                  var4.initCause(var10);
                  throw var4;
               }

               if(debug != null) {
                  debug.println("user not logged in");
               }
            } finally {
               this.token.releaseSession(var2);
            }

         }
      }
   }

   public void setCallbackHandler(CallbackHandler var1) {
      SecurityManager var2 = System.getSecurityManager();
      if(var2 != null) {
         var2.checkPermission(new SecurityPermission("authProvider." + this.getName()));
      }

      Object var3 = this.LOCK_HANDLER;
      synchronized(this.LOCK_HANDLER) {
         this.pHandler = var1;
      }
   }

   private CallbackHandler getCallbackHandler(CallbackHandler var1) {
      if(var1 != null) {
         return var1;
      } else {
         if(debug != null) {
            debug.println("getting provider callback handler");
         }

         Object var2 = this.LOCK_HANDLER;
         synchronized(this.LOCK_HANDLER) {
            if(this.pHandler != null) {
               return this.pHandler;
            } else {
               CallbackHandler var10000;
               try {
                  if(debug != null) {
                     debug.println("getting default callback handler");
                  }

                  CallbackHandler var3 = (CallbackHandler)AccessController.doPrivileged(new PrivilegedExceptionAction() {
                     public CallbackHandler run() throws Exception {
                        String var1 = Security.getProperty("auth.login.defaultCallbackHandler");
                        if(var1 != null && var1.length() != 0) {
                           Class var2 = Class.forName(var1, true, Thread.currentThread().getContextClassLoader());
                           return (CallbackHandler)var2.newInstance();
                        } else {
                           if(SunPKCS11.debug != null) {
                              SunPKCS11.debug.println("no default handler set");
                           }

                           return null;
                        }
                     }
                  });
                  this.pHandler = var3;
                  var10000 = var3;
               } catch (PrivilegedActionException var5) {
                  if(debug != null) {
                     debug.println("Unable to load default callback handler");
                     var5.printStackTrace();
                  }

                  return null;
               }

               return var10000;
            }
         }
      }
   }

   private Object writeReplace() throws ObjectStreamException {
      return new SunPKCS11.SunPKCS11Rep(this);
   }

   static {
      String var0 = "sun.security.pkcs11.P11Digest";
      String var1 = "sun.security.pkcs11.P11MAC";
      String var2 = "sun.security.pkcs11.P11KeyPairGenerator";
      String var3 = "sun.security.pkcs11.P11KeyGenerator";
      String var4 = "sun.security.pkcs11.P11RSAKeyFactory";
      String var5 = "sun.security.pkcs11.P11DSAKeyFactory";
      String var6 = "sun.security.pkcs11.P11DHKeyFactory";
      String var7 = "sun.security.pkcs11.P11KeyAgreement";
      String var8 = "sun.security.pkcs11.P11SecretKeyFactory";
      String var9 = "sun.security.pkcs11.P11Cipher";
      String var10 = "sun.security.pkcs11.P11RSACipher";
      String var11 = "sun.security.pkcs11.P11Signature";
      d("MessageDigest", "MD2", var0, m(512L));
      d("MessageDigest", "MD5", var0, m(528L));
      d("MessageDigest", "SHA1", var0, s("SHA", "SHA-1"), m(544L));
      d("MessageDigest", "SHA-256", var0, m(592L));
      d("MessageDigest", "SHA-384", var0, m(608L));
      d("MessageDigest", "SHA-512", var0, m(624L));
      d("Mac", "HmacMD5", var1, m(529L));
      d("Mac", "HmacSHA1", var1, m(545L));
      d("Mac", "HmacSHA256", var1, m(593L));
      d("Mac", "HmacSHA384", var1, m(609L));
      d("Mac", "HmacSHA512", var1, m(625L));
      d("Mac", "SslMacMD5", var1, m(896L));
      d("Mac", "SslMacSHA1", var1, m(897L));
      d("KeyPairGenerator", "RSA", var2, m(0L));
      d("KeyPairGenerator", "DSA", var2, m(16L));
      d("KeyPairGenerator", "DH", var2, s("DiffieHellman"), m(32L));
      d("KeyPairGenerator", "EC", var2, m(4160L));
      d("KeyGenerator", "ARCFOUR", var3, s("RC4"), m(272L));
      d("KeyGenerator", "DES", var3, m(288L));
      d("KeyGenerator", "DESede", var3, m(305L, 304L));
      d("KeyGenerator", "AES", var3, m(4224L));
      d("KeyGenerator", "Blowfish", var3, m(4240L));
      d("KeyFactory", "RSA", var4, m(0L, 1L, 3L));
      d("KeyFactory", "DSA", var5, m(16L, 17L, 18L));
      d("KeyFactory", "DH", var6, s("DiffieHellman"), m(32L, 33L));
      d("KeyFactory", "EC", var6, m(4160L, 4176L, 4161L, 4162L));
      d("AlgorithmParameters", "EC", "sun.security.ec.ECParameters", s("1.2.840.10045.2.1"), m(4160L, 4176L, 4161L, 4162L));
      d("KeyAgreement", "DH", var7, s("DiffieHellman"), m(33L));
      d("KeyAgreement", "ECDH", "sun.security.pkcs11.P11ECDHKeyAgreement", m(4176L));
      d("SecretKeyFactory", "ARCFOUR", var8, s("RC4"), m(273L));
      d("SecretKeyFactory", "DES", var8, m(290L));
      d("SecretKeyFactory", "DESede", var8, m(307L));
      d("SecretKeyFactory", "AES", var8, m(4226L));
      d("SecretKeyFactory", "Blowfish", var8, m(4241L));
      d("Cipher", "ARCFOUR", var9, s("RC4"), m(273L));
      d("Cipher", "DES/CBC/NoPadding", var9, m(290L));
      d("Cipher", "DES/CBC/PKCS5Padding", var9, m(293L, 290L));
      d("Cipher", "DES/ECB", var9, s("DES"), m(289L));
      d("Cipher", "DESede/CBC/NoPadding", var9, m(307L));
      d("Cipher", "DESede/CBC/PKCS5Padding", var9, m(310L, 307L));
      d("Cipher", "DESede/ECB", var9, s("DESede"), m(306L));
      d("Cipher", "AES/CBC/NoPadding", var9, m(4226L));
      d("Cipher", "AES/CBC/PKCS5Padding", var9, m(4229L, 4226L));
      d("Cipher", "AES/ECB", var9, s("AES"), m(4225L));
      d("Cipher", "Blowfish/CBC/NoPadding", var9, m(4241L));
      d("Cipher", "RSA/ECB/PKCS1Padding", var10, m(1L));
      d("Signature", "RawDSA", var11, s("NONEwithDSA"), m(17L));
      d("Signature", "DSA", var11, s("SHA1withDSA"), m(18L, 17L));
      d("Signature", "NONEwithECDSA", var11, m(4161L));
      d("Signature", "SHA1withECDSA", var11, s("ECDSA"), m(4162L, 4161L));
      d("Signature", "SHA256withECDSA", var11, m(4161L));
      d("Signature", "SHA384withECDSA", var11, m(4161L));
      d("Signature", "SHA512withECDSA", var11, m(4161L));
      d("Signature", "MD2withRSA", var11, m(4L, 1L, 3L));
      d("Signature", "MD5withRSA", var11, m(5L, 1L, 3L));
      d("Signature", "SHA1withRSA", var11, m(6L, 1L, 3L));
      d("Signature", "SHA256withRSA", var11, m(64L, 1L, 3L));
      d("Signature", "SHA384withRSA", var11, m(65L, 1L, 3L));
      d("Signature", "SHA512withRSA", var11, m(66L, 1L, 3L));
      d("KeyGenerator", "SunTlsRsaPremasterSecret", "sun.security.pkcs11.P11TlsRsaPremasterSecretGenerator", m(880L, 884L));
      d("KeyGenerator", "SunTlsMasterSecret", "sun.security.pkcs11.P11TlsMasterSecretGenerator", m(881L, 885L, 883L, 887L));
      d("KeyGenerator", "SunTlsKeyMaterial", "sun.security.pkcs11.P11TlsKeyMaterialGenerator", m(882L, 886L));
      d("KeyGenerator", "SunTlsPrf", "sun.security.pkcs11.P11TlsPrfGenerator", m(888L, 2147484531L));
   }

   private static class SunPKCS11Rep implements Serializable {
      static final long serialVersionUID = -2896606995897745419L;
      private final String providerName;
      private final String configName;

      SunPKCS11Rep(SunPKCS11 var1) throws NotSerializableException {
         this.providerName = var1.getName();
         this.configName = var1.configName;
         if(Security.getProvider(this.providerName) != var1) {
            throw new NotSerializableException("Only SunPKCS11 providers installed in java.security.Security can be serialized");
         }
      }

      private Object readResolve() throws ObjectStreamException {
         SunPKCS11 var1 = (SunPKCS11)Security.getProvider(this.providerName);
         if(var1 != null && var1.configName.equals(this.configName)) {
            return var1;
         } else {
            throw new NotSerializableException("Could not find " + this.providerName + " in installed providers");
         }
      }
   }

   private static class P11Service extends Service {
      private final Token token;
      private final long mechanism;

      P11Service(Token var1, String var2, String var3, String var4, String[] var5, long var6) {
         super(var1.provider, var2, var3, var4, toList(var5), (Map)null);
         this.token = var1;
         this.mechanism = var6 & 4294967295L;
      }

      private static List toList(String[] var0) {
         return var0 == null?null:Arrays.asList(var0);
      }

      public Object newInstance(Object var1) throws NoSuchAlgorithmException {
         if(!this.token.isValid()) {
            throw new NoSuchAlgorithmException("Token has been removed");
         } else {
            try {
               return this.newInstance0(var1);
            } catch (PKCS11Exception var3) {
               throw new NoSuchAlgorithmException(var3);
            }
         }
      }

      public Object newInstance0(Object var1) throws PKCS11Exception, NoSuchAlgorithmException {
         String var2 = this.getAlgorithm();
         String var3 = this.getType();
         if(var3 == "MessageDigest") {
            return new P11Digest(this.token, var2, this.mechanism);
         } else if(var3 == "Cipher") {
            SunPKCS11.verifySelfIntegrity(this.getClass());
            return var2.startsWith("RSA")?new P11RSACipher(this.token, var2, this.mechanism):new P11Cipher(this.token, var2, this.mechanism);
         } else if(var3 == "Signature") {
            return new P11Signature(this.token, var2, this.mechanism);
         } else if(var3 == "Mac") {
            SunPKCS11.verifySelfIntegrity(this.getClass());
            return new P11Mac(this.token, var2, this.mechanism);
         } else if(var3 == "KeyPairGenerator") {
            return new P11KeyPairGenerator(this.token, var2, this.mechanism);
         } else if(var3 == "KeyAgreement") {
            SunPKCS11.verifySelfIntegrity(this.getClass());
            return var2.equals("ECDH")?new P11ECDHKeyAgreement(this.token, var2, this.mechanism):new P11KeyAgreement(this.token, var2, this.mechanism);
         } else if(var3 == "KeyFactory") {
            return this.token.getKeyFactory(var2);
         } else if(var3 == "SecretKeyFactory") {
            SunPKCS11.verifySelfIntegrity(this.getClass());
            return new P11SecretKeyFactory(this.token, var2);
         } else if(var3 == "KeyGenerator") {
            SunPKCS11.verifySelfIntegrity(this.getClass());
            return var2 == "SunTlsRsaPremasterSecret"?new P11TlsRsaPremasterSecretGenerator(this.token, var2, this.mechanism):(var2 == "SunTlsMasterSecret"?new P11TlsMasterSecretGenerator(this.token, var2, this.mechanism):(var2 == "SunTlsKeyMaterial"?new P11TlsKeyMaterialGenerator(this.token, var2, this.mechanism):(var2 == "SunTlsPrf"?new P11TlsPrfGenerator(this.token, var2, this.mechanism):new P11KeyGenerator(this.token, var2, this.mechanism))));
         } else if(var3 == "SecureRandom") {
            return this.token.getRandom();
         } else if(var3 == "KeyStore") {
            return this.token.getKeyStore();
         } else if(var3 == "AlgorithmParameters") {
            return new ECParameters();
         } else {
            throw new NoSuchAlgorithmException("Unknown type: " + var3);
         }
      }

      public boolean supportsParameter(Object var1) {
         if(var1 != null && this.token.isValid()) {
            if(!(var1 instanceof Key)) {
               throw new InvalidParameterException("Parameter must be a Key");
            } else {
               String var2 = this.getAlgorithm();
               String var3 = this.getType();
               Key var4 = (Key)var1;
               String var5 = var4.getAlgorithm();
               if(var3 == "Cipher" && var2.startsWith("RSA") || var3 == "Signature" && var2.endsWith("RSA")) {
                  return !var5.equals("RSA")?false:this.isLocalKey(var4) || var4 instanceof RSAPrivateKey || var4 instanceof RSAPublicKey;
               } else if(var3 == "KeyAgreement" && var2.equals("ECDH") || var3 == "Signature" && var2.endsWith("ECDSA")) {
                  return !var5.equals("EC")?false:this.isLocalKey(var4) || var4 instanceof ECPrivateKey || var4 instanceof ECPublicKey;
               } else if(var3 == "Signature" && var2.endsWith("DSA")) {
                  return !var5.equals("DSA")?false:this.isLocalKey(var4) || var4 instanceof DSAPrivateKey || var4 instanceof DSAPublicKey;
               } else if(var3 != "Cipher" && var3 != "Mac") {
                  if(var3 == "KeyAgreement") {
                     return !var5.equals("DH")?false:this.isLocalKey(var4) || var4 instanceof DHPrivateKey || var4 instanceof DHPublicKey;
                  } else {
                     throw new AssertionError("SunPKCS11 error: " + var3 + ", " + var2);
                  }
               } else {
                  return this.isLocalKey(var4) || "RAW".equals(var4.getFormat());
               }
            }
         } else {
            return false;
         }
      }

      private boolean isLocalKey(Key var1) {
         return var1 instanceof P11Key && ((P11Key)var1).token == this.token;
      }

      public String toString() {
         return super.toString() + " (" + Functions.getMechanismName(this.mechanism) + ")";
      }
   }

   private static class TokenPoller implements Runnable {
      private final SunPKCS11 provider;
      private volatile boolean enabled;

      private TokenPoller(SunPKCS11 var1) {
         this.provider = var1;
         this.enabled = true;
      }

      public void run() {
         int var1 = this.provider.config.getInsertionCheckInterval();

         while(this.enabled) {
            try {
               Thread.sleep((long)var1);
            } catch (InterruptedException var4) {
               break;
            }

            if(!this.enabled) {
               break;
            }

            try {
               this.provider.initToken((CK_SLOT_INFO)null);
            } catch (PKCS11Exception var3) {
               ;
            }
         }

      }

      void disable() {
         this.enabled = false;
      }

      // $FF: synthetic method
      TokenPoller(SunPKCS11 var1, Object var2) {
         this(var1);
      }
   }

   private static final class Descriptor {
      final String type;
      final String algorithm;
      final String className;
      final String[] aliases;
      final int[] mechanisms;

      private Descriptor(String var1, String var2, String var3, String[] var4, int[] var5) {
         this.type = var1;
         this.algorithm = var2;
         this.className = var3;
         this.aliases = var4;
         this.mechanisms = var5;
      }

      private SunPKCS11.P11Service service(Token var1, int var2) {
         return new SunPKCS11.P11Service(var1, this.type, this.algorithm, this.className, this.aliases, (long)var2);
      }

      public String toString() {
         return this.type + "." + this.algorithm;
      }

      // $FF: synthetic method
      Descriptor(String var1, String var2, String var3, String[] var4, int[] var5, Object var6) {
         this(var1, var2, var3, var4, var5);
      }
   }
}
Page generated: Oct 19, 2017 2:34:20 PM