Red Hat Application Migration Toolkit
package sun.security.pkcs11;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.io.NotSerializableException;
import java.io.ObjectStreamException;
import java.io.Serializable;
import java.security.AccessController;
import java.security.AuthProvider;
import java.security.InvalidParameterException;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.PrivilegedAction;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.security.ProviderException;
import java.security.Security;
import java.security.SecurityPermission;
import java.security.Provider.Service;
import java.security.interfaces.DSAPrivateKey;
import java.security.interfaces.DSAPublicKey;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.ECPublicKey;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.text.MessageFormat;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Map.Entry;
import javax.crypto.interfaces.DHPrivateKey;
import javax.crypto.interfaces.DHPublicKey;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.login.FailedLoginException;
import javax.security.auth.login.LoginException;
import sun.security.ec.ECParameters;
import sun.security.pkcs11.Config;
import sun.security.pkcs11.JarVerifierImpl;
import sun.security.pkcs11.P11Cipher;
import sun.security.pkcs11.P11Digest;
import sun.security.pkcs11.P11ECDHKeyAgreement;
import sun.security.pkcs11.P11Key;
import sun.security.pkcs11.P11KeyAgreement;
import sun.security.pkcs11.P11KeyGenerator;
import sun.security.pkcs11.P11KeyPairGenerator;
import sun.security.pkcs11.P11Mac;
import sun.security.pkcs11.P11RSACipher;
import sun.security.pkcs11.P11SecretKeyFactory;
import sun.security.pkcs11.P11Signature;
import sun.security.pkcs11.P11TlsKeyMaterialGenerator;
import sun.security.pkcs11.P11TlsMasterSecretGenerator;
import sun.security.pkcs11.P11TlsPrfGenerator;
import sun.security.pkcs11.P11TlsRsaPremasterSecretGenerator;
import sun.security.pkcs11.Secmod;
import sun.security.pkcs11.Session;
import sun.security.pkcs11.Token;
import sun.security.pkcs11.Secmod.DbMode;
import sun.security.pkcs11.Secmod.Module;
import sun.security.pkcs11.Secmod.ModuleType;
import sun.security.pkcs11.wrapper.CK_C_INITIALIZE_ARGS;
import sun.security.pkcs11.wrapper.CK_INFO;
import sun.security.pkcs11.wrapper.CK_MECHANISM_INFO;
import sun.security.pkcs11.wrapper.CK_SLOT_INFO;
import sun.security.pkcs11.wrapper.Functions;
import sun.security.pkcs11.wrapper.PKCS11;
import sun.security.pkcs11.wrapper.PKCS11Exception;
import sun.security.util.Debug;
import sun.security.util.ResourcesMgr;
public final class SunPKCS11 extends AuthProvider {
private static final long serialVersionUID = -1354835039035306505L;
static final Debug debug = Debug.getInstance("sunpkcs11");
private static int dummyConfigId;
final PKCS11 p11;
private final String configName;
final Config config;
final long slotID;
private CallbackHandler pHandler;
private final Object LOCK_HANDLER;
final boolean removable;
final Module nssModule;
final boolean nssUseSecmodTrust;
private volatile Token token;
private SunPKCS11.TokenPoller poller;
private static volatile boolean integrityVerified;
private static final Map descriptors = new HashMap();
private static final String MD = "MessageDigest";
private static final String SIG = "Signature";
private static final String KPG = "KeyPairGenerator";
private static final String KG = "KeyGenerator";
private static final String AGP = "AlgorithmParameters";
private static final String KF = "KeyFactory";
private static final String SKF = "SecretKeyFactory";
private static final String CIP = "Cipher";
private static final String MAC = "Mac";
private static final String KA = "KeyAgreement";
private static final String KS = "KeyStore";
private static final String SR = "SecureRandom";
Token getToken() {
return this.token;
}
public SunPKCS11() {
super("SunPKCS11-Dummy", 1.5D, "SunPKCS11-Dummy");
this.LOCK_HANDLER = new Object();
throw new ProviderException("SunPKCS11 requires configuration file argument");
}
public SunPKCS11(String var1) {
this((String)checkNull(var1), (InputStream)null);
}
public SunPKCS11(InputStream var1) {
this(getDummyConfigName(), (InputStream)checkNull(var1));
}
private static Object checkNull(Object var0) {
if(var0 == null) {
throw new NullPointerException();
} else {
return var0;
}
}
private static synchronized String getDummyConfigName() {
int var0 = ++dummyConfigId;
return "---DummyConfig-" + var0 + "---";
}
/** @deprecated */
@Deprecated
public SunPKCS11(String var1, InputStream var2) {
super("SunPKCS11-" + Config.getConfig(var1, var2).getName(), 1.6D, Config.getConfig(var1, var2).getDescription());
this.LOCK_HANDLER = new Object();
this.configName = var1;
this.config = Config.removeConfig(var1);
if(debug != null) {
System.out.println("SunPKCS11 loading " + var1);
}
String var3 = this.config.getLibrary();
String var4 = this.config.getFunctionList();
long var5 = (long)this.config.getSlotID();
int var7 = this.config.getSlotListIndex();
boolean var8 = this.config.getNssUseSecmod();
boolean var9 = this.config.getNssUseSecmodTrust();
Module var10 = null;
String var13;
if(var8) {
Secmod var11 = Secmod.getInstance();
DbMode var12 = this.config.getNssDbMode();
String var14;
try {
var13 = this.config.getNssLibraryDirectory();
var14 = this.config.getNssSecmodDirectory();
if(var11.isInitialized()) {
String var15;
if(var14 != null) {
var15 = var11.getConfigDir();
if(var15 != null && !var15.equals(var14)) {
throw new ProviderException("Secmod directory " + var14 + " invalid, NSS already initialized with " + var15);
}
}
if(var13 != null) {
var15 = var11.getLibDir();
if(var15 != null && !var15.equals(var13)) {
throw new ProviderException("NSS library directory " + var13 + " invalid, NSS already initialized with " + var15);
}
}
} else {
if(var12 != DbMode.NO_DB) {
if(var14 == null) {
throw new ProviderException("Secmod not initialized and nssSecmodDirectory not specified");
}
} else if(var14 != null) {
throw new ProviderException("nssSecmodDirectory must not be specified in noDb mode");
}
var11.initialize(var12, var14, var13);
}
} catch (IOException var20) {
throw new ProviderException("Could not initialize NSS", var20);
}
List var26 = var11.getModules();
if(this.config.getShowInfo()) {
System.out.println("NSS modules: " + var26);
}
var14 = this.config.getNssModule();
if(var14 == null) {
var10 = var11.getModule(ModuleType.FIPS);
if(var10 != null) {
var14 = "fips";
} else {
var14 = var12 == DbMode.NO_DB?"crypto":"keystore";
}
}
if(var14.equals("fips")) {
var10 = var11.getModule(ModuleType.FIPS);
var9 = true;
var4 = "FC_GetFunctionList";
} else if(var14.equals("keystore")) {
var10 = var11.getModule(ModuleType.KEYSTORE);
var9 = true;
} else if(var14.equals("crypto")) {
var10 = var11.getModule(ModuleType.CRYPTO);
} else if(var14.equals("trustanchors")) {
var10 = var11.getModule(ModuleType.TRUSTANCHOR);
var9 = true;
} else {
if(!var14.startsWith("external-")) {
throw new ProviderException("Unknown NSS module: " + var14);
}
int var28;
try {
var28 = Integer.parseInt(var14.substring("external-".length()));
} catch (NumberFormatException var19) {
var28 = -1;
}
if(var28 < 1) {
throw new ProviderException("Invalid external module: " + var14);
}
int var16 = 0;
Iterator var17 = var26.iterator();
while(var17.hasNext()) {
Module var18 = (Module)var17.next();
if(var18.getType() == ModuleType.EXTERNAL) {
++var16;
if(var16 == var28) {
var10 = var18;
break;
}
}
}
if(var10 == null) {
throw new ProviderException("Invalid module " + var14 + ": only " + var16 + " external NSS modules available");
}
}
if(var10 == null) {
throw new ProviderException("NSS module not available: " + var14);
}
if(var10.hasInitializedProvider()) {
throw new ProviderException("Secmod module already configured");
}
var3 = var10.libraryName;
var7 = var10.slot;
}
this.nssUseSecmodTrust = var9;
this.nssModule = var10;
File var23 = new File(var3);
if(!var23.getName().equals(var3) && !(new File(var3)).isFile()) {
String var25 = "Library " + var3 + " does not exist";
if(this.config.getHandleStartupErrors() == 1) {
throw new ProviderException(var25);
} else {
throw new UnsupportedOperationException(var25);
}
} else {
try {
if(debug != null) {
debug.println("Initializing PKCS#11 library " + var3);
}
CK_C_INITIALIZE_ARGS var24 = new CK_C_INITIALIZE_ARGS();
var13 = this.config.getNssArgs();
if(var13 != null) {
var24.pReserved = var13;
}
var24.flags = 2L;
PKCS11 var27;
try {
var27 = PKCS11.getInstance(var3, var4, var24, this.config.getOmitInitialize());
} catch (PKCS11Exception var21) {
if(debug != null) {
debug.println("Multi-threaded initialization failed: " + var21);
}
if(!this.config.getAllowSingleThreadedModules()) {
throw var21;
}
if(var13 == null) {
var24 = null;
} else {
var24.flags = 0L;
}
var27 = PKCS11.getInstance(var3, var4, var24, this.config.getOmitInitialize());
}
this.p11 = var27;
CK_INFO var29 = this.p11.C_GetInfo();
if(var29.cryptokiVersion.major < 2) {
throw new ProviderException("Only PKCS#11 v2.0 and later supported, library version is v" + var29.cryptokiVersion);
} else {
boolean var30 = this.config.getShowInfo();
if(var30) {
System.out.println("Information for provider " + this.getName());
System.out.println("Library info:");
System.out.println(var29);
}
if(var5 < 0L || var30) {
long[] var31 = this.p11.C_GetSlotList(false);
if(var30) {
System.out.println("All slots: " + toString(var31));
var31 = this.p11.C_GetSlotList(true);
System.out.println("Slots with tokens: " + toString(var31));
}
if(var5 < 0L) {
if(var7 < 0 || var7 >= var31.length) {
throw new ProviderException("slotListIndex is " + var7 + " but token only has " + var31.length + " slots");
}
var5 = var31[var7];
}
}
this.slotID = var5;
CK_SLOT_INFO var32 = this.p11.C_GetSlotInfo(var5);
this.removable = (var32.flags & 2L) != 0L;
this.initToken(var32);
if(var10 != null) {
var10.setProvider(this);
}
}
} catch (Exception var22) {
if(this.config.getHandleStartupErrors() == 2) {
throw new UnsupportedOperationException("Initialization failed", var22);
} else {
throw new ProviderException("Initialization failed", var22);
}
}
}
}
private static String toString(long[] var0) {
if(var0.length == 0) {
return "(none)";
} else {
StringBuilder var1 = new StringBuilder();
var1.append(var0[0]);
for(int var2 = 1; var2 < var0.length; ++var2) {
var1.append(", ");
var1.append(var0[var2]);
}
return var1.toString();
}
}
static void verifySelfIntegrity(Class var0) {
if(!integrityVerified) {
doVerifySelfIntegrity(var0);
}
}
private static synchronized void doVerifySelfIntegrity(Class var0) {
integrityVerified = JarVerifierImpl.doVerification(var0, "-----BEGIN CERTIFICATE-----\nMIICnTCCAlugAwIBAgICAh8wCwYHKoZIzjgEAwUAMIGQMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExEjAQBgNVBAcTCVBhbG8gQWx0bzEdMBsGA1UEChMUU3VuIE1pY3Jvc3lzdGVtcyBJbmMxIzAhBgNVBAsTGkphdmEgU29mdHdhcmUgQ29kZSBTaWduaW5nMRwwGgYDVQQDExNKQ0UgQ29kZSBTaWduaW5nIENBMB4XDTA1MTEyMzIyNDk0MVoXDTEwMTEyNzIyNDk0MVowYzEdMBsGA1UEChMUU3VuIE1pY3Jvc3lzdGVtcyBJbmMxIzAhBgNVBAsTGkphdmEgU29mdHdhcmUgQ29kZSBTaWduaW5nMR0wGwYDVQQDExRTdW4gTWljcm9zeXN0ZW1zIEluYzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA16bKo6tC3OHFDNfPXLKXMCMtIyeubNnsEtlvrH34HhfF+ZmpSliLCvQ15ms705vy4XgZUbZ3mgSOlLRMAGRo6596ePhc+0Z6yeKhbb3LZ8iz97ZIptkHGOshj9cfcSRPYmorUug9OsybMdIfQXazxT9mZJ9Yx5IDw6xak7kVbpUCAwEAAaOBiDCBhTARBglghkgBhvhCAQEEBAMCBBAwDgYDVR0PAQH/BAQDAgXgMB0GA1UdDgQWBBRI319jCbhc9DWJVltXgfrMybHNjzAfBgNVHSMEGDAWgBRl4vSGydNO8JFOWKJq9dh4WprBpjAgBgNVHREEGTAXgRV5dS1jaGluZy5wZW5nQHN1bi5jb20wCwYHKoZIzjgEAwUAAy8AMCwCFFBFmED9s3OoN9rbXfQV3+brJPW/AhQr+Wq1MlubAvnfjrlqeksh0QaDAQ==\n-----END CERTIFICATE-----");
if(!integrityVerified) {
throw new ProviderException("The SunPKCS11 provider may have been tampered with.");
}
}
public boolean equals(Object var1) {
return this == var1;
}
public int hashCode() {
return System.identityHashCode(this);
}
private static String[] s(String var0) {
return new String[]{var0};
}
private static String[] s(String var0, String var1) {
return new String[]{var0, var1};
}
private static int[] m(long var0) {
return new int[]{(int)var0};
}
private static int[] m(long var0, long var2) {
return new int[]{(int)var0, (int)var2};
}
private static int[] m(long var0, long var2, long var4) {
return new int[]{(int)var0, (int)var2, (int)var4};
}
private static int[] m(long var0, long var2, long var4, long var6) {
return new int[]{(int)var0, (int)var2, (int)var4, (int)var6};
}
private static void d(String var0, String var1, String var2, int[] var3) {
register(new SunPKCS11.Descriptor(var0, var1, var2, (String[])null, var3, null));
}
private static void d(String var0, String var1, String var2, String[] var3, int[] var4) {
register(new SunPKCS11.Descriptor(var0, var1, var2, var3, var4, null));
}
private static void register(SunPKCS11.Descriptor var0) {
for(int var1 = 0; var1 < var0.mechanisms.length; ++var1) {
int var2 = var0.mechanisms[var1];
Integer var3 = Integer.valueOf(var2);
Object var4 = (List)descriptors.get(var3);
if(var4 == null) {
var4 = new ArrayList();
descriptors.put(var3, var4);
}
((List)var4).add(var0);
}
}
private void createPoller() {
if(this.poller == null) {
SunPKCS11.TokenPoller var1 = new SunPKCS11.TokenPoller(this, null);
Thread var2 = new Thread(var1, "Poller " + this.getName());
var2.setDaemon(true);
var2.setPriority(1);
var2.start();
this.poller = var1;
}
}
private void destroyPoller() {
if(this.poller != null) {
this.poller.disable();
this.poller = null;
}
}
private boolean hasValidToken() {
Token var1 = this.token;
return var1 != null && var1.isValid();
}
synchronized void uninitToken(Token var1) {
if(this.token == var1) {
this.destroyPoller();
this.token = null;
AccessController.doPrivileged(new PrivilegedAction() {
public Object run() {
SunPKCS11.this.clear();
return null;
}
});
this.createPoller();
}
}
private void initToken(CK_SLOT_INFO var1) throws PKCS11Exception {
if(var1 == null) {
var1 = this.p11.C_GetSlotInfo(this.slotID);
}
if(this.removable && (var1.flags & 1L) == 0L) {
this.createPoller();
} else {
this.destroyPoller();
boolean var2 = this.config.getShowInfo();
if(var2) {
System.out.println("Slot info for slot " + this.slotID + ":");
System.out.println(var1);
}
final Token var3 = new Token(this);
if(var2) {
System.out.println("Token info for token in slot " + this.slotID + ":");
System.out.println(var3.tokenInfo);
}
long[] var4 = this.p11.C_GetMechanismList(this.slotID);
final HashMap var5 = new HashMap();
label79:
for(int var6 = 0; var6 < var4.length; ++var6) {
long var7 = var4[var6];
boolean var9 = this.config.isEnabled(var7);
if(var2) {
CK_MECHANISM_INFO var10 = this.p11.C_GetMechanismInfo(this.slotID, var7);
System.out.println("Mechanism " + Functions.getMechanismName(var7) + ":");
if(!var9) {
System.out.println("DISABLED in configuration");
}
System.out.println(var10);
}
if(var9 && var7 >>> 32 == 0L) {
int var19 = (int)var7;
Integer var11 = Integer.valueOf(var19);
List var12 = (List)descriptors.get(var11);
if(var12 != null) {
Iterator var13 = var12.iterator();
while(true) {
while(true) {
if(!var13.hasNext()) {
continue label79;
}
SunPKCS11.Descriptor var14 = (SunPKCS11.Descriptor)var13.next();
Integer var15 = (Integer)var5.get(var14);
if(var15 == null) {
var5.put(var14, var11);
} else {
int var16 = var15.intValue();
for(int var17 = 0; var17 < var14.mechanisms.length; ++var17) {
int var18 = var14.mechanisms[var17];
if(var19 == var18) {
var5.put(var14, var11);
break;
}
if(var16 == var18) {
break;
}
}
}
}
}
}
}
}
AccessController.doPrivileged(new PrivilegedAction() {
public Object run() {
Iterator var1 = var5.entrySet().iterator();
while(var1.hasNext()) {
Entry var2 = (Entry)var1.next();
SunPKCS11.Descriptor var3x = (SunPKCS11.Descriptor)var2.getKey();
int var4 = ((Integer)var2.getValue()).intValue();
SunPKCS11.P11Service var5x = var3x.service(var3, var4);
SunPKCS11.this.putService(var5x);
}
if((var3.tokenInfo.flags & 1L) != 0L && SunPKCS11.this.config.isEnabled(2147483424L) && !var3.sessionManager.lowMaxSessions()) {
SunPKCS11.this.putService(new SunPKCS11.P11Service(var3, "SecureRandom", "PKCS11", "sun.security.pkcs11.P11SecureRandom", (String[])null, 2147483424L));
}
if(SunPKCS11.this.config.isEnabled(2147483425L)) {
SunPKCS11.this.putService(new SunPKCS11.P11Service(var3, "KeyStore", "PKCS11", "sun.security.pkcs11.P11KeyStore", SunPKCS11.s("PKCS11-" + SunPKCS11.this.config.getName()), 2147483425L));
}
return null;
}
});
this.token = var3;
}
}
public void login(Subject var1, CallbackHandler var2) throws LoginException {
SecurityManager var3 = System.getSecurityManager();
if(var3 != null) {
if(debug != null) {
debug.println("checking login permission");
}
var3.checkPermission(new SecurityPermission("authProvider." + this.getName()));
}
if(!this.hasValidToken()) {
throw new LoginException("No token present");
} else if((this.token.tokenInfo.flags & 4L) == 0L) {
if(debug != null) {
debug.println("login operation not required for token - ignoring login request");
}
} else {
try {
if(this.token.isLoggedInNow((Session)null)) {
if(debug != null) {
debug.println("user already logged in");
}
return;
}
} catch (PKCS11Exception var18) {
;
}
char[] var4 = null;
if((this.token.tokenInfo.flags & 256L) == 0L) {
CallbackHandler var5 = this.getCallbackHandler(var2);
if(var5 == null) {
throw new LoginException("no password provided, and no callback handler available for retrieving password");
}
MessageFormat var6 = new MessageFormat(ResourcesMgr.getString("PKCS11 Token [providerName] Password: "));
Object[] var7 = new Object[]{this.getName()};
PasswordCallback var8 = new PasswordCallback(var6.format(var7), false);
Callback[] var9 = new Callback[]{var8};
try {
var5.handle(var9);
} catch (Exception var17) {
LoginException var11 = new LoginException("Unable to perform password callback");
var11.initCause(var17);
throw var11;
}
var4 = var8.getPassword();
var8.clearPassword();
if(var4 == null && debug != null) {
debug.println("caller passed NULL pin");
}
}
Session var21 = null;
try {
try {
var21 = this.token.getOpSession();
this.p11.C_Login(var21.id(), 1L, var4);
if(debug != null) {
debug.println("login succeeded");
}
return;
} catch (PKCS11Exception var19) {
if(var19.getErrorCode() != 256L) {
if(var19.getErrorCode() == 160L) {
FailedLoginException var23 = new FailedLoginException();
var23.initCause(var19);
throw var23;
}
LoginException var22 = new LoginException();
var22.initCause(var19);
throw var22;
}
}
if(debug != null) {
debug.println("user already logged in");
}
} finally {
this.token.releaseSession(var21);
if(var4 != null) {
Arrays.fill(var4, ' ');
}
}
}
}
public void logout() throws LoginException {
SecurityManager var1 = System.getSecurityManager();
if(var1 != null) {
var1.checkPermission(new SecurityPermission("authProvider." + this.getName()));
}
if(this.hasValidToken()) {
if((this.token.tokenInfo.flags & 4L) == 0L) {
if(debug != null) {
debug.println("logout operation not required for token - ignoring logout request");
}
} else {
try {
if(!this.token.isLoggedInNow((Session)null)) {
if(debug != null) {
debug.println("user not logged in");
}
return;
}
} catch (PKCS11Exception var9) {
;
}
Session var2 = null;
try {
var2 = this.token.getOpSession();
this.p11.C_Logout(var2.id());
if(debug != null) {
debug.println("logout succeeded");
}
return;
} catch (PKCS11Exception var10) {
if(var10.getErrorCode() != 257L) {
LoginException var4 = new LoginException();
var4.initCause(var10);
throw var4;
}
if(debug != null) {
debug.println("user not logged in");
}
} finally {
this.token.releaseSession(var2);
}
}
}
}
public void setCallbackHandler(CallbackHandler var1) {
SecurityManager var2 = System.getSecurityManager();
if(var2 != null) {
var2.checkPermission(new SecurityPermission("authProvider." + this.getName()));
}
Object var3 = this.LOCK_HANDLER;
synchronized(this.LOCK_HANDLER) {
this.pHandler = var1;
}
}
private CallbackHandler getCallbackHandler(CallbackHandler var1) {
if(var1 != null) {
return var1;
} else {
if(debug != null) {
debug.println("getting provider callback handler");
}
Object var2 = this.LOCK_HANDLER;
synchronized(this.LOCK_HANDLER) {
if(this.pHandler != null) {
return this.pHandler;
} else {
CallbackHandler var10000;
try {
if(debug != null) {
debug.println("getting default callback handler");
}
CallbackHandler var3 = (CallbackHandler)AccessController.doPrivileged(new PrivilegedExceptionAction() {
public CallbackHandler run() throws Exception {
String var1 = Security.getProperty("auth.login.defaultCallbackHandler");
if(var1 != null && var1.length() != 0) {
Class var2 = Class.forName(var1, true, Thread.currentThread().getContextClassLoader());
return (CallbackHandler)var2.newInstance();
} else {
if(SunPKCS11.debug != null) {
SunPKCS11.debug.println("no default handler set");
}
return null;
}
}
});
this.pHandler = var3;
var10000 = var3;
} catch (PrivilegedActionException var5) {
if(debug != null) {
debug.println("Unable to load default callback handler");
var5.printStackTrace();
}
return null;
}
return var10000;
}
}
}
}
private Object writeReplace() throws ObjectStreamException {
return new SunPKCS11.SunPKCS11Rep(this);
}
static {
String var0 = "sun.security.pkcs11.P11Digest";
String var1 = "sun.security.pkcs11.P11MAC";
String var2 = "sun.security.pkcs11.P11KeyPairGenerator";
String var3 = "sun.security.pkcs11.P11KeyGenerator";
String var4 = "sun.security.pkcs11.P11RSAKeyFactory";
String var5 = "sun.security.pkcs11.P11DSAKeyFactory";
String var6 = "sun.security.pkcs11.P11DHKeyFactory";
String var7 = "sun.security.pkcs11.P11KeyAgreement";
String var8 = "sun.security.pkcs11.P11SecretKeyFactory";
String var9 = "sun.security.pkcs11.P11Cipher";
String var10 = "sun.security.pkcs11.P11RSACipher";
String var11 = "sun.security.pkcs11.P11Signature";
d("MessageDigest", "MD2", var0, m(512L));
d("MessageDigest", "MD5", var0, m(528L));
d("MessageDigest", "SHA1", var0, s("SHA", "SHA-1"), m(544L));
d("MessageDigest", "SHA-256", var0, m(592L));
d("MessageDigest", "SHA-384", var0, m(608L));
d("MessageDigest", "SHA-512", var0, m(624L));
d("Mac", "HmacMD5", var1, m(529L));
d("Mac", "HmacSHA1", var1, m(545L));
d("Mac", "HmacSHA256", var1, m(593L));
d("Mac", "HmacSHA384", var1, m(609L));
d("Mac", "HmacSHA512", var1, m(625L));
d("Mac", "SslMacMD5", var1, m(896L));
d("Mac", "SslMacSHA1", var1, m(897L));
d("KeyPairGenerator", "RSA", var2, m(0L));
d("KeyPairGenerator", "DSA", var2, m(16L));
d("KeyPairGenerator", "DH", var2, s("DiffieHellman"), m(32L));
d("KeyPairGenerator", "EC", var2, m(4160L));
d("KeyGenerator", "ARCFOUR", var3, s("RC4"), m(272L));
d("KeyGenerator", "DES", var3, m(288L));
d("KeyGenerator", "DESede", var3, m(305L, 304L));
d("KeyGenerator", "AES", var3, m(4224L));
d("KeyGenerator", "Blowfish", var3, m(4240L));
d("KeyFactory", "RSA", var4, m(0L, 1L, 3L));
d("KeyFactory", "DSA", var5, m(16L, 17L, 18L));
d("KeyFactory", "DH", var6, s("DiffieHellman"), m(32L, 33L));
d("KeyFactory", "EC", var6, m(4160L, 4176L, 4161L, 4162L));
d("AlgorithmParameters", "EC", "sun.security.ec.ECParameters", s("1.2.840.10045.2.1"), m(4160L, 4176L, 4161L, 4162L));
d("KeyAgreement", "DH", var7, s("DiffieHellman"), m(33L));
d("KeyAgreement", "ECDH", "sun.security.pkcs11.P11ECDHKeyAgreement", m(4176L));
d("SecretKeyFactory", "ARCFOUR", var8, s("RC4"), m(273L));
d("SecretKeyFactory", "DES", var8, m(290L));
d("SecretKeyFactory", "DESede", var8, m(307L));
d("SecretKeyFactory", "AES", var8, m(4226L));
d("SecretKeyFactory", "Blowfish", var8, m(4241L));
d("Cipher", "ARCFOUR", var9, s("RC4"), m(273L));
d("Cipher", "DES/CBC/NoPadding", var9, m(290L));
d("Cipher", "DES/CBC/PKCS5Padding", var9, m(293L, 290L));
d("Cipher", "DES/ECB", var9, s("DES"), m(289L));
d("Cipher", "DESede/CBC/NoPadding", var9, m(307L));
d("Cipher", "DESede/CBC/PKCS5Padding", var9, m(310L, 307L));
d("Cipher", "DESede/ECB", var9, s("DESede"), m(306L));
d("Cipher", "AES/CBC/NoPadding", var9, m(4226L));
d("Cipher", "AES/CBC/PKCS5Padding", var9, m(4229L, 4226L));
d("Cipher", "AES/ECB", var9, s("AES"), m(4225L));
d("Cipher", "Blowfish/CBC/NoPadding", var9, m(4241L));
d("Cipher", "RSA/ECB/PKCS1Padding", var10, m(1L));
d("Signature", "RawDSA", var11, s("NONEwithDSA"), m(17L));
d("Signature", "DSA", var11, s("SHA1withDSA"), m(18L, 17L));
d("Signature", "NONEwithECDSA", var11, m(4161L));
d("Signature", "SHA1withECDSA", var11, s("ECDSA"), m(4162L, 4161L));
d("Signature", "SHA256withECDSA", var11, m(4161L));
d("Signature", "SHA384withECDSA", var11, m(4161L));
d("Signature", "SHA512withECDSA", var11, m(4161L));
d("Signature", "MD2withRSA", var11, m(4L, 1L, 3L));
d("Signature", "MD5withRSA", var11, m(5L, 1L, 3L));
d("Signature", "SHA1withRSA", var11, m(6L, 1L, 3L));
d("Signature", "SHA256withRSA", var11, m(64L, 1L, 3L));
d("Signature", "SHA384withRSA", var11, m(65L, 1L, 3L));
d("Signature", "SHA512withRSA", var11, m(66L, 1L, 3L));
d("KeyGenerator", "SunTlsRsaPremasterSecret", "sun.security.pkcs11.P11TlsRsaPremasterSecretGenerator", m(880L, 884L));
d("KeyGenerator", "SunTlsMasterSecret", "sun.security.pkcs11.P11TlsMasterSecretGenerator", m(881L, 885L, 883L, 887L));
d("KeyGenerator", "SunTlsKeyMaterial", "sun.security.pkcs11.P11TlsKeyMaterialGenerator", m(882L, 886L));
d("KeyGenerator", "SunTlsPrf", "sun.security.pkcs11.P11TlsPrfGenerator", m(888L, 2147484531L));
}
private static class SunPKCS11Rep implements Serializable {
static final long serialVersionUID = -2896606995897745419L;
private final String providerName;
private final String configName;
SunPKCS11Rep(SunPKCS11 var1) throws NotSerializableException {
this.providerName = var1.getName();
this.configName = var1.configName;
if(Security.getProvider(this.providerName) != var1) {
throw new NotSerializableException("Only SunPKCS11 providers installed in java.security.Security can be serialized");
}
}
private Object readResolve() throws ObjectStreamException {
SunPKCS11 var1 = (SunPKCS11)Security.getProvider(this.providerName);
if(var1 != null && var1.configName.equals(this.configName)) {
return var1;
} else {
throw new NotSerializableException("Could not find " + this.providerName + " in installed providers");
}
}
}
private static class P11Service extends Service {
private final Token token;
private final long mechanism;
P11Service(Token var1, String var2, String var3, String var4, String[] var5, long var6) {
super(var1.provider, var2, var3, var4, toList(var5), (Map)null);
this.token = var1;
this.mechanism = var6 & 4294967295L;
}
private static List toList(String[] var0) {
return var0 == null?null:Arrays.asList(var0);
}
public Object newInstance(Object var1) throws NoSuchAlgorithmException {
if(!this.token.isValid()) {
throw new NoSuchAlgorithmException("Token has been removed");
} else {
try {
return this.newInstance0(var1);
} catch (PKCS11Exception var3) {
throw new NoSuchAlgorithmException(var3);
}
}
}
public Object newInstance0(Object var1) throws PKCS11Exception, NoSuchAlgorithmException {
String var2 = this.getAlgorithm();
String var3 = this.getType();
if(var3 == "MessageDigest") {
return new P11Digest(this.token, var2, this.mechanism);
} else if(var3 == "Cipher") {
SunPKCS11.verifySelfIntegrity(this.getClass());
return var2.startsWith("RSA")?new P11RSACipher(this.token, var2, this.mechanism):new P11Cipher(this.token, var2, this.mechanism);
} else if(var3 == "Signature") {
return new P11Signature(this.token, var2, this.mechanism);
} else if(var3 == "Mac") {
SunPKCS11.verifySelfIntegrity(this.getClass());
return new P11Mac(this.token, var2, this.mechanism);
} else if(var3 == "KeyPairGenerator") {
return new P11KeyPairGenerator(this.token, var2, this.mechanism);
} else if(var3 == "KeyAgreement") {
SunPKCS11.verifySelfIntegrity(this.getClass());
return var2.equals("ECDH")?new P11ECDHKeyAgreement(this.token, var2, this.mechanism):new P11KeyAgreement(this.token, var2, this.mechanism);
} else if(var3 == "KeyFactory") {
return this.token.getKeyFactory(var2);
} else if(var3 == "SecretKeyFactory") {
SunPKCS11.verifySelfIntegrity(this.getClass());
return new P11SecretKeyFactory(this.token, var2);
} else if(var3 == "KeyGenerator") {
SunPKCS11.verifySelfIntegrity(this.getClass());
return var2 == "SunTlsRsaPremasterSecret"?new P11TlsRsaPremasterSecretGenerator(this.token, var2, this.mechanism):(var2 == "SunTlsMasterSecret"?new P11TlsMasterSecretGenerator(this.token, var2, this.mechanism):(var2 == "SunTlsKeyMaterial"?new P11TlsKeyMaterialGenerator(this.token, var2, this.mechanism):(var2 == "SunTlsPrf"?new P11TlsPrfGenerator(this.token, var2, this.mechanism):new P11KeyGenerator(this.token, var2, this.mechanism))));
} else if(var3 == "SecureRandom") {
return this.token.getRandom();
} else if(var3 == "KeyStore") {
return this.token.getKeyStore();
} else if(var3 == "AlgorithmParameters") {
return new ECParameters();
} else {
throw new NoSuchAlgorithmException("Unknown type: " + var3);
}
}
public boolean supportsParameter(Object var1) {
if(var1 != null && this.token.isValid()) {
if(!(var1 instanceof Key)) {
throw new InvalidParameterException("Parameter must be a Key");
} else {
String var2 = this.getAlgorithm();
String var3 = this.getType();
Key var4 = (Key)var1;
String var5 = var4.getAlgorithm();
if(var3 == "Cipher" && var2.startsWith("RSA") || var3 == "Signature" && var2.endsWith("RSA")) {
return !var5.equals("RSA")?false:this.isLocalKey(var4) || var4 instanceof RSAPrivateKey || var4 instanceof RSAPublicKey;
} else if(var3 == "KeyAgreement" && var2.equals("ECDH") || var3 == "Signature" && var2.endsWith("ECDSA")) {
return !var5.equals("EC")?false:this.isLocalKey(var4) || var4 instanceof ECPrivateKey || var4 instanceof ECPublicKey;
} else if(var3 == "Signature" && var2.endsWith("DSA")) {
return !var5.equals("DSA")?false:this.isLocalKey(var4) || var4 instanceof DSAPrivateKey || var4 instanceof DSAPublicKey;
} else if(var3 != "Cipher" && var3 != "Mac") {
if(var3 == "KeyAgreement") {
return !var5.equals("DH")?false:this.isLocalKey(var4) || var4 instanceof DHPrivateKey || var4 instanceof DHPublicKey;
} else {
throw new AssertionError("SunPKCS11 error: " + var3 + ", " + var2);
}
} else {
return this.isLocalKey(var4) || "RAW".equals(var4.getFormat());
}
}
} else {
return false;
}
}
private boolean isLocalKey(Key var1) {
return var1 instanceof P11Key && ((P11Key)var1).token == this.token;
}
public String toString() {
return super.toString() + " (" + Functions.getMechanismName(this.mechanism) + ")";
}
}
private static class TokenPoller implements Runnable {
private final SunPKCS11 provider;
private volatile boolean enabled;
private TokenPoller(SunPKCS11 var1) {
this.provider = var1;
this.enabled = true;
}
public void run() {
int var1 = this.provider.config.getInsertionCheckInterval();
while(this.enabled) {
try {
Thread.sleep((long)var1);
} catch (InterruptedException var4) {
break;
}
if(!this.enabled) {
break;
}
try {
this.provider.initToken((CK_SLOT_INFO)null);
} catch (PKCS11Exception var3) {
;
}
}
}
void disable() {
this.enabled = false;
}
// $FF: synthetic method
TokenPoller(SunPKCS11 var1, Object var2) {
this(var1);
}
}
private static final class Descriptor {
final String type;
final String algorithm;
final String className;
final String[] aliases;
final int[] mechanisms;
private Descriptor(String var1, String var2, String var3, String[] var4, int[] var5) {
this.type = var1;
this.algorithm = var2;
this.className = var3;
this.aliases = var4;
this.mechanisms = var5;
}
private SunPKCS11.P11Service service(Token var1, int var2) {
return new SunPKCS11.P11Service(var1, this.type, this.algorithm, this.className, this.aliases, (long)var2);
}
public String toString() {
return this.type + "." + this.algorithm;
}
// $FF: synthetic method
Descriptor(String var1, String var2, String var3, String[] var4, int[] var5, Object var6) {
this(var1, var2, var3, var4, var5);
}
}
}