-
Bug
-
Resolution: Won't Fix
-
P4
-
6u7, 6u21, 7
-
x86
-
linux, windows_vista, windows_7
| Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
|---|---|---|---|---|---|---|
| JDK-2196737 | 7 | Valerie Peng | P4 | Closed | Fixed | b126 |
SunPkcs11 provider fails to parse configuration file contains windows short path, such as C:/DOCUME~1/dtftest/LOCALS~1/....
Compile and execute the attached test case. The attached test case throws exception:
bash-3.00$ javac testPKCS11ParseConfig.java
bash-3.00$ java testPKCS11ParseConfig NSSTest.cfg
Exception in thread "main" java.security.ProviderException: Error parsing configuration
at sun.security.pkcs11.Config.getConfig(Config.java:71)
at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:110)
at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:86)
at testPKCS11ParseConfig.main(testPKCS11ParseConfig.java:8)
Caused by: sun.security.pkcs11.ConfigurationException: Unexpected token: Token['~'], line 3
at sun.security.pkcs11.Config.excToken(Config.java:339)
at sun.security.pkcs11.Config.parse(Config.java:356)
at sun.security.pkcs11.Config.<init>(Config.java:194)
at sun.security.pkcs11.Config.getConfig(Config.java:67)
... 3 more
bash-3.00$
There is a work around, which is a put the path in double quote, but it is nice to fix this problem.
Same issue reported by a CAP member:
The following bug has been detected when trying to use the SUN PKCS#11
provider:
Environment:
Java: JRE 1.6.0_07
Operating System: Windows Vista x64
We try to access a PKCS11 KeyStore using the current Gemalto PKCS#11
library in combination with a suitable Gemalto card reader and a
LuxTrust smartcard. Everything works fine, unless the path to the native
PKCS11 library contains parenthesis or a tilde. By default, Windows
Vista x64 installs 32 bit software into the "C:\Program Files (x86)"
directory. We run into problems if we use this default. In the current
situation we cannot use the short path either, because it contains a
tilde.
The java.security configuration contains the following entry:
security.provider.10=sun.security.pkcs11.SunPKCS11
${java.home}/lib/security/gemalto.cfg
The PKCS#11 configuration file contains the following entries:
name=GemPlusPKCS11
library=C:\Program Files (x86)\Gemalto\Classic Client\BIN\gclib.dll
When we instantiate a PKCS11 KeyStore with
KeyStore.getKeyStore("PKCS11"), the following exception is thrown:
Exception in thread "main" java.security.ProviderException: Error
parsing configuration
at sun.security.pkcs11.Config.getConfig(Config.java:71)
at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:110)
at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:86)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native
Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown
Source)
at
sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown
Source)
at java.lang.reflect.Constructor.newInstance(Unknown Source)
at sun.security.jca.ProviderConfig$3.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at sun.security.jca.ProviderConfig.doLoadProvider(Unknown
Source)
at sun.security.jca.ProviderConfig.getProvider(Unknown Source)
at sun.security.jca.ProviderList.getProvider(Unknown Source)
at sun.security.jca.ProviderList.getService(Unknown Source)
at sun.security.jca.GetInstance.getInstance(Unknown Source)
at java.security.Security.getImpl(Unknown Source)
at java.security.KeyStore.getInstance(Unknown Source)
at InitKs.main(InitKs.java:6)
Caused by: sun.security.pkcs11.ConfigurationException: Unexpected value
Token['('], line 2
at sun.security.pkcs11.Config.excToken(Config.java:339)
at sun.security.pkcs11.Config.parseLine(Config.java:553)
at sun.security.pkcs11.Config.parseLibrary(Config.java:617)
at sun.security.pkcs11.Config.parse(Config.java:362)
at sun.security.pkcs11.Config.<init>(Config.java:194)
at sun.security.pkcs11.Config.getConfig(Config.java:67)
... 16 more
Compile and execute the attached test case. The attached test case throws exception:
bash-3.00$ javac testPKCS11ParseConfig.java
bash-3.00$ java testPKCS11ParseConfig NSSTest.cfg
Exception in thread "main" java.security.ProviderException: Error parsing configuration
at sun.security.pkcs11.Config.getConfig(Config.java:71)
at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:110)
at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:86)
at testPKCS11ParseConfig.main(testPKCS11ParseConfig.java:8)
Caused by: sun.security.pkcs11.ConfigurationException: Unexpected token: Token['~'], line 3
at sun.security.pkcs11.Config.excToken(Config.java:339)
at sun.security.pkcs11.Config.parse(Config.java:356)
at sun.security.pkcs11.Config.<init>(Config.java:194)
at sun.security.pkcs11.Config.getConfig(Config.java:67)
... 3 more
bash-3.00$
There is a work around, which is a put the path in double quote, but it is nice to fix this problem.
Same issue reported by a CAP member:
The following bug has been detected when trying to use the SUN PKCS#11
provider:
Environment:
Java: JRE 1.6.0_07
Operating System: Windows Vista x64
We try to access a PKCS11 KeyStore using the current Gemalto PKCS#11
library in combination with a suitable Gemalto card reader and a
LuxTrust smartcard. Everything works fine, unless the path to the native
PKCS11 library contains parenthesis or a tilde. By default, Windows
Vista x64 installs 32 bit software into the "C:\Program Files (x86)"
directory. We run into problems if we use this default. In the current
situation we cannot use the short path either, because it contains a
tilde.
The java.security configuration contains the following entry:
security.provider.10=sun.security.pkcs11.SunPKCS11
${java.home}/lib/security/gemalto.cfg
The PKCS#11 configuration file contains the following entries:
name=GemPlusPKCS11
library=C:\Program Files (x86)\Gemalto\Classic Client\BIN\gclib.dll
When we instantiate a PKCS11 KeyStore with
KeyStore.getKeyStore("PKCS11"), the following exception is thrown:
Exception in thread "main" java.security.ProviderException: Error
parsing configuration
at sun.security.pkcs11.Config.getConfig(Config.java:71)
at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:110)
at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:86)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native
Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown
Source)
at
sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown
Source)
at java.lang.reflect.Constructor.newInstance(Unknown Source)
at sun.security.jca.ProviderConfig$3.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at sun.security.jca.ProviderConfig.doLoadProvider(Unknown
Source)
at sun.security.jca.ProviderConfig.getProvider(Unknown Source)
at sun.security.jca.ProviderList.getProvider(Unknown Source)
at sun.security.jca.ProviderList.getService(Unknown Source)
at sun.security.jca.GetInstance.getInstance(Unknown Source)
at java.security.Security.getImpl(Unknown Source)
at java.security.KeyStore.getInstance(Unknown Source)
at InitKs.main(InitKs.java:6)
Caused by: sun.security.pkcs11.ConfigurationException: Unexpected value
Token['('], line 2
at sun.security.pkcs11.Config.excToken(Config.java:339)
at sun.security.pkcs11.Config.parseLine(Config.java:553)
at sun.security.pkcs11.Config.parseLibrary(Config.java:617)
at sun.security.pkcs11.Config.parse(Config.java:362)
at sun.security.pkcs11.Config.<init>(Config.java:194)
at sun.security.pkcs11.Config.getConfig(Config.java:67)
... 16 more
- backported by
-
JDK-2196737 pkcs11 provider fails to parse configuration file contains windows short path
-
- Closed
-
- relates to
-
-
- Closed
-