JDK-6581254 : pkcs11 provider fails to parse configuration file contains windows short path
  • Type: Bug
  • Component: security-libs
  • Sub-Component: javax.crypto:pkcs11
  • Affected Version: 6u7,6u21,7
  • Priority: P4
  • Status: Closed
  • Resolution: Won't Fix
  • OS: linux,windows_vista,windows_7
  • CPU: x86
  • Submitted: 2007-07-16
  • Updated: 2013-08-27
  • Resolved: 2012-09-06
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 7
7Fixed
Related Reports
Relates :  
JDK-8023745 - sun.security.pkcs11.ConfigurationException: Unexpected value Token ['(']
Description
SunPkcs11 provider fails to parse configuration file contains windows short path, such as C:/DOCUME~1/dtftest/LOCALS~1/.... 

Compile and execute the attached test case. The attached test case throws exception:

bash-3.00$ javac testPKCS11ParseConfig.java
bash-3.00$ java testPKCS11ParseConfig NSSTest.cfg
Exception in thread "main" java.security.ProviderException: Error parsing configuration
        at sun.security.pkcs11.Config.getConfig(Config.java:71)
        at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:110)
        at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:86)
        at testPKCS11ParseConfig.main(testPKCS11ParseConfig.java:8)
Caused by: sun.security.pkcs11.ConfigurationException: Unexpected token: Token['~'], line 3
        at sun.security.pkcs11.Config.excToken(Config.java:339)
        at sun.security.pkcs11.Config.parse(Config.java:356)
        at sun.security.pkcs11.Config.<init>(Config.java:194)
        at sun.security.pkcs11.Config.getConfig(Config.java:67)
        ... 3 more
bash-3.00$                                             

There is a work around, which is a put the path in double quote, but it is nice to fix this problem.
Same issue reported by a CAP member:


The following bug has been detected when trying to use the SUN PKCS#11
provider:


Environment:

Java: JRE 1.6.0_07

Operating System: Windows Vista x64


We try to access a PKCS11 KeyStore using the current Gemalto PKCS#11
library in combination with a suitable Gemalto card reader and a
LuxTrust smartcard. Everything works fine, unless the path to the native
PKCS11 library contains parenthesis or a tilde. By default, Windows
Vista x64 installs 32 bit software into the "C:\Program Files (x86)"
directory. We run into problems if we use this default. In the current
situation we cannot use the short path either, because it contains a
tilde. 

 

The java.security configuration contains the following entry: 

security.provider.10=sun.security.pkcs11.SunPKCS11
${java.home}/lib/security/gemalto.cfg

 

The PKCS#11 configuration file contains the following entries:

name=GemPlusPKCS11

library=C:\Program Files (x86)\Gemalto\Classic Client\BIN\gclib.dll

 

When we instantiate a PKCS11 KeyStore with
KeyStore.getKeyStore("PKCS11"), the following exception is thrown:

 

Exception in thread "main" java.security.ProviderException: Error
parsing configuration

        at sun.security.pkcs11.Config.getConfig(Config.java:71)

        at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:110)

        at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:86)

        at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native
Method)

        at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown
Source)

        at
sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown
Source)

        at java.lang.reflect.Constructor.newInstance(Unknown Source)

        at sun.security.jca.ProviderConfig$3.run(Unknown Source)

        at java.security.AccessController.doPrivileged(Native Method)

        at sun.security.jca.ProviderConfig.doLoadProvider(Unknown
Source)

        at sun.security.jca.ProviderConfig.getProvider(Unknown Source)

        at sun.security.jca.ProviderList.getProvider(Unknown Source)

        at sun.security.jca.ProviderList.getService(Unknown Source)

        at sun.security.jca.GetInstance.getInstance(Unknown Source)

        at java.security.Security.getImpl(Unknown Source)

        at java.security.KeyStore.getInstance(Unknown Source)

        at InitKs.main(InitKs.java:6)

Caused by: sun.security.pkcs11.ConfigurationException: Unexpected value
Token['('], line 2

        at sun.security.pkcs11.Config.excToken(Config.java:339)

        at sun.security.pkcs11.Config.parseLine(Config.java:553)

        at sun.security.pkcs11.Config.parseLibrary(Config.java:617)

        at sun.security.pkcs11.Config.parse(Config.java:362)

        at sun.security.pkcs11.Config.<init>(Config.java:194)

        at sun.security.pkcs11.Config.getConfig(Config.java:67)

        ... 16 more
Comments
EVALUATION No plans to fix in jdk6 unless escalated. Don't use windows short path notation or use JDK 7 where fix exists.
06-09-2012
EVALUATION http://hg.openjdk.java.net/jdk7/build/jdk/rev/d4c2d2d72cfc
17-01-2011