AT&T Home | AT&T Labs | Research
AT&T Labs, Inc. - Research

The Yoix® Scripting Language

Home | What's New | Grammar | Documentation | Download | License | YChart | YDAT | YWAIT | Byzgraf | FAQs
adjustSecurity (int mode, String name[, String value[, String delimiters]][, int position]) yoix.secure
 
Accesses the security environment to view and change properties including adding or removing providers of cryptographic algorithms. All changes are subject to SecurityManager approval if a security manager is in effect. The specific action depends on the value of mode. Possibly values are:
ADDPROVIDER used to make the Java classes of a cryptographic algorithm provider available to Yoix. For this mode, then name is the name of the provider class and value, if provided, should be classpath where the provider class can be found. Since this classpath can contain URLs, which may contain characters that conflict with the default path separator, a second String argument (delimiters) is an option for specifying the path separator to use when parsing the supplied classpath. Finally, an optional int argument (position) allows one to specify at what position in the list of providers, where the first position is zero, this provider should be placed. When omitted, the provider is placed last in the list of providers. In this mode, a String is returned giving the reference name of the provider suitable for use when a particular provider's algorithm implementation is desired. If the provider is already available, no action occurs, but the reference name is still returned. A NULL is returned when a problem occurred, in which case the system error dictionary (errordict) can be checked to ascertain the problem.
CHECKPROVIDER used to check if a particular cryptographic algorithm provider is already available. Except for the position argument, the arguments are the same as for the ADDPROVIDER case. A non-zero int value is returned when the provider is already available, otherwise zero is returned.
REMOVEPROVIDER used to remove an already available cryptographic algorithm provider. For this mode, there must be two and only two arguments present, namely mode and name, which in this case is now the name of the provider as, for example, returned when ADDPROVIDER is used or by the getProviders built-in. If there is a match, the provider is removed and a non-zero int value is returned, otherwise zero is returned.
SECURITYPROPERTY used to get or set the value of a security property. For this mode, when there are only two arguments, namely mode and name, which is the name of the property, then the current value of the security property is returned as a String. If there is no such property, a NULL is returned. If a third argument, namely value, is supplied, it represents the value to be assigned to the property. A NULL value is not allowed. When setting a value, the previous value of the property is returned.
 
 Example:   The following script: 
import yoix.*.*;

String bcjarfile = "Data/bcprov-jdk14-129.jar";
String fullpath = yoixPath(argv[0]);
int last = lastIndexOf(fullpath, '/');
String jarpath = substring(fullpath, 0, last+1) + bcjarfile;
String jarpath2 = "/some/bogus/path/file.jar|" + jarpath;

String classname =
    "org.bouncycastle.jce.provider.BouncyCastleProvider";

String name;
String already;

if (adjustSecurity(CHECKPROVIDER, classname, jarpath2, "|"))
    already = " already";
else already = "";

name = adjustSecurity(ADDPROVIDER, classname, jarpath2, "|", 0);
if (name == null)
    fprintf(stdout, "ERROR: %s\n", errordict.message);
else fprintf(stdout, "FYI: provider %s%s loaded into slot %d\n",
	     name, already, getProviders(name).slot);

if (adjustSecurity(CHECKPROVIDER, classname, jarpath))
    already = " already";
else already = "";

name = adjustSecurity(ADDPROVIDER, classname, jarpath, 10);
if (name == null)
    fprintf(stdout, "ERROR: %s\n", errordict.message);
else fprintf(stdout, "FYI: provider %s%s loaded into slot %d\n",
	     name, already, getProviders(name).slot);

if (adjustSecurity(REMOVEPROVIDER, name))
    fprintf(stdout, "FYI: provider %s has been removed\n", name);
else fprintf(stdout, "FYI: provider %s removal unsuccessful\n", name);

if (adjustSecurity(CHECKPROVIDER, classname, jarpath))
    already = " already";
else already = "";

name = adjustSecurity(ADDPROVIDER, classname, jarpath, 10);
if (name == null)
    fprintf(stdout, "ERROR: %s\n", errordict.message);
else fprintf(stdout, "FYI: provider %s%s loaded into slot %d\n",
	     name, already, getProviders(name).slot);
adds, checks and removes a provider several times. The provider in this example is the BouncyCastle provider (http://www.bouncycastle.org). The output from this script should look something like the following: 
FYI: provider BC loaded into slot 0
FYI: provider BC already loaded into slot 0
FYI: provider BC has been removed
FYI: provider BC loaded into slot 6
 
 Return:   String or int
 
 See Also:  
 
 See Also:   getCertificates, getProviderInfo, getProviders

 

Yoix is a registered trademark of AT&T Inc.