Creation of the Aes PKCS11 provider fails on JDK 11+

[mondain]

Submitted for consideration is a fix for Aes.SunPKCS11CipherFactory for JDK 11+.

    /**
     * Implements {@link CipherFactory} using Sun PKCS#11.
     *
     * @author Lyubomir Marinov
     */
    public static class SunPKCS11CipherFactory extends CipherFactory {
        /**
         * The {@link Provider} instance (to be) employed for an (optimized) AES
         * implementation.
         */
        private static Provider provider;

        /**
         * The indicator which determines whether {@link #provider} is to be
         * used. If {@code true}, an attempt will be made to initialize a {@link
         * Provider} instance. If the attempt fails, {@code false} will be
         * assigned in order to not repeatedly attempt the initialization which
         * is known to have failed.
         */
        private static boolean useProvider = true;

        /**
         * Gets the {@code java.security.Provider} instance (to be) employed
         * for an (optimized) AES implementation.
         *
         * @return the {@code java.security.Provider} instance (to be) employed
         * for an (optimized) AES implementation
         */
        public static Provider getProvider() throws Exception {
            Provider provider = SunPKCS11CipherFactory.provider;
            if (provider == null && useProvider) {
                try {
                    // The SunPKCS11 Config name should be unique in order
                    // to avoid repeated initialization exceptions.
                    String name = null;
                    Package pkg = Aes.class.getPackage();
                    if (pkg != null) {
                        name = pkg.getName();
                    }
                    if (name == null || name.length() == 0) {
                        name = "org.jitsi.srtp";
                    }
                    String config = "--name=" + name + "\\n" + "nssDbMode=noDb\\n" + "attributes=compatibility";
                    Provider prototype = Security.getProvider("SunPKCS11");
                    Class<?> sunPkcs11ProviderClass = Class.forName("sun.security.pkcs11.SunPKCS11");
                    Method configureMethod = sunPkcs11ProviderClass.getMethod("configure", String.class);                      
                    provider = (Provider) configureMethod.invoke(prototype, config);
                } finally {
                    if (provider == null) {
                        useProvider = false;
                    } else {
                        SunPKCS11CipherFactory.provider = provider;
                    }
                }
            }
            return provider;
        }

        /**
         * Initializes a new instance of this class.
         *
         * @throws Exception if anything goes wrong while initializing a new
         *                   instance
         */
        public SunPKCS11CipherFactory() throws Exception {
            super(getProvider());
            logger.info("Created SunPKCS11 provider");
        }

    }

[JonathanLennox]

Can you please describe what problem you're seeing, and give some detail on why this fixes it?

[mondain]

This is a fix for the SunPKCS11 provider not being created nor added to the providers list when using JDK11 or newer; its an easy verification, but I would assume that if earlier JDK's are to be supported, you all would need to add version checks.