diff options
author | Thomas Lenz <thomas.lenz@egiz.gv.at> | 2020-07-01 15:21:54 +0200 |
---|---|---|
committer | Thomas Lenz <thomas.lenz@egiz.gv.at> | 2020-07-01 15:21:54 +0200 |
commit | bf864776d6abd52529ba171a4ef49dcc538711da (patch) | |
tree | 160cbd8d6d3de637ee34e4d42a4f4f853059d3ea /eaaf_core_utils/src/main | |
parent | fd6ffb7bf3ffbc00bb96c0eb215d89edbbb021e3 (diff) | |
download | EAAF-Components-bf864776d6abd52529ba171a4ef49dcc538711da.tar.gz EAAF-Components-bf864776d6abd52529ba171a4ef49dcc538711da.tar.bz2 EAAF-Components-bf864776d6abd52529ba171a4ef49dcc538711da.zip |
switch to HSM-Facade v0.5.0
Diffstat (limited to 'eaaf_core_utils/src/main')
-rw-r--r-- | eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/credential/EaafKeyStoreFactory.java | 34 |
1 files changed, 26 insertions, 8 deletions
diff --git a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/credential/EaafKeyStoreFactory.java b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/credential/EaafKeyStoreFactory.java index 504afc9f..8cbf1375 100644 --- a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/credential/EaafKeyStoreFactory.java +++ b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/credential/EaafKeyStoreFactory.java @@ -70,6 +70,7 @@ public class EaafKeyStoreFactory { = "at.asitplus.hsmfacade.provider.RemoteKeyStoreLoadParameter"; private static final String HSM_FACADE_PROVIDER_METHOD_CONSTRUCT = "getInstance"; private static final String HSM_FACADE_PROVIDER_METHOD_INIT = "init"; + private static final String HSM_FACADE_PROVIDER_METHOD_ISINITIALIZED = "isInitialized"; private static final String HSM_FACADE_PROVIDER_INIT_ERROR_MSG = "Has HSM-Facade class supported '{}' method: {}"; private static final String HSM_FACADE_PROVIDER = "HsmFacade"; @@ -177,15 +178,32 @@ public class EaafKeyStoreFactory { final String hsmFacadeHost = basicConfig.getBasicConfiguration(CONFIG_PROP_HSM_FACADE_HOST); Provider alreadyLoadedProvider = Security.getProvider(HSM_FACADE_PROVIDER); if (alreadyLoadedProvider != null - && alreadyLoadedProvider.getClass().isAssignableFrom(hsmProviderClazz)) { - //TODO: check isInitialized() flag, if the parameter is available in next version - - + && alreadyLoadedProvider.getClass().isAssignableFrom(hsmProviderClazz)) { log.info("Find already initialized Java SecurityProvider: {}", alreadyLoadedProvider.getName()); - log.info("HSM Facade is already initialized. {} can provide KeyStores based on remote HSM", - EaafKeyStoreFactory.class.getSimpleName()); - isHsmFacadeInitialized = true; - + //mark it as initialized if the state can not be determined + boolean isAlreadyInitialized = true; + try { + Method initializeCheck = + alreadyLoadedProvider.getClass().getMethod(HSM_FACADE_PROVIDER_METHOD_ISINITIALIZED, new Class[]{}); + isAlreadyInitialized = (boolean) initializeCheck.invoke(alreadyLoadedProvider); + + } catch (Exception e) { + log.warn("Can not determine state of alreay loaded HSM Facade. Mark it as 'initialized'"); + log.debug("HSM Facade check error: {}", e.getMessage()); + + } + isHsmFacadeInitialized = isAlreadyInitialized; + + if (isHsmFacadeInitialized) { + log.info("HSM Facade is already initialized. {} can provide KeyStores based on remote HSM", + EaafKeyStoreFactory.class.getSimpleName()); + + } else { + log.info("HSM Facade is already loaded but not initialized. {} can NOT provide KeyStores based on remote HSM", + EaafKeyStoreFactory.class.getSimpleName()); + + } + } else if (StringUtils.isNotEmpty(hsmFacadeHost)) { log.debug("Find host for HSMFacade. Starting crypto provider initialization ... "); initializeHsmFacadeSecurityProvider(hsmProviderClazz, hsmFacadeHost); |