summaryrefslogtreecommitdiff
path: root/eaaf_core_utils/src/main
diff options
context:
space:
mode:
authorThomas Lenz <thomas.lenz@egiz.gv.at>2020-07-01 15:21:54 +0200
committerThomas Lenz <thomas.lenz@egiz.gv.at>2020-07-01 15:21:54 +0200
commitbf864776d6abd52529ba171a4ef49dcc538711da (patch)
tree160cbd8d6d3de637ee34e4d42a4f4f853059d3ea /eaaf_core_utils/src/main
parentfd6ffb7bf3ffbc00bb96c0eb215d89edbbb021e3 (diff)
downloadEAAF-Components-bf864776d6abd52529ba171a4ef49dcc538711da.tar.gz
EAAF-Components-bf864776d6abd52529ba171a4ef49dcc538711da.tar.bz2
EAAF-Components-bf864776d6abd52529ba171a4ef49dcc538711da.zip
switch to HSM-Facade v0.5.0
Diffstat (limited to 'eaaf_core_utils/src/main')
-rw-r--r--eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/credential/EaafKeyStoreFactory.java34
1 files changed, 26 insertions, 8 deletions
diff --git a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/credential/EaafKeyStoreFactory.java b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/credential/EaafKeyStoreFactory.java
index 504afc9f..8cbf1375 100644
--- a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/credential/EaafKeyStoreFactory.java
+++ b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/credential/EaafKeyStoreFactory.java
@@ -70,6 +70,7 @@ public class EaafKeyStoreFactory {
= "at.asitplus.hsmfacade.provider.RemoteKeyStoreLoadParameter";
private static final String HSM_FACADE_PROVIDER_METHOD_CONSTRUCT = "getInstance";
private static final String HSM_FACADE_PROVIDER_METHOD_INIT = "init";
+ private static final String HSM_FACADE_PROVIDER_METHOD_ISINITIALIZED = "isInitialized";
private static final String HSM_FACADE_PROVIDER_INIT_ERROR_MSG
= "Has HSM-Facade class supported '{}' method: {}";
private static final String HSM_FACADE_PROVIDER = "HsmFacade";
@@ -177,15 +178,32 @@ public class EaafKeyStoreFactory {
final String hsmFacadeHost = basicConfig.getBasicConfiguration(CONFIG_PROP_HSM_FACADE_HOST);
Provider alreadyLoadedProvider = Security.getProvider(HSM_FACADE_PROVIDER);
if (alreadyLoadedProvider != null
- && alreadyLoadedProvider.getClass().isAssignableFrom(hsmProviderClazz)) {
- //TODO: check isInitialized() flag, if the parameter is available in next version
-
-
+ && alreadyLoadedProvider.getClass().isAssignableFrom(hsmProviderClazz)) {
log.info("Find already initialized Java SecurityProvider: {}", alreadyLoadedProvider.getName());
- log.info("HSM Facade is already initialized. {} can provide KeyStores based on remote HSM",
- EaafKeyStoreFactory.class.getSimpleName());
- isHsmFacadeInitialized = true;
-
+ //mark it as initialized if the state can not be determined
+ boolean isAlreadyInitialized = true;
+ try {
+ Method initializeCheck =
+ alreadyLoadedProvider.getClass().getMethod(HSM_FACADE_PROVIDER_METHOD_ISINITIALIZED, new Class[]{});
+ isAlreadyInitialized = (boolean) initializeCheck.invoke(alreadyLoadedProvider);
+
+ } catch (Exception e) {
+ log.warn("Can not determine state of alreay loaded HSM Facade. Mark it as 'initialized'");
+ log.debug("HSM Facade check error: {}", e.getMessage());
+
+ }
+ isHsmFacadeInitialized = isAlreadyInitialized;
+
+ if (isHsmFacadeInitialized) {
+ log.info("HSM Facade is already initialized. {} can provide KeyStores based on remote HSM",
+ EaafKeyStoreFactory.class.getSimpleName());
+
+ } else {
+ log.info("HSM Facade is already loaded but not initialized. {} can NOT provide KeyStores based on remote HSM",
+ EaafKeyStoreFactory.class.getSimpleName());
+
+ }
+
} else if (StringUtils.isNotEmpty(hsmFacadeHost)) {
log.debug("Find host for HSMFacade. Starting crypto provider initialization ... ");
initializeHsmFacadeSecurityProvider(hsmProviderClazz, hsmFacadeHost);