@Override public boolean isReadOnly() { return conf.isReadOnly(); }
@Override public String getName() { return conf.getName(); }
this.module = Args.notNull(module, "module"); String library = moduleConf.getNativeLibrary(); Vendor vendor; if (library.contains("ykcs11")) { "\n\tPath", moduleConf.getNativeLibrary()); slotList = module.getSlotList(Module.SlotRequirement.ALL_SLOTS); } catch (Throwable th) { final String msg = "could not getSlotList of module " + moduleConf.getName(); LogUtil.error(LOG, th, msg); throw new P11TokenException(msg); if (!moduleConf.isSlotIncluded(slotId)) { LOG.info("skipped slot {}", slotId); continue; pwd = moduleConf.getPasswordRetriever().getPassword(slotId); } catch (PasswordResolverException ex) { throw new P11TokenException("PasswordResolverException: " + ex.getMessage(), ex); P11Slot p11Slot = new IaikP11Slot(moduleConf.getName(), slotId, slot, moduleConf.isReadOnly(), moduleConf.getUserType(), pwd, moduleConf.getMaxMessageSize(), moduleConf.getP11MechanismFilter(), moduleConf.getP11NewObjectConf(), vendor);
String modulePath = moduleConf.getNativeLibrary().trim(); String parametersStr = ""; if (!modulePath.isEmpty()) { if (!moduleConf.isSlotIncluded(slotIdentifier)) { LOG.info("skipped slot {}", slotId); continue; List<char[]> pwd; try { pwd = moduleConf.getPasswordRetriever().getPassword(slotId); } catch (PasswordResolverException ex) { throw new P11TokenException("PasswordResolverException: " + ex.getMessage(), ex); P11Slot slot = new EmulatorP11Slot(moduleConf.getName(), slotDir, slotId, moduleConf.isReadOnly(), firstPwd, privateKeyCryptor, moduleConf.getP11MechanismFilter(), moduleConf.getP11NewObjectConf(), maxSessions, vendor); slots.add(slot);
slotList = module.getSlotList(Module.SlotRequirement.ALL_SLOTS); } catch (Throwable th) { final String msg = "could not getSlotList of module " + moduleConf.name(); LogUtil.error(LOG, th, msg); throw new P11TokenException(msg); if (!moduleConf.isSlotIncluded(slotId)) { LOG.info("skipped slot {}", slotId); continue; pwd = moduleConf.passwordRetriever().getPassword(slotId); } catch (PasswordResolverException ex) { throw new P11TokenException("PasswordResolverException: " + ex.getMessage(), ex); P11Slot p11Slot = new IaikP11Slot(moduleConf.name(), slotId, slot, moduleConf.isReadOnly(), moduleConf.userType(), pwd, moduleConf.maxMessageSize(), moduleConf.p11MechanismFilter());
private EmulatorP11Module(final P11ModuleConf moduleConf) throws P11TokenException { super(moduleConf); final String modulePath = moduleConf.nativeLibrary(); if (!StringUtil.startsWithIgnoreCase(modulePath, PREFIX)) { throw new IllegalArgumentException("the module path does not starts with " + PREFIX if (!moduleConf.isSlotIncluded(slotIdentifier)) { LOG.info("skipped slot {}", slotId); continue; List<char[]> pwd; try { pwd = moduleConf.passwordRetriever().getPassword(slotId); } catch (PasswordResolverException ex) { throw new P11TokenException("PasswordResolverException: " + ex.getMessage(), ex); P11Slot slot = new EmulatorP11Slot(moduleConf.name(), slotDir, slotId, moduleConf.isReadOnly(), firstPwd, privateKeyCryptor, moduleConf.p11MechanismFilter(), maxSessions); slots.add(slot);
if (!conf.isSlotIncluded(slotId)) { continue; if (!conf.isSlotIncluded(slotId)) { LOG.info("skipped slot {}", slotId); continue; P11Slot slot = new ProxyP11Slot(this, slotId, conf.isReadOnly(), conf.p11MechanismFilter()); slots.add(slot);
if (!conf.isSlotIncluded(slotId)) { continue; if (!conf.isSlotIncluded(slotId)) { LOG.info("skipped slot {}", slotId); continue; P11Slot slot = new ProxyP11Slot(this, slotId, conf.isReadOnly(), conf.getP11MechanismFilter()); slots.add(slot);
public synchronized void init() throws InvalidConfException { if (moduleConfs != null) { return; } if (StringUtil.isBlank(pkcs11ConfFile)) { LOG.error("no pkcs11ConfFile is configured, could not initialize"); return; } try (InputStream confStream = Files.newInputStream(Paths.get(pkcs11ConfFile))) { Pkcs11conf pkcs11Conf = JSON.parseObject(confStream, Pkcs11conf.class); pkcs11Conf.validate(); List<Pkcs11conf.Module> moduleTypes = pkcs11Conf.getModules(); List<Pkcs11conf.MechanismSet> mechanismSets = pkcs11Conf.getMechanismSets(); Map<String, P11ModuleConf> confs = new HashMap<>(); for (Pkcs11conf.Module moduleType : moduleTypes) { P11ModuleConf conf = new P11ModuleConf(moduleType, mechanismSets, passwordResolver); confs.put(conf.getName(), conf); } if (!confs.containsKey(P11CryptServiceFactory.DEFAULT_P11MODULE_NAME)) { throw new InvalidConfException("module '" + P11CryptServiceFactory.DEFAULT_P11MODULE_NAME + "' is not defined"); } this.moduleConfs = Collections.unmodifiableMap(confs); this.moduleNames = Collections.unmodifiableSet(new HashSet<>(confs.keySet())); } catch (IOException | RuntimeException ex) { throw new InvalidConfException("could not create P11Conf: " + ex.getMessage(), ex); } }
@Override public P11Module getP11Module(P11ModuleConf conf) throws P11TokenException { String type = conf.getType().toLowerCase(); String nativeLib = conf.getNativeLibrary(); String key = type + ":" + nativeLib; P11Module p11Module = modules.get(key); if (p11Module == null) { for (P11ModuleFactory service : factories) { if (service.canCreateModule(type)) { p11Module = service.newModule(conf); break; } } if (p11Module == null) { throw new P11TokenException( "could not find Factory to create PKCS#11 module of type '" + type + "'"); } modules.put(key, p11Module); } return p11Module; }
P11ModuleConf conf = new P11ModuleConf(moduleType, passwordResolver); confs.put(conf.name(), conf);
module = Module.getInstance(moduleConf.getNativeLibrary()); } catch (IOException ex) { final String msg = "could not load the PKCS#11 module " + moduleConf.getName(); LogUtil.error(LOG, ex, msg); throw new P11TokenException(msg, ex); if (ex.getErrorCode() != PKCS11Constants.CKR_CRYPTOKI_ALREADY_INITIALIZED) { LogUtil.error(LOG, ex); close(moduleConf.getName(), module); throw new P11TokenException(ex.getMessage(), ex); } else { close(moduleConf.getName(), module); throw new P11TokenException(th.getMessage());
if (mechFilters != null && CollectionUtil.isNonEmpty(mechFilters)) { for (Pkcs11conf.MechanimFilter filterType : mechFilters) { Set<P11SlotIdFilter> slots = getSlotIdFilters(filterType.getSlots()); String mechanismSetName = filterType.getMechanismSet(); passwordRetriever.setPasswordResolver(passwordResolver); for (Pkcs11conf.PasswordSet passwordType : passwordsList) { Set<P11SlotIdFilter> slots = getSlotIdFilters(passwordType.getSlots()); passwordRetriever.addPasswordEntry(slots, new ArrayList<>(passwordType.getPasswords())); includeSlots = getSlotIdFilters(moduleType.getIncludeSlots()); excludeSlots = getSlotIdFilters(moduleType.getExcludeSlots());
@Override public void close() { for (P11SlotIdentifier slotId : getSlotIds()) { try { getSlot(slotId).close(); } catch (Throwable th) { LogUtil.error(LOG, th, "could not close PKCS#11 slot " + slotId); } } close(conf.getNativeLibrary(), module); }
Map<String, P11ModuleConf> confs = new HashMap<>(); for (ModuleType moduleType : modulesType.getModule()) { P11ModuleConf conf = new P11ModuleConf(moduleType, mechanismSets, passwordResolver); confs.put(conf.getName(), conf);
@Override public P11Module getP11Module(P11ModuleConf conf) throws P11TokenException { String type = conf.getType().toLowerCase(); String nativeLib = conf.getNativeLibrary(); String key = type + ":" + nativeLib; P11Module p11Module = modules.get(key); if (p11Module == null) { for (P11ModuleFactory service : services) { if (service.canCreateModule(type)) { p11Module = service.newModule(conf); break; } } if (p11Module == null) { throw new P11TokenException( "could not find Factory to create PKCS#11 module of type '" + type + "'"); } modules.put(key, p11Module); } return p11Module; }
if (mechFilters != null && CollectionUtil.isNonEmpty(mechFilters.getMechanismFilter())) { for (MechanismFilterType filterType : mechFilters.getMechanismFilter()) { Set<P11SlotIdFilter> slots = getSlotIdFilters(filterType.getSlots()); String mechanismSetName = filterType.getMechanismSet(); passwordRetriever.setPasswordResolver(passwordResolver); for (PasswordsType passwordType : passwordsList.getPasswords()) { Set<P11SlotIdFilter> slots = getSlotIdFilters(passwordType.getSlots()); passwordRetriever.addPasswordEntry(slots, new ArrayList<>(passwordType.getPassword())); includeSlots = getSlotIdFilters(moduleType.getIncludeSlots()); excludeSlots = getSlotIdFilters(moduleType.getExcludeSlots());
private ProxyP11Module(P11ModuleConf moduleConf) throws P11TokenException { super(moduleConf); final String modulePath = moduleConf.getNativeLibrary();
@Override public boolean isReadOnly() { return conf.isReadOnly(); }
if (mechsList != null && CollectionUtil.isNonEmpty(mechsList.getMechanisms())) { for (MechanismsType mechType : mechsList.getMechanisms()) { Set<P11SlotIdFilter> slots = getSlotIdFilters(mechType.getSlots()); Set<Long> mechanisms = new HashSet<>(); for (String mechStr : mechType.getMechanism()) { passwordRetriever.setPasswordResolver(passwordResolver); for (PasswordsType passwordType : passwordsList.getPasswords()) { Set<P11SlotIdFilter> slots = getSlotIdFilters(passwordType.getSlots()); passwordRetriever.addPasswordEntry(slots, new ArrayList<>(passwordType.getPassword())); includeSlots = getSlotIdFilters(moduleType.getIncludeSlots()); excludeSlots = getSlotIdFilters(moduleType.getExcludeSlots());