public void importToDB() throws Exception {
    CertStoreType certstore;
    try {
      @SuppressWarnings("unchecked")
      JAXBElement<CertStoreType> root =
          (JAXBElement<CertStoreType>)
              unmarshaller.unmarshal(new File(baseDir + File.separator + FILENAME_OCSP_CertStore));
      certstore = root.getValue();
    } catch (JAXBException e) {
      throw XMLUtil.convert(e);
    }

    if (certstore.getVersion() > VERSION) {
      throw new Exception(
          "could not import CertStore greater than " + VERSION + ": " + certstore.getVersion());
    }

    File processLogFile = new File(baseDir, DbPorter.IMPORT_PROCESS_LOG_FILENAME);
    System.out.println("importing OCSP certstore to database");
    try {
      if (!resume) {
        dropIndexes();
        import_issuer(certstore.getIssuers());
      }
      import_cert(certstore, processLogFile);
      recoverIndexes();
      processLogFile.delete();
    } catch (Exception e) {
      System.err.println("error while importing OCSP certstore to database");
      throw e;
    }
    System.out.println(" imported OCSP certstore to database");
  } // method importToDB
예제 #2
0
  private void initPkcs11ModuleConf() {
    if (p11Control != null) {
      return;
    }

    if (StringUtil.isBlank(pkcs11ConfFile)) {
      throw new IllegalStateException("pkcs11ConfFile is not set");
    }

    try {
      JAXBContext jaxbContext = JAXBContext.newInstance(ObjectFactory.class);
      Unmarshaller unmarshaller = jaxbContext.createUnmarshaller();
      SchemaFactory schemaFact =
          SchemaFactory.newInstance(javax.xml.XMLConstants.W3C_XML_SCHEMA_NS_URI);
      Schema schema = schemaFact.newSchema(getClass().getResource("/xsd/pkcs11-conf.xsd"));
      unmarshaller.setSchema(schema);
      @SuppressWarnings("unchecked")
      JAXBElement<PKCS11ConfType> rootElement =
          (JAXBElement<PKCS11ConfType>) unmarshaller.unmarshal(new File(pkcs11ConfFile));
      PKCS11ConfType pkcs11Conf = rootElement.getValue();
      ModulesType modulesType = pkcs11Conf.getModules();

      Map<String, P11ModuleConf> confs = new HashMap<>();
      for (ModuleType moduleType : modulesType.getModule()) {
        String name = moduleType.getName();
        if (DEFAULT_P11MODULE_NAME.equals(name)) {
          throw new ConfigurationException(
              "invald module name " + DEFAULT_P11MODULE_NAME + ", it is reserved");
        }

        if (confs.containsKey(name)) {
          throw new ConfigurationException(
              "multiple modules with the same module name is not permitted");
        }

        P11PasswordRetriever pwdRetriever;

        PasswordsType passwordsType = moduleType.getPasswords();
        if (passwordsType == null || CollectionUtil.isEmpty(passwordsType.getPassword())) {
          pwdRetriever = P11NullPasswordRetriever.INSTANCE;
        } else {
          pwdRetriever = new P11PasswordRetrieverImpl();
          ((P11PasswordRetrieverImpl) pwdRetriever).setPasswordResolver(passwordResolver);

          for (PasswordType passwordType : passwordsType.getPassword()) {
            Set<P11SlotIdentifier> slots = getSlots(passwordType.getSlots());
            ((P11PasswordRetrieverImpl) pwdRetriever)
                .addPasswordEntry(slots, new ArrayList<>(passwordType.getSinglePassword()));
          }
        }

        Set<P11SlotIdentifier> includeSlots = getSlots(moduleType.getIncludeSlots());
        Set<P11SlotIdentifier> excludeSlots = getSlots(moduleType.getExcludeSlots());

        final String osName = System.getProperty("os.name").toLowerCase();
        String nativeLibraryPath = null;
        for (NativeLibraryType library : moduleType.getNativeLibraries().getNativeLibrary()) {
          List<String> osNames = library.getOs();
          if (CollectionUtil.isEmpty(osNames)) {
            nativeLibraryPath = library.getPath();
          } else {
            for (String entry : osNames) {
              if (osName.contains(entry.toLowerCase())) {
                nativeLibraryPath = library.getPath();
                break;
              }
            }
          }

          if (nativeLibraryPath != null) {
            break;
          }
        }

        if (nativeLibraryPath == null) {
          throw new ConfigurationException("could not find PKCS#11 library for OS " + osName);
        }

        P11ModuleConf conf =
            new P11ModuleConf(name, nativeLibraryPath, pwdRetriever, includeSlots, excludeSlots);
        confs.put(name, conf);
      }

      final String defaultModuleName = modulesType.getDefaultModule();
      if (confs.containsKey(defaultModuleName) == false) {
        throw new ConfigurationException("default module " + defaultModuleName + " is not defined");
      }

      this.p11Control = new P11Control(defaultModuleName, new HashSet<>(confs.values()));
    } catch (JAXBException | SAXException | ConfigurationException e) {
      final String message = "invalid configuration file " + pkcs11ConfFile;
      if (LOG.isErrorEnabled()) {
        final String exceptionMessage;
        if (e instanceof JAXBException) {
          exceptionMessage = XMLUtil.getMessage((JAXBException) e);
        } else {
          exceptionMessage = e.getMessage();
        }
        LOG.error(
            LogUtil.buildExceptionLogFormat(message), e.getClass().getName(), exceptionMessage);
      }
      LOG.debug(message, e);

      throw new RuntimeException(message);
    }
  }