Add logging for pkcs11 initialize (release-2.5 backport)

Add warnings and debug logging to troubleshoot pkcs11 initialize function. Note that main branch uses fabric-lib-go which has these same bccsp/pkcs11 updates. Signed-off-by: David Enyeart <enyeart@us.ibm.com>
hyperledger · May 21, 2024 · 5f1ef66 · 5f1ef66
1 parent c39658e
commit 5f1ef66
Showing 1 changed file with 8 additions and 2 deletions.
diff --git a/bccsp/pkcs11/pkcs11.go b/bccsp/pkcs11/pkcs11.go
@@ -138,7 +138,7 @@ func (csp *Provider) initialize(opts PKCS11Opts) (*Provider, error) {
 		return nil, fmt.Errorf("pkcs11: instantiation failed for %s", opts.Library)
 	}
 	if err := ctx.Initialize(); err != nil {
-		logger.Debugf("initialize failed: %v", err)
+		logger.Warnf("initialize failed: %v", err)
 	}
 
 	slots, err := ctx.GetSlotList(true)
@@ -147,9 +147,15 @@ func (csp *Provider) initialize(opts PKCS11Opts) (*Provider, error) {
 	}
 	for _, s := range slots {
 		info, err := ctx.GetTokenInfo(s)
-		if err != nil || opts.Label != info.Label {
+		if err != nil {
+			logger.Warnf("Failed to get TokenInfo for slot %d: %v", s, err)
+			continue
+		}
+		if opts.Label != info.Label {
+			logger.Warnw("PKCS11 labels did not match", "slot", s, "configLabel", opts.Label, "tokenLabel", info.Label)
 			continue
 		}
+		logger.Debugw("Found a matching PKCS11 label to use", "slot", s, "label", info.Label, "pin", opts.Pin)
 
 		csp.slot = s
 		csp.ctx = ctx