Example 1 with TLSAuthException
use of com.aws.greengrass.util.exceptions.TLSAuthException in project aws-greengrass-nucleus by aws-greengrass.
the class SecurityService method getDeviceIdentityKeyManagers.
/**
* Get KeyManagers for the default device identity.
*
* @return key managers
* @throws TLSAuthException if any error happens
*/
@SuppressWarnings({ "PMD.AvoidCatchingGenericException", "PMD.PreserveStackTrace" })
public KeyManager[] getDeviceIdentityKeyManagers() throws TLSAuthException {
URI privateKey = getDeviceIdentityPrivateKeyURI();
URI certPath = getDeviceIdentityCertificateURI();
try {
return RetryUtils.runWithRetry(GET_KEY_MANAGERS_RETRY_CONFIG, () -> getKeyManagers(privateKey, certPath), "get-key-managers", logger);
} catch (InterruptedException e) {
Thread.currentThread().interrupt();
throw new TLSAuthException("Get key managers interrupted", e);
} catch (Exception e) {
throw new TLSAuthException("Error during getting key managers", e);
}
}
Also used :
TLSAuthException(com.aws.greengrass.util.exceptions.TLSAuthException)
URI(java.net.URI)
KeyLoadingException(com.aws.greengrass.security.exceptions.KeyLoadingException)
URISyntaxException(java.net.URISyntaxException)
GeneralSecurityException(java.security.GeneralSecurityException)
TLSAuthException(com.aws.greengrass.util.exceptions.TLSAuthException)
MqttConnectionProviderException(com.aws.greengrass.security.exceptions.MqttConnectionProviderException)
IOException(java.io.IOException)
ServiceProviderConflictException(com.aws.greengrass.security.exceptions.ServiceProviderConflictException)
ServiceUnavailableException(com.aws.greengrass.security.exceptions.ServiceUnavailableException)
Example 2 with TLSAuthException
use of com.aws.greengrass.util.exceptions.TLSAuthException in project aws-greengrass-nucleus by aws-greengrass.
the class ClientConfigurationUtils method createTrustManagers.
private static TrustManager[] createTrustManagers(String rootCAPath) throws TLSAuthException {
try {
List<X509Certificate> trustCertificates = EncryptionUtils.loadX509Certificates(Paths.get(rootCAPath));
KeyStore tmKeyStore = KeyStore.getInstance("JKS");
tmKeyStore.load(null, null);
for (X509Certificate certificate : trustCertificates) {
X500Principal principal = certificate.getSubjectX500Principal();
String name = principal.getName("RFC2253");
tmKeyStore.setCertificateEntry(name, certificate);
}
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("X509");
trustManagerFactory.init(tmKeyStore);
return trustManagerFactory.getTrustManagers();
} catch (GeneralSecurityException | IOException e) {
throw new TLSAuthException("Failed to get trust manager", e);
}
}
Also used :
TrustManagerFactory(javax.net.ssl.TrustManagerFactory)
GeneralSecurityException(java.security.GeneralSecurityException)
X500Principal(javax.security.auth.x500.X500Principal)
TLSAuthException(com.aws.greengrass.util.exceptions.TLSAuthException)
IOException(java.io.IOException)
KeyStore(java.security.KeyStore)
X509Certificate(java.security.cert.X509Certificate)
Aggregations
TLSAuthException (com.aws.greengrass.util.exceptions.TLSAuthException)2
IOException (java.io.IOException)2
GeneralSecurityException (java.security.GeneralSecurityException)2
KeyLoadingException (com.aws.greengrass.security.exceptions.KeyLoadingException)1
MqttConnectionProviderException (com.aws.greengrass.security.exceptions.MqttConnectionProviderException)1
ServiceProviderConflictException (com.aws.greengrass.security.exceptions.ServiceProviderConflictException)1
ServiceUnavailableException (com.aws.greengrass.security.exceptions.ServiceUnavailableException)1
URI (java.net.URI)1
URISyntaxException (java.net.URISyntaxException)1
KeyStore (java.security.KeyStore)1
X509Certificate (java.security.cert.X509Certificate)1
TrustManagerFactory (javax.net.ssl.TrustManagerFactory)1
X500Principal (javax.security.auth.x500.X500Principal)1
