Search in sources :

Example 6 with RuntimeCryptoException

use of org.bouncycastle.crypto.RuntimeCryptoException in project ranger by apache.

the class RangerGoogleCloudHSMProvider method onInitialization.

@Override
public void onInitialization() throws Exception {
    this.validateGcpProps();
    if (logger.isDebugEnabled()) {
        logger.debug("==> onInitialization() : {gcpProjectId - " + this.gcpProjectId + ", gcpLocationId - " + this.gcpLocationId + ", gcpKeyRingId - " + this.gcpKeyRingId + ", gcpAppCredFile Path - " + this.gcpAppCredFile + "}");
    }
    String errorMessage = null;
    client = getKeyClient(this.gcpAppCredFile);
    KeyRing keyRingResponse = null;
    if (client != null) {
        this.keyRingName = KeyRingName.of(this.gcpProjectId, this.gcpLocationId, this.gcpKeyRingId);
        if (this.keyRingName != null) {
            keyRingResponse = this.client.getKeyRing(this.keyRingName.toString());
            if (keyRingResponse == null) {
                errorMessage = "Unable to get Key Ring response for Project : " + this.gcpProjectId + " and Location : " + this.gcpLocationId;
            } else if (keyRingResponse != null && !keyRingResponse.getName().endsWith(this.gcpKeyRingId)) {
                errorMessage = "Key Ring with name : " + this.gcpKeyRingId + " does not exist for Project : " + this.gcpProjectId + " and Location : " + this.gcpLocationId;
            }
        } else {
            errorMessage = "Unable to get Key Ring response for Project : " + this.gcpProjectId + " and Location : " + this.gcpLocationId;
        }
    } else {
        errorMessage = "Unable to create client object for Google Cloud HSM. Please check the Key HSM Log file OR Verify Google App Credential JSON file.";
    }
    if (logger.isDebugEnabled()) {
        logger.debug("<== onInitialization() : {this.keyRingName - " + this.keyRingName + ", keyRingResponse - " + keyRingResponse + "}");
    }
    if (!StringUtils.isEmpty(errorMessage)) {
        throw new RuntimeCryptoException(errorMessage);
    }
}
Also used : RuntimeCryptoException(org.bouncycastle.crypto.RuntimeCryptoException) KeyRing(com.google.cloud.kms.v1.KeyRing) ByteString(com.google.protobuf.ByteString)

Aggregations

RuntimeCryptoException (org.bouncycastle.crypto.RuntimeCryptoException)6 CryptoKeyName (com.google.cloud.kms.v1.CryptoKeyName)2 XiSecurityException (org.xipki.security.exception.XiSecurityException)2 AlreadyExistsException (com.google.api.gax.rpc.AlreadyExistsException)1 CryptoKey (com.google.cloud.kms.v1.CryptoKey)1 DecryptResponse (com.google.cloud.kms.v1.DecryptResponse)1 EncryptResponse (com.google.cloud.kms.v1.EncryptResponse)1 KeyRing (com.google.cloud.kms.v1.KeyRing)1 ByteString (com.google.protobuf.ByteString)1 ByteArrayOutputStream (java.io.ByteArrayOutputStream)1 P11TokenException (org.xipki.security.exception.P11TokenException)1