This is an automated email from the ASF dual-hosted git repository.
zitadombi pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ozone.git
The following commit(s) were added to refs/heads/master by this push:
new 08b1e3f746 HDDS-11030. Do not throw OperatorCreationException from
CertificateApprover#sign (#6843)
08b1e3f746 is described below
commit 08b1e3f7463912a67c26e1acf4319b1756e7c03c
Author: Istvan Fajth <[email protected]>
AuthorDate: Wed Jun 26 15:24:27 2024 +0200
HDDS-11030. Do not throw OperatorCreationException from
CertificateApprover#sign (#6843)
---
.../x509/certificate/authority/CertificateApprover.java | 5 ++---
.../x509/certificate/authority/DefaultApprover.java | 15 +++++++++------
2 files changed, 11 insertions(+), 9 deletions(-)
diff --git
a/hadoop-hdds/framework/src/main/java/org/apache/hadoop/hdds/security/x509/certificate/authority/CertificateApprover.java
b/hadoop-hdds/framework/src/main/java/org/apache/hadoop/hdds/security/x509/certificate/authority/CertificateApprover.java
index 63c69bc06e..3282f72a5d 100644
---
a/hadoop-hdds/framework/src/main/java/org/apache/hadoop/hdds/security/x509/certificate/authority/CertificateApprover.java
+++
b/hadoop-hdds/framework/src/main/java/org/apache/hadoop/hdds/security/x509/certificate/authority/CertificateApprover.java
@@ -20,7 +20,6 @@
package org.apache.hadoop.hdds.security.x509.certificate.authority;
import org.apache.hadoop.hdds.security.SecurityConfig;
-import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.pkcs.PKCS10CertificationRequest;
import java.io.IOException;
@@ -55,7 +54,7 @@ public interface CertificateApprover {
* @param certSerialId - the new certificate id.
* @return Signed Certificate.
* @throws IOException - On Error
- * @throws OperatorCreationException - on Error.
+ * @throws CertificateException - on Error.
*/
@SuppressWarnings("ParameterNumber")
X509Certificate sign(
@@ -68,7 +67,7 @@ public interface CertificateApprover {
String scmId,
String clusterId,
String certSerialId)
- throws IOException, OperatorCreationException, CertificateException;
+ throws IOException, CertificateException;
/**
diff --git
a/hadoop-hdds/framework/src/main/java/org/apache/hadoop/hdds/security/x509/certificate/authority/DefaultApprover.java
b/hadoop-hdds/framework/src/main/java/org/apache/hadoop/hdds/security/x509/certificate/authority/DefaultApprover.java
index 5ba7526ec9..b2d62443b7 100644
---
a/hadoop-hdds/framework/src/main/java/org/apache/hadoop/hdds/security/x509/certificate/authority/DefaultApprover.java
+++
b/hadoop-hdds/framework/src/main/java/org/apache/hadoop/hdds/security/x509/certificate/authority/DefaultApprover.java
@@ -117,8 +117,7 @@ public class DefaultApprover implements CertificateApprover
{
PKCS10CertificationRequest certificationRequest,
String scmId,
String clusterId,
- String certSerialId) throws IOException,
- OperatorCreationException, CertificateException {
+ String certSerialId) throws IOException, CertificateException {
AlgorithmIdentifier sigAlgId = new
DefaultSignatureAlgorithmIdentifierFinder().find(
@@ -187,11 +186,15 @@ public class DefaultApprover implements
CertificateApprover {
}
}
- ContentSigner sigGen = new BcRSAContentSignerBuilder(sigAlgId, digAlgId)
- .build(asymmetricKP);
+ try {
+ ContentSigner sigGen = new BcRSAContentSignerBuilder(sigAlgId, digAlgId)
+ .build(asymmetricKP);
- //TODO: as part of HDDS-10743 ensure that converter is instantiated only
once
- return new
JcaX509CertificateConverter().getCertificate(certificateGenerator.build(sigGen));
+ //TODO: as part of HDDS-10743 ensure that converter is instantiated only
once
+ return new
JcaX509CertificateConverter().getCertificate(certificateGenerator.build(sigGen));
+ } catch (OperatorCreationException oce) {
+ throw new CertificateException(oce);
+ }
}
/**
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
