To help troubleshooting the SigningUnit for CA and OCSP have been modified to chain the original exceptions.
https://fedorahosted.org/pki/ticket/2463 Pushed master (10.4) under one-line/trivial rule. -- Endi S. Dewata
>From 701022f97aef862c1cdfa6b030fecf0a1d250930 Mon Sep 17 00:00:00 2001 From: "Endi S. Dewata" <edew...@redhat.com> Date: Thu, 15 Sep 2016 18:05:05 +0200 Subject: [PATCH] Troubleshooting improvements for SigningUnit. To help troubleshooting the SigningUnit for CA and OCSP have been modified to chain the original exceptions. https://fedorahosted.org/pki/ticket/2463 --- base/ca/src/com/netscape/ca/SigningUnit.java | 24 ++++++------- base/ocsp/src/com/netscape/ocsp/SigningUnit.java | 44 ++++++++++++------------ 2 files changed, 34 insertions(+), 34 deletions(-) diff --git a/base/ca/src/com/netscape/ca/SigningUnit.java b/base/ca/src/com/netscape/ca/SigningUnit.java index f708e557f0dab38ba22e6e39431ffe3964b706f4..ac73a472efa531d47115708de7b4d65405b8e612 100644 --- a/base/ca/src/com/netscape/ca/SigningUnit.java +++ b/base/ca/src/com/netscape/ca/SigningUnit.java @@ -257,16 +257,16 @@ public final class SigningUnit implements ISigningUnit { } catch (NoSuchAlgorithmException e) { log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_SIGNING_ALG_NOT_SUPPORTED", algname, e.toString())); throw new ECAException( - CMS.getUserMessage("CMS_CA_SIGNING_ALGOR_NOT_SUPPORTED", algname)); + CMS.getUserMessage("CMS_CA_SIGNING_ALGOR_NOT_SUPPORTED", algname), e); } catch (TokenException e) { // from get signature context or from initSign log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_SIGNING_ALG_NOT_SUPPORTED", algname, e.toString())); throw new ECAException( - CMS.getUserMessage("CMS_CA_SIGNING_ALGOR_NOT_SUPPORTED", algname)); + CMS.getUserMessage("CMS_CA_SIGNING_ALGOR_NOT_SUPPORTED", algname), e); } catch (InvalidKeyException e) { log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_SIGNING_ALG_NOT_SUPPORTED", algname, e.toString())); throw new ECAException( - CMS.getUserMessage("CMS_CA_SIGNING_ALGOR_NOT_SUPPORTED_FOR_KEY", algname)); + CMS.getUserMessage("CMS_CA_SIGNING_ALGOR_NOT_SUPPORTED_FOR_KEY", algname), e); } } @@ -311,21 +311,21 @@ public final class SigningUnit implements ISigningUnit { } catch (NoSuchAlgorithmException e) { log(ILogger.LL_FAILURE, CMS.getLogMessage("OPERATION_ERROR", e.toString())); throw new ECAException( - CMS.getUserMessage("CMS_CA_SIGNING_ALGOR_NOT_SUPPORTED", algname)); + CMS.getUserMessage("CMS_CA_SIGNING_ALGOR_NOT_SUPPORTED", algname), e); } catch (TokenException e) { // from get signature context or from initSign log(ILogger.LL_FAILURE, CMS.getLogMessage("OPERATION_ERROR", e.toString())); // XXX fix this exception later. - throw new EBaseException(e.toString()); + throw new EBaseException(e); } catch (InvalidKeyException e) { // XXX fix this exception later. - throw new EBaseException(e.toString()); + throw new EBaseException(e); } catch (SignatureException e) { log(ILogger.LL_FAILURE, CMS.getLogMessage("OPERATION_ERROR", e.toString())); CMS.debug("SigningUnit.sign: " + e.toString()); CMS.checkForAndAutoShutdown(); // XXX fix this exception later. - throw new EBaseException(e.toString()); + throw new EBaseException(e); } } @@ -351,21 +351,21 @@ public final class SigningUnit implements ISigningUnit { } catch (NoSuchAlgorithmException e) { log(ILogger.LL_FAILURE, CMS.getLogMessage("OPERATION_ERROR", e.toString())); // XXX fix this exception later. - throw new EBaseException(e.toString()); + throw new EBaseException(e); } catch (TokenException e) { // from get signature context or from initSign log(ILogger.LL_FAILURE, CMS.getLogMessage("OPERATION_ERROR", e.toString())); // XXX fix this exception later. - throw new EBaseException(e.toString()); + throw new EBaseException(e); } catch (InvalidKeyException e) { log(ILogger.LL_FAILURE, CMS.getLogMessage("OPERATION_ERROR", e.toString())); // XXX fix this exception later. - throw new EBaseException(e.toString()); + throw new EBaseException(e); } catch (SignatureException e) { log(ILogger.LL_FAILURE, CMS.getLogMessage("OPERATION_ERROR", e.toString())); CMS.checkForAndAutoShutdown(); // XXX fix this exception later. - throw new EBaseException(e.toString()); + throw new EBaseException(e); } } @@ -410,7 +410,7 @@ public final class SigningUnit implements ISigningUnit { String msg = "Invalid encoding in CA signing key."; log(ILogger.LL_FAILURE, CMS.getLogMessage("OPERATION_ERROR", msg)); - throw new EBaseException(CMS.getUserMessage("CMS_BASE_INTERNAL_ERROR", msg)); + throw new EBaseException(CMS.getUserMessage("CMS_BASE_INTERNAL_ERROR", msg), e); } if (key.getAlgorithmId().getOID().equals(AlgorithmId.DSA_oid)) { diff --git a/base/ocsp/src/com/netscape/ocsp/SigningUnit.java b/base/ocsp/src/com/netscape/ocsp/SigningUnit.java index 5aff29144364656651324ca3d635a6af14fe7368..f1c4feb7c4bb4ed9fe19853082308c3bd9307073 100644 --- a/base/ocsp/src/com/netscape/ocsp/SigningUnit.java +++ b/base/ocsp/src/com/netscape/ocsp/SigningUnit.java @@ -22,10 +22,6 @@ import java.security.NoSuchAlgorithmException; import java.security.PublicKey; import java.security.SignatureException; -import netscape.security.x509.AlgorithmId; -import netscape.security.x509.X509CertImpl; -import netscape.security.x509.X509Key; - import org.mozilla.jss.CryptoManager; import org.mozilla.jss.NoSuchTokenException; import org.mozilla.jss.crypto.CryptoToken; @@ -48,6 +44,10 @@ import com.netscape.certsrv.security.ISigningUnit; import com.netscape.cmscore.security.JssSubsystem; import com.netscape.cmsutil.util.Cert; +import netscape.security.x509.AlgorithmId; +import netscape.security.x509.X509CertImpl; +import netscape.security.x509.X509Key; + /** * OCSP signing unit based on JSS. * @@ -175,24 +175,24 @@ public final class SigningUnit implements ISigningUnit { } catch (java.security.cert.CertificateException e) { log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_OCSP_CONVERT_X509", e.getMessage())); - throw new EOCSPException(CMS.getUserMessage("CMS_BASE_INTERNAL_ERROR", e.toString())); + throw new EOCSPException(CMS.getUserMessage("CMS_BASE_INTERNAL_ERROR", e.toString()), e); } catch (CryptoManager.NotInitializedException e) { log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_OCSP_SIGNING", e.toString())); - throw new EOCSPException(CMS.getUserMessage("CMS_BASE_INTERNAL_ERROR", e.toString())); + throw new EOCSPException(CMS.getUserMessage("CMS_BASE_INTERNAL_ERROR", e.toString()), e); } catch (IncorrectPasswordException e) { log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_OCSP_INCORRECT_PWD", e.toString())); - throw new EOCSPException(CMS.getUserMessage("CMS_BASE_INTERNAL_ERROR", e.toString())); + throw new EOCSPException(CMS.getUserMessage("CMS_BASE_INTERNAL_ERROR", e.toString()), e); } catch (NoSuchTokenException e) { log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_OCSP_TOKEN_NOT_FOUND", tokenname, e.toString())); - throw new EOCSPException(CMS.getUserMessage("CMS_BASE_INTERNAL_ERROR", e.toString())); + throw new EOCSPException(CMS.getUserMessage("CMS_BASE_INTERNAL_ERROR", e.toString()), e); } catch (ObjectNotFoundException e) { log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_OCSP_OBJECT_NOT_FOUND", e.toString())); - throw new EOCSPException(CMS.getUserMessage("CMS_BASE_INTERNAL_ERROR", e.toString())); + throw new EOCSPException(CMS.getUserMessage("CMS_BASE_INTERNAL_ERROR", e.toString()), e); } catch (TokenException e) { log(ILogger.LL_FAILURE, CMS.getLogMessage("OPERATION_ERROR", e.toString())); - throw new EOCSPException(CMS.getUserMessage("CMS_BASE_INTERNAL_ERROR", e.toString())); + throw new EOCSPException(CMS.getUserMessage("CMS_BASE_INTERNAL_ERROR", e.toString()), e); } } @@ -223,16 +223,16 @@ public final class SigningUnit implements ISigningUnit { } catch (NoSuchAlgorithmException e) { log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_OCSP_SIGN_ALG_NOT_SUPPORTED", algname)); - throw new EOCSPException(CMS.getUserMessage("CMS_BASE_INTERNAL_ERROR", e.toString())); + throw new EOCSPException(CMS.getUserMessage("CMS_BASE_INTERNAL_ERROR", e.toString()), e); } catch (TokenException e) { // from get signature context or from initSign log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_OCSP_SIGN_ALG_NOT_SUPPORTED", algname)); - throw new EOCSPException(CMS.getUserMessage("CMS_BASE_INTERNAL_ERROR", e.toString())); + throw new EOCSPException(CMS.getUserMessage("CMS_BASE_INTERNAL_ERROR", e.toString()), e); } catch (InvalidKeyException e) { log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_OCSP_SIGN_ALG_NOT_SUPPORTED", algname)); - throw new EOCSPException(CMS.getUserMessage("CMS_BASE_INTERNAL_ERROR", e.toString())); + throw new EOCSPException(CMS.getUserMessage("CMS_BASE_INTERNAL_ERROR", e.toString()), e); } } @@ -265,18 +265,18 @@ public final class SigningUnit implements ISigningUnit { return signer.sign(); } catch (NoSuchAlgorithmException e) { log(ILogger.LL_FAILURE, CMS.getLogMessage("OPERATION_ERROR", e.toString())); - throw new EOCSPException(CMS.getUserMessage("CMS_BASE_INTERNAL_ERROR", e.toString())); + throw new EOCSPException(CMS.getUserMessage("CMS_BASE_INTERNAL_ERROR", e.toString()), e); } catch (TokenException e) { // from get signature context or from initSign log(ILogger.LL_FAILURE, CMS.getLogMessage("OPERATION_ERROR", e.toString())); - throw new EOCSPException(CMS.getUserMessage("CMS_BASE_INTERNAL_ERROR", e.toString())); + throw new EOCSPException(CMS.getUserMessage("CMS_BASE_INTERNAL_ERROR", e.toString()), e); } catch (InvalidKeyException e) { log(ILogger.LL_FAILURE, CMS.getLogMessage("OPERATION_ERROR", e.toString())); - throw new EOCSPException(CMS.getUserMessage("CMS_BASE_INTERNAL_ERROR", e.toString())); + throw new EOCSPException(CMS.getUserMessage("CMS_BASE_INTERNAL_ERROR", e.toString()), e); } catch (SignatureException e) { log(ILogger.LL_FAILURE, CMS.getLogMessage("OPERATION_ERROR", e.toString())); CMS.checkForAndAutoShutdown(); - throw new EOCSPException(CMS.getUserMessage("CMS_BASE_INTERNAL_ERROR", e.toString())); + throw new EOCSPException(CMS.getUserMessage("CMS_BASE_INTERNAL_ERROR", e.toString()), e); } } @@ -301,18 +301,18 @@ public final class SigningUnit implements ISigningUnit { return signer.verify(signature); } catch (NoSuchAlgorithmException e) { log(ILogger.LL_FAILURE, CMS.getLogMessage("OPERATION_ERROR", e.toString())); - throw new EOCSPException(CMS.getUserMessage("CMS_BASE_INTERNAL_ERROR", e.toString())); + throw new EOCSPException(CMS.getUserMessage("CMS_BASE_INTERNAL_ERROR", e.toString()), e); } catch (TokenException e) { // from get signature context or from initSign log(ILogger.LL_FAILURE, CMS.getLogMessage("OPERATION_ERROR", e.toString())); - throw new EOCSPException(CMS.getUserMessage("CMS_BASE_INTERNAL_ERROR", e.toString())); + throw new EOCSPException(CMS.getUserMessage("CMS_BASE_INTERNAL_ERROR", e.toString()), e); } catch (InvalidKeyException e) { log(ILogger.LL_FAILURE, CMS.getLogMessage("OPERATION_ERROR", e.toString())); - throw new EOCSPException(CMS.getUserMessage("CMS_BASE_INTERNAL_ERROR", e.toString())); + throw new EOCSPException(CMS.getUserMessage("CMS_BASE_INTERNAL_ERROR", e.toString()), e); } catch (SignatureException e) { log(ILogger.LL_FAILURE, CMS.getLogMessage("OPERATION_ERROR", e.toString())); CMS.checkForAndAutoShutdown(); - throw new EOCSPException(CMS.getUserMessage("CMS_BASE_INTERNAL_ERROR", e.toString())); + throw new EOCSPException(CMS.getUserMessage("CMS_BASE_INTERNAL_ERROR", e.toString()), e); } } @@ -357,7 +357,7 @@ public final class SigningUnit implements ISigningUnit { String msg = "Invalid encoding in OCSP signing key."; log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_OCSP_INVALID_ENCODING")); - throw new EOCSPException(CMS.getUserMessage("CMS_BASE_INTERNAL_ERROR", msg)); + throw new EOCSPException(CMS.getUserMessage("CMS_BASE_INTERNAL_ERROR", msg), e); } if (key.getAlgorithmId().getOID().equals(AlgorithmId.DSA_oid)) { -- 2.7.4
_______________________________________________ Pki-devel mailing list Pki-devel@redhat.com https://www.redhat.com/mailman/listinfo/pki-devel