/** * @param param Value. * @param name Name. * @throws SSLException If {@code null}. */ private void checkNullParameter(Object param, String name) throws SSLException { if (param == null) throw new SSLException("Failed to initialize SSL context (parameter cannot be null): " + name); }
/** * @param param Value. * @param name Name. * @throws SSLException If {@code null}. */ private void checkNullParameter(Object param, String name) throws SSLException { if (param == null) throw new SSLException("Failed to initialize SSL context (parameter cannot be null): " + name); }
/** * @param res SSL engine result. * @throws SSLException If status is not acceptable. */ private void checkStatus(SSLEngineResult res) throws SSLException { Status status = res.getStatus(); if (status != OK && status != CLOSED && status != BUFFER_UNDERFLOW) throw new SSLException("Failed to unwrap incoming data (SSL engine error). Status: " + status); }
/** * @param res SSL engine result. * @throws SSLException If status is not acceptable. */ private void checkStatus(SSLEngineResult res) throws SSLException { SSLEngineResult.Status status = res.getStatus(); if (status != Status.OK && status != CLOSED && status != BUFFER_UNDERFLOW) throw new SSLException("Failed to unwrap incoming data (SSL engine error) [ses" + ses + ", status=" + status + ']'); }
private String selectApplicationProtocol(List<String> protocols, ApplicationProtocolConfig.SelectedListenerFailureBehavior behavior, String applicationProtocol) throws SSLException { if (behavior == ApplicationProtocolConfig.SelectedListenerFailureBehavior.ACCEPT) { return applicationProtocol; } else { int size = protocols.size(); assert size > 0; if (protocols.contains(applicationProtocol)) { return applicationProtocol; } else { if (behavior == ApplicationProtocolConfig.SelectedListenerFailureBehavior.CHOOSE_MY_LAST_PROTOCOL) { return protocols.get(size - 1); } else { throw new SSLException("unknown protocol " + applicationProtocol); } } } }
static X509Certificate[] toX509CertificatesInternal(File file) throws SSLException { try { return toX509Certificates(file); } catch (CertificateException e) { throw new SSLException(e); } }
static PrivateKey toPrivateKeyInternal(File keyFile, String keyPassword) throws SSLException { try { return toPrivateKey(keyFile, keyPassword); } catch (Exception e) { throw new SSLException(e); } }
static PrivateKey toPrivateKeyInternal(File keyFile, String keyPassword) throws SSLException { try { return toPrivateKey(keyFile, keyPassword); } catch (Exception e) { throw new SSLException(e); } }
static X509Certificate[] toX509CertificatesInternal(File file) throws SSLException { try { return toX509Certificates(file); } catch (CertificateException e) { throw new SSLException(e); } }
@Override public final synchronized void closeInbound() throws SSLException { if (isInboundDone) { return; } isInboundDone = true; if (isOutboundDone()) { // Only call shutdown if there is no outbound data pending. // See https://github.com/netty/netty/issues/6167 shutdown(); } if (handshakeState != HandshakeState.NOT_STARTED && !receivedShutdown) { throw new SSLException( "Inbound closed before receiving peer's close_notify: possible truncation attack?"); } }
@Override public final SSLException noSNIContextForSslConnection() { final SSLException result = new SSLException(String.format(getLoggingLocale(), noSNIContextForSslConnection$str())); final StackTraceElement[] st = result.getStackTrace(); result.setStackTrace(Arrays.copyOfRange(st, 1, st.length)); return result; } private static final String mechMessageAfterComplete = "ELY05001: Authentication mechanism exchange received a message after authentication was already complete";
@Override public final SSLException emptyHostNameSni() { final SSLException result = new SSLException(String.format(getLoggingLocale(), emptyHostNameSni$str())); final StackTraceElement[] st = result.getStackTrace(); result.setStackTrace(Arrays.copyOfRange(st, 1, st.length)); return result; } private static final String duplicatedSniServerName = "UT000189: Duplicated host name of type %s";
@Override public final SSLException duplicatedSniServerName(final int type) { final SSLException result = new SSLException(String.format(getLoggingLocale(), duplicatedSniServerName$str(), type)); final StackTraceElement[] st = result.getStackTrace(); result.setStackTrace(Arrays.copyOfRange(st, 1, st.length)); return result; } private static final String noContextForSslConnection = "UT000190: No context for SSL connection";
@Override public final SSLException invalidTlsExt() { final SSLException result = new SSLException(String.format(getLoggingLocale(), invalidTlsExt$str())); final StackTraceElement[] st = result.getStackTrace(); result.setStackTrace(Arrays.copyOfRange(st, 1, st.length)); return result; } private static final String notEnoughData = "UT000187: Not enough data";
@Override public final SSLException notEnoughData() { final SSLException result = new SSLException(String.format(getLoggingLocale(), notEnoughData$str())); final StackTraceElement[] st = result.getStackTrace(); result.setStackTrace(Arrays.copyOfRange(st, 1, st.length)); return result; } private static final String emptyHostNameSni = "UT000188: Empty host name in SNI extension";
private void setKeyMaterial(ReferenceCountedOpenSslEngine engine, String alias) throws SSLException { OpenSslKeyMaterial keyMaterial = null; try { keyMaterial = provider.chooseKeyMaterial(engine.alloc, alias); if (keyMaterial != null) { engine.setKeyMaterial(keyMaterial); } } catch (SSLException e) { throw e; } catch (Exception e) { throw new SSLException(e); } finally { if (keyMaterial != null) { keyMaterial.release(); } } } private String chooseClientAlias(ReferenceCountedOpenSslEngine engine,
/** {@inheritDoc} */ @Override protected <T> T readMessage(final Socket sock, @Nullable final InputStream in, final long timeout) throws IOException, IgniteCheckedException { if (cnt-- > 0) { if (plain) throw new StreamCorruptedException("Test exception"); else throw new SSLException("Test SSL exception"); } return super.readMessage(sock, in, timeout); } }
private SSLException shutdownWithError(String operation, int sslError, int error) { String errorString = SSL.getErrorString(error); if (logger.isDebugEnabled()) { logger.debug("{} failed with {}: OpenSSL error: {} {}", operation, sslError, error, errorString); } // There was an internal error -- shutdown shutdown(); if (handshakeState == HandshakeState.FINISHED) { return new SSLException(errorString); } return new SSLHandshakeException(errorString); }
@Test(expected = CertificateValidationException.class) public void checkSettings_withSslException_shouldThrowCertificateValidationException() throws Exception { ArgumentCaptor<HttpGeneric> requestCaptor = ArgumentCaptor.forClass(HttpGeneric.class); when(mockHttpClient.executeOverride(requestCaptor.capture(), any(HttpContext.class))) .thenThrow(new SSLException("Test")); webDavStore.checkSettings(); }
@Test(expected = MessagingException.class) public void open_whenTrustedSocketFactoryThrowsCertificateException_throwMessagingException() throws Exception { when(mockTrustedSocketFactory.createSocket(null, host, port, null)).thenThrow( new SSLException("")); addSettingsForValidMockSocket(); settings.setAuthType(AuthType.PLAIN); Pop3Connection connection = new Pop3Connection(settings, mockTrustedSocketFactory); connection.open(); }