Util: AdvancedTlsX509TrustManager code changes for handling fine not found

Sangamesh1997 · Sangamesh1997 · commit cd44f7d0d1f8 · 2025-09-11T11:57:29.000Z
diff --git a/util/src/main/java/io/grpc/util/AdvancedTlsX509TrustManager.java b/util/src/main/java/io/grpc/util/AdvancedTlsX509TrustManager.java
@@ -22,6 +22,7 @@
 import io.grpc.ExperimentalApi;
 import java.io.File;
 import java.io.FileInputStream;
+import java.io.FileNotFoundException;
 import java.io.IOException;
 import java.net.Socket;
 import java.security.GeneralSecurityException;
@@ -339,6 +340,9 @@ public void run() {
   private long readAndUpdate(File trustCertFile, long oldTime)
       throws IOException, GeneralSecurityException {
     long newTime = checkNotNull(trustCertFile, "trustCertFile").lastModified();
+    if (newTime == 0 && !trustCertFile.exists()) {
+      throw new FileNotFoundException("Certificate not found: " + trustCertFile.getAbsolutePath());
+    }
     if (newTime == oldTime) {
       return oldTime;
     }
diff --git a/util/src/test/java/io/grpc/util/AdvancedTlsX509TrustManagerTest.java b/util/src/test/java/io/grpc/util/AdvancedTlsX509TrustManagerTest.java
@@ -20,6 +20,7 @@
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertNotNull;
 import static org.junit.Assert.assertThrows;
+import static org.junit.Assert.assertTrue;
 import static org.mockito.Mockito.mock;
 import static org.mockito.Mockito.when;
 
@@ -30,7 +31,9 @@
 import io.grpc.testing.TlsTesting;
 import io.grpc.util.AdvancedTlsX509TrustManager.Verification;
 import java.io.File;
+import java.io.FileNotFoundException;
 import java.io.IOException;
+import java.lang.reflect.Method;
 import java.net.Socket;
 import java.security.GeneralSecurityException;
 import java.security.cert.CertificateException;
@@ -142,6 +145,21 @@ record -> record.getMessage().contains("Default value of "));
     }
   }
 
+  @Test
+  public void missingFile_throwsFileNotFoundException() throws Exception {
+    AdvancedTlsX509TrustManager trustManager = AdvancedTlsX509TrustManager.newBuilder().build();
+    Method readAndUpdateMethod =
+        AdvancedTlsX509TrustManager.class.getDeclaredMethod(
+            "readAndUpdate", File.class, long.class);
+    readAndUpdateMethod.setAccessible(true);
+    File nonExistentFile = new File("missing_cert.pem");
+    Exception thrown = assertThrows(
+            Exception.class, () -> readAndUpdateMethod.invoke(trustManager, nonExistentFile, 0L));
+
+    assertTrue("Should throw FileNotFoundException, but got: " + thrown.getCause(),
+        thrown.getCause() instanceof FileNotFoundException);
+  }
+
   @Test
   public void clientTrustedWithSocketTest() throws Exception {
     AdvancedTlsX509TrustManager trustManager = AdvancedTlsX509TrustManager.newBuilder()
