public class KeyStoreTestUtil extends Object
| Constructor and Description |
|---|
KeyStoreTestUtil() |
| Modifier and Type | Method and Description |
|---|---|
static void |
cleanupSSLConfig(String keystoresDir,
String sslConfDir) |
static org.apache.hadoop.conf.Configuration |
createClientSSLConfig(String clientKS,
String password,
String keyPassword,
String trustKS)
Creates SSL configuration for a client.
|
private static KeyStore |
createEmptyKeyStore() |
static void |
createKeyStore(String filename,
String password,
String alias,
Key privateKey,
Certificate cert) |
static void |
createKeyStore(String filename,
String password,
String keyPassword,
String alias,
Key privateKey,
Certificate cert)
Creates a keystore with a single key and saves it to a file.
|
static org.apache.hadoop.conf.Configuration |
createServerSSLConfig(String serverKS,
String password,
String keyPassword,
String trustKS)
Creates SSL configuration for a server.
|
private static org.apache.hadoop.conf.Configuration |
createSSLConfig(org.apache.hadoop.security.ssl.SSLFactory.Mode mode,
String keystore,
String password,
String keyPassword,
String trustKS)
Creates SSL configuration.
|
static <T extends Certificate> |
createTrustStore(String filename,
String password,
Map<String,T> certs) |
static void |
createTrustStore(String filename,
String password,
String alias,
Certificate cert) |
static X509Certificate |
generateCertificate(String dn,
KeyPair pair,
int days,
String algorithm)
Create a self-signed X.509 Certificate.
|
static KeyPair |
generateKeyPair(String algorithm) |
static String |
getClasspathDir(Class<?> klass) |
static void |
saveConfig(File file,
org.apache.hadoop.conf.Configuration conf)
Saves configuration to a file.
|
private static void |
saveKeyStore(KeyStore ks,
String filename,
String password) |
static void |
setupSSLConfig(String keystoresDir,
String sslConfDir,
org.apache.hadoop.conf.Configuration conf,
boolean useClientCert)
Performs complete setup of SSL configuration in preparation for testing an
SSLFactory.
|
public KeyStoreTestUtil()
public static String getClasspathDir(Class<?> klass) throws Exception
Exceptionpublic static X509Certificate generateCertificate(String dn, KeyPair pair, int days, String algorithm) throws CertificateEncodingException, InvalidKeyException, IllegalStateException, NoSuchProviderException, NoSuchAlgorithmException, SignatureException
dn - the X.509 Distinguished Name, eg "CN=Test, L=London, C=GB"pair - the KeyPairdays - how many days from now the Certificate is valid foralgorithm - the signing algorithm, eg "SHA1withRSA"CertificateEncodingExceptionInvalidKeyExceptionIllegalStateExceptionNoSuchProviderExceptionNoSuchAlgorithmExceptionSignatureExceptionpublic static KeyPair generateKeyPair(String algorithm) throws NoSuchAlgorithmException
NoSuchAlgorithmExceptionprivate static KeyStore createEmptyKeyStore() throws GeneralSecurityException, IOException
GeneralSecurityExceptionIOExceptionprivate static void saveKeyStore(KeyStore ks, String filename, String password) throws GeneralSecurityException, IOException
GeneralSecurityExceptionIOExceptionpublic static void createKeyStore(String filename, String password, String alias, Key privateKey, Certificate cert) throws GeneralSecurityException, IOException
GeneralSecurityExceptionIOExceptionpublic static void createKeyStore(String filename, String password, String keyPassword, String alias, Key privateKey, Certificate cert) throws GeneralSecurityException, IOException
filename - String file to savepassword - String store password to set on keystorekeyPassword - String key password to set on keyalias - String alias to use for the keyprivateKey - Key to save in keystorecert - Certificate to use as certificate chain associated to keyGeneralSecurityException - for any error with the security APIsIOException - if there is an I/O error saving the filepublic static void createTrustStore(String filename, String password, String alias, Certificate cert) throws GeneralSecurityException, IOException
GeneralSecurityExceptionIOExceptionpublic static <T extends Certificate> void createTrustStore(String filename, String password, Map<String,T> certs) throws GeneralSecurityException, IOException
GeneralSecurityExceptionIOExceptionpublic static void cleanupSSLConfig(String keystoresDir, String sslConfDir) throws Exception
Exceptionpublic static void setupSSLConfig(String keystoresDir, String sslConfDir, org.apache.hadoop.conf.Configuration conf, boolean useClientCert) throws Exception
keystoresDir - String directory to save keystoressslConfDir - String directory to save SSL configuration filesconf - Configuration master configuration to be used by an SSLFactory,
which will be mutated by this methoduseClientCert - boolean true to make the client present a cert in the
SSL handshakeExceptionpublic static org.apache.hadoop.conf.Configuration createClientSSLConfig(String clientKS, String password, String keyPassword, String trustKS)
clientKS - String client keystore filepassword - String store password, or null to avoid setting store
passwordkeyPassword - String key password, or null to avoid setting key
passwordtrustKS - String truststore filepublic static org.apache.hadoop.conf.Configuration createServerSSLConfig(String serverKS, String password, String keyPassword, String trustKS) throws IOException
serverKS - String server keystore filepassword - String store password, or null to avoid setting store
passwordkeyPassword - String key password, or null to avoid setting key
passwordtrustKS - String truststore fileIOExceptionprivate static org.apache.hadoop.conf.Configuration createSSLConfig(org.apache.hadoop.security.ssl.SSLFactory.Mode mode, String keystore, String password, String keyPassword, String trustKS)
mode - SSLFactory.Mode mode to configurekeystore - String keystore filepassword - String store password, or null to avoid setting store
passwordkeyPassword - String key password, or null to avoid setting key
passwordtrustKS - String truststore filepublic static void saveConfig(File file, org.apache.hadoop.conf.Configuration conf) throws IOException
file - File to saveconf - Configuration contents to write to fileIOException - if there is an I/O error saving the fileCopyright © 2007–2019 The Apache Software Foundation. All rights reserved.