public final class KeyStoreTestUtil extends Object
Modifier | Constructor and Description |
---|---|
private |
KeyStoreTestUtil() |
Modifier and Type | Method and Description |
---|---|
static void |
cleanupSSLConfig(org.apache.hadoop.conf.Configuration conf) |
static org.apache.hadoop.conf.Configuration |
createClientSSLConfig(String clientKS,
String password,
String keyPassword,
String trustKS)
Creates SSL configuration for a client.
|
private static KeyStore |
createEmptyKeyStore() |
private static KeyStore |
createEmptyKeyStore(String keyStoreType) |
static void |
createKeyStore(String filename,
String password,
String alias,
Key privateKey,
Certificate cert)
Creates a keystore with a single key and saves it to a file.
|
static void |
createKeyStore(String filename,
String password,
String keyPassword,
String alias,
Key privateKey,
Certificate cert)
Creates a keystore with a single key and saves it to a file.
|
static void |
createKeyStore(String filename,
String password,
String keyPassword,
String alias,
Key privateKey,
Certificate cert,
String keystoreType)
Creates a keystore with a single key and saves it to a file.
|
static org.apache.hadoop.conf.Configuration |
createServerSSLConfig(String serverKS,
String password,
String keyPassword,
String trustKS)
Creates SSL configuration for a server.
|
private static org.apache.hadoop.conf.Configuration |
createSSLConfig(org.apache.hadoop.security.ssl.SSLFactory.Mode mode,
String keystore,
String password,
String keyPassword,
String trustKS)
Creates SSL configuration.
|
static <T extends Certificate> |
createTrustStore(String filename,
String password,
Map<String,T> certs) |
static void |
createTrustStore(String filename,
String password,
String alias,
Certificate cert)
Creates a truststore with a single certificate and saves it to a file.
|
static void |
createTrustStore(String filename,
String password,
String alias,
Certificate cert,
String trustStoreType)
Creates a truststore with a single certificate and saves it to a file.
|
static X509Certificate |
generateCertificate(String dn,
KeyPair pair,
int days,
String algorithm)
Create a self-signed X.509 Certificate.
|
static KeyPair |
generateKeyPair(String algorithm) |
static String |
getClasspathDir(Class<?> klass) |
static void |
saveConfig(File file,
org.apache.hadoop.conf.Configuration conf)
Saves configuration to a file.
|
private static void |
saveKeyStore(KeyStore ks,
String filename,
String password) |
static void |
setupSSLConfig(String keystoresDir,
String sslConfDir,
org.apache.hadoop.conf.Configuration conf,
boolean useClientCert)
Performs complete setup of SSL configuration in preparation for testing an SSLFactory.
|
private KeyStoreTestUtil()
public static String getClasspathDir(Class<?> klass) throws Exception
Exception
public static X509Certificate generateCertificate(String dn, KeyPair pair, int days, String algorithm) throws CertificateEncodingException, InvalidKeyException, IllegalStateException, NoSuchProviderException, NoSuchAlgorithmException, SignatureException
dn
- the X.509 Distinguished Name, eg "CN=Test, L=London, C=GB"pair
- the KeyPairdays
- how many days from now the Certificate is valid foralgorithm
- the signing algorithm, eg "SHA1withRSA"CertificateEncodingException
InvalidKeyException
IllegalStateException
NoSuchProviderException
NoSuchAlgorithmException
SignatureException
public static KeyPair generateKeyPair(String algorithm) throws NoSuchAlgorithmException
NoSuchAlgorithmException
private static KeyStore createEmptyKeyStore() throws GeneralSecurityException, IOException
GeneralSecurityException
IOException
private static KeyStore createEmptyKeyStore(String keyStoreType) throws GeneralSecurityException, IOException
GeneralSecurityException
IOException
private static void saveKeyStore(KeyStore ks, String filename, String password) throws GeneralSecurityException, IOException
GeneralSecurityException
IOException
public static void createKeyStore(String filename, String password, String alias, Key privateKey, Certificate cert) throws GeneralSecurityException, IOException
filename
- String file to savepassword
- String store password to set on keystorealias
- String alias to use for the keyprivateKey
- Key to save in keystorecert
- Certificate to use as certificate chain associated to keyGeneralSecurityException
- for any error with the security APIsIOException
- if there is an I/O error saving the filepublic static void createKeyStore(String filename, String password, String keyPassword, String alias, Key privateKey, Certificate cert) throws GeneralSecurityException, IOException
filename
- String file to savepassword
- String store password to set on keystorekeyPassword
- String key password to set on keyalias
- String alias to use for the keyprivateKey
- Key to save in keystorecert
- Certificate to use as certificate chain associated to keyGeneralSecurityException
- for any error with the security APIsIOException
- if there is an I/O error saving the filepublic static void createKeyStore(String filename, String password, String keyPassword, String alias, Key privateKey, Certificate cert, String keystoreType) throws GeneralSecurityException, IOException
filename
- String file to savepassword
- String store password to set on keystorekeyPassword
- String key password to set on keyalias
- String alias to use for the keyprivateKey
- Key to save in keystorecert
- Certificate to use as certificate chain associated to keykeystoreType
- String keystore file type (e.g. "JKS")GeneralSecurityException
- for any error with the security APIsIOException
- if there is an I/O error saving the filepublic static void createTrustStore(String filename, String password, String alias, Certificate cert) throws GeneralSecurityException, IOException
filename
- String file to savepassword
- String store password to set on truststorealias
- String alias to use for the certificatecert
- Certificate to addGeneralSecurityException
- for any error with the security APIsIOException
- if there is an I/O error saving the filepublic static void createTrustStore(String filename, String password, String alias, Certificate cert, String trustStoreType) throws GeneralSecurityException, IOException
filename
- String file to savepassword
- String store password to set on truststorealias
- String alias to use for the certificatecert
- Certificate to addtrustStoreType
- String keystore file type (e.g. "JKS")GeneralSecurityException
- for any error with the security APIsIOException
- if there is an I/O error saving the filepublic static <T extends Certificate> void createTrustStore(String filename, String password, Map<String,T> certs) throws GeneralSecurityException, IOException
GeneralSecurityException
IOException
public static void cleanupSSLConfig(org.apache.hadoop.conf.Configuration conf) throws Exception
Exception
public static void setupSSLConfig(String keystoresDir, String sslConfDir, org.apache.hadoop.conf.Configuration conf, boolean useClientCert) throws Exception
keystoresDir
- String directory to save keystoressslConfDir
- String directory to save SSL configuration filesconf
- Configuration master configuration to be used by an SSLFactory, which will
be mutated by this methoduseClientCert
- boolean true to make the client present a cert in the SSL handshakeException
public static org.apache.hadoop.conf.Configuration createClientSSLConfig(String clientKS, String password, String keyPassword, String trustKS)
clientKS
- String client keystore filepassword
- String store password, or null to avoid setting store passwordkeyPassword
- String key password, or null to avoid setting key passwordtrustKS
- String truststore filepublic static org.apache.hadoop.conf.Configuration createServerSSLConfig(String serverKS, String password, String keyPassword, String trustKS) throws IOException
serverKS
- String server keystore filepassword
- String store password, or null to avoid setting store passwordkeyPassword
- String key password, or null to avoid setting key passwordtrustKS
- String truststore fileIOException
private static org.apache.hadoop.conf.Configuration createSSLConfig(org.apache.hadoop.security.ssl.SSLFactory.Mode mode, String keystore, String password, String keyPassword, String trustKS)
mode
- SSLFactory.Mode mode to configurekeystore
- String keystore filepassword
- String store password, or null to avoid setting store passwordkeyPassword
- String key password, or null to avoid setting key passwordtrustKS
- String truststore filepublic static void saveConfig(File file, org.apache.hadoop.conf.Configuration conf) throws IOException
file
- File to saveconf
- Configuration contents to write to fileIOException
- if there is an I/O error saving the fileCopyright © 2007–2020 The Apache Software Foundation. All rights reserved.