Package org.apache.hadoop.hbase.io.crypto.tls

Class StandardTypeFileKeyStoreLoader

java.lang.Object

org.apache.hadoop.hbase.io.crypto.tls.FileKeyStoreLoader

org.apache.hadoop.hbase.io.crypto.tls.StandardTypeFileKeyStoreLoader

All Implemented Interfaces:

KeyStoreLoader

Direct Known Subclasses:

BCFKSFileLoader, JKSFileLoader, PKCS12FileLoader

abstract class StandardTypeFileKeyStoreLoader
extends FileKeyStoreLoader

Base class for instances of KeyStoreLoader which load the key/trust stores from files on a filesystem using standard KeyStore types like JKS or PKCS12.

This file has been copied from the Apache ZooKeeper project.

See Also:

• Base revision

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
protected static enum	StandardTypeFileKeyStoreLoader.SupportedStandardKeyFormat

Nested classes/interfaces inherited from class org.apache.hadoop.hbase.io.crypto.tls.FileKeyStoreLoader

FileKeyStoreLoader.Builder<T extends FileKeyStoreLoader>

Field Summary

Fields

Modifier and Type	Field	Description
private static final char[]	EMPTY_CHAR_ARRAY
protected final StandardTypeFileKeyStoreLoader.SupportedStandardKeyFormat	format

Fields inherited from class org.apache.hadoop.hbase.io.crypto.tls.FileKeyStoreLoader

keyStorePassword, keyStorePath, trustStorePassword, trustStorePath

Constructor Summary

Constructors

Constructor	Description
StandardTypeFileKeyStoreLoader(String keyStorePath, String trustStorePath, char[] keyStorePassword, char[] trustStorePassword, StandardTypeFileKeyStoreLoader.SupportedStandardKeyFormat format)

Method Summary

Modifier and Type	Method	Description
private KeyStore	keyStoreInstance()
KeyStore	loadKeyStore()	Loads a KeyStore which contains at least one private key and the associated X509 cert chain.
KeyStore	loadTrustStore()	Loads a KeyStore which contains at least one X509 cert chain for a trusted Certificate Authority (CA).
private static char[]	passwordStringToCharArray(char[] password)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

EMPTY_CHAR_ARRAY

private static final char[] EMPTY_CHAR_ARRAY

format

protected final StandardTypeFileKeyStoreLoader.SupportedStandardKeyFormat format

Constructor Details

StandardTypeFileKeyStoreLoader

StandardTypeFileKeyStoreLoader(String keyStorePath,
 String trustStorePath,
 char[] keyStorePassword,
 char[] trustStorePassword,
 StandardTypeFileKeyStoreLoader.SupportedStandardKeyFormat format)

Method Details

loadKeyStore

public KeyStore loadKeyStore()
                      throws IOException,
GeneralSecurityException

Description copied from interface: KeyStoreLoader

Loads a KeyStore which contains at least one private key and the associated X509 cert chain.

Returns:

a new KeyStore

Throws:

IOException - if loading the key store fails due to an IO error, such as "file not found".

GeneralSecurityException - if loading the key store fails due to a security error, such as "unsupported crypto algorithm".

loadTrustStore

public KeyStore loadTrustStore()
                        throws IOException,
GeneralSecurityException

Description copied from interface: KeyStoreLoader

Loads a KeyStore which contains at least one X509 cert chain for a trusted Certificate Authority (CA).

Returns:

a new KeyStore

Throws:

IOException - if loading the trust store fails due to an IO error, such as "file not found".

GeneralSecurityException - if loading the trust store fails due to a security error, such as "unsupported crypto algorithm".

keyStoreInstance

private KeyStore keyStoreInstance()
                           throws KeyStoreException

Throws:

KeyStoreException

passwordStringToCharArray

private static char[] passwordStringToCharArray(char[] password)