001/*
002 * Licensed to the Apache Software Foundation (ASF) under one
003 * or more contributor license agreements.  See the NOTICE file
004 * distributed with this work for additional information
005 * regarding copyright ownership.  The ASF licenses this file
006 * to you under the Apache License, Version 2.0 (the
007 * "License"); you may not use this file except in compliance
008 * with the License.  You may obtain a copy of the License at
009 *
010 *     http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing, software
013 * distributed under the License is distributed on an "AS IS" BASIS,
014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
015 * See the License for the specific language governing permissions and
016 * limitations under the License.
017 */
018package org.apache.hadoop.hbase.io.crypto.tls;
019
020import java.io.IOException;
021import java.security.GeneralSecurityException;
022import java.security.KeyStore;
023
024/**
025 * An interface for an object that can load key stores or trust stores.
026 * <p/>
027 * This file has been copied from the Apache ZooKeeper project.
028 * @see <a href=
029 *      "https://github.com/apache/zookeeper/blob/c74658d398cdc1d207aa296cb6e20de00faec03e/zookeeper-server/src/main/java/org/apache/zookeeper/common/KeyStoreLoader.java">Base
030 *      revision</a>
031 */
032interface KeyStoreLoader {
033  /**
034   * Loads a KeyStore which contains at least one private key and the associated X509 cert chain.
035   * @return a new KeyStore
036   * @throws IOException              if loading the key store fails due to an IO error, such as
037   *                                  "file not found".
038   * @throws GeneralSecurityException if loading the key store fails due to a security error, such
039   *                                  as "unsupported crypto algorithm".
040   */
041  KeyStore loadKeyStore() throws IOException, GeneralSecurityException;
042
043  /**
044   * Loads a KeyStore which contains at least one X509 cert chain for a trusted Certificate
045   * Authority (CA).
046   * @return a new KeyStore
047   * @throws IOException              if loading the trust store fails due to an IO error, such as
048   *                                  "file not found".
049   * @throws GeneralSecurityException if loading the trust store fails due to a security error, such
050   *                                  as "unsupported crypto algorithm".
051   */
052  KeyStore loadTrustStore() throws IOException, GeneralSecurityException;
053}