org.apache.nifi.security.util

Class KeyStoreUtils

java.lang.Object

org.apache.nifi.security.util.KeyStoreUtils

public class KeyStoreUtils
extends Object

Field Summary

Fields

Modifier and Type	Field and Description
private static org.slf4j.Logger	logger
static String	SUN_PROVIDER_NAME

Constructor Summary

Constructors

Constructor and Description
KeyStoreUtils()

Method Summary

Modifier and Type	Method and Description
static KeyManagerFactory	getKeyManagerFactoryFromKeyStore(KeyStore keyStore, char[] keystorePassword, char[] keyPassword) Returns the KeyManagerFactory from the provided KeyStore object, initialized with the key or keystore password.
static KeyStore	getKeyStore(String keyStoreType) Returns an empty KeyStore backed by the appropriate provider
static String	getKeyStoreProvider(String keyStoreType) Returns the provider that will be used for the given keyStoreType
static TrustManagerFactory	getTrustManagerFactoryFromTrustStore(KeyStore trustStore) Returns the TrustManagerFactory from the provided KeyStore object, initialized.
static KeyStore	getTrustStore(String trustStoreType) Returns an empty KeyStore intended for use as a TrustStore backed by the appropriate provider
static boolean	isKeyPasswordCorrect(URL keystore, KeystoreType keystoreType, char[] password, char[] keyPassword) Returns true if the given keystore can be loaded using the given keystore type and password and the default (first) alias can be retrieved with the key-specific password.
static boolean	isStoreValid(URL keystore, KeystoreType keystoreType, char[] password) Returns true if the given keystore can be loaded using the given keystore type and password.
static KeyManagerFactory	loadKeyManagerFactory(String keystorePath, String keystorePassword, String keyPassword, String keystoreType) Returns the initialized KeyManagerFactory.
static KeyManagerFactory	loadKeyManagerFactory(TlsConfiguration tlsConfiguration) Returns the intialized KeyManagerFactory.
static KeyStore	loadKeyStore(String keystorePath, char[] keystorePassword, String keystoreType) Returns a loaded KeyStore given the provided configuration values.
static TrustManagerFactory	loadTrustManagerFactory(String truststorePath, String truststorePassword, String truststoreType) Returns the initialized TrustManagerFactory.
static TrustManagerFactory	loadTrustManagerFactory(TlsConfiguration tlsConfiguration) Returns the intialized TrustManagerFactory.
static KeyStore	loadTrustStore(String truststorePath, char[] truststorePassword, String truststoreType) Returns a loaded KeyStore (acting as a truststore) given the provided configuration values.
static String	sslContextToString(SSLContext sslContext)
static String	sslParametersToString(SSLParameters sslParameters)
static String	sslServerSocketToString(SSLServerSocket sslServerSocket)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

logger

private static final org.slf4j.Logger logger

SUN_PROVIDER_NAME

public static final String SUN_PROVIDER_NAME

See Also:

Constant Field Values

Constructor Detail

KeyStoreUtils

public KeyStoreUtils()

Method Detail

getKeyStoreProvider

public static String getKeyStoreProvider(String keyStoreType)

Returns the provider that will be used for the given keyStoreType

Parameters:

keyStoreType - the keyStoreType

Returns:

the provider that will be used

getKeyStore

public static KeyStore getKeyStore(String keyStoreType)
                            throws KeyStoreException

Returns an empty KeyStore backed by the appropriate provider

Parameters:

keyStoreType - the keyStoreType

Returns:

an empty KeyStore

Throws:

KeyStoreException - if a KeyStore of the given type cannot be instantiated

getTrustStore

public static KeyStore getTrustStore(String trustStoreType)
                              throws KeyStoreException

Returns an empty KeyStore intended for use as a TrustStore backed by the appropriate provider

Parameters:

trustStoreType - the trustStoreType

Returns:

an empty KeyStore

Throws:

KeyStoreException - if a KeyStore of the given type cannot be instantiated

loadKeyStore

public static KeyStore loadKeyStore(String keystorePath,
                                    char[] keystorePassword,
                                    String keystoreType)
                             throws TlsException

Returns a loaded KeyStore given the provided configuration values.

Parameters:

keystorePath - the file path to the keystore

keystorePassword - the keystore password

keystoreType - the keystore type (JKS or PKCS12)

Returns:

the loaded keystore

Throws:

TlsException - if there is a problem loading the keystore

getKeyManagerFactoryFromKeyStore

public static KeyManagerFactory getKeyManagerFactoryFromKeyStore(KeyStore keyStore,
                                                                 char[] keystorePassword,
                                                                 char[] keyPassword)
                                                          throws TlsException

Returns the KeyManagerFactory from the provided KeyStore object, initialized with the key or keystore password.

Parameters:

keyStore - the loaded keystore

keystorePassword - the keystore password

keyPassword - the key password

Returns:

the key manager factory

Throws:

TlsException - if there is a problem initializing or reading from the keystore

loadKeyManagerFactory

public static KeyManagerFactory loadKeyManagerFactory(TlsConfiguration tlsConfiguration)
                                               throws TlsException

Returns the intialized KeyManagerFactory.

Parameters:

tlsConfiguration - the TLS configuration

Returns:

the initialized key manager factory

Throws:

TlsException - if there is a problem initializing or reading from the keystore

loadKeyManagerFactory

public static KeyManagerFactory loadKeyManagerFactory(String keystorePath,
                                                      String keystorePassword,
                                                      String keyPassword,
                                                      String keystoreType)
                                               throws TlsException

Returns the initialized KeyManagerFactory.

Parameters:

keystorePath - the file path to the keystore

keystorePassword - the keystore password

keyPassword - the key password

keystoreType - the keystore type (JKS or PKCS12)

Returns:

the initialized key manager factory

Throws:

TlsException - if there is a problem initializing or reading from the keystore

loadTrustStore

public static KeyStore loadTrustStore(String truststorePath,
                                      char[] truststorePassword,
                                      String truststoreType)
                               throws TlsException

Returns a loaded KeyStore (acting as a truststore) given the provided configuration values.

Parameters:

truststorePath - the file path to the truststore

truststorePassword - the truststore password

truststoreType - the truststore type (JKS or PKCS12)

Returns:

the loaded truststore

Throws:

TlsException - if there is a problem loading the truststore

getTrustManagerFactoryFromTrustStore

public static TrustManagerFactory getTrustManagerFactoryFromTrustStore(KeyStore trustStore)
                                                                throws TlsException

Returns the TrustManagerFactory from the provided KeyStore object, initialized.

Parameters:

trustStore - the loaded truststore

Returns:

the trust manager factory

Throws:

TlsException - if there is a problem initializing or reading from the truststore

loadTrustManagerFactory

public static TrustManagerFactory loadTrustManagerFactory(TlsConfiguration tlsConfiguration)
                                                   throws TlsException

Returns the intialized TrustManagerFactory.

Parameters:

tlsConfiguration - the TLS configuration

Returns:

the initialized trust manager factory

Throws:

TlsException - if there is a problem initializing or reading from the truststore

loadTrustManagerFactory

public static TrustManagerFactory loadTrustManagerFactory(String truststorePath,
                                                          String truststorePassword,
                                                          String truststoreType)
                                                   throws TlsException

Returns the initialized TrustManagerFactory.

Parameters:

truststorePath - the file path to the truststore

truststorePassword - the truststore password

truststoreType - the truststore type (JKS or PKCS12)

Returns:

the initialized trust manager factory

Throws:

TlsException - if there is a problem initializing or reading from the truststore

isStoreValid

public static boolean isStoreValid(URL keystore,
                                   KeystoreType keystoreType,
                                   char[] password)

Returns true if the given keystore can be loaded using the given keystore type and password. Returns false otherwise.

Parameters:

keystore - the keystore to validate

keystoreType - the type of the keystore

password - the password to access the keystore

Returns:

true if valid; false otherwise

isKeyPasswordCorrect

public static boolean isKeyPasswordCorrect(URL keystore,
                                           KeystoreType keystoreType,
                                           char[] password,
                                           char[] keyPassword)

Returns true if the given keystore can be loaded using the given keystore type and password and the default (first) alias can be retrieved with the key-specific password. Returns false otherwise.

Parameters:

keystore - the keystore to validate

keystoreType - the type of the keystore

password - the password to access the keystore

keyPassword - the password to access the specific key

Returns:

true if valid; false otherwise

sslContextToString

public static String sslContextToString(SSLContext sslContext)

sslParametersToString

public static String sslParametersToString(SSLParameters sslParameters)

sslServerSocketToString

public static String sslServerSocketToString(SSLServerSocket sslServerSocket)