Package org.elasticsearch.common.settings

Class KeyStoreWrapper

java.lang.Object
org.elasticsearch.common.settings.KeyStoreWrapper
All Implemented Interfaces:
Closeable, AutoCloseable, SecureSettings
public class KeyStoreWrapper extends Object implements SecureSettings
A disk based container for sensitive settings in Elasticsearch. Loading a keystore has 2 phases. First, call load(Path). Then call decrypt(char[]) with the keystore password, or an empty char array if hasPassword() is false. Loading and decrypting should happen in a single thread. Once decrypted, settings may be read in multiple threads.

  • Field Details

    • MAX_PASSPHRASE_LENGTH

      public static final int MAX_PASSPHRASE_LENGTH
      Arbitrarily chosen maximum passphrase length
      See Also:

    • SEED_SETTING

      public static final Setting<SecureString> SEED_SETTING

    • KEYSTORE_FILENAME

      public static final String KEYSTORE_FILENAME
      The name of the keystore file to read and write.
      See Also:

    • V2_VERSION

      public static final int V2_VERSION
      Legacy versions of the metadata written before the keystore data.
      See Also:

    • V3_VERSION

      public static final int V3_VERSION
      See Also:

    • V4_VERSION

      public static final int V4_VERSION
      See Also:

    • LE_VERSION

      public static final int LE_VERSION
      The version where lucene directory API changed from BE to LE.
      See Also:

    • CURRENT_VERSION

      public static final int CURRENT_VERSION
      See Also:

  • Method Details

    • getFormatVersion

      public int getFormatVersion()
      Get the metadata format version for the keystore

    • keystorePath

      public static Path keystorePath(Path configDir)
      Returns a path representing the ES keystore in the given config dir.

    • create

      public static KeyStoreWrapper create()
      Constructs a new keystore with the given password.

    • addBootstrapSeed

      public static void addBootstrapSeed(KeyStoreWrapper wrapper)
      Add the bootstrap seed setting, which may be used as a unique, secure, random value by the node

    • bootstrap

      public static KeyStoreWrapper bootstrap(Path configDir, CheckedSupplier<SecureString,Exception> passwordSupplier) throws Exception
      Throws:
      Exception

    • load

      public static KeyStoreWrapper load(Path configDir) throws IOException
      Loads information about the Elasticsearch keystore from the provided config directory. decrypt(char[]) must be called before reading or writing any entries. Returns null if no keystore exists.
      Throws:
      IOException

    • upgrade

      public static void upgrade(KeyStoreWrapper wrapper, Path configDir, char[] password) throws Exception
      Upgrades the format of the keystore, if necessary.
      Throws:
      Exception

    • isLoaded

      public boolean isLoaded()
      Description copied from interface: SecureSettings
      Returns true iff the settings are loaded and retrievable.
      Specified by:
      isLoaded in interface SecureSettings

    • hasPassword

      public boolean hasPassword()
      Return true iff calling decrypt(char[]) requires a non-empty password.

    • decrypt

      public void decrypt(char[] password) throws GeneralSecurityException, IOException
      Decrypts the underlying keystore data. This may only be called once.
      Throws:
      GeneralSecurityException
      IOException

    • save

      public void save(Path configDir, char[] password) throws Exception
      Write the keystore to the given config directory.
      Throws:
      Exception

    • save

      public void save(Path configDir, char[] password, boolean preservePermissions) throws Exception
      Throws:
      Exception

    • getSettingNames

      public Set<String> getSettingNames()
      It is possible to retrieve the setting names even if the keystore is closed. This allows SecureSetting to correctly determine that a entry exists even though it cannot be read. Thus attempting to read a secure setting after the keystore is closed will generate a "keystore is closed" exception rather than using the fallback setting.
      Specified by:
      getSettingNames in interface SecureSettings

    • getString

      public SecureString getString(String setting)
      Description copied from interface: SecureSettings
      Return a string setting. The SecureString should be closed once it is used.
      Specified by:
      getString in interface SecureSettings

    • getFile

      public InputStream getFile(String setting)
      Description copied from interface: SecureSettings
      Return a file setting. The InputStream should be closed once it is used.
      Specified by:
      getFile in interface SecureSettings

    • getSHA256Digest

      public byte[] getSHA256Digest(String setting)
      Returns the SHA256 digest for the setting's value, even after #close() has been called. The setting must exist. The digest is used to check for value changes without actually storing the value.
      Specified by:
      getSHA256Digest in interface SecureSettings

    • validateSettingName

      public static void validateSettingName(String setting)
      Ensure the given setting name is allowed.
      Throws:
      IllegalArgumentException - if the setting name is not valid

    • setString

      public void setString(String setting, char[] value)
      Set a string setting.

    • setFile

      public void setFile(String setting, byte[] bytes)
      Set a file setting.

    • remove

      public void remove(String setting)
      Remove the given setting from the keystore.

    • close

      public void close()
      Specified by:
      close in interface AutoCloseable
      Specified by:
      close in interface Closeable
      Specified by:
      close in interface SecureSettings