Class CertProviderSslContextProvider
- java.lang.Object
-
- io.grpc.xds.internal.security.SslContextProvider
-
- io.grpc.xds.internal.security.DynamicSslContextProvider
-
- io.grpc.xds.internal.security.certprovider.CertProviderSslContextProvider
-
- All Implemented Interfaces:
CertificateProvider.Watcher
,Closeable
,java.io.Closeable
,java.lang.AutoCloseable
- Direct Known Subclasses:
CertProviderClientSslContextProvider
,CertProviderServerSslContextProvider
abstract class CertProviderSslContextProvider extends DynamicSslContextProvider implements CertificateProvider.Watcher
Base class forCertProviderClientSslContextProvider
.
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from class io.grpc.xds.internal.security.SslContextProvider
SslContextProvider.Callback, SslContextProvider.SslContextGetter
-
-
Field Summary
Fields Modifier and Type Field Description private CertificateProviderStore.Handle
certHandle
private CommonTlsContext.CertificateProviderInstance
certInstance
private CertificateProviderStore.Handle
rootCertHandle
private CommonTlsContext.CertificateProviderInstance
rootCertInstance
protected java.util.List<java.security.cert.X509Certificate>
savedCertChain
protected java.security.PrivateKey
savedKey
protected java.util.List<java.security.cert.X509Certificate>
savedTrustedRoots
-
Fields inherited from class io.grpc.xds.internal.security.DynamicSslContextProvider
pendingCallbacks, sslContext, staticCertificateValidationContext
-
Fields inherited from class io.grpc.xds.internal.security.SslContextProvider
tlsContext
-
-
Constructor Summary
Constructors Modifier Constructor Description protected
CertProviderSslContextProvider(Node node, java.util.Map<java.lang.String,Bootstrapper.CertificateProviderInfo> certProviders, CommonTlsContext.CertificateProviderInstance certInstance, CommonTlsContext.CertificateProviderInstance rootCertInstance, CertificateValidationContext staticCertValidationContext, EnvoyServerProtoData.BaseTlsContext tlsContext, CertificateProviderStore certificateProviderStore)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description private void
clearKeysAndCerts()
void
close()
Closes this provider and releases any resources.protected CertificateValidationContext
generateCertificateValidationContext()
private static Bootstrapper.CertificateProviderInfo
getCertProviderConfig(java.util.Map<java.lang.String,Bootstrapper.CertificateProviderInfo> certProviders, java.lang.String pluginInstanceName)
protected static CommonTlsContext.CertificateProviderInstance
getCertProviderInstance(CommonTlsContext commonTlsContext)
protected static CommonTlsContext.CertificateProviderInstance
getRootCertProviderInstance(CommonTlsContext commonTlsContext)
protected static CertificateValidationContext
getStaticValidationContext(CommonTlsContext commonTlsContext)
protected boolean
isClientSideTls()
protected boolean
isMtls()
protected boolean
isServerSideTls()
void
updateCertificate(java.security.PrivateKey key, java.util.List<java.security.cert.X509Certificate> certChain)
private void
updateSslContextWhenReady()
void
updateTrustedRoots(java.util.List<java.security.cert.X509Certificate> trustedRoots)
-
Methods inherited from class io.grpc.xds.internal.security.DynamicSslContextProvider
addCallback, callPerformCallback, getSslContext, getSslContextBuilder, onError, updateSslContext
-
Methods inherited from class io.grpc.xds.internal.security.SslContextProvider
getCommonTlsContext, getDownstreamTlsContext, getUpstreamTlsContext, performCallback, setClientAuthValues
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface io.grpc.xds.internal.security.certprovider.CertificateProvider.Watcher
onError
-
-
-
-
Field Detail
-
certHandle
@Nullable private final CertificateProviderStore.Handle certHandle
-
rootCertHandle
@Nullable private final CertificateProviderStore.Handle rootCertHandle
-
certInstance
@Nullable private final CommonTlsContext.CertificateProviderInstance certInstance
-
rootCertInstance
@Nullable private final CommonTlsContext.CertificateProviderInstance rootCertInstance
-
savedKey
@Nullable protected java.security.PrivateKey savedKey
-
savedCertChain
@Nullable protected java.util.List<java.security.cert.X509Certificate> savedCertChain
-
savedTrustedRoots
@Nullable protected java.util.List<java.security.cert.X509Certificate> savedTrustedRoots
-
-
Constructor Detail
-
CertProviderSslContextProvider
protected CertProviderSslContextProvider(Node node, @Nullable java.util.Map<java.lang.String,Bootstrapper.CertificateProviderInfo> certProviders, CommonTlsContext.CertificateProviderInstance certInstance, CommonTlsContext.CertificateProviderInstance rootCertInstance, CertificateValidationContext staticCertValidationContext, EnvoyServerProtoData.BaseTlsContext tlsContext, CertificateProviderStore certificateProviderStore)
-
-
Method Detail
-
getCertProviderConfig
private static Bootstrapper.CertificateProviderInfo getCertProviderConfig(@Nullable java.util.Map<java.lang.String,Bootstrapper.CertificateProviderInfo> certProviders, java.lang.String pluginInstanceName)
-
getCertProviderInstance
@Nullable protected static CommonTlsContext.CertificateProviderInstance getCertProviderInstance(CommonTlsContext commonTlsContext)
-
getStaticValidationContext
@Nullable protected static CertificateValidationContext getStaticValidationContext(CommonTlsContext commonTlsContext)
-
getRootCertProviderInstance
@Nullable protected static CommonTlsContext.CertificateProviderInstance getRootCertProviderInstance(CommonTlsContext commonTlsContext)
-
updateCertificate
public final void updateCertificate(java.security.PrivateKey key, java.util.List<java.security.cert.X509Certificate> certChain)
- Specified by:
updateCertificate
in interfaceCertificateProvider.Watcher
-
updateTrustedRoots
public final void updateTrustedRoots(java.util.List<java.security.cert.X509Certificate> trustedRoots)
- Specified by:
updateTrustedRoots
in interfaceCertificateProvider.Watcher
-
updateSslContextWhenReady
private void updateSslContextWhenReady()
-
clearKeysAndCerts
private void clearKeysAndCerts()
-
isMtls
protected final boolean isMtls()
-
isClientSideTls
protected final boolean isClientSideTls()
-
isServerSideTls
protected final boolean isServerSideTls()
-
generateCertificateValidationContext
protected final CertificateValidationContext generateCertificateValidationContext()
- Specified by:
generateCertificateValidationContext
in classDynamicSslContextProvider
-
close
public final void close()
Description copied from class:SslContextProvider
Closes this provider and releases any resources.- Specified by:
close
in interfacejava.lang.AutoCloseable
- Specified by:
close
in interfaceCloseable
- Specified by:
close
in interfacejava.io.Closeable
- Specified by:
close
in classSslContextProvider
-
-