Class CertProviderSslContextProvider
- java.lang.Object
-
- io.grpc.xds.internal.security.SslContextProvider
-
- io.grpc.xds.internal.security.DynamicSslContextProvider
-
- io.grpc.xds.internal.security.certprovider.CertProviderSslContextProvider
-
- All Implemented Interfaces:
CertificateProvider.Watcher,Closeable,java.io.Closeable,java.lang.AutoCloseable
- Direct Known Subclasses:
CertProviderClientSslContextProvider,CertProviderServerSslContextProvider
abstract class CertProviderSslContextProvider extends DynamicSslContextProvider implements CertificateProvider.Watcher
Base class forCertProviderClientSslContextProvider.
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from class io.grpc.xds.internal.security.SslContextProvider
SslContextProvider.Callback, SslContextProvider.SslContextGetter
-
-
Field Summary
Fields Modifier and Type Field Description private CertificateProviderStore.HandlecertHandleprivate CommonTlsContext.CertificateProviderInstancecertInstanceprivate CertificateProviderStore.HandlerootCertHandleprivate CommonTlsContext.CertificateProviderInstancerootCertInstanceprotected java.util.List<java.security.cert.X509Certificate>savedCertChainprotected java.security.PrivateKeysavedKeyprotected java.util.List<java.security.cert.X509Certificate>savedTrustedRoots-
Fields inherited from class io.grpc.xds.internal.security.DynamicSslContextProvider
pendingCallbacks, sslContext, staticCertificateValidationContext
-
Fields inherited from class io.grpc.xds.internal.security.SslContextProvider
tlsContext
-
-
Constructor Summary
Constructors Modifier Constructor Description protectedCertProviderSslContextProvider(Node node, java.util.Map<java.lang.String,Bootstrapper.CertificateProviderInfo> certProviders, CommonTlsContext.CertificateProviderInstance certInstance, CommonTlsContext.CertificateProviderInstance rootCertInstance, CertificateValidationContext staticCertValidationContext, EnvoyServerProtoData.BaseTlsContext tlsContext, CertificateProviderStore certificateProviderStore)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description private voidclearKeysAndCerts()voidclose()Closes this provider and releases any resources.protected CertificateValidationContextgenerateCertificateValidationContext()private static Bootstrapper.CertificateProviderInfogetCertProviderConfig(java.util.Map<java.lang.String,Bootstrapper.CertificateProviderInfo> certProviders, java.lang.String pluginInstanceName)protected static CommonTlsContext.CertificateProviderInstancegetCertProviderInstance(CommonTlsContext commonTlsContext)protected static CommonTlsContext.CertificateProviderInstancegetRootCertProviderInstance(CommonTlsContext commonTlsContext)protected static CertificateValidationContextgetStaticValidationContext(CommonTlsContext commonTlsContext)protected booleanisClientSideTls()protected booleanisMtls()protected booleanisServerSideTls()voidupdateCertificate(java.security.PrivateKey key, java.util.List<java.security.cert.X509Certificate> certChain)private voidupdateSslContextWhenReady()voidupdateTrustedRoots(java.util.List<java.security.cert.X509Certificate> trustedRoots)-
Methods inherited from class io.grpc.xds.internal.security.DynamicSslContextProvider
addCallback, callPerformCallback, getSslContext, getSslContextBuilder, onError, updateSslContext
-
Methods inherited from class io.grpc.xds.internal.security.SslContextProvider
getCommonTlsContext, getDownstreamTlsContext, getUpstreamTlsContext, performCallback, setClientAuthValues
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface io.grpc.xds.internal.security.certprovider.CertificateProvider.Watcher
onError
-
-
-
-
Field Detail
-
certHandle
@Nullable private final CertificateProviderStore.Handle certHandle
-
rootCertHandle
@Nullable private final CertificateProviderStore.Handle rootCertHandle
-
certInstance
@Nullable private final CommonTlsContext.CertificateProviderInstance certInstance
-
rootCertInstance
@Nullable private final CommonTlsContext.CertificateProviderInstance rootCertInstance
-
savedKey
@Nullable protected java.security.PrivateKey savedKey
-
savedCertChain
@Nullable protected java.util.List<java.security.cert.X509Certificate> savedCertChain
-
savedTrustedRoots
@Nullable protected java.util.List<java.security.cert.X509Certificate> savedTrustedRoots
-
-
Constructor Detail
-
CertProviderSslContextProvider
protected CertProviderSslContextProvider(Node node, @Nullable java.util.Map<java.lang.String,Bootstrapper.CertificateProviderInfo> certProviders, CommonTlsContext.CertificateProviderInstance certInstance, CommonTlsContext.CertificateProviderInstance rootCertInstance, CertificateValidationContext staticCertValidationContext, EnvoyServerProtoData.BaseTlsContext tlsContext, CertificateProviderStore certificateProviderStore)
-
-
Method Detail
-
getCertProviderConfig
private static Bootstrapper.CertificateProviderInfo getCertProviderConfig(@Nullable java.util.Map<java.lang.String,Bootstrapper.CertificateProviderInfo> certProviders, java.lang.String pluginInstanceName)
-
getCertProviderInstance
@Nullable protected static CommonTlsContext.CertificateProviderInstance getCertProviderInstance(CommonTlsContext commonTlsContext)
-
getStaticValidationContext
@Nullable protected static CertificateValidationContext getStaticValidationContext(CommonTlsContext commonTlsContext)
-
getRootCertProviderInstance
@Nullable protected static CommonTlsContext.CertificateProviderInstance getRootCertProviderInstance(CommonTlsContext commonTlsContext)
-
updateCertificate
public final void updateCertificate(java.security.PrivateKey key, java.util.List<java.security.cert.X509Certificate> certChain)- Specified by:
updateCertificatein interfaceCertificateProvider.Watcher
-
updateTrustedRoots
public final void updateTrustedRoots(java.util.List<java.security.cert.X509Certificate> trustedRoots)
- Specified by:
updateTrustedRootsin interfaceCertificateProvider.Watcher
-
updateSslContextWhenReady
private void updateSslContextWhenReady()
-
clearKeysAndCerts
private void clearKeysAndCerts()
-
isMtls
protected final boolean isMtls()
-
isClientSideTls
protected final boolean isClientSideTls()
-
isServerSideTls
protected final boolean isServerSideTls()
-
generateCertificateValidationContext
protected final CertificateValidationContext generateCertificateValidationContext()
- Specified by:
generateCertificateValidationContextin classDynamicSslContextProvider
-
close
public final void close()
Description copied from class:SslContextProviderCloses this provider and releases any resources.- Specified by:
closein interfacejava.lang.AutoCloseable- Specified by:
closein interfaceCloseable- Specified by:
closein interfacejava.io.Closeable- Specified by:
closein classSslContextProvider
-
-