Package io.grpc.xds.internal.security.trust

Class XdsTrustManagerFactory

java.lang.Object

javax.net.ssl.TrustManagerFactory

io.netty.handler.ssl.util.SimpleTrustManagerFactory

io.grpc.xds.internal.security.trust.XdsTrustManagerFactory

public final class XdsTrustManagerFactory
extends io.netty.handler.ssl.util.SimpleTrustManagerFactory

Factory class used to provide a XdsX509TrustManager for trust and SAN checks.

Field Summary

Fields

Modifier and Type	Field	Description
private static final Logger	logger
private XdsX509TrustManager	xdsX509TrustManager

Constructor Summary

Constructors

Modifier	Constructor	Description
	XdsTrustManagerFactory(CertificateValidationContext certificateValidationContext)	Constructor constructs from a CertificateValidationContext.
	XdsTrustManagerFactory(X509Certificate[] certs, CertificateValidationContext staticCertificateValidationContext)
private	XdsTrustManagerFactory(X509Certificate[] certs, CertificateValidationContext certificateValidationContext, boolean validationContextIsStatic)

Method Summary

Modifier and Type	Method	Description
(package private) static XdsX509TrustManager	createX509TrustManager(X509Certificate[] certs, CertificateValidationContext certContext)
protected TrustManager[]	engineGetTrustManagers()
protected void	engineInit(KeyStore keyStore)
protected void	engineInit(ManagerFactoryParameters managerFactoryParameters)
private static X509Certificate[]	getTrustedCaFromCertContext(CertificateValidationContext certificateValidationContext)

Methods inherited from class javax.net.ssl.TrustManagerFactory

getAlgorithm, getDefaultAlgorithm, getInstance, getInstance, getInstance, getProvider, getTrustManagers, init, init

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

logger

private static final Logger logger

xdsX509TrustManager

private XdsX509TrustManager xdsX509TrustManager

Constructor Details

XdsTrustManagerFactory

public XdsTrustManagerFactory(CertificateValidationContext certificateValidationContext)
                       throws CertificateException,
IOException,
CertStoreException

Constructor constructs from a CertificateValidationContext.

Throws:

CertificateException

IOException

CertStoreException

XdsTrustManagerFactory

public XdsTrustManagerFactory(X509Certificate[] certs,
 CertificateValidationContext staticCertificateValidationContext)
                       throws CertStoreException

Throws:

CertStoreException

XdsTrustManagerFactory

private XdsTrustManagerFactory(X509Certificate[] certs,
 CertificateValidationContext certificateValidationContext,
 boolean validationContextIsStatic)
                        throws CertStoreException

Throws:

CertStoreException

Method Details

getTrustedCaFromCertContext

private static X509Certificate[] getTrustedCaFromCertContext(CertificateValidationContext certificateValidationContext)
                                                      throws CertificateException,
IOException

Throws:

CertificateException

IOException

createX509TrustManager

static XdsX509TrustManager createX509TrustManager(X509Certificate[] certs,
 CertificateValidationContext certContext)
                                           throws CertStoreException

Throws:

CertStoreException

engineInit

protected void engineInit(KeyStore keyStore)
                   throws Exception

Specified by:

engineInit in class io.netty.handler.ssl.util.SimpleTrustManagerFactory

Throws:

Exception

engineInit

protected void engineInit(ManagerFactoryParameters managerFactoryParameters)
                   throws Exception

Specified by:

engineInit in class io.netty.handler.ssl.util.SimpleTrustManagerFactory

Throws:

Exception

engineGetTrustManagers

protected TrustManager[] engineGetTrustManagers()

Specified by:

engineGetTrustManagers in class io.netty.handler.ssl.util.SimpleTrustManagerFactory