...
Code Block | ||||
---|---|---|---|---|
| ||||
package org.apache.kafka.common.security.ssl;
import java.security.KeyStore;
public interface KeyStoreLoader {
public KeyStore load();
public String getPassword();
public String getKeyPassword();
public boolean modified();
} |
...
Code Block | ||||
---|---|---|---|---|
| ||||
package org.apache.kafka.common.security.ssl; import java.security.KeyStore; public interface TrustStoreLoader { public KeyStore load(); public boolean modified(); } |
NOTE: Notice that we are not specifying the key/trust store passwords in the KeyStoreLoader/TrustStoreLoader load() method. This is because we do not want to mandate the passwords to come from the caller class. This implementation leaves it open to the Loader implementation to read required configuration or use other mechanism for fetching the password. Typically if you have a Key Manager solution you might be using some sort of 'auth-token' in order to access the Key Manager's API and might not require key/trust store password (you will still need password for unlocking the keys though).
Proposed Changes
Kafka Client library and Kafka Broker both uses SslEngineBuilder class to load KeyStore and TrustStore from the file based configurations.
- As documented in public interfaces section, we will introduce two interfaces to allow pluggable implementation to provide key/trust stores loading
- We will make changes to the SslEngineBuilder#createSSLContext() method to allow optional invoke the key/trust store loading from new ssl configurations we introduce.
- Pseudocode changes in the SslEngineBuilder#createSSLContext() looks like below
Code Block if ( keystore != null ) { // load keystore in existing way } else if ( 'ssl.keystore.loader' specified ) { // load keystore by invoking the pluggable implementation class for the config } ... ... ... if ( truststore != null ) { // load truststore in existing way } else if ( 'ssl.truststore.loader' specified ) { // load truststore by invoking the pluggable implementation class for the config }
- Pseudocode changes in the SslEngineBuilder#createSSLContext() looks like below
- We will make changes to the SslEngineBuilder#shouldBeRebuilt() method appropriately
...