| /* |
| * Licensed to the Apache Software Foundation (ASF) under one |
| * or more contributor license agreements. See the NOTICE file |
| * distributed with this work for additional information |
| * regarding copyright ownership. The ASF licenses this file |
| * to you under the Apache License, Version 2.0 (the |
| * "License"); you may not use this file except in compliance |
| * with the License. You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, |
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. |
| */ |
| |
| package org.apache.cassandra.security; |
| |
| import java.util.List; |
| import javax.net.ssl.SSLContext; |
| import javax.net.ssl.SSLException; |
| |
| import io.netty.handler.ssl.CipherSuiteFilter; |
| import io.netty.handler.ssl.SslContext; |
| |
| /** |
| * The purpose of this interface is to provide pluggable mechanism for creating custom JSSE and Netty SSLContext |
| * objects. Please use the Cassandra configuration key {@code ssl_context_factory} as part of {@code |
| * client_encryption_options}/{@code server_encryption_options} and provide a custom class-name implementing this |
| * interface with parameters to be used to plugin a your own way to load the SSLContext. |
| * <p> |
| * Implementation of this interface must have a constructor with argument of type {@code Map<String,Object>} to allow |
| * custom parameters, needed by the implementation, to be passed from the yaml configuration. Common SSL |
| * configurations like {@code protocol, algorithm, cipher_suites, accepted_protocols, require_client_auth, |
| * require_endpoint_verification, enabled, optional} will also be passed to that map by Cassanddra. |
| * <p> |
| * Since on top of Netty, Cassandra is internally using JSSE SSLContext also for certain use-cases- this interface |
| * has methods for both. |
| * <p> |
| * Below is an example of how to configure a custom implementation with parameters |
| * <pre> |
| * ssl_context_factory: |
| * class_name: org.apache.cassandra.security.YourSslContextFactoryImpl |
| * parameters: |
| * key1: "value1" |
| * key2: "value2" |
| * key3: "value3" |
| * </pre> |
| */ |
| public interface ISslContextFactory |
| { |
| /** |
| * Creates JSSE SSLContext. |
| * |
| * @param verifyPeerCertificate {@code true} if SSL peer's certificate needs to be verified; {@code false} otherwise |
| * @return JSSE's {@link SSLContext} |
| * @throws SSLException in case the Ssl Context creation fails for some reason |
| */ |
| SSLContext createJSSESslContext(boolean verifyPeerCertificate) throws SSLException; |
| |
| /** |
| * Creates Netty's SslContext object. |
| * |
| * @param verifyPeerCertificate {@code true} if SSL peer's certificate needs to be verified; {@code false} otherwise |
| * @param socketType {@link SocketType} for Netty's Inbound or Outbound channels |
| * @param cipherFilter to allow Netty's cipher suite filtering, e.g. |
| * {@link io.netty.handler.ssl.SslContextBuilder#ciphers(Iterable, CipherSuiteFilter)} |
| * @return Netty's {@link SslContext} |
| * @throws SSLException in case the Ssl Context creation fails for some reason |
| */ |
| SslContext createNettySslContext(boolean verifyPeerCertificate, SocketType socketType, |
| CipherSuiteFilter cipherFilter) throws SSLException; |
| |
| /** |
| * Initializes hot reloading of the security keys/certs. The implementation must guarantee this to be thread safe. |
| * |
| * @throws SSLException |
| */ |
| void initHotReloading() throws SSLException; |
| |
| /** |
| * Returns if any changes require the reloading of the SSL context returned by this factory. |
| * This will be called by Cassandra's periodic polling for any potential changes that will reload the SSL context. |
| * However only newer connections established after the reload will use the reloaded SSL context. |
| * |
| * @return {@code true} if SSL Context needs to be reload; {@code false} otherwise |
| */ |
| boolean shouldReload(); |
| |
| /** |
| * Returns if this factory uses private keystore. |
| * |
| * @return {@code true} by default unless the implementation overrides this |
| */ |
| default boolean hasKeystore() |
| { |
| return true; |
| } |
| |
| /** |
| * Returns if this factory uses outbound keystore. |
| * |
| * @return {@code true} by default unless the implementation overrides this |
| */ |
| default boolean hasOutboundKeystore() |
| { |
| return false; |
| } |
| |
| /** |
| * Returns the prepared list of accepted protocols. |
| * |
| * @return array of protocol names suitable for passing to Netty's SslContextBuilder.protocols, or null if the |
| * default |
| */ |
| List<String> getAcceptedProtocols(); |
| |
| /** |
| * Returns the list of cipher suites supported by the implementation. |
| * |
| * @return List of supported cipher suites |
| */ |
| List<String> getCipherSuites(); |
| |
| /** |
| * Indicates if the process holds the inbound/listening (Server) end of the socket or the outbound side (Client). |
| */ |
| enum SocketType |
| { |
| SERVER, CLIENT; |
| } |
| } |
