diff options
author | Andreas Eriksen <andreer@pvv.ntnu.no> | 2019-04-29 15:44:46 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-04-29 15:44:46 +0200 |
commit | b0109b176072d1a620822a5ad04e87024554e4fd (patch) | |
tree | 50eb55b749a558dd0de046b5806319772add558f /controller-api | |
parent | 52c260c50faf6eea0cfd173311ff0dc9d669897a (diff) | |
parent | 10636053c995b84c6d3ee5289320bf71751ffc7b (diff) |
Merge pull request #9222 from vespa-engine/mortent/add-key-pair-provider
Interfaces to support certificate manager
Diffstat (limited to 'controller-api')
5 files changed, 94 insertions, 0 deletions
diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/certificates/ApplicationCertificate.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/certificates/ApplicationCertificate.java new file mode 100644 index 00000000000..e4d0c8246d9 --- /dev/null +++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/certificates/ApplicationCertificate.java @@ -0,0 +1,29 @@ +// Copyright 2019 Oath Inc. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. +package com.yahoo.vespa.hosted.controller.api.integration.certificates; + +import java.security.cert.X509Certificate; +import java.util.List; + +/** + * Represents a certificate chain and a reference to the private key used for generating the certificate + * + * @author mortent + * @author andreer + */ +public class ApplicationCertificate { + private final List<X509Certificate> certificateChain; + private final KeyId keyId; + + public ApplicationCertificate(List<X509Certificate> certificateChain, KeyId keyId) { + this.certificateChain = certificateChain; + this.keyId = keyId; + } + + public List<X509Certificate> certificateChain() { + return certificateChain; + } + + public KeyId keyId() { + return keyId; + } +} diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/certificates/CertificateProvider.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/certificates/CertificateProvider.java index 2503325760d..d2462eb574f 100644 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/certificates/CertificateProvider.java +++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/certificates/CertificateProvider.java @@ -4,6 +4,11 @@ import java.security.KeyPair; import java.security.cert.X509Certificate; import java.util.List; +/** + * Generates a certificate. + * + * @author andreer + */ public interface CertificateProvider { List<X509Certificate> requestCaSignedCertificate(KeyPair keyPair, List<String> domains); } diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/certificates/KeyId.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/certificates/KeyId.java new file mode 100644 index 00000000000..3ab22d4a5b7 --- /dev/null +++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/certificates/KeyId.java @@ -0,0 +1,18 @@ +// Copyright 2019 Oath Inc. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. +package com.yahoo.vespa.hosted.controller.api.integration.certificates; + +/** + * Identifier for a key pair. Used for persisting/retrieving a key pair. + * + * @author mortent + * @author andreer + */ +public class KeyId { + private final String name; + private final int version; + + public KeyId(String name, int version) { + this.name = name; + this.version = version; + } +} diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/certificates/KeyPairProvider.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/certificates/KeyPairProvider.java new file mode 100644 index 00000000000..a872bf63343 --- /dev/null +++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/certificates/KeyPairProvider.java @@ -0,0 +1,14 @@ +// Copyright 2019 Oath Inc. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. +package com.yahoo.vespa.hosted.controller.api.integration.certificates; + +import com.yahoo.config.provision.ApplicationId; + +/** + * Provides a key pair. Generates and persists the key pair if not found. + * + * @author mortent + * @author andreer + */ +public interface KeyPairProvider { + VersionedKeyPair getKeyPair(ApplicationId applicationId); +} diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/certificates/VersionedKeyPair.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/certificates/VersionedKeyPair.java new file mode 100644 index 00000000000..c95303b9497 --- /dev/null +++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/certificates/VersionedKeyPair.java @@ -0,0 +1,28 @@ +// Copyright 2019 Oath Inc. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. +package com.yahoo.vespa.hosted.controller.api.integration.certificates; + +import java.security.KeyPair; + +/** + * Represents a key pair and an unique persistence identifier + * + * @author mortent + * @author andreer + */ +public class VersionedKeyPair { + private final KeyId keyId; + private final KeyPair keyPair; + + public VersionedKeyPair(KeyId keyId, KeyPair keyPair) { + this.keyId = keyId; + this.keyPair = keyPair; + } + + public KeyId keyId() { + return keyId; + } + + public KeyPair keyPair() { + return keyPair; + } +} |