protected boolean materializeInternal(MaterializeEvent event) { synchronized (event.cryptoMaterial) { if (event.cryptoMaterial.hasBeenCanceled()) { LOG.debug("Tried to materialize " + event.key + " but it has already been canceled, ignoring..."); event.cryptoMaterial.changeState(CryptoMaterial.STATE.FINISHED); event.cryptoMaterial.notifyAll(); return false; event.cryptoMaterial.changeState(CryptoMaterial.STATE.ONGOING); File appDirFile = event.cryptoMaterial.getCertFolder().toFile(); if (!appDirFile.exists()) { appDirFile.mkdirs(); FileChannel keyStoreChannel = new FileOutputStream(event.cryptoMaterial.getKeyStoreLocation().toFile(), false) .getChannel(); keyStoreChannel.write(event.cryptoMaterial.getKeyStoreMem()); keyStoreChannel.close(); FileChannel trustStoreChannel = new FileOutputStream(event.cryptoMaterial.getTrustStoreLocation().toFile(), false) .getChannel(); trustStoreChannel.write(event.cryptoMaterial.getTrustStoreMem()); trustStoreChannel.close(); FileUtils.writeStringToFile(event.cryptoMaterial.getPasswdLocation().toFile(), event.cryptoMaterial.getKeyStorePass()); Files.setPosixFilePermissions(event.cryptoMaterial.getCertFolder(), materialPermissions); Files.setPosixFilePermissions(event.cryptoMaterial.getKeyStoreLocation(), materialPermissions);
CryptoMaterial material = materialLocation.get(key); if (material != null) { material.incrementRequestedApplications(); LOG.debug("Incrementing requested application to " + material.getRequestedApplications() + " for key " + key); } else { Path appDirPath; .PASSWD_FILE_SUFFIX); CryptoMaterial cryptoMaterial = new CryptoMaterial(appDirPath, keyStorePath, trustStorePath, passwdPath, keyStore, keyStorePassword, trustStore, trustStorePassword); materialLocation.put(key, cryptoMaterial);
@Override public void removeMaterial(String username, String applicationId) throws InterruptedException { StorageKey key = new StorageKey(username, applicationId); try { lock.lock(); CryptoMaterial material = materialLocation.get(key); if (material != null) { material.decrementRequestedApplications(); LOG.debug("Decrementing requested applications to " + material.getRequestedApplications() + " for key " + key); if (material.isSafeToRemove()) { RemoveEvent event = new RemoveEvent(material.getCertFolder()); materialLocation.remove(key); dispatchEvent(event); LOG.debug("Dispatching remove event for key " + key); } } } finally { lock.unlock(); } }
@Override public HopsSSLCryptoMaterial check(UserGroupInformation ugi, Set<String> proxySuperUsers, Configuration configuration, CertificateLocalization certificateLocalization) throws IOException { String username = ugi.getUserName(); if (username.matches(HopsSSLSocketFactory.USERNAME_PATTERN) || !proxySuperUsers.contains(username)) { if (certificateLocalization != null) { try { String appId = ugi.getApplicationId(); if (appId == null) { throw new IOException("UserGroupInformation does NOT contain the Application ID"); } CryptoMaterial material = certificateLocalization.getMaterialLocation(username, appId); return new HopsSSLCryptoMaterial( material.getKeyStoreLocation().toString(), material.getKeyStorePass(), material.getTrustStoreLocation().toString(), material.getTrustStorePass()); } catch (InterruptedException ex) { throw new IOException(ex); } } } return null; } }
CryptoMaterial cryptoMaterial = context .getCertificateLocalizationService().getMaterialLocation(applicationUser, applicationId); Path keyStoreLocation = cryptoMaterial.getKeyStoreLocation(); Path trustStoreLocation = cryptoMaterial.getTrustStoreLocation(); Path passwdLocation = cryptoMaterial.getPasswdLocation();
boolean managedToCancel; synchronized (material) { managedToCancel = material.tryToCancel(); FileUtils.deleteQuietly(material.getCertFolder().toFile()); } else { while (!material.getState().equals(CryptoMaterial.STATE.FINISHED)) { material.wait(); FileUtils.deleteQuietly(material.getCertFolder().toFile());
.getValue(), context.getCertificateLocalizationService() .getMaterialLocation(user, appId.toString()).getKeyStoreLocation().toString());
try { CryptoMaterial material = certificateLocalization.getMaterialLocation(username); password = material.getKeyStorePass(); } catch (InterruptedException ex) { throw new IOException(ex);
CertificateLocalization certificateLocalization = CertificateLocalizationCtx.getInstance() .getCertificateLocalization(); String certFolder = certificateLocalization.getMaterialLocation(user, appId).getCertFolder().toString();