Github user tumativ commented on a diff in the pull request:
https://github.com/apache/zookeeper/pull/678#discussion_r230255232
--- Diff:
zookeeper-server/src/main/java/org/apache/zookeeper/common/X509Util.java ---
@@ -221,27 +229,47 @@ public SSLContext createSSLContext(ZKConfig config)
throws SSLContextException {
}
}
- public static X509KeyManager createKeyManager(String keyStoreLocation,
String keyStorePassword)
+ /**
+ * Creates a key manager by loading the key store from the given file
of
+ * the given type, optionally decrypting it using the given password.
+ * @param keyStoreLocation the location of the key store file.
+ * @param keyStorePassword optional password to decrypt the key store.
If
+ * empty, assumes the key store is not
encrypted.
+ * @param keyStoreTypeProp must be JKS, PEM, or null. If null,
attempts to
+ * autodetect the key store type from the file
+ * extension (.jks / .pem).
+ * @return the key manager.
+ * @throws KeyManagerException if something goes wrong.
+ */
+ public static X509KeyManager createKeyManager(
+ String keyStoreLocation,
+ String keyStorePassword,
+ String keyStoreTypeProp)
throws KeyManagerException {
FileInputStream inputStream = null;
+ if (keyStorePassword == null) {
+ keyStorePassword = "";
+ }
try {
- char[] keyStorePasswordChars = keyStorePassword.toCharArray();
- File keyStoreFile = new File(keyStoreLocation);
- KeyStore ks = KeyStore.getInstance("JKS");
- inputStream = new FileInputStream(keyStoreFile);
- ks.load(inputStream, keyStorePasswordChars);
+ KeyStoreFileType storeFileType =
--- End diff --
IllegalArgumentException is possible here. I see it is not handled.
---
