exceptionfactory commented on a change in pull request #5110:
URL: https://github.com/apache/nifi/pull/5110#discussion_r644842086
##########
File path:
nifi-commons/nifi-security-utils/src/main/java/org/apache/nifi/security/util/KeyStoreUtils.java
##########
@@ -143,6 +169,27 @@ public static KeyStore loadKeyStore(String keystorePath,
char[] keystorePassword
}
}
+ /**
+ * Load {@link KeyStore} containing Secret Key entries using configured
Security Provider
+ *
+ * @param keystorePath File path to KeyStore
+ * @param keystorePassword Password for loading KeyStore
+ * @param keystoreTypeName Keystore Type Name
+ * @return KeyStore loaded using specified configuration
+ * @throws TlsException Thrown when unable to load KeyStore or unsupported
Keystore Type
+ */
+ public static KeyStore loadSecretKeyStore(final String keystorePath, final
char[] keystorePassword, final String keystoreTypeName) throws TlsException {
+ try {
+ final KeyStore keyStore = getSecretKeyStore(keystoreTypeName);
+ try (final InputStream keyStoreStream = new
FileInputStream(keystorePath)) {
+ keyStore.load(keyStoreStream, keystorePassword);
+ }
+ return keyStore;
+ } catch (final GeneralSecurityException|IOException e) {
+ throw new TlsException(String.format("Loading Secret Keystore [%s]
Type [%s] Failed", keystorePath, keystoreTypeName), e);
Review comment:
Although `TlsException` is probably not the best name, it follows the
pattern of other methods in KeyStoreUtils. Since `KeyStoreException` is a
subclass of `GeneralSecurityException`, it could also be somewhat confusing.
Refactoring the checked exceptions from multiple KeyStoreUtils methods to use a
different name is probably worth doing separately.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
