Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

HDDS-11895. Separate Root and Sub CA server implementation #7573

Open
wants to merge 4 commits into
base: master
Choose a base branch
from
Open

HDDS-11895. Separate Root and Sub CA server implementation #7573

wants to merge 4 commits into from

Conversation

Galsza
Copy link
Contributor

@Galsza Galsza commented Dec 13, 2024

What changes were proposed in this pull request?

Separate the root and sub ca server implementation for better readability
[HDDS-11895](https://issues.apache.org/jira/browse/HDDS-11895

As an ongoing process for crypto-currency, the PKI system is a bit refactored.
This PR is built on a previous PR: #6871 that should be merged first.
That PR contains changes regarding KeyStorage, this PR only aims at the separation of CA servers.

HDDS-11895

How was this patch tested?

Existing CI tests, green CI apart from previous PR failure:
https://github.com/Galsza/ozone/actions/runs/12304108495

Galsza and others added 4 commits December 10, 2024 22:15
@Galsza
HDDS-11070. Separate KeyCodec responsibilities of being a coder/decod…
b4be6b8 
…er and handling persistence of keys
@fapifta @Galsza
Addendum for HDDS-11070.
c9836f8 
Purify KeyCodec and KeyStorage APIs, clear/add tests for the remaining pieces.
Remove SecurityUtil, replace its functionality with the KeyCodec.
KeyCodec now works with byte[] instead of String.
KeyStorage relies purely on NIO.
Keys related classes moved to hdds-common from hdds-framework.
Intorduced SecurityConstants for string based magic constants in the PEM format.
Changes in SecurityConfig to ensure testability.
Updated APIDocs.
@Galsza
Merge branch 'master' into HDDS-11895
91e7a2f
@Galsza
HDDS-11895. Separate Root and Sub CA server implementation
78b0367
@Galsza
Copy link
Contributor Author

Galsza commented Dec 13, 2024

@ChenSammi Could you please review #6871 and this PR as well?
There is a known test failure in the previous PR, Pifta is working on fixing it. (It comes from java 17 vs 21 run on CA)

@adoroszlai adoroszlai requested a review from ChenSammi December 13, 2024 19:58
@ChenSammi
Copy link
Contributor

Let's review #6871 first and get it merged.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ChenSammi ChenSammi Awaiting requested review from ChenSammi

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@Galsza @ChenSammi @fapifta