Skip to content

security: Stabilize AdvancedTlsX509KeyManager.#11139

Merged
erm-g merged 16 commits intogrpc:masterfrom
erm-g:advTls
May 30, 2024
Merged

security: Stabilize AdvancedTlsX509KeyManager.#11139
erm-g merged 16 commits intogrpc:masterfrom
erm-g:advTls

Conversation

@erm-g
Copy link
Contributor

@erm-g erm-g commented May 1, 2024
edited
Loading

This PR is a part of 'Stabilize Advanced TLS' effort.
Clean up, improve javadoc, de-experimentalize of AdvancedTlsX509KeyManager, add a unit test (e2e already exists).

matthewstevenson88
matthewstevenson88 reviewed May 1, 2024
View reviewed changes
Copy link
Contributor

@matthewstevenson88 matthewstevenson88 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the PR @erm-g! A couple nits, and two other points:

  1. This PR only de-experimentalizes the key manager. Should we amend the PR title accordingly?
  2. Please address the failing tests.

@erm-g erm-g changed the title Clean up and de-experimentalization of AdvancedTLS Clean up and de-experimentalization of AdvancedTlsX509KeyManager May 7, 2024
@erm-g erm-g requested a review from matthewstevenson88 May 7, 2024 16:45
matthewstevenson88
matthewstevenson88 reviewed May 7, 2024
View reviewed changes
Copy link
Contributor

@matthewstevenson88 matthewstevenson88 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please address the failing tests. :)

@erm-g
Copy link
Contributor Author

erm-g commented May 8, 2024

Please address the failing tests. :)

Fixed (few styling things)

@erm-g erm-g changed the title Clean up and de-experimentalization of AdvancedTlsX509KeyManager security: Stabilize AdvancedTlsX509KeyManager. May 8, 2024
@erm-g erm-g requested a review from matthewstevenson88 May 8, 2024 03:25
matthewstevenson88
matthewstevenson88 reviewed May 8, 2024
View reviewed changes
util/src/test/java/io/grpc/util/AdvancedTlsX509KeyManagerTest.java
}

@Test
public void credentialSettingParameterValidity() throws Exception {
Copy link
Contributor

@matthewstevenson88 matthewstevenson88 May 8, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We seem to be testing several distinct behaviors in the same unit test - can we break these up into separate smaller-scoped tests so that each unit test is testing an independent behavior?

Similarly above in the credentialSetting test.

Copy link
Contributor Author

@erm-g erm-g May 8, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In this test we're just checking that we correctly put checkNotNull checks across the public api. So I grouped that under single unit test since I saw a similar pattern at MatcherTest -

grpc-java/xds/src/test/java/io/grpc/xds/internal/MatcherTest.java

Line 64 in 2bc4306

public void stringMatcher() {

credentialSetting is different - we check a sequence of changing (serverCert->clientCert->serverCert) so splitting it is possible, but will require a lot of boilerplate code (smth like wordy BeforeMethod before each test)

@erm-g erm-g requested a review from ejona86 May 8, 2024 19:59
ejona86
ejona86 reviewed May 16, 2024
View reviewed changes
@erm-g erm-g requested a review from ejona86 May 17, 2024 21:44
ejona86
ejona86 approved these changes May 29, 2024
View reviewed changes
Copy link
Member

@ejona86 ejona86 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's swap to FakeClock, but otherwise looks good.

@ejona86
Copy link
Member

ejona86 commented May 29, 2024

@matthewstevenson88, do you want us to wait for your approval before this goes in?

@matthewstevenson88
Copy link
Contributor

matthewstevenson88 commented May 29, 2024

Thanks @ejona86. LGTM, and ok to merge once the FakeClock change is done.

@erm-g erm-g merged commit 781b4c4 into grpc:master May 30, 2024
@ejona86
Copy link
Member

ejona86 commented May 30, 2024

API review meeting notes:

an object that caller should close when the file refreshes are not needed

s/not/no longer/

We noticed we had looked at this API before, and had talked about changing the argument order. #8024 (comment) . Although I did today notice that KeyStore uses the argument order seen here. https://docs.oracle.com/en/java/javase/21/docs/api/java.base/java/security/KeyStore.html#setKeyEntry(java.lang.String,byte%5B%5D,java.security.cert.Certificate%5B%5D)

We probably would let y'all (security team) decide how y'all feel about the different argument order. It is mostly a problem for File-based reading, because there's not different types to the arguments.

@erm-g erm-g mentioned this pull request May 31, 2024
Merged
@matthewstevenson88 matthewstevenson88 mentioned this pull request Jun 24, 2024
Merged
@ejona86 ejona86 mentioned this pull request Jun 24, 2024
Merged
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Aug 29, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@ejona86 ejona86 ejona86 approved these changes

@matthewstevenson88 matthewstevenson88 matthewstevenson88 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@erm-g @ejona86 @matthewstevenson88