You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@logging.apache.org by "Remko Popma (JIRA)" <ji...@apache.org> on 2017/09/27 00:04:00 UTC
[jira] [Updated] (LOG4J2-2059) Refactor classes in core.net.ssl to
allow non-KeyStore Providers
[ https://issues.apache.org/jira/browse/LOG4J2-2059?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Remko Popma updated LOG4J2-2059:
--------------------------------
Priority: Minor (was: Major)
> Refactor classes in core.net.ssl to allow non-KeyStore Providers
> ----------------------------------------------------------------
>
> Key: LOG4J2-2059
> URL: https://issues.apache.org/jira/browse/LOG4J2-2059
> Project: Log4j 2
> Issue Type: Improvement
> Components: Appenders, Core
> Reporter: Remko Popma
> Priority: Minor
>
> Refactor classes in the core.net.ssl package so that an SSL context can be created with a KeyManagerFactory and TrustManagerFactory initialized from either KeyStores or from a ManagerFactoryParameters implementation.
> *Background*
> With LOG4J2-1896, classes in core.net.ssl were improved to avoid keeping passwords resident in memory where possible.
> The mechanism to achieve this (a custom PasswordProvider interface) manages secrets in a way that is specific for KeyStore-based providers. We want to manage secrets in a way that allows for other providers.
> During investigation it turned out that to Java has already standardized this. The KeyManagerFactory and TrustManagerFactory needed for SSL can be initialized with either a KeyStore or a [ManagerFactoryParameters|http://docs.oracle.com/javase/7/docs/api/javax/net/ssl/ManagerFactoryParameters.html]. There is no need for a custom generic interface to manage secrets.
> *Implementation*
> The same parameters that are currently used to create and load the KeyStore and TrustStore can also be used to construct a [KeyStoreBuilderParameters|http://docs.oracle.com/javase/7/docs/api/javax/net/ssl/KeyStoreBuilderParameters.html], which is a KeyStore-based ManagerFactoryParameters implementation.
> To avoid keeping the password data resident in memory we want to [clear the password array|http://docs.oracle.com/javase/7/docs/api/java/security/KeyStore.PasswordProtection.html#destroy()] once the SSL context is created.
> Log4j2 has use cases that require the ability to reconnect when the session is lost. One way to support this is to create a new ManagerFactoryParameters instance every time a new SSL context is created, similar to how the current PasswordProvider interface is able to load and provide the password on demand.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)