xds: rename Sds to Security or Xds in various classes to eliminate references to SDS (grpc#9529)

Author: sanjaypujare

xds/src/main/java/io/grpc/xds/FilterChainMatchingProtocolNegotiators.java

@@ -20,7 +20,7 @@
 import static io.grpc.xds.InternalXdsAttributes.ATTR_DRAIN_GRACE_NANOS;
 import static io.grpc.xds.InternalXdsAttributes.ATTR_FILTER_CHAIN_SELECTOR_MANAGER;
 import static io.grpc.xds.XdsServerWrapper.ATTR_SERVER_ROUTING_CONFIG;
-import static io.grpc.xds.internal.sds.SdsProtocolNegotiators.ATTR_SERVER_SSL_CONTEXT_PROVIDER_SUPPLIER;
+import static io.grpc.xds.internal.sds.SecurityProtocolNegotiators.ATTR_SERVER_SSL_CONTEXT_PROVIDER_SUPPLIER;
 
 import com.google.common.annotations.VisibleForTesting;
 import com.google.common.base.MoreObjects;

xds/src/main/java/io/grpc/xds/XdsChannelCredentials.java

@@ -22,7 +22,7 @@
 import io.grpc.ExperimentalApi;
 import io.grpc.netty.InternalNettyChannelCredentials;
 import io.grpc.netty.InternalProtocolNegotiator;
-import io.grpc.xds.internal.sds.SdsProtocolNegotiators;
+import io.grpc.xds.internal.sds.SecurityProtocolNegotiators;
 
 @ExperimentalApi("https://github.com/grpc/grpc-java/issues/7514")
 public class XdsChannelCredentials {
@@ -40,6 +40,6 @@ public static ChannelCredentials create(ChannelCredentials fallback) {
  InternalProtocolNegotiator.ClientFactory fallbackNegotiator =
  InternalNettyChannelCredentials.toNegotiator(checkNotNull(fallback, "fallback"));
  return InternalNettyChannelCredentials.create(
- SdsProtocolNegotiators.clientProtocolNegotiatorFactory(fallbackNegotiator));
+ SecurityProtocolNegotiators.clientProtocolNegotiatorFactory(fallbackNegotiator));
  }
 }

xds/src/main/java/io/grpc/xds/XdsServerCredentials.java

@@ -22,7 +22,7 @@
 import io.grpc.ServerCredentials;
 import io.grpc.netty.InternalNettyServerCredentials;
 import io.grpc.netty.InternalProtocolNegotiator;
-import io.grpc.xds.internal.sds.SdsProtocolNegotiators;
+import io.grpc.xds.internal.sds.SecurityProtocolNegotiators;
 
 @ExperimentalApi("https://github.com/grpc/grpc-java/issues/7514")
 public class XdsServerCredentials {
@@ -40,6 +40,6 @@ public static ServerCredentials create(ServerCredentials fallback) {
  InternalProtocolNegotiator.ServerFactory fallbackNegotiator =
  InternalNettyServerCredentials.toNegotiator(checkNotNull(fallback, "fallback"));
  return InternalNettyServerCredentials.create(
- SdsProtocolNegotiators.serverProtocolNegotiatorFactory(fallbackNegotiator));
+ SecurityProtocolNegotiators.serverProtocolNegotiatorFactory(fallbackNegotiator));
  }
 }

xds/src/main/java/io/grpc/xds/internal/certprovider/CertProviderClientSslContextProvider.java

@@ -26,7 +26,7 @@
 import io.grpc.netty.GrpcSslContexts;
 import io.grpc.xds.Bootstrapper.CertificateProviderInfo;
 import io.grpc.xds.EnvoyServerProtoData.UpstreamTlsContext;
-import io.grpc.xds.internal.sds.trust.SdsTrustManagerFactory;
+import io.grpc.xds.internal.sds.trust.XdsTrustManagerFactory;
 import io.netty.handler.ssl.SslContextBuilder;
 import java.security.cert.CertStoreException;
 import java.security.cert.X509Certificate;
@@ -62,7 +62,7 @@ protected final SslContextBuilder getSslContextBuilder(
  SslContextBuilder sslContextBuilder =
  GrpcSslContexts.forClient()
  .trustManager(
- new SdsTrustManagerFactory(
+ new XdsTrustManagerFactory(
  savedTrustedRoots.toArray(new X509Certificate[0]),
  certificateValidationContextdationContext));
  if (isMtls()) {

xds/src/main/java/io/grpc/xds/internal/certprovider/CertProviderServerSslContextProvider.java

@@ -26,7 +26,7 @@
 import io.grpc.netty.GrpcSslContexts;
 import io.grpc.xds.Bootstrapper.CertificateProviderInfo;
 import io.grpc.xds.EnvoyServerProtoData.DownstreamTlsContext;
-import io.grpc.xds.internal.sds.trust.SdsTrustManagerFactory;
+import io.grpc.xds.internal.sds.trust.XdsTrustManagerFactory;
 import io.netty.handler.ssl.SslContextBuilder;
 
 import java.io.IOException;
@@ -66,7 +66,7 @@ protected final SslContextBuilder getSslContextBuilder(
  setClientAuthValues(
  sslContextBuilder,
  isMtls()
- ? new SdsTrustManagerFactory(
+ ? new XdsTrustManagerFactory(
  savedTrustedRoots.toArray(new X509Certificate[0]),
  certificateValidationContextdationContext)
  : null);

xds/src/main/java/io/grpc/xds/internal/sds/SdsProtocolNegotiators.java renamed to xds/src/main/java/io/grpc/xds/internal/sds/SecurityProtocolNegotiators.java

@@ -48,13 +48,14 @@
  * context.
  */
 @VisibleForTesting
-public final class SdsProtocolNegotiators {
+public final class SecurityProtocolNegotiators {
 
  // Prevent instantiation.
- private SdsProtocolNegotiators() {
+ private SecurityProtocolNegotiators() {
  }
 
- private static final Logger logger = Logger.getLogger(SdsProtocolNegotiators.class.getName());
+ private static final Logger logger
+ = Logger.getLogger(SecurityProtocolNegotiators.class.getName());
 
  private static final AsciiString SCHEME = AsciiString.of("http");
 

xds/src/main/java/io/grpc/xds/internal/sds/SslContextProvider.java

@@ -24,7 +24,7 @@
 import io.grpc.xds.EnvoyServerProtoData.BaseTlsContext;
 import io.grpc.xds.EnvoyServerProtoData.DownstreamTlsContext;
 import io.grpc.xds.EnvoyServerProtoData.UpstreamTlsContext;
-import io.grpc.xds.internal.sds.trust.SdsTrustManagerFactory;
+import io.grpc.xds.internal.sds.trust.XdsTrustManagerFactory;
 import io.netty.handler.ssl.ClientAuth;
 import io.netty.handler.ssl.SslContext;
 import io.netty.handler.ssl.SslContextBuilder;
@@ -70,11 +70,11 @@ protected CommonTlsContext getCommonTlsContext() {
  }
 
  protected void setClientAuthValues(
- SslContextBuilder sslContextBuilder, SdsTrustManagerFactory sdsTrustManagerFactory)
+ SslContextBuilder sslContextBuilder, XdsTrustManagerFactory xdsTrustManagerFactory)
  throws CertificateException, IOException, CertStoreException {
  DownstreamTlsContext downstreamTlsContext = getDownstreamTlsContext();
- if (sdsTrustManagerFactory != null) {
- sslContextBuilder.trustManager(sdsTrustManagerFactory);
+ if (xdsTrustManagerFactory != null) {
+ sslContextBuilder.trustManager(xdsTrustManagerFactory);
  sslContextBuilder.clientAuth(
  downstreamTlsContext.isRequireClientCertificate()
  ? ClientAuth.REQUIRE

xds/src/main/java/io/grpc/xds/internal/sds/SslContextProviderSupplier.java

@@ -29,7 +29,7 @@
 
 /**
  * Enables Client or server side to initialize this object with the received {@link BaseTlsContext}
- * and communicate it to the consumer i.e. {@link SdsProtocolNegotiators}
+ * and communicate it to the consumer i.e. {@link SecurityProtocolNegotiators}
  * to lazily evaluate the {@link SslContextProvider}. The supplier prevents credentials leakage in
  * cases where the user is not using xDS credentials but the client/server contains a non-default
  * {@link BaseTlsContext}.

xds/src/main/java/io/grpc/xds/internal/sds/trust/SdsTrustManagerFactory.java renamed to xds/src/main/java/io/grpc/xds/internal/sds/trust/XdsTrustManagerFactory.java

@@ -43,29 +43,29 @@
 
 /**
  * Factory class used by providers of {@link TlsContextManagerImpl} to provide a
- * {@link SdsX509TrustManager} for trust and SAN checks.
+ * {@link XdsX509TrustManager} for trust and SAN checks.
  */
-public final class SdsTrustManagerFactory extends SimpleTrustManagerFactory {
+public final class XdsTrustManagerFactory extends SimpleTrustManagerFactory {
 
- private static final Logger logger = Logger.getLogger(SdsTrustManagerFactory.class.getName());
- private SdsX509TrustManager sdsX509TrustManager;
+ private static final Logger logger = Logger.getLogger(XdsTrustManagerFactory.class.getName());
+ private XdsX509TrustManager xdsX509TrustManager;
 
  /** Constructor constructs from a {@link CertificateValidationContext}. */
- public SdsTrustManagerFactory(CertificateValidationContext certificateValidationContext)
+ public XdsTrustManagerFactory(CertificateValidationContext certificateValidationContext)
  throws CertificateException, IOException, CertStoreException {
  this(
  getTrustedCaFromCertContext(certificateValidationContext),
  certificateValidationContext,
  false);
  }
 
- public SdsTrustManagerFactory(
+ public XdsTrustManagerFactory(
  X509Certificate[] certs, CertificateValidationContext staticCertificateValidationContext)
  throws CertStoreException {
  this(certs, staticCertificateValidationContext, true);
  }
 
- private SdsTrustManagerFactory(
+ private XdsTrustManagerFactory(
  X509Certificate[] certs,
  CertificateValidationContext certificateValidationContext,
  boolean validationContextIsStatic)
@@ -75,7 +75,7 @@ private SdsTrustManagerFactory(
  certificateValidationContext == null || !certificateValidationContext.hasTrustedCa(),
  "only static certificateValidationContext expected");
  }
- sdsX509TrustManager = createSdsX509TrustManager(certs, certificateValidationContext);
+ xdsX509TrustManager = createSdsX509TrustManager(certs, certificateValidationContext);
  }
 
  private static X509Certificate[] getTrustedCaFromCertContext(
@@ -100,7 +100,7 @@ private static X509Certificate[] getTrustedCaFromCertContext(
  }
 
  @VisibleForTesting
- static SdsX509TrustManager createSdsX509TrustManager(
+ static XdsX509TrustManager createSdsX509TrustManager(
  X509Certificate[] certs, CertificateValidationContext certContext) throws CertStoreException {
  TrustManagerFactory tmf = null;
  try {
@@ -133,7 +133,7 @@ static SdsX509TrustManager createSdsX509TrustManager(
  if (myDelegate == null) {
  throw new CertStoreException("Native X509 TrustManager not found.");
  }
- return new SdsX509TrustManager(certContext, myDelegate);
+ return new XdsX509TrustManager(certContext, myDelegate);
  }
 
  @Override
@@ -148,6 +148,6 @@ protected void engineInit(ManagerFactoryParameters managerFactoryParameters) thr
 
  @Override
  protected TrustManager[] engineGetTrustManagers() {
- return new TrustManager[] {sdsX509TrustManager};
+ return new TrustManager[] {xdsX509TrustManager};
  }
 }

xds/src/main/java/io/grpc/xds/internal/sds/trust/SdsX509TrustManager.java renamed to xds/src/main/java/io/grpc/xds/internal/sds/trust/XdsX509TrustManager.java

@@ -41,7 +41,7 @@
  * Extension of {@link X509ExtendedTrustManager} that implements verification of
  * SANs (subject-alternate-names) against the list in CertificateValidationContext.
  */
-final class SdsX509TrustManager extends X509ExtendedTrustManager implements X509TrustManager {
+final class XdsX509TrustManager extends X509ExtendedTrustManager implements X509TrustManager {
 
  // ref: io.grpc.okhttp.internal.OkHostnameVerifier and
  // sun.security.x509.GeneralNameInterface
@@ -52,8 +52,8 @@ final class SdsX509TrustManager extends X509ExtendedTrustManager implements X509
  private final X509ExtendedTrustManager delegate;
  private final CertificateValidationContext certContext;
 
- SdsX509TrustManager(@Nullable CertificateValidationContext certContext,
- X509ExtendedTrustManager delegate) {
+ XdsX509TrustManager(@Nullable CertificateValidationContext certContext,
+  X509ExtendedTrustManager delegate) {
  checkNotNull(delegate, "delegate");
  this.certContext = certContext;
  this.delegate = delegate;