KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > javax > net > ssl > X509KeyManager


1 /*
2  * @(#)X509KeyManager.java 1.10 04/02/16
3  *
4  * Copyright (c) 2004 Sun Microsystems, Inc. All Rights Reserved.
5  * SUN PROPRIETARY/CONFIDENTIAL. Use is subject to license terms.
6  */

7   
8 /*
9  * NOTE:
10  * Because of various external restrictions (i.e. US export
11  * regulations, etc.), the actual source code can not be provided
12  * at this time. This file represents the skeleton of the source
13  * file, so that javadocs of the API can be created.
14  */

15
16 package javax.net.ssl;
17
18 import java.security.KeyManagementException;
19 import java.security.PrivateKey;
20 import java.security.Principal;
21 import java.security.cert.X509Certificate;
22 import java.net.Socket;
23
24 /**
25  * Instances of this interface manage which X509 certificate-based
26  * key pairs are used to authenticate the local side of a secure
27  * socket.
28  * <P>
29  * During secure socket negotiations, implentations
30  * call methods in this interface to:
31  * <UL>
32  * <LI> determine the set of aliases that are available for negotiations
33  * based on the criteria presented,
34  * <LI> select the <ITALIC> best alias </ITALIC> based on
35  * the criteria presented, and
36  * <LI> obtain the corresponding key material for given aliases.
37  * </UL>
38  * <P>
39  * Note: the X509ExtendedKeyManager should be used in favor of this
40  * class.
41  *
42  * @since 1.4
43  * @version 1.16
44  */

45 public interface X509KeyManager extends KeyManager
46 {
47
48     /**
49      * Get the matching aliases for authenticating the client side of a secure
50      * socket given the public key type and the list of
51      * certificate issuer authorities recognized by the peer (if any).
52      *
53      * @param keyType the key algorithm type name
54      * @param issuers the list of acceptable CA issuer subject names,
55      * or null if it does not matter which issuers are used.
56      * @return an array of the matching alias names, or null if there
57      * were no matches.
58      */

59     public String[] getClientAliases(String keyType, Principal[] issuers);
60
61     /**
62      * Choose an alias to authenticate the client side of a secure
63      * socket given the public key type and the list of
64      * certificate issuer authorities recognized by the peer (if any).
65      *
66      * @param keyType the key algorithm type name(s), ordered
67      * with the most-preferred key type first.
68      * @param issuers the list of acceptable CA issuer subject names
69      * or null if it does not matter which issuers are used.
70      * @param socket the socket to be used for this connection. This
71      * parameter can be null, which indicates that
72      * implementations are free to select an alias applicable
73      * to any socket.
74      * @return the alias name for the desired key, or null if there
75      * are no matches.
76      */

77     public String chooseClientAlias(String[] keyType, Principal[] issuers,
78         Socket socket);
79
80     /**
81      * Get the matching aliases for authenticating the server side of a secure
82      * socket given the public key type and the list of
83      * certificate issuer authorities recognized by the peer (if any).
84      *
85      * @param keyType the key algorithm type name
86      * @param issuers the list of acceptable CA issuer subject names
87      * or null if it does not matter which issuers are used.
88      * @return an array of the matching alias names, or null
89      * if there were no matches.
90      */

91     public String[] getServerAliases(String keyType, Principal[] issuers);
92
93     /**
94      * Choose an alias to authenticate the server side of a secure
95      * socket given the public key type and the list of
96      * certificate issuer authorities recognized by the peer (if any).
97      *
98      * @param keyType the key algorithm type name.
99      * @param issuers the list of acceptable CA issuer subject names
100      * or null if it does not matter which issuers are used.
101      * @param socket the socket to be used for this connection. This
102      * parameter can be null, which indicates that
103      * implementations are free to select an alias applicable
104      * to any socket.
105      * @return the alias name for the desired key, or null if there
106      * are no matches.
107      */

108     public String chooseServerAlias(String keyType, Principal[] issuers, Socket
109         socket);
110
111     /**
112      * Returns the certificate chain associated with the given alias.
113      *
114      * @param alias the alias name
115      * @return the certificate chain (ordered with the user's certificate first
116      * and the root certificate authority last), or null
117      * if the alias can't be found.
118      */

119     public X509Certificate[] getCertificateChain(String alias);
120
121     /**
122      * Returns the key associated with the given alias.
123      *
124      * @param alias the alias name
125      * @return the requested key, or null if the alias can't be found.
126      */

127     public PrivateKey getPrivateKey(String alias);
128 }
129
Popular Tags