KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > apache > tomcat > util > net > jsse > JSSEKeyManager


1 /*
2  * Licensed to the Apache Software Foundation (ASF) under one or more
3  * contributor license agreements. See the NOTICE file distributed with
4  * this work for additional information regarding copyright ownership.
5  * The ASF licenses this file to You under the Apache License, Version 2.0
6  * (the "License"); you may not use this file except in compliance with
7  * the License. You may obtain a copy of the License at
8  *
9  * http://www.apache.org/licenses/LICENSE-2.0
10  *
11  * Unless required by applicable law or agreed to in writing, software
12  * distributed under the License is distributed on an "AS IS" BASIS,
13  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14  * See the License for the specific language governing permissions and
15  * limitations under the License.
16  */
17
18 package org.apache.tomcat.util.net.jsse;
19
20 import java.net.Socket JavaDoc;
21 import java.security.Principal JavaDoc;
22 import java.security.PrivateKey JavaDoc;
23 import java.security.cert.X509Certificate JavaDoc;
24 import javax.net.ssl.X509KeyManager;
25
26 /**
27  * X509KeyManager which allows selection of a specific keypair and certificate
28  * chain (identified by their keystore alias name) to be used by the server to
29  * authenticate itself to SSL clients.
30  *
31  * @author Jan Luehe
32  */
33 public final class JSSEKeyManager implements X509KeyManager {
34
35     private X509KeyManager delegate;
36     private String JavaDoc serverKeyAlias;
37
38     /**
39      * Constructor.
40      *
41      * @param mgr The X509KeyManager used as a delegate
42      * @param serverKeyAlias The alias name of the server's keypair and
43      * supporting certificate chain
44      */
45     public JSSEKeyManager(X509KeyManager mgr, String JavaDoc serverKeyAlias) {
46         this.delegate = mgr;
47         this.serverKeyAlias = serverKeyAlias;
48     }
49
50     /**
51      * Choose an alias to authenticate the client side of a secure socket,
52      * given the public key type and the list of certificate issuer authorities
53      * recognized by the peer (if any).
54      *
55      * @param keyType The key algorithm type name(s), ordered with the
56      * most-preferred key type first
57      * @param issuers The list of acceptable CA issuer subject names, or null
58      * if it does not matter which issuers are used
59      * @param socket The socket to be used for this connection. This parameter
60      * can be null, in which case this method will return the most generic
61      * alias to use
62      *
63      * @return The alias name for the desired key, or null if there are no
64      * matches
65      */
66     public String JavaDoc chooseClientAlias(String JavaDoc[] keyType, Principal JavaDoc[] issuers,
67                                     Socket JavaDoc socket) {
68         return delegate.chooseClientAlias(keyType, issuers, socket);
69     }
70
71     /**
72      * Returns this key manager's server key alias that was provided in the
73      * constructor.
74      *
75      * @param keyType The key algorithm type name (ignored)
76      * @param issuers The list of acceptable CA issuer subject names, or null
77      * if it does not matter which issuers are used (ignored)
78      * @param socket The socket to be used for this connection. This parameter
79      * can be null, in which case this method will return the most generic
80      * alias to use (ignored)
81      *
82      * @return Alias name for the desired key
83      */
84     public String JavaDoc chooseServerAlias(String JavaDoc keyType, Principal JavaDoc[] issuers,
85                                     Socket JavaDoc socket) {
86         return serverKeyAlias;
87     }
88
89     /**
90      * Returns the certificate chain associated with the given alias.
91      *
92      * @param alias The alias name
93      *
94      * @return Certificate chain (ordered with the user's certificate first
95      * and the root certificate authority last), or null if the alias can't be
96      * found
97      */
98     public X509Certificate JavaDoc[] getCertificateChain(String JavaDoc alias) {
99         return delegate.getCertificateChain(alias);
100     }
101
102     /**
103      * Get the matching aliases for authenticating the client side of a secure
104      * socket, given the public key type and the list of certificate issuer
105      * authorities recognized by the peer (if any).
106      *
107      * @param keyType The key algorithm type name
108      * @param issuers The list of acceptable CA issuer subject names, or null
109      * if it does not matter which issuers are used
110      *
111      * @return Array of the matching alias names, or null if there were no
112      * matches
113      */
114     public String JavaDoc[] getClientAliases(String JavaDoc keyType, Principal JavaDoc[] issuers) {
115         return delegate.getClientAliases(keyType, issuers);
116     }
117
118     /**
119      * Get the matching aliases for authenticating the server side of a secure
120      * socket, given the public key type and the list of certificate issuer
121      * authorities recognized by the peer (if any).
122      *
123      * @param keyType The key algorithm type name
124      * @param issuers The list of acceptable CA issuer subject names, or null
125      * if it does not matter which issuers are used
126      *
127      * @return Array of the matching alias names, or null if there were no
128      * matches
129      */
130     public String JavaDoc[] getServerAliases(String JavaDoc keyType, Principal JavaDoc[] issuers) {
131         return delegate.getServerAliases(keyType, issuers);
132     }
133
134     /**
135      * Returns the key associated with the given alias.
136      *
137      * @param alias The alias name
138      *
139      * @return The requested key, or null if the alias can't be found
140      */
141     public PrivateKey JavaDoc getPrivateKey(String JavaDoc alias) {
142         return delegate.getPrivateKey(alias);
143     }
144 }
145
Popular Tags