View Javadoc

1   //========================================================================
2   //Copyright (c) Webtide LLC
3   //------------------------------------------------------------------------
4   //All rights reserved. This program and the accompanying materials
5   //are made available under the terms of the Eclipse Public License v1.0
6   //and Apache License v2.0 which accompanies this distribution.
7   //
8   //The Eclipse Public License is available at
9   //http://www.eclipse.org/legal/epl-v10.html
10  //
11  //The Apache License v2.0 is available at
12  //http://www.apache.org/licenses/LICENSE-2.0.txt
13  //
14  //You may elect to redistribute this code under either of these licenses.
15  //========================================================================
16  
17  package org.eclipse.jetty.http.ssl;
18  
19  import java.net.Socket;
20  import java.security.Principal;
21  import java.security.PrivateKey;
22  import java.security.cert.X509Certificate;
23  
24  import javax.net.ssl.SSLEngine;
25  import javax.net.ssl.X509ExtendedKeyManager;
26  import javax.net.ssl.X509KeyManager;
27  
28  
29  /* ------------------------------------------------------------ */
30  /**
31   * KeyManager to select a key with desired alias
32   * while delegating processing to specified KeyManager
33   * Can be used both with server and client sockets
34   */
35  public class AliasedX509ExtendedKeyManager extends X509ExtendedKeyManager
36  {
37      private String _keyAlias;
38      private X509KeyManager _keyManager;
39  
40      /* ------------------------------------------------------------ */
41      /**
42       * Construct KeyManager instance
43       * @param keyAlias Alias of the key to be selected
44       * @param keyManager Instance of KeyManager to be wrapped
45       * @throws Exception
46       */
47      public AliasedX509ExtendedKeyManager(String keyAlias, X509KeyManager keyManager) throws Exception
48      {
49          _keyAlias = keyAlias;
50          _keyManager = keyManager;
51      }
52  
53      /* ------------------------------------------------------------ */
54      /**
55       * @see javax.net.ssl.X509KeyManager#chooseClientAlias(java.lang.String[], java.security.Principal[], java.net.Socket)
56       */
57      public String chooseClientAlias(String[] keyType, Principal[] issuers, Socket socket)
58      {
59          return _keyAlias == null ? _keyManager.chooseClientAlias(keyType, issuers, socket) : _keyAlias;
60      }
61  
62      /* ------------------------------------------------------------ */
63      /**
64       * @see javax.net.ssl.X509KeyManager#chooseServerAlias(java.lang.String, java.security.Principal[], java.net.Socket)
65       */
66      public String chooseServerAlias(String keyType, Principal[] issuers, Socket socket)
67      {   
68          return _keyAlias == null ? _keyManager.chooseServerAlias(keyType, issuers, socket) : _keyAlias;
69      }
70  
71      /* ------------------------------------------------------------ */
72      /**
73       * @see javax.net.ssl.X509KeyManager#getClientAliases(java.lang.String, java.security.Principal[])
74       */
75      public String[] getClientAliases(String keyType, Principal[] issuers)
76      {
77          return _keyManager.getClientAliases(keyType, issuers);
78      }
79  
80  
81      /* ------------------------------------------------------------ */
82      /**
83       * @see javax.net.ssl.X509KeyManager#getServerAliases(java.lang.String, java.security.Principal[])
84       */
85      public String[] getServerAliases(String keyType, Principal[] issuers)
86      {
87          return _keyManager.getServerAliases(keyType, issuers);
88      }
89  
90      /* ------------------------------------------------------------ */
91      /**
92       * @see javax.net.ssl.X509KeyManager#getCertificateChain(java.lang.String)
93       */
94      public X509Certificate[] getCertificateChain(String alias)
95      {
96          return _keyManager.getCertificateChain(alias);
97      }
98  
99      /* ------------------------------------------------------------ */
100     /**
101      * @see javax.net.ssl.X509KeyManager#getPrivateKey(java.lang.String)
102      */
103     public PrivateKey getPrivateKey(String alias)
104     {
105         return _keyManager.getPrivateKey(alias);
106     }
107 
108     /* ------------------------------------------------------------ */
109     /**
110      * @see javax.net.ssl.X509ExtendedKeyManager#chooseEngineServerAlias(java.lang.String, java.security.Principal[], javax.net.ssl.SSLEngine)
111      */
112     @Override
113     public String chooseEngineServerAlias(String keyType, Principal[] issuers, SSLEngine engine)
114     {
115         return _keyAlias == null ? super.chooseEngineServerAlias(keyType,issuers,engine) : _keyAlias;
116     }
117 
118 
119     /* ------------------------------------------------------------ */
120     /**
121      * @see javax.net.ssl.X509ExtendedKeyManager#chooseEngineClientAlias(String[], Principal[], SSLEngine)
122      */
123     @Override
124     public String chooseEngineClientAlias(String keyType[], Principal[] issuers, SSLEngine engine)
125     {
126         return _keyAlias == null ? super.chooseEngineClientAlias(keyType,issuers,engine) : _keyAlias;
127     }
128 }