1 //======================================================================== 2 //Copyright (c) Webtide LLC 3 //------------------------------------------------------------------------ 4 //All rights reserved. This program and the accompanying materials 5 //are made available under the terms of the Eclipse Public License v1.0 6 //and Apache License v2.0 which accompanies this distribution. 7 // 8 //The Eclipse Public License is available at 9 //http://www.eclipse.org/legal/epl-v10.html 10 // 11 //The Apache License v2.0 is available at 12 //http://www.apache.org/licenses/LICENSE-2.0.txt 13 // 14 //You may elect to redistribute this code under either of these licenses. 15 //======================================================================== 16 17 package org.eclipse.jetty.http.ssl; 18 19 import java.net.Socket; 20 import java.security.Principal; 21 import java.security.PrivateKey; 22 import java.security.cert.X509Certificate; 23 24 import javax.net.ssl.X509KeyManager; 25 26 27 /* ------------------------------------------------------------ */ 28 /** 29 * KeyManager to select a key with desired alias 30 * while delegating processing to specified KeyManager 31 * Can be used both with server and client sockets 32 */ 33 public class AliasedX509KeyManager implements X509KeyManager 34 { 35 private String _keyAlias; 36 private X509KeyManager _keyManager; 37 38 /* ------------------------------------------------------------ */ 39 /** 40 * Construct KeyManager instance 41 * @param keyAlias Alias of the key to be selected 42 * @param keyManager Instance of KeyManager to be wrapped 43 * @throws Exception 44 */ 45 public AliasedX509KeyManager(String keyAlias, X509KeyManager keyManager) throws Exception 46 { 47 _keyAlias = keyAlias; 48 _keyManager = keyManager; 49 } 50 51 /* ------------------------------------------------------------ */ 52 /** 53 * @see javax.net.ssl.X509KeyManager#chooseClientAlias(java.lang.String[], java.security.Principal[], java.net.Socket) 54 */ 55 public String chooseClientAlias(String[] keyType, Principal[] issuers, Socket socket) 56 { 57 return _keyAlias == null ? _keyManager.chooseClientAlias(keyType, issuers, socket) : _keyAlias; 58 } 59 60 /* ------------------------------------------------------------ */ 61 /** 62 * @see javax.net.ssl.X509KeyManager#chooseServerAlias(java.lang.String, java.security.Principal[], java.net.Socket) 63 */ 64 public String chooseServerAlias(String keyType, Principal[] issuers, Socket socket) 65 { 66 return _keyAlias == null ?_keyManager.chooseServerAlias(keyType, issuers, socket) : _keyAlias; 67 } 68 69 /* ------------------------------------------------------------ */ 70 /** 71 * @see javax.net.ssl.X509KeyManager#getClientAliases(java.lang.String, java.security.Principal[]) 72 */ 73 public String[] getClientAliases(String keyType, Principal[] issuers) 74 { 75 return _keyManager.getClientAliases(keyType, issuers); 76 } 77 78 79 /* ------------------------------------------------------------ */ 80 /** 81 * @see javax.net.ssl.X509KeyManager#getServerAliases(java.lang.String, java.security.Principal[]) 82 */ 83 public String[] getServerAliases(String keyType, Principal[] issuers) 84 { 85 return _keyManager.getServerAliases(keyType, issuers); 86 } 87 88 /* ------------------------------------------------------------ */ 89 /** 90 * @see javax.net.ssl.X509KeyManager#getCertificateChain(java.lang.String) 91 */ 92 public X509Certificate[] getCertificateChain(String alias) 93 { 94 return _keyManager.getCertificateChain(alias); 95 } 96 97 /* ------------------------------------------------------------ */ 98 /** 99 * @see javax.net.ssl.X509KeyManager#getPrivateKey(java.lang.String) 100 */ 101 public PrivateKey getPrivateKey(String alias) 102 { 103 return _keyManager.getPrivateKey(alias); 104 } 105 }