View Javadoc

1   //
2   //  ========================================================================
3   //  Copyright (c) 1995-2013 Mort Bay Consulting Pty. Ltd.
4   //  ------------------------------------------------------------------------
5   //  All rights reserved. This program and the accompanying materials
6   //  are made available under the terms of the Eclipse Public License v1.0
7   //  and Apache License v2.0 which accompanies this distribution.
8   //
9   //      The Eclipse Public License is available at
10  //      http://www.eclipse.org/legal/epl-v10.html
11  //
12  //      The Apache License v2.0 is available at
13  //      http://www.opensource.org/licenses/apache2.0.php
14  //
15  //  You may elect to redistribute this code under either of these licenses.
16  //  ========================================================================
17  //
18  
19  package org.eclipse.jetty.util.ssl;
20  
21  import java.net.Socket;
22  import java.security.Principal;
23  import java.security.PrivateKey;
24  import java.security.cert.X509Certificate;
25  
26  import javax.net.ssl.SSLEngine;
27  import javax.net.ssl.X509ExtendedKeyManager;
28  import javax.net.ssl.X509KeyManager;
29  
30  
31  /* ------------------------------------------------------------ */
32  /**
33   * KeyManager to select a key with desired alias
34   * while delegating processing to specified KeyManager
35   * Can be used both with server and client sockets
36   */
37  public class AliasedX509ExtendedKeyManager extends X509ExtendedKeyManager
38  {
39      private String _keyAlias;
40      private X509KeyManager _keyManager;
41  
42      /* ------------------------------------------------------------ */
43      /**
44       * Construct KeyManager instance
45       * @param keyAlias Alias of the key to be selected
46       * @param keyManager Instance of KeyManager to be wrapped
47       * @throws Exception
48       */
49      public AliasedX509ExtendedKeyManager(String keyAlias, X509KeyManager keyManager) throws Exception
50      {
51          _keyAlias = keyAlias;
52          _keyManager = keyManager;
53      }
54  
55      /* ------------------------------------------------------------ */
56      /**
57       * @see javax.net.ssl.X509KeyManager#chooseClientAlias(java.lang.String[], java.security.Principal[], java.net.Socket)
58       */
59      public String chooseClientAlias(String[] keyType, Principal[] issuers, Socket socket)
60      {
61          return _keyAlias == null ? _keyManager.chooseClientAlias(keyType, issuers, socket) : _keyAlias;
62      }
63  
64      /* ------------------------------------------------------------ */
65      /**
66       * @see javax.net.ssl.X509KeyManager#chooseServerAlias(java.lang.String, java.security.Principal[], java.net.Socket)
67       */
68      public String chooseServerAlias(String keyType, Principal[] issuers, Socket socket)
69      {
70          return _keyAlias == null ? _keyManager.chooseServerAlias(keyType, issuers, socket) : _keyAlias;
71      }
72  
73      /* ------------------------------------------------------------ */
74      /**
75       * @see javax.net.ssl.X509KeyManager#getClientAliases(java.lang.String, java.security.Principal[])
76       */
77      public String[] getClientAliases(String keyType, Principal[] issuers)
78      {
79          return _keyManager.getClientAliases(keyType, issuers);
80      }
81  
82  
83      /* ------------------------------------------------------------ */
84      /**
85       * @see javax.net.ssl.X509KeyManager#getServerAliases(java.lang.String, java.security.Principal[])
86       */
87      public String[] getServerAliases(String keyType, Principal[] issuers)
88      {
89          return _keyManager.getServerAliases(keyType, issuers);
90      }
91  
92      /* ------------------------------------------------------------ */
93      /**
94       * @see javax.net.ssl.X509KeyManager#getCertificateChain(java.lang.String)
95       */
96      public X509Certificate[] getCertificateChain(String alias)
97      {
98          return _keyManager.getCertificateChain(alias);
99      }
100 
101     /* ------------------------------------------------------------ */
102     /**
103      * @see javax.net.ssl.X509KeyManager#getPrivateKey(java.lang.String)
104      */
105     public PrivateKey getPrivateKey(String alias)
106     {
107         return _keyManager.getPrivateKey(alias);
108     }
109 
110     /* ------------------------------------------------------------ */
111     /**
112      * @see javax.net.ssl.X509ExtendedKeyManager#chooseEngineServerAlias(java.lang.String, java.security.Principal[], javax.net.ssl.SSLEngine)
113      */
114     @Override
115     public String chooseEngineServerAlias(String keyType, Principal[] issuers, SSLEngine engine)
116     {
117         return _keyAlias == null ? super.chooseEngineServerAlias(keyType,issuers,engine) : _keyAlias;
118     }
119 
120 
121     /* ------------------------------------------------------------ */
122     /**
123      * @see javax.net.ssl.X509ExtendedKeyManager#chooseEngineClientAlias(String[], Principal[], SSLEngine)
124      */
125     @Override
126     public String chooseEngineClientAlias(String keyType[], Principal[] issuers, SSLEngine engine)
127     {
128         return _keyAlias == null ? super.chooseEngineClientAlias(keyType,issuers,engine) : _keyAlias;
129     }
130 }