View Javadoc

1   //
2   //  ========================================================================
3   //  Copyright (c) 1995-2016 Mort Bay Consulting Pty. Ltd.
4   //  ------------------------------------------------------------------------
5   //  All rights reserved. This program and the accompanying materials
6   //  are made available under the terms of the Eclipse Public License v1.0
7   //  and Apache License v2.0 which accompanies this distribution.
8   //
9   //      The Eclipse Public License is available at
10  //      http://www.eclipse.org/legal/epl-v10.html
11  //
12  //      The Apache License v2.0 is available at
13  //      http://www.opensource.org/licenses/apache2.0.php
14  //
15  //  You may elect to redistribute this code under either of these licenses.
16  //  ========================================================================
17  //
18  
19  package org.eclipse.jetty.util.ssl;
20  
21  import java.net.Socket;
22  import java.security.Principal;
23  import java.security.PrivateKey;
24  import java.security.cert.X509Certificate;
25  
26  import javax.net.ssl.SSLEngine;
27  import javax.net.ssl.X509ExtendedKeyManager;
28  
29  /**
30   * <p>An {@link X509ExtendedKeyManager} that select a key with desired alias,
31   * delegating other processing to a nested X509ExtendedKeyManager.</p>
32   * <p>Can be used both with server and client sockets.</p>
33   */
34  public class AliasedX509ExtendedKeyManager extends X509ExtendedKeyManager
35  {
36      private final String _alias;
37      private final X509ExtendedKeyManager _delegate;
38  
39      public AliasedX509ExtendedKeyManager(X509ExtendedKeyManager keyManager, String keyAlias)
40      {
41          _alias = keyAlias;
42          _delegate = keyManager;
43      }
44  
45      public X509ExtendedKeyManager getDelegate()
46      {
47          return _delegate;
48      }
49  
50      @Override
51      public String chooseClientAlias(String[] keyType, Principal[] issuers, Socket socket)
52      {
53          if (_alias==null)
54              return _delegate.chooseClientAlias(keyType,issuers,socket);
55  
56          for (String kt : keyType)
57          {
58              String[] aliases = _delegate.getClientAliases(kt,issuers);
59              if (aliases!=null)
60              {
61                  for (String a:aliases)
62                      if (_alias.equals(a))
63                          return _alias;
64              }
65          }
66  
67          return null;
68      }
69  
70      @Override
71      public String chooseServerAlias(String keyType, Principal[] issuers, Socket socket)
72      {
73          if (_alias==null)
74              return _delegate.chooseServerAlias(keyType,issuers,socket);
75  
76          String[] aliases = _delegate.getServerAliases(keyType,issuers);
77          if (aliases!=null)
78          {
79              for (String a:aliases)
80                  if (_alias.equals(a))
81                      return _alias;
82          }
83  
84          return null;
85      }
86  
87      @Override
88      public String[] getClientAliases(String keyType, Principal[] issuers)
89      {
90          return _delegate.getClientAliases(keyType, issuers);
91      }
92  
93      @Override
94      public String[] getServerAliases(String keyType, Principal[] issuers)
95      {
96          return _delegate.getServerAliases(keyType, issuers);
97      }
98  
99      @Override
100     public X509Certificate[] getCertificateChain(String alias)
101     {
102         return _delegate.getCertificateChain(alias);
103     }
104 
105     @Override
106     public PrivateKey getPrivateKey(String alias)
107     {
108         return _delegate.getPrivateKey(alias);
109     }
110 
111     @Override
112     public String chooseEngineServerAlias(String keyType, Principal[] issuers, SSLEngine engine)
113     {
114         if (_alias==null)
115             return _delegate.chooseEngineServerAlias(keyType,issuers,engine);
116 
117         String[] aliases = _delegate.getServerAliases(keyType,issuers);
118         if (aliases!=null)
119         {
120             for (String a:aliases)
121                 if (_alias.equals(a))
122                     return _alias;
123         }
124 
125         return null;
126     }
127 
128     @Override
129     public String chooseEngineClientAlias(String keyType[], Principal[] issuers, SSLEngine engine)
130     {
131         if (_alias==null)
132             return _delegate.chooseEngineClientAlias(keyType,issuers,engine);
133 
134         for (String kt : keyType)
135         {
136             String[] aliases = _delegate.getClientAliases(kt,issuers);
137             if (aliases!=null)
138             {
139                 for (String a:aliases)
140                     if (_alias.equals(a))
141                         return _alias;
142             }
143         }
144 
145         return null;
146     }
147 }