1 //======================================================================== 2 //Copyright (c) Webtide LLC 3 //------------------------------------------------------------------------ 4 //All rights reserved. This program and the accompanying materials 5 //are made available under the terms of the Eclipse Public License v1.0 6 //and Apache License v2.0 which accompanies this distribution. 7 // 8 //The Eclipse Public License is available at 9 //http://www.eclipse.org/legal/epl-v10.html 10 // 11 //The Apache License v2.0 is available at 12 //http://www.apache.org/licenses/LICENSE-2.0.txt 13 // 14 //You may elect to redistribute this code under either of these licenses. 15 //======================================================================== 16 17 package org.eclipse.jetty.http.ssl; 18 19 import java.net.Socket; 20 import java.security.Principal; 21 import java.security.PrivateKey; 22 import java.security.cert.X509Certificate; 23 24 import javax.net.ssl.SSLEngine; 25 import javax.net.ssl.X509ExtendedKeyManager; 26 import javax.net.ssl.X509KeyManager; 27 28 29 /* ------------------------------------------------------------ */ 30 /** 31 * KeyManager to select a key with desired alias 32 * while delegating processing to specified KeyManager 33 * Can be used both with server and client sockets 34 */ 35 public class AliasedX509ExtendedKeyManager extends X509ExtendedKeyManager 36 { 37 private String _keyAlias; 38 private X509KeyManager _keyManager; 39 40 /* ------------------------------------------------------------ */ 41 /** 42 * Construct KeyManager instance 43 * @param keyAlias Alias of the key to be selected 44 * @param keyManager Instance of KeyManager to be wrapped 45 * @throws Exception 46 */ 47 public AliasedX509ExtendedKeyManager(String keyAlias, X509KeyManager keyManager) throws Exception 48 { 49 _keyAlias = keyAlias; 50 _keyManager = keyManager; 51 } 52 53 /* ------------------------------------------------------------ */ 54 /** 55 * @see javax.net.ssl.X509KeyManager#chooseClientAlias(java.lang.String[], java.security.Principal[], java.net.Socket) 56 */ 57 public String chooseClientAlias(String[] keyType, Principal[] issuers, Socket socket) 58 { 59 return _keyAlias == null ? _keyManager.chooseClientAlias(keyType, issuers, socket) : _keyAlias; 60 } 61 62 /* ------------------------------------------------------------ */ 63 /** 64 * @see javax.net.ssl.X509KeyManager#chooseServerAlias(java.lang.String, java.security.Principal[], java.net.Socket) 65 */ 66 public String chooseServerAlias(String keyType, Principal[] issuers, Socket socket) 67 { 68 return _keyAlias == null ? _keyManager.chooseServerAlias(keyType, issuers, socket) : _keyAlias; 69 } 70 71 /* ------------------------------------------------------------ */ 72 /** 73 * @see javax.net.ssl.X509KeyManager#getClientAliases(java.lang.String, java.security.Principal[]) 74 */ 75 public String[] getClientAliases(String keyType, Principal[] issuers) 76 { 77 return _keyManager.getClientAliases(keyType, issuers); 78 } 79 80 81 /* ------------------------------------------------------------ */ 82 /** 83 * @see javax.net.ssl.X509KeyManager#getServerAliases(java.lang.String, java.security.Principal[]) 84 */ 85 public String[] getServerAliases(String keyType, Principal[] issuers) 86 { 87 return _keyManager.getServerAliases(keyType, issuers); 88 } 89 90 /* ------------------------------------------------------------ */ 91 /** 92 * @see javax.net.ssl.X509KeyManager#getCertificateChain(java.lang.String) 93 */ 94 public X509Certificate[] getCertificateChain(String alias) 95 { 96 return _keyManager.getCertificateChain(alias); 97 } 98 99 /* ------------------------------------------------------------ */ 100 /** 101 * @see javax.net.ssl.X509KeyManager#getPrivateKey(java.lang.String) 102 */ 103 public PrivateKey getPrivateKey(String alias) 104 { 105 return _keyManager.getPrivateKey(alias); 106 } 107 108 /* ------------------------------------------------------------ */ 109 /** 110 * @see javax.net.ssl.X509ExtendedKeyManager#chooseEngineServerAlias(java.lang.String, java.security.Principal[], javax.net.ssl.SSLEngine) 111 */ 112 @Override 113 public String chooseEngineServerAlias(String keyType, Principal[] issuers, SSLEngine engine) 114 { 115 return _keyAlias == null ? super.chooseEngineServerAlias(keyType,issuers,engine) : _keyAlias; 116 } 117 118 119 /* ------------------------------------------------------------ */ 120 /** 121 * @see javax.net.ssl.X509ExtendedKeyManager#chooseEngineClientAlias(String[], Principal[], SSLEngine) 122 */ 123 @Override 124 public String chooseEngineClientAlias(String keyType[], Principal[] issuers, SSLEngine engine) 125 { 126 return _keyAlias == null ? super.chooseEngineClientAlias(keyType,issuers,engine) : _keyAlias; 127 } 128 }