Jake Slack | 03928ae | 2014-05-13 18:41:56 -0700 | [diff] [blame] | 1 | // |
| 2 | // ======================================================================== |
| 3 | // Copyright (c) 1995-2014 Mort Bay Consulting Pty. Ltd. |
| 4 | // ------------------------------------------------------------------------ |
| 5 | // All rights reserved. This program and the accompanying materials |
| 6 | // are made available under the terms of the Eclipse Public License v1.0 |
| 7 | // and Apache License v2.0 which accompanies this distribution. |
| 8 | // |
| 9 | // The Eclipse Public License is available at |
| 10 | // http://www.eclipse.org/legal/epl-v10.html |
| 11 | // |
| 12 | // The Apache License v2.0 is available at |
| 13 | // http://www.opensource.org/licenses/apache2.0.php |
| 14 | // |
| 15 | // You may elect to redistribute this code under either of these licenses. |
| 16 | // ======================================================================== |
| 17 | // |
| 18 | |
| 19 | package org.eclipse.jetty.util.ssl; |
| 20 | |
| 21 | import java.net.Socket; |
| 22 | import java.security.Principal; |
| 23 | import java.security.PrivateKey; |
| 24 | import java.security.cert.X509Certificate; |
| 25 | |
| 26 | import javax.net.ssl.X509KeyManager; |
| 27 | |
| 28 | |
| 29 | /* ------------------------------------------------------------ */ |
| 30 | /** |
| 31 | * KeyManager to select a key with desired alias |
| 32 | * while delegating processing to specified KeyManager |
| 33 | * Can be used both with server and client sockets |
| 34 | */ |
| 35 | public class AliasedX509KeyManager implements X509KeyManager |
| 36 | { |
| 37 | private String _keyAlias; |
| 38 | private X509KeyManager _keyManager; |
| 39 | |
| 40 | /* ------------------------------------------------------------ */ |
| 41 | /** |
| 42 | * Construct KeyManager instance |
| 43 | * @param keyAlias Alias of the key to be selected |
| 44 | * @param keyManager Instance of KeyManager to be wrapped |
| 45 | * @throws Exception |
| 46 | */ |
| 47 | public AliasedX509KeyManager(String keyAlias, X509KeyManager keyManager) throws Exception |
| 48 | { |
| 49 | _keyAlias = keyAlias; |
| 50 | _keyManager = keyManager; |
| 51 | } |
| 52 | |
| 53 | /* ------------------------------------------------------------ */ |
| 54 | /** |
| 55 | * @see javax.net.ssl.X509KeyManager#chooseClientAlias(java.lang.String[], java.security.Principal[], java.net.Socket) |
| 56 | */ |
| 57 | public String chooseClientAlias(String[] keyType, Principal[] issuers, Socket socket) |
| 58 | { |
| 59 | return _keyAlias == null ? _keyManager.chooseClientAlias(keyType, issuers, socket) : _keyAlias; |
| 60 | } |
| 61 | |
| 62 | /* ------------------------------------------------------------ */ |
| 63 | /** |
| 64 | * @see javax.net.ssl.X509KeyManager#chooseServerAlias(java.lang.String, java.security.Principal[], java.net.Socket) |
| 65 | */ |
| 66 | public String chooseServerAlias(String keyType, Principal[] issuers, Socket socket) |
| 67 | { |
| 68 | return _keyAlias == null ?_keyManager.chooseServerAlias(keyType, issuers, socket) : _keyAlias; |
| 69 | } |
| 70 | |
| 71 | /* ------------------------------------------------------------ */ |
| 72 | /** |
| 73 | * @see javax.net.ssl.X509KeyManager#getClientAliases(java.lang.String, java.security.Principal[]) |
| 74 | */ |
| 75 | public String[] getClientAliases(String keyType, Principal[] issuers) |
| 76 | { |
| 77 | return _keyManager.getClientAliases(keyType, issuers); |
| 78 | } |
| 79 | |
| 80 | |
| 81 | /* ------------------------------------------------------------ */ |
| 82 | /** |
| 83 | * @see javax.net.ssl.X509KeyManager#getServerAliases(java.lang.String, java.security.Principal[]) |
| 84 | */ |
| 85 | public String[] getServerAliases(String keyType, Principal[] issuers) |
| 86 | { |
| 87 | return _keyManager.getServerAliases(keyType, issuers); |
| 88 | } |
| 89 | |
| 90 | /* ------------------------------------------------------------ */ |
| 91 | /** |
| 92 | * @see javax.net.ssl.X509KeyManager#getCertificateChain(java.lang.String) |
| 93 | */ |
| 94 | public X509Certificate[] getCertificateChain(String alias) |
| 95 | { |
| 96 | return _keyManager.getCertificateChain(alias); |
| 97 | } |
| 98 | |
| 99 | /* ------------------------------------------------------------ */ |
| 100 | /** |
| 101 | * @see javax.net.ssl.X509KeyManager#getPrivateKey(java.lang.String) |
| 102 | */ |
| 103 | public PrivateKey getPrivateKey(String alias) |
| 104 | { |
| 105 | return _keyManager.getPrivateKey(alias); |
| 106 | } |
| 107 | } |