eu.emi.security.authn.x509.helpers.ssl

Class CredentialX509KeyManager

java.lang.Object

javax.net.ssl.X509ExtendedKeyManager

eu.emi.security.authn.x509.helpers.ssl.CredentialX509KeyManager

All Implemented Interfaces:

KeyManager, X509KeyManager

public class CredentialX509KeyManager
extends X509ExtendedKeyManager

Simple KeyManager implementation which always returns the only key and certificate which is available in the configured X509Credential object. Note that this class could return null in case when server provides a list of trusted issuers and our credential is not issued by any of them. However such behavior results in quite cryptic errors from the server side ("null cert chain"), so we try to authenticate with what we have always.

Author:

K. Benedyczak

Constructor Summary

Constructors

Constructor and Description
CredentialX509KeyManager(X509Credential credential)

Method Summary

Modifier and Type	Method and Description
String	chooseClientAlias(String[] keyType, Principal[] issuers, Socket socket)
String	chooseEngineClientAlias(String[] keyType, Principal[] issuers, SSLEngine engine)
String	chooseEngineServerAlias(String keyType, Principal[] issuers, SSLEngine engine)
String	chooseServerAlias(String keyType, Principal[] issuers, Socket socket)
X509Certificate[]	getCertificateChain(String alias)
String[]	getClientAliases(String keyType, Principal[] issuers)
PrivateKey	getPrivateKey(String alias)
String[]	getServerAliases(String keyType, Principal[] issuers)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

CredentialX509KeyManager

public CredentialX509KeyManager(X509Credential credential)

Method Detail

chooseClientAlias

public String chooseClientAlias(String[] keyType,
                                Principal[] issuers,
                                Socket socket)

chooseServerAlias

public String chooseServerAlias(String keyType,
                                Principal[] issuers,
                                Socket socket)

getCertificateChain

public X509Certificate[] getCertificateChain(String alias)

getClientAliases

public String[] getClientAliases(String keyType,
                                 Principal[] issuers)

getPrivateKey

public PrivateKey getPrivateKey(String alias)

getServerAliases

public String[] getServerAliases(String keyType,
                                 Principal[] issuers)

chooseEngineClientAlias

public String chooseEngineClientAlias(String[] keyType,
                                      Principal[] issuers,
                                      SSLEngine engine)

Overrides:

chooseEngineClientAlias in class X509ExtendedKeyManager

chooseEngineServerAlias

public String chooseEngineServerAlias(String keyType,
                                      Principal[] issuers,
                                      SSLEngine engine)

Overrides:

chooseEngineServerAlias in class X509ExtendedKeyManager