Package eu.emi.security.authn.x509.helpers.ssl

Class CredentialX509KeyManager

  • All Implemented Interfaces:
    javax.net.ssl.KeyManager, javax.net.ssl.X509KeyManager
    public class CredentialX509KeyManager
extends javax.net.ssl.X509ExtendedKeyManager
    Simple KeyManager implementation which always returns the only key and certificate which is available in the configured X509Credential object. Note that this class could return null in case when server provides a list of trusted issuers and our credential is not issued by any of them. However such behavior results in quite cryptic errors from the server side ("null cert chain"), so we try to authenticate with what we have always.
    Author:
    K. Benedyczak

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      java.lang.String chooseClientAlias​(java.lang.String[] keyType, java.security.Principal[] issuers, java.net.Socket socket)  
      java.lang.String chooseEngineClientAlias​(java.lang.String[] keyType, java.security.Principal[] issuers, javax.net.ssl.SSLEngine engine)  
      java.lang.String chooseEngineServerAlias​(java.lang.String keyType, java.security.Principal[] issuers, javax.net.ssl.SSLEngine engine)  
      java.lang.String chooseServerAlias​(java.lang.String keyType, java.security.Principal[] issuers, java.net.Socket socket)  
      java.security.cert.X509Certificate[] getCertificateChain​(java.lang.String alias)  
      java.lang.String[] getClientAliases​(java.lang.String keyType, java.security.Principal[] issuers)  
      java.security.PrivateKey getPrivateKey​(java.lang.String alias)  
      java.lang.String[] getServerAliases​(java.lang.String keyType, java.security.Principal[] issuers)  

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • CredentialX509KeyManager

        public CredentialX509KeyManager​(X509Credential credential)

    • Method Detail

      • chooseClientAlias

        public java.lang.String chooseClientAlias​(java.lang.String[] keyType,
                                          java.security.Principal[] issuers,
                                          java.net.Socket socket)

      • chooseServerAlias

        public java.lang.String chooseServerAlias​(java.lang.String keyType,
                                          java.security.Principal[] issuers,
                                          java.net.Socket socket)

      • getCertificateChain

        public java.security.cert.X509Certificate[] getCertificateChain​(java.lang.String alias)

      • getClientAliases

        public java.lang.String[] getClientAliases​(java.lang.String keyType,
                                           java.security.Principal[] issuers)

      • getPrivateKey

        public java.security.PrivateKey getPrivateKey​(java.lang.String alias)

      • getServerAliases

        public java.lang.String[] getServerAliases​(java.lang.String keyType,
                                           java.security.Principal[] issuers)

      • chooseEngineClientAlias

        public java.lang.String chooseEngineClientAlias​(java.lang.String[] keyType,
                                                java.security.Principal[] issuers,
                                                javax.net.ssl.SSLEngine engine)
        Overrides:
        chooseEngineClientAlias in class javax.net.ssl.X509ExtendedKeyManager

      • chooseEngineServerAlias

        public java.lang.String chooseEngineServerAlias​(java.lang.String keyType,
                                                java.security.Principal[] issuers,
                                                javax.net.ssl.SSLEngine engine)
        Overrides:
        chooseEngineServerAlias in class javax.net.ssl.X509ExtendedKeyManager