eu.emi.security.authn.x509.helpers.ssl
Class CredentialX509KeyManager

java.lang.Object
  extended by javax.net.ssl.X509ExtendedKeyManager
      extended by eu.emi.security.authn.x509.helpers.ssl.CredentialX509KeyManager
All Implemented Interfaces:
KeyManager, X509KeyManager

public class CredentialX509KeyManager
extends X509ExtendedKeyManager

Simple KeyManager implementation which always returns the only key and certificate which is available in the configured X509Credential object. Note that this class could return null in case when server provides a list of trusted issuers and our credential is not issued by any of them. However such behavior results in quite cryptic errors from the server side ("null cert chain"), so we try to authenticate with what we have always.

Author:
K. Benedyczak

Constructor Summary
CredentialX509KeyManager(X509Credential credential)
           
 
Method Summary
 String chooseClientAlias(String[] keyType, Principal[] issuers, Socket socket)
           
 String chooseEngineClientAlias(String[] keyType, Principal[] issuers, SSLEngine engine)
           
 String chooseEngineServerAlias(String keyType, Principal[] issuers, SSLEngine engine)
           
 String chooseServerAlias(String keyType, Principal[] issuers, Socket socket)
           
 X509Certificate[] getCertificateChain(String alias)
           
 String[] getClientAliases(String keyType, Principal[] issuers)
           
 PrivateKey getPrivateKey(String alias)
           
 String[] getServerAliases(String keyType, Principal[] issuers)
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

CredentialX509KeyManager

public CredentialX509KeyManager(X509Credential credential)
Method Detail

chooseClientAlias

public String chooseClientAlias(String[] keyType,
                                Principal[] issuers,
                                Socket socket)

chooseServerAlias

public String chooseServerAlias(String keyType,
                                Principal[] issuers,
                                Socket socket)

getCertificateChain

public X509Certificate[] getCertificateChain(String alias)

getClientAliases

public String[] getClientAliases(String keyType,
                                 Principal[] issuers)

getPrivateKey

public PrivateKey getPrivateKey(String alias)

getServerAliases

public String[] getServerAliases(String keyType,
                                 Principal[] issuers)

chooseEngineClientAlias

public String chooseEngineClientAlias(String[] keyType,
                                      Principal[] issuers,
                                      SSLEngine engine)
Overrides:
chooseEngineClientAlias in class X509ExtendedKeyManager

chooseEngineServerAlias

public String chooseEngineServerAlias(String keyType,
                                      Principal[] issuers,
                                      SSLEngine engine)
Overrides:
chooseEngineServerAlias in class X509ExtendedKeyManager


Copyright © 2012-2013 European Middleware Initiative. All Rights Reserved.