1 /*- 2 * See the file LICENSE for redistribution information. 3 * 4 * Copyright (c) 2002, 2013 Oracle and/or its affiliates. All rights reserved. 5 * 6 */ 7 8 package com.sleepycat.je.rep.utilint.net; 9 10 import java.security.PrivateKey; 11 import java.security.Principal; 12 import java.security.cert.X509Certificate; 13 import java.net.Socket; 14 15 import javax.net.ssl.SSLEngine; 16 import javax.net.ssl.X509ExtendedKeyManager; 17 18 /** 19 * An implementation of X509ExtendedKeyManager which delegates most operations 20 * to an underlying implementation, but which supports explicit selection of 21 * alias. 22 */ 23 public class AliasKeyManager extends X509ExtendedKeyManager { 24 25 private final X509ExtendedKeyManager delegateKeyManager; 26 private final String serverAlias; 27 private final String clientAlias; 28 29 /** 30 * Constructor. 31 * @param delegateKeyManager the underlying key manager to fulfill key 32 * retrieval requests 33 * @param serverAlias the alias to return for server context requests 34 * @param clientAlias the alias to return for client context requests 35 */ AliasKeyManager(X509ExtendedKeyManager delegateKeyManager, String serverAlias, String clientAlias)36 public AliasKeyManager(X509ExtendedKeyManager delegateKeyManager, 37 String serverAlias, 38 String clientAlias) { 39 this.delegateKeyManager = delegateKeyManager; 40 this.serverAlias = serverAlias; 41 this.clientAlias = clientAlias; 42 } 43 44 @Override getClientAliases(String keyType, Principal[] issuers)45 public String[] getClientAliases(String keyType, Principal[] issuers) { 46 return delegateKeyManager.getClientAliases(keyType, issuers); 47 } 48 49 @Override chooseClientAlias( String[] keyType, Principal[] issuers, Socket socket)50 public String chooseClientAlias( 51 String[] keyType, Principal[] issuers, Socket socket) { 52 if (clientAlias != null) { 53 return clientAlias; 54 } 55 56 return delegateKeyManager.chooseClientAlias(keyType, issuers, socket); 57 } 58 59 @Override getServerAliases(String keyType, Principal[] issuers)60 public String[] getServerAliases(String keyType, Principal[] issuers) { 61 return delegateKeyManager.getServerAliases(keyType, issuers); 62 } 63 64 @Override chooseServerAlias( String keyType, Principal[] issuers, Socket socket)65 public String chooseServerAlias( 66 String keyType, Principal[] issuers, Socket socket) { 67 68 if (serverAlias != null) { 69 return serverAlias; 70 } 71 72 return delegateKeyManager.chooseServerAlias(keyType, issuers, socket); 73 } 74 75 @Override getCertificateChain(String alias)76 public X509Certificate[] getCertificateChain(String alias) { 77 return delegateKeyManager.getCertificateChain(alias); 78 } 79 80 @Override getPrivateKey(String alias)81 public PrivateKey getPrivateKey(String alias) { 82 return delegateKeyManager.getPrivateKey(alias); 83 } 84 85 @Override chooseEngineClientAlias(String[] keyType, Principal[] issuers, SSLEngine engine)86 public String chooseEngineClientAlias(String[] keyType, 87 Principal[] issuers, 88 SSLEngine engine) { 89 if (clientAlias != null) { 90 return clientAlias; 91 } 92 return delegateKeyManager. 93 chooseEngineClientAlias(keyType, issuers, engine); 94 } 95 96 @Override chooseEngineServerAlias(String keyType, Principal[] issuers, SSLEngine engine)97 public String chooseEngineServerAlias(String keyType, 98 Principal[] issuers, 99 SSLEngine engine) { 100 if (serverAlias != null) { 101 return serverAlias; 102 } 103 return delegateKeyManager. 104 chooseEngineServerAlias(keyType, issuers, engine); 105 } 106 } 107