2 // ========================================================================
3 // Copyright (c) 1995-2014 Mort Bay Consulting Pty. Ltd.
4 // ------------------------------------------------------------------------
5 // All rights reserved. This program and the accompanying materials
6 // are made available under the terms of the Eclipse Public License v1.0
7 // and Apache License v2.0 which accompanies this distribution.
9 // The Eclipse Public License is available at
10 // http://www.eclipse.org/legal/epl-v10.html
12 // The Apache License v2.0 is available at
13 // http://www.opensource.org/licenses/apache2.0.php
15 // You may elect to redistribute this code under either of these licenses.
16 // ========================================================================
19 package org.eclipse.jetty.util.ssl;
21 import java.net.Socket;
22 import java.security.Principal;
23 import java.security.PrivateKey;
24 import java.security.cert.X509Certificate;
26 import javax.net.ssl.X509KeyManager;
29 /* ------------------------------------------------------------ */
31 * KeyManager to select a key with desired alias
32 * while delegating processing to specified KeyManager
33 * Can be used both with server and client sockets
35 public class AliasedX509KeyManager implements X509KeyManager
37 private String _keyAlias;
38 private X509KeyManager _keyManager;
40 /* ------------------------------------------------------------ */
42 * Construct KeyManager instance
43 * @param keyAlias Alias of the key to be selected
44 * @param keyManager Instance of KeyManager to be wrapped
47 public AliasedX509KeyManager(String keyAlias, X509KeyManager keyManager) throws Exception
50 _keyManager = keyManager;
53 /* ------------------------------------------------------------ */
55 * @see javax.net.ssl.X509KeyManager#chooseClientAlias(java.lang.String[], java.security.Principal[], java.net.Socket)
57 public String chooseClientAlias(String[] keyType, Principal[] issuers, Socket socket)
59 return _keyAlias == null ? _keyManager.chooseClientAlias(keyType, issuers, socket) : _keyAlias;
62 /* ------------------------------------------------------------ */
64 * @see javax.net.ssl.X509KeyManager#chooseServerAlias(java.lang.String, java.security.Principal[], java.net.Socket)
66 public String chooseServerAlias(String keyType, Principal[] issuers, Socket socket)
68 return _keyAlias == null ?_keyManager.chooseServerAlias(keyType, issuers, socket) : _keyAlias;
71 /* ------------------------------------------------------------ */
73 * @see javax.net.ssl.X509KeyManager#getClientAliases(java.lang.String, java.security.Principal[])
75 public String[] getClientAliases(String keyType, Principal[] issuers)
77 return _keyManager.getClientAliases(keyType, issuers);
81 /* ------------------------------------------------------------ */
83 * @see javax.net.ssl.X509KeyManager#getServerAliases(java.lang.String, java.security.Principal[])
85 public String[] getServerAliases(String keyType, Principal[] issuers)
87 return _keyManager.getServerAliases(keyType, issuers);
90 /* ------------------------------------------------------------ */
92 * @see javax.net.ssl.X509KeyManager#getCertificateChain(java.lang.String)
94 public X509Certificate[] getCertificateChain(String alias)
96 return _keyManager.getCertificateChain(alias);
99 /* ------------------------------------------------------------ */
101 * @see javax.net.ssl.X509KeyManager#getPrivateKey(java.lang.String)
103 public PrivateKey getPrivateKey(String alias)
105 return _keyManager.getPrivateKey(alias);