public class ClientKeyManager extends Object implements X509KeyManager
Constructor and Description |
---|
ClientKeyManager(HomeSP homeSP,
KeyStore keyStore) |
Modifier and Type | Method and Description |
---|---|
String |
chooseClientAlias(String[] keyType,
Principal[] issuers,
Socket socket)
Choose an alias to authenticate the client side of a secure
socket given the public key type and the list of
certificate issuer authorities recognized by the peer (if any).
|
String |
chooseServerAlias(String keyType,
Principal[] issuers,
Socket socket)
Choose an alias to authenticate the server side of a secure
socket given the public key type and the list of
certificate issuer authorities recognized by the peer (if any).
|
X509Certificate[] |
getCertificateChain(String alias)
Returns the certificate chain associated with the given alias.
|
String[] |
getClientAliases(String keyType,
Principal[] issuers)
Get the matching aliases for authenticating the client side of a secure
socket given the public key type and the list of
certificate issuer authorities recognized by the peer (if any).
|
PrivateKey |
getPrivateKey(String alias)
Returns the key associated with the given alias.
|
String[] |
getServerAliases(String keyType,
Principal[] issuers)
Get the matching aliases for authenticating the server side of a secure
socket given the public key type and the list of
certificate issuer authorities recognized by the peer (if any).
|
void |
reloadKeys(Map<OSUCertType,List<X509Certificate>> certs,
PrivateKey key) |
public ClientKeyManager(HomeSP homeSP, KeyStore keyStore) throws IOException
IOException
public void reloadKeys(Map<OSUCertType,List<X509Certificate>> certs, PrivateKey key) throws IOException
IOException
public String chooseClientAlias(String[] keyType, Principal[] issuers, Socket socket)
X509KeyManager
chooseClientAlias
in interface X509KeyManager
keyType
- the key algorithm type name(s), ordered
with the most-preferred key type first.issuers
- the list of acceptable CA issuer subject names
or null if it does not matter which issuers are used.socket
- the socket to be used for this connection. This
parameter can be null, which indicates that
implementations are free to select an alias applicable
to any socket.public String[] getClientAliases(String keyType, Principal[] issuers)
X509KeyManager
getClientAliases
in interface X509KeyManager
keyType
- the key algorithm type nameissuers
- the list of acceptable CA issuer subject names,
or null if it does not matter which issuers are used.public String chooseServerAlias(String keyType, Principal[] issuers, Socket socket)
X509KeyManager
chooseServerAlias
in interface X509KeyManager
keyType
- the key algorithm type name.issuers
- the list of acceptable CA issuer subject names
or null if it does not matter which issuers are used.socket
- the socket to be used for this connection. This
parameter can be null, which indicates that
implementations are free to select an alias applicable
to any socket.public String[] getServerAliases(String keyType, Principal[] issuers)
X509KeyManager
getServerAliases
in interface X509KeyManager
keyType
- the key algorithm type nameissuers
- the list of acceptable CA issuer subject names
or null if it does not matter which issuers are used.public X509Certificate[] getCertificateChain(String alias)
X509KeyManager
getCertificateChain
in interface X509KeyManager
alias
- the alias namepublic PrivateKey getPrivateKey(String alias)
X509KeyManager
getPrivateKey
in interface X509KeyManager
alias
- the alias name