|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectjavax.net.ssl.X509ExtendedKeyManager
org.apache.ftpserver.ssl.impl.ExtendedAliasKeyManager
public final class ExtendedAliasKeyManager
Internal class, do not use directly. X509KeyManager which allows selection of a specific keypair and certificate chain (identified by their keystore alias name) to be used by the server to authenticate itself to SSL clients. Based of org.apache.tomcat.util.net.jsse.JSSEKeyManager.
Constructor Summary | |
---|---|
ExtendedAliasKeyManager(KeyManager mgr,
String keyAlias)
Constructor. |
Method Summary | |
---|---|
String |
chooseClientAlias(String[] keyType,
Principal[] issuers,
Socket socket)
Choose an alias to authenticate the client side of a secure socket, given the public key type and the list of certificate issuer authorities recognized by the peer (if any). |
String |
chooseEngineClientAlias(String[] keyType,
Principal[] issuers,
SSLEngine engine)
Choose an alias to authenticate the client side of a secure socket, given the public key type and the list of certificate issuer authorities recognized by the peer (if any). |
String |
chooseEngineServerAlias(String keyType,
Principal[] issuers,
SSLEngine engine)
Returns this key manager's server key alias that was provided in the constructor if matching the key type. |
String |
chooseServerAlias(String keyType,
Principal[] issuers,
Socket socket)
Returns this key manager's server key alias that was provided in the constructor if matching the key type. |
X509Certificate[] |
getCertificateChain(String alias)
Returns the certificate chain associated with the given alias. |
String[] |
getClientAliases(String keyType,
Principal[] issuers)
Get the matching aliases for authenticating the client side of a secure socket, given the public key type and the list of certificate issuer authorities recognized by the peer (if any). |
PrivateKey |
getPrivateKey(String alias)
Returns the key associated with the given alias. |
String[] |
getServerAliases(String keyType,
Principal[] issuers)
Get the matching aliases for authenticating the server side of a secure socket, given the public key type and the list of certificate issuer authorities recognized by the peer (if any). |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public ExtendedAliasKeyManager(KeyManager mgr, String keyAlias)
mgr
- The X509KeyManager used as a delegatekeyStore
- serverKeyAlias
- The alias name of the server's keypair and supporting
certificate chainkeyAlias
- Method Detail |
---|
public String chooseClientAlias(String[] keyType, Principal[] issuers, Socket socket)
keyType
- The key algorithm type name(s), ordered with the
most-preferred key type firstissuers
- The list of acceptable CA issuer subject names, or null if it
does not matter which issuers are usedsocket
- The socket to be used for this connection. This parameter can
be null, in which case this method will return the most
generic alias to use
public String chooseServerAlias(String keyType, Principal[] issuers, Socket socket)
keyType
- The key algorithm type nameissuers
- The list of acceptable CA issuer subject names, or null if it
does not matter which issuers are used (ignored)socket
- The socket to be used for this connection. This parameter can
be null, in which case this method will return the most
generic alias to use (ignored)
public X509Certificate[] getCertificateChain(String alias)
alias
- The alias name
public String[] getClientAliases(String keyType, Principal[] issuers)
keyType
- The key algorithm type nameissuers
- The list of acceptable CA issuer subject names, or null if it
does not matter which issuers are used
public String[] getServerAliases(String keyType, Principal[] issuers)
keyType
- The key algorithm type nameissuers
- The list of acceptable CA issuer subject names, or null if it
does not matter which issuers are used
public PrivateKey getPrivateKey(String alias)
alias
- The alias name
public String chooseEngineClientAlias(String[] keyType, Principal[] issuers, SSLEngine engine)
chooseEngineClientAlias
in class X509ExtendedKeyManager
keyType
- The key algorithm type nameissuers
- The list of acceptable CA issuer subject names, or null if it
does not matter which issuers are used (ignored)socket
- The socket to be used for this connection. This parameter can
be null, in which case this method will return the most
generic alias to use (ignored)
public String chooseEngineServerAlias(String keyType, Principal[] issuers, SSLEngine engine)
chooseEngineServerAlias
in class X509ExtendedKeyManager
keyType
- The key algorithm type nameissuers
- The list of acceptable CA issuer subject names, or null if it
does not matter which issuers are used (ignored)socket
- The socket to be used for this connection. This parameter can
be null, in which case this method will return the most
generic alias to use (ignored)
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |