KeyStoreKeyManager

public class KeyStoreKeyManager extends KeyStoreComponent implements X509KeyManager

KeyStoreKeyManager implements javax.net.ssl.X509KeyManager, which manages a given key store of X509 certificate-based key pairs and authenticates the local side of a secure socket.

Author:Hugo Y. K. Lam

Constructors

KeyStoreKeyManager

public KeyStoreKeyManager()

Creates a new instance of KeyStoreKeyManager.

KeyStoreKeyManager

public KeyStoreKeyManager(KeyStoreManager keyman)

Creates a new instance of KeyStoreKeyManager.

Parameters:
  • keyman – the key store manager used for authentication.
Throws:
  • KeyStoreManagementException – if the specified key store manager is null.

KeyStoreKeyManager

public KeyStoreKeyManager(KeyStore keyStore, String alias, String password)

Creates a new instance of KeyStoreKeyManager.

Parameters:
  • keyStore – the initialized key store used for authentication.
  • alias – the alias name associated with the key.
  • password – the key password.
Throws:
  • KeyStoreManagementException – if the specified key store is null.

Methods

chooseClientAlias

public String chooseClientAlias(String[] keyType, Principal[] issuers, Socket socket)

Chooses an alias to authenticate the client side of a secure socket. This method always returns the predefined alias.

Parameters:
  • keyType – the key algorithm type name(s), ordered with the most-preferred key type first.
  • issuers – the list of acceptable CA issuer subject names or null if it does not matter which issuers are used.
  • socket – the socket to be used for this connection or null.
Returns:

the alias name.

See also: javax.net.ssl.X509KeyManager.chooseClientAlias(java.lang.String[],java.security.Principal[],java.net.Socket)

chooseServerAlias

public String chooseServerAlias(String keyType, Principal[] issuers, Socket socket)

Chooses an alias to authenticate the server side of a secure socket. This method always returns the predefined alias.

Parameters:
  • keyType – the key algorithm type name.
  • issuers – the list of acceptable CA issuer subject names or null if it does not matter which issuers are used.
  • socket – the socket to be used for this connection or null.
Returns:

the alias name.

See also: javax.net.ssl.X509KeyManager.chooseServerAlias(java.lang.String,java.security.Principal[],java.net.Socket)

getCertificateChain

public X509Certificate[] getCertificateChain(String alias)

Gets the certificate chain associated with the given alias.

Parameters:
  • alias – the alias name.
Returns:

the certificate chain.

See also: javax.net.ssl.X509KeyManager.getCertificateChain(java.lang.String)

getClientAliases

public String[] getClientAliases(String keyType, Principal[] issuers)

Gets the aliases for authenticating the client side of a secure socket. This method always returns the predefined alias.

Parameters:
  • keyType – the key algorithm type name.
  • issuers – the list of acceptable CA issuer subject names or null if it does not matter which issuers are used.
Returns:

the aliases for authenticating the client side of a secure socket.

See also: javax.net.ssl.X509KeyManager.getClientAliases(java.lang.String,java.security.Principal[])

getPrivateKey

public PrivateKey getPrivateKey(String alias)

Gets the key associated with the given alias.

Parameters:
  • alias – the alias name.
Throws:
Returns:

the private key.

See also: javax.net.ssl.X509KeyManager.getPrivateKey(java.lang.String)

getServerAliases

public String[] getServerAliases(String keyType, Principal[] issuers)

Gets the aliases for authenticating the server side of a secure socket. This method always returns the predefined alias.

Parameters:
  • keyType – the key algorithm type name.
  • issuers – the list of acceptable CA issuer subject names or null if it does not matter which issuers are used.
Returns:

the aliases for authenticating the server side of a secure socket.

See also: javax.net.ssl.X509KeyManager.getServerAliases(java.lang.String,java.security.Principal[])