Source code

001/**
002 * Licensed to the Apache Software Foundation (ASF) under one or more
003 * contributor license agreements.  See the NOTICE file distributed with
004 * this work for additional information regarding copyright ownership.
005 * The ASF licenses this file to You under the Apache License, Version 2.0
006 * (the "License"); you may not use this file except in compliance with
007 * the License.  You may obtain a copy of the License at
008 *
009 *      http://www.apache.org/licenses/LICENSE-2.0
010 *
011 * Unless required by applicable law or agreed to in writing, software
012 * distributed under the License is distributed on an "AS IS" BASIS,
013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014 * See the License for the specific language governing permissions and
015 * limitations under the License.
016 */
017package org.apache.camel.util.jsse;
018
019import java.net.Socket;
020import java.security.Principal;
021import java.security.PrivateKey;
022import java.security.cert.X509Certificate;
023
024import javax.net.ssl.SSLEngine;
025import javax.net.ssl.X509ExtendedKeyManager;
026import javax.net.ssl.X509KeyManager;
027
028/* ------------------------------------------------------------ */
029/**
030 * KeyManager to select a key with desired alias while delegating processing to specified KeyManager Can be
031 * used both with server and client sockets
032 */
033public class AliasedX509ExtendedKeyManager extends X509ExtendedKeyManager {
034    private String keyAlias;
035    private X509KeyManager keyManager;
036
037    /* ------------------------------------------------------------ */
038    /**
039     * Construct KeyManager instance
040     * 
041     * @param keyAlias Alias of the key to be selected
042     * @param keyManager Instance of KeyManager to be wrapped
043     * @throws Exception
044     */
045    public AliasedX509ExtendedKeyManager(String keyAlias, X509KeyManager keyManager) throws Exception {
046        this.keyAlias = keyAlias;
047        this.keyManager = keyManager;
048    }
049
050    /* ------------------------------------------------------------ */
051    /**
052     * @see javax.net.ssl.X509KeyManager#chooseClientAlias(java.lang.String[], java.security.Principal[],
053     *      java.net.Socket)
054     */
055    public String chooseClientAlias(String[] keyType, Principal[] issuers, Socket socket) {
056        return keyAlias == null ? keyManager.chooseClientAlias(keyType, issuers, socket) : keyAlias;
057    }
058
059    /* ------------------------------------------------------------ */
060    /**
061     * @see javax.net.ssl.X509KeyManager#chooseServerAlias(java.lang.String, java.security.Principal[],
062     *      java.net.Socket)
063     */
064    public String chooseServerAlias(String keyType, Principal[] issuers, Socket socket) {
065        return keyAlias == null ? keyManager.chooseServerAlias(keyType, issuers, socket) : keyAlias;
066    }
067
068    /* ------------------------------------------------------------ */
069    /**
070     * @see javax.net.ssl.X509KeyManager#getClientAliases(java.lang.String, java.security.Principal[])
071     */
072    public String[] getClientAliases(String keyType, Principal[] issuers) {
073        return keyManager.getClientAliases(keyType, issuers);
074    }
075
076    /* ------------------------------------------------------------ */
077    /**
078     * @see javax.net.ssl.X509KeyManager#getServerAliases(java.lang.String, java.security.Principal[])
079     */
080    public String[] getServerAliases(String keyType, Principal[] issuers) {
081        return keyManager.getServerAliases(keyType, issuers);
082    }
083
084    /* ------------------------------------------------------------ */
085    /**
086     * @see javax.net.ssl.X509KeyManager#getCertificateChain(java.lang.String)
087     */
088    public X509Certificate[] getCertificateChain(String alias) {
089        return keyManager.getCertificateChain(alias);
090    }
091
092    /* ------------------------------------------------------------ */
093    /**
094     * @see javax.net.ssl.X509KeyManager#getPrivateKey(java.lang.String)
095     */
096    public PrivateKey getPrivateKey(String alias) {
097        return keyManager.getPrivateKey(alias);
098    }
099
100    /* ------------------------------------------------------------ */
101    /**
102     * @see javax.net.ssl.X509ExtendedKeyManager#chooseEngineServerAlias(java.lang.String,
103     *      java.security.Principal[], javax.net.ssl.SSLEngine)
104     */
105    @Override
106    public String chooseEngineServerAlias(String keyType, Principal[] issuers, SSLEngine engine) {
107        return keyAlias == null ? super.chooseEngineServerAlias(keyType, issuers, engine) : keyAlias;
108    }
109
110    /* ------------------------------------------------------------ */
111    /**
112     * @see javax.net.ssl.X509ExtendedKeyManager#chooseEngineClientAlias(String[], Principal[], SSLEngine)
113     */
114    @Override
115    public String chooseEngineClientAlias(String keyType[], Principal[] issuers, SSLEngine engine) {
116        return keyAlias == null ? super.chooseEngineClientAlias(keyType, issuers, engine) : keyAlias;
117    }
118}