KeyStoreKeyManager¶
-
public class
KeyStoreKeyManager
extends KeyStoreComponent implements X509KeyManager¶ KeyStoreKeyManager implements javax.net.ssl.X509KeyManager, which manages a given key store of X509 certificate-based key pairs and authenticates the local side of a secure socket.
Author: Hugo Y. K. Lam
Constructors¶
KeyStoreKeyManager¶
-
public
KeyStoreKeyManager
(KeyStoreManager keyman)¶ Creates a new instance of KeyStoreKeyManager.
Parameters: - keyman – the key store manager used for authentication.
Throws: - KeyStoreManagementException – if the specified key store manager is null.
KeyStoreKeyManager¶
-
public
KeyStoreKeyManager
(KeyStore keyStore, String alias, String password)¶ Creates a new instance of KeyStoreKeyManager.
Parameters: - keyStore – the initialized key store used for authentication.
- alias – the alias name associated with the key.
- password – the key password.
Throws: - KeyStoreManagementException – if the specified key store is null.
Methods¶
chooseClientAlias¶
-
public String
chooseClientAlias
(String[] keyType, Principal[] issuers, Socket socket)¶ Chooses an alias to authenticate the client side of a secure socket. This method always returns the predefined alias.
Parameters: - keyType – the key algorithm type name(s), ordered with the most-preferred key type first.
- issuers – the list of acceptable CA issuer subject names or null if it does not matter which issuers are used.
- socket – the socket to be used for this connection or null.
Returns: the alias name.
chooseServerAlias¶
-
public String
chooseServerAlias
(String keyType, Principal[] issuers, Socket socket)¶ Chooses an alias to authenticate the server side of a secure socket. This method always returns the predefined alias.
Parameters: - keyType – the key algorithm type name.
- issuers – the list of acceptable CA issuer subject names or null if it does not matter which issuers are used.
- socket – the socket to be used for this connection or null.
Returns: the alias name.
getCertificateChain¶
-
public X509Certificate[]
getCertificateChain
(String alias)¶ Gets the certificate chain associated with the given alias.
Parameters: - alias – the alias name.
Returns: the certificate chain.
See also:
javax.net.ssl.X509KeyManager.getCertificateChain(java.lang.String)
getClientAliases¶
-
public String[]
getClientAliases
(String keyType, Principal[] issuers)¶ Gets the aliases for authenticating the client side of a secure socket. This method always returns the predefined alias.
Parameters: - keyType – the key algorithm type name.
- issuers – the list of acceptable CA issuer subject names or null if it does not matter which issuers are used.
Returns: the aliases for authenticating the client side of a secure socket.
See also:
javax.net.ssl.X509KeyManager.getClientAliases(java.lang.String,java.security.Principal[])
getPrivateKey¶
-
public PrivateKey
getPrivateKey
(String alias)¶ Gets the key associated with the given alias.
Parameters: - alias – the alias name.
Throws: - RuntimeException – if unable to retrieve the private key.
Returns: the private key.
See also:
javax.net.ssl.X509KeyManager.getPrivateKey(java.lang.String)
getServerAliases¶
-
public String[]
getServerAliases
(String keyType, Principal[] issuers)¶ Gets the aliases for authenticating the server side of a secure socket. This method always returns the predefined alias.
Parameters: - keyType – the key algorithm type name.
- issuers – the list of acceptable CA issuer subject names or null if it does not matter which issuers are used.
Returns: the aliases for authenticating the server side of a secure socket.
See also:
javax.net.ssl.X509KeyManager.getServerAliases(java.lang.String,java.security.Principal[])