001 /** 002 * Licensed to the Apache Software Foundation (ASF) under one or more 003 * contributor license agreements. See the NOTICE file distributed with 004 * this work for additional information regarding copyright ownership. 005 * The ASF licenses this file to You under the Apache License, Version 2.0 006 * (the "License"); you may not use this file except in compliance with 007 * the License. You may obtain a copy of the License at 008 * 009 * http://www.apache.org/licenses/LICENSE-2.0 010 * 011 * Unless required by applicable law or agreed to in writing, software 012 * distributed under the License is distributed on an "AS IS" BASIS, 013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 014 * See the License for the specific language governing permissions and 015 * limitations under the License. 016 */ 017 package org.apache.camel.util.jsse; 018 019 import java.net.Socket; 020 import java.security.Principal; 021 import java.security.PrivateKey; 022 import java.security.cert.X509Certificate; 023 024 import javax.net.ssl.SSLEngine; 025 import javax.net.ssl.X509ExtendedKeyManager; 026 import javax.net.ssl.X509KeyManager; 027 028 /* ------------------------------------------------------------ */ 029 /** 030 * KeyManager to select a key with desired alias while delegating processing to specified KeyManager Can be 031 * used both with server and client sockets 032 */ 033 public class AliasedX509ExtendedKeyManager extends X509ExtendedKeyManager { 034 private String keyAlias; 035 private X509KeyManager keyManager; 036 037 /* ------------------------------------------------------------ */ 038 /** 039 * Construct KeyManager instance 040 * 041 * @param keyAlias Alias of the key to be selected 042 * @param keyManager Instance of KeyManager to be wrapped 043 * @throws Exception 044 */ 045 public AliasedX509ExtendedKeyManager(String keyAlias, X509KeyManager keyManager) throws Exception { 046 this.keyAlias = keyAlias; 047 this.keyManager = keyManager; 048 } 049 050 /* ------------------------------------------------------------ */ 051 /** 052 * @see javax.net.ssl.X509KeyManager#chooseClientAlias(java.lang.String[], java.security.Principal[], 053 * java.net.Socket) 054 */ 055 public String chooseClientAlias(String[] keyType, Principal[] issuers, Socket socket) { 056 return keyAlias == null ? keyManager.chooseClientAlias(keyType, issuers, socket) : keyAlias; 057 } 058 059 /* ------------------------------------------------------------ */ 060 /** 061 * @see javax.net.ssl.X509KeyManager#chooseServerAlias(java.lang.String, java.security.Principal[], 062 * java.net.Socket) 063 */ 064 public String chooseServerAlias(String keyType, Principal[] issuers, Socket socket) { 065 return keyAlias == null ? keyManager.chooseServerAlias(keyType, issuers, socket) : keyAlias; 066 } 067 068 /* ------------------------------------------------------------ */ 069 /** 070 * @see javax.net.ssl.X509KeyManager#getClientAliases(java.lang.String, java.security.Principal[]) 071 */ 072 public String[] getClientAliases(String keyType, Principal[] issuers) { 073 return keyManager.getClientAliases(keyType, issuers); 074 } 075 076 /* ------------------------------------------------------------ */ 077 /** 078 * @see javax.net.ssl.X509KeyManager#getServerAliases(java.lang.String, java.security.Principal[]) 079 */ 080 public String[] getServerAliases(String keyType, Principal[] issuers) { 081 return keyManager.getServerAliases(keyType, issuers); 082 } 083 084 /* ------------------------------------------------------------ */ 085 /** 086 * @see javax.net.ssl.X509KeyManager#getCertificateChain(java.lang.String) 087 */ 088 public X509Certificate[] getCertificateChain(String alias) { 089 return keyManager.getCertificateChain(alias); 090 } 091 092 /* ------------------------------------------------------------ */ 093 /** 094 * @see javax.net.ssl.X509KeyManager#getPrivateKey(java.lang.String) 095 */ 096 public PrivateKey getPrivateKey(String alias) { 097 return keyManager.getPrivateKey(alias); 098 } 099 100 /* ------------------------------------------------------------ */ 101 /** 102 * @see javax.net.ssl.X509ExtendedKeyManager#chooseEngineServerAlias(java.lang.String, 103 * java.security.Principal[], javax.net.ssl.SSLEngine) 104 */ 105 @Override 106 public String chooseEngineServerAlias(String keyType, Principal[] issuers, SSLEngine engine) { 107 return keyAlias == null ? super.chooseEngineServerAlias(keyType, issuers, engine) : keyAlias; 108 } 109 110 /* ------------------------------------------------------------ */ 111 /** 112 * @see javax.net.ssl.X509ExtendedKeyManager#chooseEngineClientAlias(String[], Principal[], SSLEngine) 113 */ 114 @Override 115 public String chooseEngineClientAlias(String keyType[], Principal[] issuers, SSLEngine engine) { 116 return keyAlias == null ? super.chooseEngineClientAlias(keyType, issuers, engine) : keyAlias; 117 } 118 }