001    /**
002     * Licensed to the Apache Software Foundation (ASF) under one or more
003     * contributor license agreements.  See the NOTICE file distributed with
004     * this work for additional information regarding copyright ownership.
005     * The ASF licenses this file to You under the Apache License, Version 2.0
006     * (the "License"); you may not use this file except in compliance with
007     * the License.  You may obtain a copy of the License at
008     *
009     *      http://www.apache.org/licenses/LICENSE-2.0
010     *
011     * Unless required by applicable law or agreed to in writing, software
012     * distributed under the License is distributed on an "AS IS" BASIS,
013     * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014     * See the License for the specific language governing permissions and
015     * limitations under the License.
016     */
017    package org.apache.camel.util.jsse;
018    
019    import java.net.Socket;
020    import java.security.Principal;
021    import java.security.PrivateKey;
022    import java.security.cert.X509Certificate;
023    
024    import javax.net.ssl.SSLEngine;
025    import javax.net.ssl.X509ExtendedKeyManager;
026    import javax.net.ssl.X509KeyManager;
027    
028    /* ------------------------------------------------------------ */
029    /**
030     * KeyManager to select a key with desired alias while delegating processing to specified KeyManager Can be
031     * used both with server and client sockets
032     */
033    public class AliasedX509ExtendedKeyManager extends X509ExtendedKeyManager {
034        private String keyAlias;
035        private X509KeyManager keyManager;
036    
037        /* ------------------------------------------------------------ */
038        /**
039         * Construct KeyManager instance
040         * 
041         * @param keyAlias Alias of the key to be selected
042         * @param keyManager Instance of KeyManager to be wrapped
043         * @throws Exception
044         */
045        public AliasedX509ExtendedKeyManager(String keyAlias, X509KeyManager keyManager) throws Exception {
046            this.keyAlias = keyAlias;
047            this.keyManager = keyManager;
048        }
049    
050        /* ------------------------------------------------------------ */
051        /**
052         * @see javax.net.ssl.X509KeyManager#chooseClientAlias(java.lang.String[], java.security.Principal[],
053         *      java.net.Socket)
054         */
055        public String chooseClientAlias(String[] keyType, Principal[] issuers, Socket socket) {
056            return keyAlias == null ? keyManager.chooseClientAlias(keyType, issuers, socket) : keyAlias;
057        }
058    
059        /* ------------------------------------------------------------ */
060        /**
061         * @see javax.net.ssl.X509KeyManager#chooseServerAlias(java.lang.String, java.security.Principal[],
062         *      java.net.Socket)
063         */
064        public String chooseServerAlias(String keyType, Principal[] issuers, Socket socket) {
065            return keyAlias == null ? keyManager.chooseServerAlias(keyType, issuers, socket) : keyAlias;
066        }
067    
068        /* ------------------------------------------------------------ */
069        /**
070         * @see javax.net.ssl.X509KeyManager#getClientAliases(java.lang.String, java.security.Principal[])
071         */
072        public String[] getClientAliases(String keyType, Principal[] issuers) {
073            return keyManager.getClientAliases(keyType, issuers);
074        }
075    
076        /* ------------------------------------------------------------ */
077        /**
078         * @see javax.net.ssl.X509KeyManager#getServerAliases(java.lang.String, java.security.Principal[])
079         */
080        public String[] getServerAliases(String keyType, Principal[] issuers) {
081            return keyManager.getServerAliases(keyType, issuers);
082        }
083    
084        /* ------------------------------------------------------------ */
085        /**
086         * @see javax.net.ssl.X509KeyManager#getCertificateChain(java.lang.String)
087         */
088        public X509Certificate[] getCertificateChain(String alias) {
089            return keyManager.getCertificateChain(alias);
090        }
091    
092        /* ------------------------------------------------------------ */
093        /**
094         * @see javax.net.ssl.X509KeyManager#getPrivateKey(java.lang.String)
095         */
096        public PrivateKey getPrivateKey(String alias) {
097            return keyManager.getPrivateKey(alias);
098        }
099    
100        /* ------------------------------------------------------------ */
101        /**
102         * @see javax.net.ssl.X509ExtendedKeyManager#chooseEngineServerAlias(java.lang.String,
103         *      java.security.Principal[], javax.net.ssl.SSLEngine)
104         */
105        @Override
106        public String chooseEngineServerAlias(String keyType, Principal[] issuers, SSLEngine engine) {
107            return keyAlias == null ? super.chooseEngineServerAlias(keyType, issuers, engine) : keyAlias;
108        }
109    
110        /* ------------------------------------------------------------ */
111        /**
112         * @see javax.net.ssl.X509ExtendedKeyManager#chooseEngineClientAlias(String[], Principal[], SSLEngine)
113         */
114        @Override
115        public String chooseEngineClientAlias(String keyType[], Principal[] issuers, SSLEngine engine) {
116            return keyAlias == null ? super.chooseEngineClientAlias(keyType, issuers, engine) : keyAlias;
117        }
118    }