Package org.conscrypt

Class KeyManagerImpl

java.lang.Object
javax.net.ssl.X509ExtendedKeyManager
org.conscrypt.KeyManagerImpl
All Implemented Interfaces:
KeyManager, X509KeyManager
public class KeyManagerImpl
extends X509ExtendedKeyManager
KeyManager implementation. This implementation uses hashed key store information. It works faster than retrieving all of the data from the key store. Any key store changes, that happen after key manager was created, have no effect. The implementation does not use peer information (host, port) that may be obtained from socket or engine.
See Also:
KeyManager

  • Constructor Details

    • KeyManagerImpl

      public KeyManagerImpl​(KeyStore keyStore, char[] pwd)
      Creates Key manager
      Parameters:
      keyStore -
      pwd -

  • Method Details

    • chooseClientAlias

      public String chooseClientAlias​(String[] keyTypes, Principal[] issuers, Socket socket)
      Description copied from interface: X509KeyManager
      Chooses an alias for the client side of an SSL connection to authenticate it with the specified public key type and certificate issuers.
      Parameters:
      keyTypes - the list of public key algorithm names.
      issuers - the list of certificate issuers, or null if any issuer will do.
      socket - the socket for the connection, or null if the alias selected does not depend on a specific socket.
      Returns:
      the alias name of a matching key or null if there are no matches.

    • chooseServerAlias

      public String chooseServerAlias​(String keyType, Principal[] issuers, Socket socket)
      Description copied from interface: X509KeyManager
      Chooses an alias for the server side of an SSL connection to authenticate it with the specified public key type and certificate issuers.
      Parameters:
      keyType - the list of public key algorithm type names.
      issuers - the list of certificate issuers, or null if any issuer will do.
      socket - the socket for the connection, or null if the alias selected does not depend on a specific socket.
      Returns:
      the alias name of a matching key or null if there are no matches.

    • getCertificateChain

      public X509Certificate[] getCertificateChain​(String alias)
      Description copied from interface: X509KeyManager
      Returns the certificate chain for the specified alias.
      Parameters:
      alias - the alias to get the certificate chain for.
      Returns:
      the certificate chain for the specified alias, or null if the alias cannot be found.

    • getClientAliases

      public String[] getClientAliases​(String keyType, Principal[] issuers)
      Description copied from interface: X509KeyManager
      Returns the client aliases for the specified public key type and list of certificate issuers.
      Parameters:
      keyType - the public key algorithm type name.
      issuers - the list of certificate issuers, or null if any issuer will do.
      Returns:
      the client aliases for the specified public key type, or null if there are no matching aliases.

    • getServerAliases

      public String[] getServerAliases​(String keyType, Principal[] issuers)
      Description copied from interface: X509KeyManager
      Returns the server aliases for the specified public key type and list of certificate issuers.
      Parameters:
      keyType - the public key algorithm type name.
      issuers - the list of certificate issuers, or null if any issuer will do.
      Returns:
      the client aliases for the specified public key type, or null if there are no matching aliases.

    • getPrivateKey

      public PrivateKey getPrivateKey​(String alias)
      Description copied from interface: X509KeyManager
      Returns the private key for the specified alias.
      Parameters:
      alias - the alias to get the private key for.
      Returns:
      the private key for the specified alias, or null if the alias cannot be found.

    • chooseEngineClientAlias

      public String chooseEngineClientAlias​(String[] keyTypes, Principal[] issuers, SSLEngine engine)
      Description copied from class: X509ExtendedKeyManager
      Chooses an alias for the client side of an SSL connection to authenticate it with the specified public key type and certificate issuers.
      Overrides:
      chooseEngineClientAlias in class X509ExtendedKeyManager
      Parameters:
      keyTypes - the list of public key algorithm names.
      issuers - the list of certificate issuers, or null if any issuer will do.
      engine - the SSLEngine for the connection, or null if no engine is predefined.
      Returns:
      the alias name of a matching key or null if there are no matches.

    • chooseEngineServerAlias

      public String chooseEngineServerAlias​(String keyType, Principal[] issuers, SSLEngine engine)
      Description copied from class: X509ExtendedKeyManager
      Chooses an alias for the server side of an SSL connection to authenticate it with the specified public key type and certificate issuers.
      Overrides:
      chooseEngineServerAlias in class X509ExtendedKeyManager
      Parameters:
      keyType - the list of public key algorithm names.
      issuers - the list of certificate issuers, or null if any issuer will do.
      engine - the SSLEngine for the connection, or null if no engine is predefined.
      Returns:
      the alias name of a matching key or null if there are no matches.