Package com.netflix.spinnaker.kork.crypto

Class IdentityX509KeyManager

java.lang.Object

javax.net.ssl.X509ExtendedKeyManager

com.netflix.spinnaker.kork.crypto.IdentityX509KeyManager

All Implemented Interfaces:

KeyManager, X509KeyManager

public class IdentityX509KeyManager
extends X509ExtendedKeyManager

Provides a simple X509ExtendedKeyManager that uses a single X509Identity as the source for any keys and certificates required. This is most useful when paired with a refreshable identity, though if the lifetime of the identity's certificate is expected to outlive the application instance, then a static identity may also be used.

Field Summary

Fields

Modifier and Type	Field	Description
static final String	ALIAS

Constructor Summary

Constructors

Constructor	Description
IdentityX509KeyManager()

Method Summary

Modifier and Type	Method	Description
String	chooseClientAlias(String[] keyType, Principal[] issuers, Socket socket)
String	chooseEngineClientAlias(String[] keyType, Principal[] issuers, SSLEngine engine)
String	chooseEngineServerAlias(String keyType, Principal[] issuers, SSLEngine engine)
String	chooseServerAlias(String keyType, Principal[] issuers, Socket socket)
X509Certificate[]	getCertificateChain(String alias)
String[]	getClientAliases(String keyType, Principal[] issuers)
PrivateKey	getPrivateKey(String alias)
String[]	getServerAliases(String keyType, Principal[] issuers)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

ALIAS

public static final String ALIAS

See Also:

• Constant Field Values

Constructor Details

IdentityX509KeyManager

public IdentityX509KeyManager()

Method Details

chooseEngineClientAlias

public String chooseEngineClientAlias(String[] keyType,
 Principal[] issuers,
 SSLEngine engine)

Overrides:

chooseEngineClientAlias in class X509ExtendedKeyManager

chooseEngineServerAlias

public String chooseEngineServerAlias(String keyType,
 Principal[] issuers,
 SSLEngine engine)

Overrides:

chooseEngineServerAlias in class X509ExtendedKeyManager

getClientAliases

public String[] getClientAliases(String keyType,
 Principal[] issuers)

chooseClientAlias

public String chooseClientAlias(String[] keyType,
 Principal[] issuers,
 Socket socket)

getServerAliases

public String[] getServerAliases(String keyType,
 Principal[] issuers)

chooseServerAlias

public String chooseServerAlias(String keyType,
 Principal[] issuers,
 Socket socket)

getCertificateChain

public X509Certificate[] getCertificateChain(String alias)

getPrivateKey

public PrivateKey getPrivateKey(String alias)