Package org.conscrypt

Class KeyManagerImpl

  • All Implemented Interfaces:
    KeyManager, X509KeyManager
    public class KeyManagerImpl
extends X509ExtendedKeyManager
    KeyManager implementation. This implementation uses hashed key store information. It works faster than retrieving all of the data from the key store. Any key store changes, that happen after key manager was created, have no effect. The implementation does not use peer information (host, port) that may be obtained from socket or engine.
    See Also:
    KeyManager

    • Constructor Detail

      • KeyManagerImpl

        public KeyManagerImpl​(KeyStore keyStore,
                      char[] pwd)
        Creates Key manager
        Parameters:
        keyStore -
        pwd -

    • Method Detail

      • chooseClientAlias

        public String chooseClientAlias​(String[] keyTypes,
                                Principal[] issuers,
                                Socket socket)
        Description copied from interface: X509KeyManager
        Chooses an alias for the client side of an SSL connection to authenticate it with the specified public key type and certificate issuers.
        Parameters:
        keyTypes - the list of public key algorithm names.
        issuers - the list of certificate issuers, or null if any issuer will do.
        socket - the socket for the connection, or null if the alias selected does not depend on a specific socket.
        Returns:
        the alias name of a matching key or null if there are no matches.

      • chooseServerAlias

        public String chooseServerAlias​(String keyType,
                                Principal[] issuers,
                                Socket socket)
        Description copied from interface: X509KeyManager
        Chooses an alias for the server side of an SSL connection to authenticate it with the specified public key type and certificate issuers.
        Parameters:
        keyType - the list of public key algorithm type names.
        issuers - the list of certificate issuers, or null if any issuer will do.
        socket - the socket for the connection, or null if the alias selected does not depend on a specific socket.
        Returns:
        the alias name of a matching key or null if there are no matches.

      • getCertificateChain

        public X509Certificate[] getCertificateChain​(String alias)
        Description copied from interface: X509KeyManager
        Returns the certificate chain for the specified alias.
        Parameters:
        alias - the alias to get the certificate chain for.
        Returns:
        the certificate chain for the specified alias, or null if the alias cannot be found.

      • getClientAliases

        public String[] getClientAliases​(String keyType,
                                 Principal[] issuers)
        Description copied from interface: X509KeyManager
        Returns the client aliases for the specified public key type and list of certificate issuers.
        Parameters:
        keyType - the public key algorithm type name.
        issuers - the list of certificate issuers, or null if any issuer will do.
        Returns:
        the client aliases for the specified public key type, or null if there are no matching aliases.

      • getServerAliases

        public String[] getServerAliases​(String keyType,
                                 Principal[] issuers)
        Description copied from interface: X509KeyManager
        Returns the server aliases for the specified public key type and list of certificate issuers.
        Parameters:
        keyType - the public key algorithm type name.
        issuers - the list of certificate issuers, or null if any issuer will do.
        Returns:
        the client aliases for the specified public key type, or null if there are no matching aliases.

      • getPrivateKey

        public PrivateKey getPrivateKey​(String alias)
        Description copied from interface: X509KeyManager
        Returns the private key for the specified alias.
        Parameters:
        alias - the alias to get the private key for.
        Returns:
        the private key for the specified alias, or null if the alias cannot be found.

      • chooseEngineClientAlias

        public String chooseEngineClientAlias​(String[] keyTypes,
                                      Principal[] issuers,
                                      SSLEngine engine)
        Description copied from class: X509ExtendedKeyManager
        Chooses an alias for the client side of an SSL connection to authenticate it with the specified public key type and certificate issuers.
        Overrides:
        chooseEngineClientAlias in class X509ExtendedKeyManager
        Parameters:
        keyTypes - the list of public key algorithm names.
        issuers - the list of certificate issuers, or null if any issuer will do.
        engine - the SSLEngine for the connection, or null if no engine is predefined.
        Returns:
        the alias name of a matching key or null if there are no matches.

      • chooseEngineServerAlias

        public String chooseEngineServerAlias​(String keyType,
                                      Principal[] issuers,
                                      SSLEngine engine)
        Description copied from class: X509ExtendedKeyManager
        Chooses an alias for the server side of an SSL connection to authenticate it with the specified public key type and certificate issuers.
        Overrides:
        chooseEngineServerAlias in class X509ExtendedKeyManager
        Parameters:
        keyType - the list of public key algorithm names.
        issuers - the list of certificate issuers, or null if any issuer will do.
        engine - the SSLEngine for the connection, or null if no engine is predefined.
        Returns:
        the alias name of a matching key or null if there are no matches.