| |||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
public interface X509KeyManager extends KeyManager
Instances of this interface manage which X509 certificate-based key pairs are used to authenticate the local side of a secure socket.
During secure socket negotiations, implentations call methods in this interface to:
Note: the X509ExtendedKeyManager should be used in favor of this class.
Method Summary | |
---|---|
String |
chooseClientAlias(String[] keyType, Principal[] issuers, Socket socket) Choose an alias to authenticate the client side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any). |
String |
chooseServerAlias(String keyType, Principal[] issuers, Socket socket) Choose an alias to authenticate the server side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any). |
X509Certificate[] |
getCertificateChain(String alias) Returns the certificate chain associated with the given alias. |
String[] |
getClientAliases(String keyType, Principal[] issuers) Get the matching aliases for authenticating the client side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any). |
PrivateKey |
getPrivateKey(String alias) Returns the key associated with the given alias. |
String[] |
getServerAliases(String keyType, Principal[] issuers) Get the matching aliases for authenticating the server side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any). |
Method Detail |
---|
public String chooseClientAlias(String[] keyType, Principal[] issuers, Socket socket)
keyType
- the key algorithm type name(s), ordered
with the most-preferred key type first.issuers
- the list of acceptable CA issuer subject names
or null if it does not matter which issuers are used.socket
- the socket to be used for this connection. This
parameter can be null, which indicates that
implementations are free to select an alias applicable
to any socket.public String chooseServerAlias(String keyType, Principal[] issuers, Socket socket)
keyType
- the key algorithm type name.issuers
- the list of acceptable CA issuer subject names
or null if it does not matter which issuers are used.socket
- the socket to be used for this connection. This
parameter can be null, which indicates that
implementations are free to select an alias applicable
to any socket.public X509Certificate[] getCertificateChain(String alias)
alias
- the alias namepublic String[] getClientAliases(String keyType, Principal[] issuers)
keyType
- the key algorithm type nameissuers
- the list of acceptable CA issuer subject names,
or null if it does not matter which issuers are used.public PrivateKey getPrivateKey(String alias)
alias
- the alias namepublic String[] getServerAliases(String keyType, Principal[] issuers)
keyType
- the key algorithm type nameissuers
- the list of acceptable CA issuer subject names
or null if it does not matter which issuers are used.
| |||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |