summaryrefslogtreecommitdiff
path: root/gnu/javax/net/ssl/provider/X509KeyManagerFactory.java
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/javax/net/ssl/provider/X509KeyManagerFactory.java')
-rw-r--r--gnu/javax/net/ssl/provider/X509KeyManagerFactory.java95
1 files changed, 68 insertions, 27 deletions
diff --git a/gnu/javax/net/ssl/provider/X509KeyManagerFactory.java b/gnu/javax/net/ssl/provider/X509KeyManagerFactory.java
index 476655c45..dc7728866 100644
--- a/gnu/javax/net/ssl/provider/X509KeyManagerFactory.java
+++ b/gnu/javax/net/ssl/provider/X509KeyManagerFactory.java
@@ -54,7 +54,6 @@ import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.PublicKey;
-import java.security.Security;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
@@ -76,6 +75,8 @@ import javax.crypto.interfaces.DHPublicKey;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactorySpi;
import javax.net.ssl.ManagerFactoryParameters;
+import javax.net.ssl.SSLEngine;
+import javax.net.ssl.X509ExtendedKeyManager;
import javax.net.ssl.X509KeyManager;
import gnu.javax.net.ssl.NullManagerParameters;
@@ -122,13 +123,17 @@ public class X509KeyManagerFactory extends KeyManagerFactorySpi
}
else if (params instanceof PrivateCredentials)
{
- List chains = ((PrivateCredentials) params).getCertChains();
- List keys = ((PrivateCredentials) params).getPrivateKeys();
+ List<X509Certificate[]> chains
+ = ((PrivateCredentials) params).getCertChains();
+ List<PrivateKey> keys
+ = ((PrivateCredentials) params).getPrivateKeys();
int i = 0;
- HashMap certMap = new HashMap();
- HashMap keyMap = new HashMap();
- Iterator c = chains.iterator();
- Iterator k = keys.iterator();
+ HashMap<String, X509Certificate[]> certMap
+ = new HashMap<String, X509Certificate[]>();
+ HashMap<String, PrivateKey> keyMap
+ = new HashMap<String, PrivateKey>();
+ Iterator<X509Certificate[]> c = chains.iterator();
+ Iterator<PrivateKey> k = keys.iterator();
while (c.hasNext() && k.hasNext())
{
certMap.put(String.valueOf(i), c.next());
@@ -171,8 +176,9 @@ public class X509KeyManagerFactory extends KeyManagerFactorySpi
}
}
- HashMap p = new HashMap();
- HashMap c = new HashMap();
+ HashMap<String, PrivateKey> p = new HashMap<String, PrivateKey>();
+ HashMap<String, X509Certificate[]> c
+ = new HashMap<String, X509Certificate[]>();
Enumeration aliases = store.aliases();
UnrecoverableKeyException exception = null;
while (aliases.hasMoreElements())
@@ -236,18 +242,19 @@ public class X509KeyManagerFactory extends KeyManagerFactorySpi
// Inner class.
// -------------------------------------------------------------------------
- private class Manager implements X509KeyManager
+ private class Manager extends X509ExtendedKeyManager
{
// Fields.
// -----------------------------------------------------------------------
- private final Map privateKeys;
- private final Map certChains;
+ private final Map<String, PrivateKey> privateKeys;
+ private final Map<String, X509Certificate[]> certChains;
// Constructor.
// -----------------------------------------------------------------------
- Manager(Map privateKeys, Map certChains)
+ Manager(Map<String, PrivateKey> privateKeys,
+ Map<String, X509Certificate[]> certChains)
{
this.privateKeys = privateKeys;
this.certChains = certChains;
@@ -267,6 +274,19 @@ public class X509KeyManagerFactory extends KeyManagerFactorySpi
}
return null;
}
+
+ public @Override String chooseEngineClientAlias(String[] keyTypes,
+ Principal[] issuers,
+ SSLEngine engine)
+ {
+ for (String type : keyTypes)
+ {
+ String[] s = getClientAliases(type, issuers);
+ if (s.length > 0)
+ return s[0];
+ }
+ return null;
+ }
public String[] getClientAliases(String keyType, Principal[] issuers)
{
@@ -281,6 +301,16 @@ public class X509KeyManagerFactory extends KeyManagerFactorySpi
return s[0];
return null;
}
+
+ public @Override String chooseEngineServerAlias(String keyType,
+ Principal[] issuers,
+ SSLEngine engine)
+ {
+ String[] s = getServerAliases(keyType, issuers);
+ if (s.length > 0)
+ return s[0];
+ return null;
+ }
public String[] getServerAliases(String keyType, Principal[] issuers)
{
@@ -289,7 +319,7 @@ public class X509KeyManagerFactory extends KeyManagerFactorySpi
private String[] getAliases(String keyType, Principal[] issuers)
{
- LinkedList l = new LinkedList();
+ LinkedList<String> l = new LinkedList<String>();
for (Iterator i = privateKeys.keySet().iterator(); i.hasNext(); )
{
String alias = (String) i.next();
@@ -300,21 +330,27 @@ public class X509KeyManagerFactory extends KeyManagerFactorySpi
if (privKey == null)
continue;
PublicKey pubKey = chain[0].getPublicKey();
- if (keyType.equals("RSA") || keyType.equals("DHE_RSA") ||
- keyType.equals("SRP_RSA") || keyType.equals("rsa_sign"))
+ if (keyType.equalsIgnoreCase("RSA")
+ || keyType.equalsIgnoreCase("DHE_RSA")
+ || keyType.equalsIgnoreCase("SRP_RSA")
+ || keyType.equalsIgnoreCase("rsa_sign")
+ || keyType.equalsIgnoreCase("RSA_PSK"))
{
if (!(privKey instanceof RSAPrivateKey) ||
!(pubKey instanceof RSAPublicKey))
continue;
}
- if (keyType.equals("DHE_DSS") || keyType.equals("dss_sign") ||
- keyType.equals("SRP_DSS"))
+ else if (keyType.equalsIgnoreCase("DHE_DSS")
+ || keyType.equalsIgnoreCase("dss_sign")
+ || keyType.equalsIgnoreCase("SRP_DSS")
+ || keyType.equalsIgnoreCase("DSA"))
{
if (!(privKey instanceof DSAPrivateKey) ||
!(pubKey instanceof DSAPublicKey))
continue;
}
- if (keyType.equals("DH_RSA") || keyType.equals("rsa_fixed_dh"))
+ else if (keyType.equalsIgnoreCase("DH_RSA")
+ || keyType.equalsIgnoreCase("rsa_fixed_dh"))
{
if (!(privKey instanceof DHPrivateKey) ||
!(pubKey instanceof DHPublicKey))
@@ -322,7 +358,8 @@ public class X509KeyManagerFactory extends KeyManagerFactorySpi
if (!chain[0].getSigAlgName().equalsIgnoreCase("RSA"))
continue;
}
- if (keyType.equals("DH_DSS") || keyType.equals("dss_fixed_dh"))
+ else if (keyType.equalsIgnoreCase("DH_DSS")
+ || keyType.equalsIgnoreCase("dss_fixed_dh"))
{
if (!(privKey instanceof DHPrivateKey) ||
!(pubKey instanceof DHPublicKey))
@@ -330,19 +367,23 @@ public class X509KeyManagerFactory extends KeyManagerFactorySpi
if (!chain[0].getSigAlgName().equalsIgnoreCase("DSA"))
continue;
}
+ else // Unknown key type; ignore it.
+ continue;
if (issuers == null || issuers.length == 0)
{
l.add(alias);
continue;
}
- for (int j = 0; j < issuers.length; j++)
- if (chain[0].getIssuerDN().equals(issuers[j]))
- {
- l.add(alias);
- break;
- }
+ for (Principal issuer : issuers)
+ {
+ if (chain[0].getIssuerDN().equals(issuer))
+ {
+ l.add(alias);
+ break;
+ }
+ }
}
- return (String[]) l.toArray(new String[l.size()]);
+ return l.toArray(new String[l.size()]);
}
public X509Certificate[] getCertificateChain(String alias)
View Lorry Controller Status