1   /*
    2    *  Licensed to the Apache Software Foundation (ASF) under one or more
    3    *  contributor license agreements.  See the NOTICE file distributed with
    4    *  this work for additional information regarding copyright ownership.
    5    *  The ASF licenses this file to You under the Apache License, Version 2.0
    6    *  (the "License"); you may not use this file except in compliance with
    7    *  the License.  You may obtain a copy of the License at
    8    *
    9    *      http://www.apache.org/licenses/LICENSE-2.0
   10    *
   11    *  Unless required by applicable law or agreed to in writing, software
   12    *  distributed under the License is distributed on an "AS IS" BASIS,
   13    *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
   14    *  See the License for the specific language governing permissions and
   15    *  limitations under the License.
   16    */
   17   
   18   package org.apache.tomcat.util.net.jsse;
   19   
   20   import java.net.Socket;
   21   import java.security.Principal;
   22   import java.security.PrivateKey;
   23   import java.security.cert.X509Certificate;
   24   
   25   import javax.net.ssl.SSLEngine;
   26   import javax.net.ssl.X509ExtendedKeyManager;
   27   import javax.net.ssl.X509KeyManager;
   28   
   29   public class NioX509KeyManager extends X509ExtendedKeyManager {
   30   
   31       private X509KeyManager delegate;
   32       private String serverKeyAlias;
   33   
   34       /**
   35        * Constructor.
   36        *
   37        * @param mgr The X509KeyManager used as a delegate
   38        * @param serverKeyAlias The alias name of the server's keypair and
   39        * supporting certificate chain
   40        */
   41       public NioX509KeyManager(X509KeyManager mgr, String serverKeyAlias) {
   42           this.delegate = mgr;
   43           this.serverKeyAlias = serverKeyAlias;
   44       }
   45   
   46       public String chooseClientAlias(String[] keyType, Principal[] issuers, Socket socket) {
   47           return delegate.chooseClientAlias(keyType, issuers, socket);
   48       }
   49   
   50       public String chooseServerAlias(String keyType, Principal[] issuers, Socket socket) {
   51           if (serverKeyAlias!=null) {
   52               return serverKeyAlias;
   53           } else {
   54               return delegate.chooseServerAlias(keyType, issuers, socket);
   55           }
   56       }
   57   
   58       public X509Certificate[] getCertificateChain(String alias) {
   59           return delegate.getCertificateChain(alias);
   60       }
   61   
   62       public String[] getClientAliases(String keyType, Principal[] issuers) {
   63           return delegate.getClientAliases(keyType, issuers);
   64       }
   65   
   66       public PrivateKey getPrivateKey(String alias) {
   67           return delegate.getPrivateKey(alias);
   68       }
   69   
   70       public String[] getServerAliases(String keyType, Principal[] issuers) {
   71           return delegate.getServerAliases(keyType, issuers);
   72       }
   73   
   74       @Override
   75       public String chooseEngineServerAlias(String keyType, Principal[] issuers, SSLEngine engine) {
   76           if (serverKeyAlias!=null) {
   77               return serverKeyAlias;
   78           } else {
   79               return super.chooseEngineServerAlias(keyType, issuers, engine);
   80           }
   81       }
   82   
   83       
   84       
   85       
   86   }