Interface X509KeyManager

All Superinterfaces:

KeyManager

All Known Implementing Classes:

X509ExtendedKeyManager

public interface X509KeyManager
extends KeyManager

Since:

1.4

Methods

getClientAliases

String[] getClientAliases(String keyType,
                          Principal[] issuers)

Get the matching aliases for authenticating the client side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any).

Parameters:

keyType - the key algorithm type name

issuers - the list of acceptable CA issuer subject names, or null if it does not matter which issuers are used.

Returns:

an array of the matching alias names, or null if there were no matches.

chooseClientAlias

String chooseClientAlias(String[] keyType,
                         Principal[] issuers,
                         Socket socket)

Choose an alias to authenticate the client side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any).

Parameters:

keyType - the key algorithm type name(s), ordered with the most-preferred key type first.

issuers - the list of acceptable CA issuer subject names or null if it does not matter which issuers are used.

socket - the socket to be used for this connection. This parameter can be null, which indicates that implementations are free to select an alias applicable to any socket.

Returns:

the alias name for the desired key, or null if there are no matches.

getServerAliases

String[] getServerAliases(String keyType,
                          Principal[] issuers)

Get the matching aliases for authenticating the server side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any).

Parameters:

keyType - the key algorithm type name

issuers - the list of acceptable CA issuer subject names or null if it does not matter which issuers are used.

Returns:

an array of the matching alias names, or null if there were no matches.

chooseServerAlias

String chooseServerAlias(String keyType,
                         Principal[] issuers,
                         Socket socket)

Choose an alias to authenticate the server side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any).

Parameters:

keyType - the key algorithm type name.

issuers - the list of acceptable CA issuer subject names or null if it does not matter which issuers are used.

socket - the socket to be used for this connection. This parameter can be null, which indicates that implementations are free to select an alias applicable to any socket.

Returns:

the alias name for the desired key, or null if there are no matches.

getCertificateChain

X509Certificate[] getCertificateChain(String alias)

Returns the certificate chain associated with the given alias.

Parameters:

alias - the alias name

Returns:

the certificate chain (ordered with the user's certificate first and the root certificate authority last), or null if the alias can't be found.

getPrivateKey

PrivateKey getPrivateKey(String alias)

Returns the key associated with the given alias.

Parameters:

alias - the alias name

Returns:

the requested key, or null if the alias can't be found.