Package Summary  Overview Summary

class:X509KeyManager [NONE]
  • All Superinterfaces:
    KeyManager
    All Known Implementing Classes:
    X509ExtendedKeyManager 
    public interface X509KeyManager
extends KeyManager
    Instances of this interface manage which X509 certificate-based key pairs are used to authenticate the local side of a secure socket.

    During secure socket negotiations, implementations call methods in this interface to:

    • determine the set of aliases that are available for negotiations based on the criteria presented,
    • select the best alias based on the criteria presented, and
    • obtain the corresponding key material for given aliases.

    Note: the X509ExtendedKeyManager should be used in favor of this class.

    Since:
    1.4

method:getClientAliases(java.lang.String,java.security.Principal[]) [NONE]

  • getClientAliases

    String[] getClientAliases​(String keyType,
                          Principal[] issuers)
    Get the matching aliases for authenticating the client side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any).
    Parameters:
    keyType - the key algorithm type name
    issuers - the list of acceptable CA issuer subject names, or null if it does not matter which issuers are used.
    Returns:
    an array of the matching alias names, or null if there were no matches.

method:chooseClientAlias(java.lang.String[],java.security.Principal[],java.net.Socket) [NONE]

  • chooseClientAlias

    String chooseClientAlias​(String[] keyType,
                         Principal[] issuers,
                         Socket socket)
    Choose an alias to authenticate the client side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any).
    Parameters:
    keyType - the key algorithm type name(s), ordered with the most-preferred key type first.
    issuers - the list of acceptable CA issuer subject names or null if it does not matter which issuers are used.
    socket - the socket to be used for this connection. This parameter can be null, which indicates that implementations are free to select an alias applicable to any socket.
    Returns:
    the alias name for the desired key, or null if there are no matches.

method:getServerAliases(java.lang.String,java.security.Principal[]) [NONE]

  • getServerAliases

    String[] getServerAliases​(String keyType,
                          Principal[] issuers)
    Get the matching aliases for authenticating the server side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any).
    Parameters:
    keyType - the key algorithm type name
    issuers - the list of acceptable CA issuer subject names or null if it does not matter which issuers are used.
    Returns:
    an array of the matching alias names, or null if there were no matches.

method:chooseServerAlias(java.lang.String,java.security.Principal[],java.net.Socket) [NONE]

  • chooseServerAlias

    String chooseServerAlias​(String keyType,
                         Principal[] issuers,
                         Socket socket)
    Choose an alias to authenticate the server side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any).
    Parameters:
    keyType - the key algorithm type name.
    issuers - the list of acceptable CA issuer subject names or null if it does not matter which issuers are used.
    socket - the socket to be used for this connection. This parameter can be null, which indicates that implementations are free to select an alias applicable to any socket.
    Returns:
    the alias name for the desired key, or null if there are no matches.

method:getCertificateChain(java.lang.String) [NONE]

  • getCertificateChain

    X509Certificate[] getCertificateChain​(String alias)
    Returns the certificate chain associated with the given alias.
    Parameters:
    alias - the alias name
    Returns:
    the certificate chain (ordered with the user's certificate first and the root certificate authority last), or null if the alias can't be found.

method:getPrivateKey(java.lang.String) [NONE]

  • getPrivateKey

    PrivateKey getPrivateKey​(String alias)
    Returns the key associated with the given alias.
    Parameters:
    alias - the alias name
    Returns:
    the requested key, or null if the alias can't be found.

© 2018 Oracle Corporation and/or its affiliates