File Doc Category Size Date Package
KeyManagerImpl.java API Doc Android 1.5 API 8596 Wed May 06 22:41:06 BST 2009 org.apache.harmony.xnet.provider.jsse

KeyManagerImpl

java.lang.Object
- javax.net.ssl.X509ExtendedKeyManager

public class KeyManagerImpl extends X509ExtendedKeyManager

KeyManager implementation. This implementation uses hashed key store information. It works faster than retrieving all of the data from the key store. Any key store changes, that happen after key manager was created, have no effect. The implementation does not use peer information (host, port) that may be obtained from socket or engine.

see: javax.net.ssl.KeyManager

Fields Summary
private final Hashtable
hash
Constructors Summary
public KeyManagerImpl(KeyStore keyStore, char[] pwd)
Creates Key manager
param
keyStore
param
pwd
String alias; KeyStore.PrivateKeyEntry entry; Enumeration aliases; try { aliases = keyStore.aliases(); } catch (KeyStoreException e) { return; } for (; aliases.hasMoreElements();) { alias = (String) aliases.nextElement(); try { if (keyStore.entryInstanceOf(alias, KeyStore.PrivateKeyEntry.class)) { entry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(alias, new KeyStore.PasswordProtection(pwd)); hash.put(alias, entry); } } catch (KeyStoreException e) { continue; } catch (UnrecoverableEntryException e) { continue; } catch (NoSuchAlgorithmException e) { continue; } }
Methods Summary
private java.lang.String[] chooseAlias(java.lang.String[] keyType, java.security.Principal[] issuers)
String alias; KeyStore.PrivateKeyEntry entry; if (keyType == null || keyType.length == 0) { return null; } Vector found = new Vector(); int count = 0; for (Enumeration aliases = hash.keys(); aliases.hasMoreElements();) { alias = (String) aliases.nextElement(); entry = (KeyStore.PrivateKeyEntry) hash.get(alias); Certificate[] certs = entry.getCertificateChain(); String alg = certs[0].getPublicKey().getAlgorithm(); for (int i = 0; i < keyType.length; i++) { if (alg.equals(keyType[i])) { if (issuers != null && issuers.length != 0) { // check that certificate was issued by specified issuer loop: for (int ii = 0; ii < certs.length; ii++) { if (certs[ii] instanceof X509Certificate) { X500Principal issuer = ((X509Certificate) certs[ii]) .getIssuerX500Principal(); for (int iii = 0; iii < issuers.length; iii++) { if (issuer.equals(issuers[iii])) { found.add(alias); count++; break loop; } } } } } else { found.add(alias); count++; } } } } if (count > 0) { String[] result = new String[count]; found.toArray(result); return result; } else { return null; }
public java.lang.String chooseClientAlias(java.lang.String[] keyType, java.security.Principal[] issuers, java.net.Socket socket)
see
javax.net.ssl.X509ExtendedKeyManager#chooseClientAlias(String[] keyType, Principal[] issuers, Socket socket)
String[] al = chooseAlias(keyType, issuers); if (al != null) { return al[0]; } else { return null; }
public java.lang.String chooseEngineClientAlias(java.lang.String[] keyType, java.security.Principal[] issuers, javax.net.ssl.SSLEngine engine)
see
javax.net.ssl.X509ExtendedKeyManager#chooseEngineClientAlias(String[] keyType, Principal[] issuers, SSLEngine engine)
String[] al = chooseAlias(keyType, issuers); if (al != null) { return al[0]; } else { return null; }
public java.lang.String chooseEngineServerAlias(java.lang.String keyType, java.security.Principal[] issuers, javax.net.ssl.SSLEngine engine)
see
javax.net.ssl.X509ExtendedKeyManager#chooseEngineServerAlias(String keyType, Principal[] issuers, SSLEngine engine)
String[] al = chooseAlias(new String[] { keyType }, issuers); if (al != null) { return al[0]; } else { return null; }
public java.lang.String chooseServerAlias(java.lang.String keyType, java.security.Principal[] issuers, java.net.Socket socket)
see
javax.net.ssl.X509ExtendedKeyManager#chooseServerAlias(String keyType, Principal[] issuers, Socket socket)
String[] al = chooseAlias(new String[] { keyType }, issuers); if (al != null) { return al[0]; } else { return null; }
public java.security.cert.X509Certificate[] getCertificateChain(java.lang.String alias)
see
javax.net.ssl.X509ExtendedKeyManager#getCertificateChain(String alias)
// BEGIN android-changed if (alias == null) { return null; } // END android-changed if (hash.containsKey(alias)) { Certificate[] certs = ((KeyStore.PrivateKeyEntry) hash.get(alias)) .getCertificateChain(); if (certs[0] instanceof X509Certificate) { X509Certificate[] xcerts = new X509Certificate[certs.length]; for (int i = 0; i < certs.length; i++) { xcerts[i] = (X509Certificate) certs[i]; } return xcerts; } } return null;
public java.lang.String[] getClientAliases(java.lang.String keyType, java.security.Principal[] issuers)
see
javax.net.ssl.X509ExtendedKeyManager#getClientAliases(String keyType, Principal[] issuers)
return chooseAlias(new String[] { keyType }, issuers);
public java.security.PrivateKey getPrivateKey(java.lang.String alias)
see
javax.net.ssl.X509ExtendedKeyManager#getPrivateKey(String alias)
// BEGIN android-changed if (alias == null) { return null; } // END android-changed if (hash.containsKey(alias)) { return ((KeyStore.PrivateKeyEntry) hash.get(alias)).getPrivateKey(); } return null;
public java.lang.String[] getServerAliases(java.lang.String keyType, java.security.Principal[] issuers)
see
javax.net.ssl.X509ExtendedKeyManager#getServerAliases(String keyType, Principal[] issuers)
return chooseAlias(new String[] { keyType }, issuers);