javax.net.ssl

Interface X509KeyManager

  • All Superinterfaces:
    KeyManager
    All Known Implementing Classes:
    X509ExtendedKeyManager

    public interface X509KeyManager
    extends KeyManager
    Instances of this interface manage which X509 certificate-based key pairs are used to authenticate the local side of a secure socket.

    During secure socket negotiations, implentations call methods in this interface to:

    • determine the set of aliases that are available for negotiations based on the criteria presented,
    • select the best alias based on the criteria presented, and
    • obtain the corresponding key material for given aliases.

    Note: the X509ExtendedKeyManager should be used in favor of this class.

    Since:
    1.4
    • Method Summary

      Methods 
      Modifier and Type Method and Description
      String chooseClientAlias(String[] keyType, Principal[] issuers, Socket socket)
      Choose an alias to authenticate the client side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any).
      String chooseServerAlias(String keyType, Principal[] issuers, Socket socket)
      Choose an alias to authenticate the server side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any).
      X509Certificate[] getCertificateChain(String alias)
      Returns the certificate chain associated with the given alias.
      String[] getClientAliases(String keyType, Principal[] issuers)
      Get the matching aliases for authenticating the client side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any).
      PrivateKey getPrivateKey(String alias)
      Returns the key associated with the given alias.
      String[] getServerAliases(String keyType, Principal[] issuers)
      Get the matching aliases for authenticating the server side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any).

        

    • Method Detail

      • getClientAliases

        String[] getClientAliases(String keyType,
                                Principal[] issuers)
        Get the matching aliases for authenticating the client side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any).
        Parameters:
        keyType - the key algorithm type name
        issuers - the list of acceptable CA issuer subject names, or null if it does not matter which issuers are used.
        Returns:
        an array of the matching alias names, or null if there were no matches.
      • chooseClientAlias

        String chooseClientAlias(String[] keyType,
                               Principal[] issuers,
                               Socket socket)
        Choose an alias to authenticate the client side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any).
        Parameters:
        keyType - the key algorithm type name(s), ordered with the most-preferred key type first.
        issuers - the list of acceptable CA issuer subject names or null if it does not matter which issuers are used.
        socket - the socket to be used for this connection. This parameter can be null, which indicates that implementations are free to select an alias applicable to any socket.
        Returns:
        the alias name for the desired key, or null if there are no matches.
      • getServerAliases

        String[] getServerAliases(String keyType,
                                Principal[] issuers)
        Get the matching aliases for authenticating the server side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any).
        Parameters:
        keyType - the key algorithm type name
        issuers - the list of acceptable CA issuer subject names or null if it does not matter which issuers are used.
        Returns:
        an array of the matching alias names, or null if there were no matches.
      • chooseServerAlias

        String chooseServerAlias(String keyType,
                               Principal[] issuers,
                               Socket socket)
        Choose an alias to authenticate the server side of a secure socket given the public key type and the list of certificate issuer authorities recognized by the peer (if any).
        Parameters:
        keyType - the key algorithm type name.
        issuers - the list of acceptable CA issuer subject names or null if it does not matter which issuers are used.
        socket - the socket to be used for this connection. This parameter can be null, which indicates that implementations are free to select an alias applicable to any socket.
        Returns:
        the alias name for the desired key, or null if there are no matches.
      • getCertificateChain

        X509Certificate[] getCertificateChain(String alias)
        Returns the certificate chain associated with the given alias.
        Parameters:
        alias - the alias name
        Returns:
        the certificate chain (ordered with the user's certificate first and the root certificate authority last), or null if the alias can't be found.
      • getPrivateKey

        PrivateKey getPrivateKey(String alias)
        Returns the key associated with the given alias.
        Parameters:
        alias - the alias name
        Returns:
        the requested key, or null if the alias can't be found.

Traduction non disponible

Les API Java ne sont pas encore traduites en français sur l'infobrol. Seule la version anglaise est disponible pour l'instant.

Version en cache

22/12/2024 10:04:30 Cette version de la page est en cache (à la date du 22/12/2024 10:04:30) afin d'accélérer le traitement. Vous pouvez activer le mode utilisateur dans le menu en haut pour afficher la dernère version de la page.

Document créé le 30/08/2006, dernière modification le 04/03/2020
Source du document imprimé : https://www.gaudry.be/java-api-rf-javax/net/ssl/X509KeyManager.html

L'infobrol est un site personnel dont le contenu n'engage que moi. Le texte est mis à disposition sous licence CreativeCommons(BY-NC-SA). Plus d'info sur les conditions d'utilisation et sur l'auteur.

Références

  1. Consulter le document html Langue du document :fr Manuel PHP : https://docs.oracle.com, X509KeyManager

Ces références et liens indiquent des documents consultés lors de la rédaction de cette page, ou qui peuvent apporter un complément d'information, mais les auteurs de ces sources ne peuvent être tenus responsables du contenu de cette page.
L'auteur de ce site est seul responsable de la manière dont sont présentés ici les différents concepts, et des libertés qui sont prises avec les ouvrages de référence. N'oubliez pas que vous devez croiser les informations de sources multiples afin de diminuer les risques d'erreurs.

Table des matières Haut