Package com.impossibl.postgres.protocol.ssl

Class OnDemandKeyManager

java.lang.Object

javax.net.ssl.X509ExtendedKeyManager

com.impossibl.postgres.protocol.ssl.OnDemandKeyManager

All Implemented Interfaces:

javax.net.ssl.KeyManager, javax.net.ssl.X509KeyManager

public class OnDemandKeyManager
extends javax.net.ssl.X509ExtendedKeyManager

A Key manager that only loads the keys, if necessary.

Constructor Summary

Constructors

Constructor	Description
OnDemandKeyManager(java.lang.String certfile, java.lang.String keyfile, javax.security.auth.callback.CallbackHandler cbh, boolean defaultfile)	Constructor.

Method Summary

Modifier and Type	Method	Description
java.lang.String	chooseClientAlias(java.lang.String[] keyType, java.security.Principal[] issuers, java.net.Socket socket)
java.lang.String	chooseEngineClientAlias(java.lang.String[] keyType, java.security.Principal[] issuers, javax.net.ssl.SSLEngine engine)
java.lang.String	chooseServerAlias(java.lang.String keyType, java.security.Principal[] issuers, java.net.Socket socket)
java.security.cert.X509Certificate[]	getCertificateChain(java.lang.String alias)
java.lang.String[]	getClientAliases(java.lang.String keyType, java.security.Principal[] issuers)
java.security.PrivateKey	getPrivateKey(java.lang.String alias)
java.lang.String[]	getServerAliases(java.lang.String keyType, java.security.Principal[] issuers)
void	throwKeyManagerException()	getCertificateChain and getPrivateKey cannot throw exeptions, therefore any exception is stored in this.error and can be raised by this method

Methods inherited from class javax.net.ssl.X509ExtendedKeyManager

chooseEngineServerAlias

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

OnDemandKeyManager

public OnDemandKeyManager(java.lang.String certfile,
                          java.lang.String keyfile,
                          javax.security.auth.callback.CallbackHandler cbh,
                          boolean defaultfile)

Constructor. certfile and keyfile can be null, in that case no certificate is presented to the server.

Parameters:

certfile -

keyfile -

cbh -

defaultfile -

Method Detail

throwKeyManagerException

public void throwKeyManagerException()
                              throws java.sql.SQLException

getCertificateChain and getPrivateKey cannot throw exeptions, therefore any exception is stored in this.error and can be raised by this method

Throws:

java.sql.SQLException

chooseClientAlias

public java.lang.String chooseClientAlias(java.lang.String[] keyType,
                                          java.security.Principal[] issuers,
                                          java.net.Socket socket)

chooseServerAlias

public java.lang.String chooseServerAlias(java.lang.String keyType,
                                          java.security.Principal[] issuers,
                                          java.net.Socket socket)

getCertificateChain

public java.security.cert.X509Certificate[] getCertificateChain(java.lang.String alias)

getClientAliases

public java.lang.String[] getClientAliases(java.lang.String keyType,
                                           java.security.Principal[] issuers)

getPrivateKey

public java.security.PrivateKey getPrivateKey(java.lang.String alias)

getServerAliases

public java.lang.String[] getServerAliases(java.lang.String keyType,
                                           java.security.Principal[] issuers)

chooseEngineClientAlias

public java.lang.String chooseEngineClientAlias(java.lang.String[] keyType,
                                                java.security.Principal[] issuers,
                                                javax.net.ssl.SSLEngine engine)

Overrides:

chooseEngineClientAlias in class javax.net.ssl.X509ExtendedKeyManager