Platform SDK Java 8.5 API Reference

com.genesyslab.platform.commons.connection.tls
Class ThumbprintKeyManager

java.lang.Object
  extended by javax.net.ssl.X509ExtendedKeyManager
      extended by com.genesyslab.platform.commons.connection.tls.ThumbprintKeyManager
All Implemented Interfaces:
javax.net.ssl.KeyManager, javax.net.ssl.X509KeyManager

public class ThumbprintKeyManager
extends javax.net.ssl.X509ExtendedKeyManager

Specific implementation of X509ExtendedKeyManager to be used with Windows Certificate Services (WCS) key stores. WCS uses SHA1 thumbprints to identify and search certificates. These thumbprints are not available in Java directly and this class fill this gap by calculating them on its own and allowing users to search certificate entries by WCS thumbprint. Note that it may take considerable time iterating over WCS key store and calculating SHA1 over certificates. Actual time depends on number of certificates stored and CPU speed, but delays observed during development (XP Pro, Java 1.5-1.7, Core Duo E4600 @ 2.4GHz) were about 30-50 seconds.


Constructor Summary
ThumbprintKeyManager(java.security.KeyStore keyStore, java.lang.String thumbprint)
          Creates key manager.
 
Method Summary
 java.lang.String chooseClientAlias(java.lang.String[] strings, java.security.Principal[] principals, java.net.Socket socket)
           
 java.lang.String chooseEngineClientAlias(java.lang.String[] strings, java.security.Principal[] principals, javax.net.ssl.SSLEngine sslEngine)
           
 java.lang.String chooseEngineServerAlias(java.lang.String s, java.security.Principal[] principals, javax.net.ssl.SSLEngine sslEngine)
           
 java.lang.String chooseServerAlias(java.lang.String s, java.security.Principal[] principals, java.net.Socket socket)
           
 java.security.cert.X509Certificate[] getCertificateChain(java.lang.String s)
           
 java.lang.String[] getClientAliases(java.lang.String s, java.security.Principal[] principals)
           
 java.security.PrivateKey getPrivateKey(java.lang.String s)
           
 java.lang.String[] getServerAliases(java.lang.String s, java.security.Principal[] principals)
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

ThumbprintKeyManager

public ThumbprintKeyManager(java.security.KeyStore keyStore,
                            java.lang.String thumbprint)
                     throws java.security.GeneralSecurityException
Creates key manager. Performs search for entry with matching thumbprint. Search is performed only once on creation, this class will not account for dynamic changes in key store.

Parameters:
keyStore - KeyStore, supposedly WCS/MSCAPI one.
thumbprint - Hexadecimal string, space characters are allowed inside and will be ignored.
Throws:
java.security.GeneralSecurityException - If there are problems accessing key store
Method Detail

getClientAliases

public java.lang.String[] getClientAliases(java.lang.String s,
                                           java.security.Principal[] principals)

chooseClientAlias

public java.lang.String chooseClientAlias(java.lang.String[] strings,
                                          java.security.Principal[] principals,
                                          java.net.Socket socket)

getServerAliases

public java.lang.String[] getServerAliases(java.lang.String s,
                                           java.security.Principal[] principals)

chooseServerAlias

public java.lang.String chooseServerAlias(java.lang.String s,
                                          java.security.Principal[] principals,
                                          java.net.Socket socket)

getCertificateChain

public java.security.cert.X509Certificate[] getCertificateChain(java.lang.String s)

getPrivateKey

public java.security.PrivateKey getPrivateKey(java.lang.String s)

chooseEngineClientAlias

public java.lang.String chooseEngineClientAlias(java.lang.String[] strings,
                                                java.security.Principal[] principals,
                                                javax.net.ssl.SSLEngine sslEngine)
Overrides:
chooseEngineClientAlias in class javax.net.ssl.X509ExtendedKeyManager

chooseEngineServerAlias

public java.lang.String chooseEngineServerAlias(java.lang.String s,
                                                java.security.Principal[] principals,
                                                javax.net.ssl.SSLEngine sslEngine)
Overrides:
chooseEngineServerAlias in class javax.net.ssl.X509ExtendedKeyManager

Platform SDK Java 8.5 API Reference

Send comments on this topicTechpubs.webadmin@genesys.com.
Document version: 8.5.302.00
Copyright © 2006–2017 Genesys Telecommunications Laboratories, Inc. All rights reserved.