1 /* |
1 /* |
2 * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved. |
2 * Copyright (c) 1999, 2018, Oracle and/or its affiliates. All rights reserved. |
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
4 * |
4 * |
5 * This code is free software; you can redistribute it and/or modify it |
5 * This code is free software; you can redistribute it and/or modify it |
6 * under the terms of the GNU General Public License version 2 only, as |
6 * under the terms of the GNU General Public License version 2 only, as |
7 * published by the Free Software Foundation. Oracle designates this |
7 * published by the Free Software Foundation. Oracle designates this |
23 * questions. |
23 * questions. |
24 */ |
24 */ |
25 |
25 |
26 package sun.security.ssl; |
26 package sun.security.ssl; |
27 |
27 |
28 import javax.net.ssl.*; |
28 import java.net.Socket; |
29 import java.security.*; |
29 import java.security.Key; |
30 import java.security.cert.*; |
30 import java.security.KeyStore; |
|
31 import java.security.KeyStoreException; |
|
32 import java.security.NoSuchAlgorithmException; |
|
33 import java.security.Principal; |
|
34 import java.security.PrivateKey; |
|
35 import java.security.UnrecoverableKeyException; |
31 import java.security.cert.Certificate; |
36 import java.security.cert.Certificate; |
32 import java.util.*; |
37 import java.security.cert.X509Certificate; |
33 import java.net.Socket; |
38 import java.util.ArrayList; |
34 |
39 import java.util.Collections; |
|
40 import java.util.Enumeration; |
|
41 import java.util.HashMap; |
|
42 import java.util.HashSet; |
|
43 import java.util.List; |
|
44 import java.util.Locale; |
|
45 import java.util.Map; |
|
46 import java.util.Set; |
|
47 import javax.net.ssl.SSLEngine; |
|
48 import javax.net.ssl.X509ExtendedKeyManager; |
35 import javax.security.auth.x500.X500Principal; |
49 import javax.security.auth.x500.X500Principal; |
36 |
50 |
37 |
51 |
38 /** |
52 /** |
39 * An implementation of X509KeyManager backed by a KeyStore. |
53 * An implementation of X509KeyManager backed by a KeyStore. |
65 * the remote peer. |
79 * the remote peer. |
66 * |
80 * |
67 */ |
81 */ |
68 final class SunX509KeyManagerImpl extends X509ExtendedKeyManager { |
82 final class SunX509KeyManagerImpl extends X509ExtendedKeyManager { |
69 |
83 |
70 private static final Debug debug = Debug.getInstance("ssl"); |
|
71 |
|
72 private static final String[] STRING0 = new String[0]; |
84 private static final String[] STRING0 = new String[0]; |
73 |
85 |
74 /* |
86 /* |
75 * The credentials from the KeyStore as |
87 * The credentials from the KeyStore as |
76 * Map: String(alias) -> X509Credentials(credentials) |
88 * Map: String(alias) -> X509Credentials(credentials) |
146 } |
158 } |
147 |
159 |
148 X509Credentials cred = new X509Credentials((PrivateKey)key, |
160 X509Credentials cred = new X509Credentials((PrivateKey)key, |
149 (X509Certificate[])certs); |
161 (X509Certificate[])certs); |
150 credentialsMap.put(alias, cred); |
162 credentialsMap.put(alias, cred); |
151 if (debug != null && Debug.isOn("keymanager")) { |
163 if (SSLLogger.isOn && SSLLogger.isOn("keymanager")) { |
152 System.out.println("***"); |
164 SSLLogger.fine("found key for : " + alias, (Object[])certs); |
153 System.out.println("found key for : " + alias); |
|
154 for (int i = 0; i < certs.length; i++) { |
|
155 System.out.println("chain [" + i + "] = " |
|
156 + certs[i]); |
|
157 } |
|
158 System.out.println("***"); |
|
159 } |
165 } |
160 } |
166 } |
161 } |
167 } |
162 |
168 |
163 /* |
169 /* |
380 } |
386 } |
381 |
387 |
382 if (issuers.length == 0) { |
388 if (issuers.length == 0) { |
383 // no issuer specified, match all |
389 // no issuer specified, match all |
384 aliases.add(alias); |
390 aliases.add(alias); |
385 if (debug != null && Debug.isOn("keymanager")) { |
391 if (SSLLogger.isOn && SSLLogger.isOn("keymanager")) { |
386 System.out.println("matching alias: " + alias); |
392 SSLLogger.fine("matching alias: " + alias); |
387 } |
393 } |
388 } else { |
394 } else { |
389 Set<X500Principal> certIssuers = |
395 Set<X500Principal> certIssuers = |
390 credentials.getIssuerX500Principals(); |
396 credentials.getIssuerX500Principals(); |
391 for (int i = 0; i < x500Issuers.length; i++) { |
397 for (int i = 0; i < x500Issuers.length; i++) { |
392 if (certIssuers.contains(issuers[i])) { |
398 if (certIssuers.contains(issuers[i])) { |
393 aliases.add(alias); |
399 aliases.add(alias); |
394 if (debug != null && Debug.isOn("keymanager")) { |
400 if (SSLLogger.isOn && SSLLogger.isOn("keymanager")) { |
395 System.out.println("matching alias: " + alias); |
401 SSLLogger.fine("matching alias: " + alias); |
396 } |
402 } |
397 break; |
403 break; |
398 } |
404 } |
399 } |
405 } |
400 } |
406 } |