org.bouncycastle.jsse.provider.ProvX509Key Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of bctls-jdk15to18 Show documentation
Show all versions of bctls-jdk15to18 Show documentation
The Bouncy Castle Java APIs for TLS and DTLS, including a provider for the JSSE.
package org.bouncycastle.jsse.provider;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import javax.net.ssl.X509KeyManager;
import org.bouncycastle.jsse.BCX509Key;
class ProvX509Key
implements BCX509Key
{
static ProvX509Key from(X509KeyManager x509KeyManager, String alias)
{
if (null == x509KeyManager)
{
throw new NullPointerException("'x509KeyManager' cannot be null");
}
if (null == alias)
{
return null;
}
// TODO[jsse] Log the probable misconfigured keystore when returning null below
PrivateKey privateKey = x509KeyManager.getPrivateKey(alias);
if (null == privateKey)
{
return null;
}
X509Certificate[] certificateChain = x509KeyManager.getCertificateChain(alias);
if (null == certificateChain || certificateChain.length < 1)
{
return null;
}
certificateChain = certificateChain.clone();
if (JsseUtils.containsNull(certificateChain))
{
return null;
}
// TODO[jsse] Consider taking a 'keyAlgorithm' parameter and validating the key algorithms
// if ((!keyAlgorithm.equals(JsseUtils.getPrivateKeyAlgorithm(privateKey))
// || !keyAlgorithm.equals(JsseUtils.getPublicKeyAlgorithm(certificateChain[0].getPublicKey())))
// {
// return null;
// }
return new ProvX509Key(privateKey, certificateChain);
}
private final PrivateKey privateKey;
private final X509Certificate[] certificateChain;
ProvX509Key(PrivateKey privateKey, X509Certificate[] certificateChain)
{
this.privateKey = privateKey;
this.certificateChain = certificateChain;
}
public X509Certificate[] getCertificateChain()
{
return certificateChain.clone();
}
public PrivateKey getPrivateKey()
{
return privateKey;
}
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy