/
AliasProvider.java
97 lines (84 loc) · 3.08 KB
/
AliasProvider.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
package cz.scholz.aliaskeymanager;
import javax.net.ssl.KeyManagerFactory;
import java.security.Provider;
import java.security.Security;
/**
* Implementation of JSSE provider, which provides its own KeyManager implementation.
*/
public class AliasProvider extends Provider {
private static final String DEFAULT_ALGORITHM = KeyManagerFactory.getDefaultAlgorithm();
private final static String ALGORITHM = "aliaskm";
private final static Double VERSION = 1.0;
private final static String INFO = "Alias Security provider provides the Key Manager which selects the client key for authentication based on the alias";
private final String KM_SERVICE = "KeyManagerFactory.aliaskm";
private final String KM_SPI = "cz.scholz.aliaskeymanager.AliasKeyManagerFactorySpi";
/**
* Constructs the JSSE Provider instance
*/
public AliasProvider() {
super(ALGORITHM, VERSION, INFO);
put(KM_SERVICE, KM_SPI);
}
/**
* Enabled the JSSE Provider - registers it using Security.addProvider(...)
*/
public static void enable()
{
// Add the provider
if (Security.getProvider(ALGORITHM) == null)
{
Provider aliasProvider = new AliasProvider();
Security.addProvider(aliasProvider);
}
}
/**
* Disable the JSSE Provider - if it is registered, it will be unregistered
*/
public static void disable()
{
// If our algo is the default, return the original default
if (ALGORITHM.equals(Security.getProperty("ssl.KeyManagerFactory.algorithm")))
{
Security.setProperty("ssl.KeyManagerFactory.algorithm", DEFAULT_ALGORITHM);
}
// Remove the provider
if (Security.getProvider(ALGORITHM) != null)
{
Security.removeProvider(ALGORITHM);
}
}
/**
* Set the AliasKeyManager as the default one for the application. In case the AliasKeyManager is not enabled, this
* method will automatically enable it.
*/
public static void setAsDefault()
{
// Make sure AliasProvider is enabled before setting it as default
enable();
System.setProperty("cz.scholz.aliaskeymanager.basealgorithm", DEFAULT_ALGORITHM);
Security.setProperty("ssl.KeyManagerFactory.algorithm", ALGORITHM);
}
/**
* Return to the original KeyManager implementation which was default before the AliasKeyManager
*/
public static void unsetAsDefault()
{
Security.setProperty("ssl.KeyManagerFactory.algorithm", DEFAULT_ALGORITHM);
}
/**
* Set the system property containing the alias of the key which should be used for authentication
*
* @param alias Alias of the prefered key
*/
public static void setAlias(String alias)
{
System.setProperty("cz.scholz.aliaskeymanager.alias", alias);
}
/**
* Clear the system property containing the alias of the key which should be used for authentication
*/
public static void unSetAlias()
{
System.clearProperty("cz.scholz.aliaskeymanager.alias");
}
}