001 /** 002 * Licensed to the Apache Software Foundation (ASF) under one or more 003 * contributor license agreements. See the NOTICE file distributed with 004 * this work for additional information regarding copyright ownership. 005 * The ASF licenses this file to You under the Apache License, Version 2.0 006 * (the "License"); you may not use this file except in compliance with 007 * the License. You may obtain a copy of the License at 008 * 009 * http://www.apache.org/licenses/LICENSE-2.0 010 * 011 * Unless required by applicable law or agreed to in writing, software 012 * distributed under the License is distributed on an "AS IS" BASIS, 013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 014 * See the License for the specific language governing permissions and 015 * limitations under the License. 016 */ 017 package org.apache.geronimo.management.geronimo; 018 019 import javax.net.ssl.SSLServerSocketFactory; 020 import javax.net.ssl.SSLSocketFactory; 021 import javax.net.ssl.SSLContext; 022 023 /** 024 * Management interface for working with keystores. Mostly this is used to 025 * identify KeystoreInstances to work with individual keystores. 026 * 027 * @see KeystoreInstance 028 * 029 * @version $Rev: 706640 $ $Date: 2008-10-21 14:44:05 +0000 (Tue, 21 Oct 2008) $ 030 */ 031 public interface KeystoreManager { 032 /** 033 * Gets the names of the keystores available in the server. 034 */ 035 public KeystoreInstance[] getKeystores(); 036 037 /** 038 * Gets a ServerSocketFactory using one Keystore to access the private key 039 * and another to provide the list of trusted certificate authorities. 040 * @param provider The SSL provider to use, or null for the default 041 * @param protocol The SSL protocol to use 042 * @param algorithm The SSL algorithm to use 043 * @param keyStore The key keystore name as provided by listKeystores. The 044 * KeystoreInstance for this keystore must be unlocked. 045 * @param keyAlias The name of the private key in the keystore. The 046 * KeystoreInstance for this keystore must have unlocked 047 * this key. 048 * @param trustStore The trust keystore name as provided by listKeystores. 049 * The KeystoreInstance for this keystore must have 050 * unlocked this key. 051 * @param loader The class loader used to resolve factory classes. 052 * 053 * @throws KeystoreIsLocked Occurs when the requested key keystore cannot 054 * be used because it has not been unlocked. 055 * @throws KeyIsLocked Occurs when the requested private key in the key 056 * keystore cannot be used because it has not been 057 * unlocked. 058 */ 059 public SSLServerSocketFactory createSSLServerFactory(String provider, String protocol, String algorithm, 060 String keyStore, String keyAlias, String trustStore, ClassLoader loader) 061 throws KeystoreException; 062 063 064 /** 065 * Gets a SocketFactory using one Keystore to access the private key 066 * and another to provide the list of trusted certificate authorities. 067 * @param provider The SSL provider to use, or null for the default 068 * @param protocol The SSL protocol to use 069 * @param algorithm The SSL algorithm to use 070 * @param keyStore The key keystore name as provided by listKeystores. The 071 * KeystoreInstance for this keystore must be unlocked. 072 * @param keyAlias The name of the private key in the keystore. The 073 * KeystoreInstance for this keystore must have unlocked 074 * this key. 075 * @param trustStore The trust keystore name as provided by listKeystores. 076 * The KeystoreInstance for this keystore must have 077 * unlocked this key. 078 * @param loader The class loader used to resolve factory classes. 079 * 080 * @throws KeystoreIsLocked Occurs when the requested key keystore cannot 081 * be used because it has not been unlocked. 082 * @throws KeyIsLocked Occurs when the requested private key in the key 083 * keystore cannot be used because it has not been 084 * unlocked. 085 */ 086 public SSLSocketFactory createSSLFactory(String provider, String protocol, String algorithm, 087 String keyStore, String keyAlias, String trustStore, ClassLoader loader) 088 throws KeystoreException; 089 090 091 /** 092 * Gets a SocketFactory using one Keystore to access the private key 093 * and another to provide the list of trusted certificate authorities. 094 * @param provider The SSL provider to use, or null for the default 095 * @param protocol The SSL protocol to use 096 * @param algorithm The SSL algorithm to use 097 * @param trustStore The trust keystore name as provided by listKeystores. 098 * The KeystoreInstance for this keystore must have 099 * unlocked this key. 100 * @param loader The class loader used to resolve factory classes. 101 * 102 * @throws KeystoreIsLocked Occurs when the requested key keystore cannot 103 * be used because it has not been unlocked. 104 * @throws KeyIsLocked Occurs when the requested private key in the key 105 * keystore cannot be used because it has not been 106 * unlocked. 107 */ 108 public SSLSocketFactory createSSLFactory(String provider, String protocol, String algorithm, 109 String trustStore, ClassLoader loader) 110 throws KeystoreException; 111 112 /** 113 * Creates a new, empty keystore. The name should be a valid file name 114 * with no path separator characters. 115 * 116 * @param name The name of the keystore to create 117 * @param password The password to use to protect the new keystore 118 * @param type The keystore type 119 */ 120 public KeystoreInstance createKeystore(String name, char[] password, String type) throws KeystoreException; 121 122 /** 123 * Gets the aliases for any keystores that are available to be used as 124 * private key keystores for an SSL factory. This means the keystore is 125 * unlocked and contains at least one private key that's unlocked. 126 */ 127 public KeystoreInstance[] getUnlockedKeyStores(); 128 129 /** 130 * Gets the aliases for any keystores that are available to be used as 131 * trusted certificate keystores for an SSL factory. This means the 132 * keystore is unlocked and contains at least one trust certificate. 133 */ 134 public KeystoreInstance[] getUnlockedTrustStores(); 135 136 SSLContext createSSLContext(String provider, String protocol, String algorithm, String keyStore, String keyAlias, String trustStore, ClassLoader loader) throws KeystoreException; 137 }