001 /*
002 * Licensed to the Apache Software Foundation (ASF) under one or more
003 * contributor license agreements. See the NOTICE file distributed with
004 * this work for additional information regarding copyright ownership.
005 * The ASF licenses this file to You under the Apache License, Version 2.0
006 * (the "License"); you may not use this file except in compliance with
007 * the License. You may obtain a copy of the License at
008 *
009 * http://www.apache.org/licenses/LICENSE-2.0
010 *
011 * Unless required by applicable law or agreed to in writing, software
012 * distributed under the License is distributed on an "AS IS" BASIS,
013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014 * See the License for the specific language governing permissions and
015 * limitations under the License.
016 */
017 package org.apache.servicemix.jbi.security.keystore;
018
019 import java.security.GeneralSecurityException;
020
021 import javax.net.ssl.SSLServerSocketFactory;
022 import javax.net.ssl.SSLSocketFactory;
023
024 /**
025 * Based on http://svn.apache.org/repos/asf/geronimo/trunk/modules/management/
026 * src/java/org/apache/geronimo/management/geronimo/KeystoreManager.java
027 *
028 */
029 public interface KeystoreManager {
030
031 KeystoreInstance getKeystore(String name);
032
033 /**
034 * Gets a ServerSocketFactory using one Keystore to access the private key
035 * and another to provide the list of trusted certificate authorities.
036 * @param provider
037 * @param protocol The SSL protocol to use
038 * @param algorithm The SSL algorithm to use
039 * @param keyStore The key keystore name as provided by listKeystores. The
040 * KeystoreInstance for this keystore must be unlocked.
041 * @param keyAlias The name of the private key in the keystore. The
042 * KeystoreInstance for this keystore must have unlocked
043 * this key.
044 * @param trustStore The trust keystore name as provided by listKeystores.
045 * The KeystoreInstance for this keystore must have
046 * unlocked this key.
047 * @param loader The class loader used to resolve factory classes.
048 *
049 * @throws KeystoreIsLocked Occurs when the requested key keystore cannot
050 * be used because it has not been unlocked.
051 * @throws KeyIsLocked Occurs when the requested private key in the key
052 * keystore cannot be used because it has not been
053 * unlocked.
054 */
055 SSLServerSocketFactory createSSLServerFactory(String provider, String protocol,
056 String algorithm, String keyStore,
057 String keyAlias, String trustStore) throws GeneralSecurityException;
058
059 /**
060 * Gets a SocketFactory using one Keystore to access the private key
061 * and another to provide the list of trusted certificate authorities.
062 * @param provider The SSL provider to use, or null for the default
063 * @param protocol The SSL protocol to use
064 * @param algorithm The SSL algorithm to use
065 * @param keyStore The key keystore name as provided by listKeystores. The
066 * KeystoreInstance for this keystore must be unlocked.
067 * @param keyAlias The name of the private key in the keystore. The
068 * KeystoreInstance for this keystore must have unlocked
069 * this key.
070 * @param trustStore The trust keystore name as provided by listKeystores.
071 * The KeystoreInstance for this keystore must have
072 * unlocked this key.
073 * @param loader The class loader used to resolve factory classes.
074 *
075 * @throws KeystoreIsLocked Occurs when the requested key keystore cannot
076 * be used because it has not been unlocked.
077 * @throws KeyIsLocked Occurs when the requested private key in the key
078 * keystore cannot be used because it has not been
079 * unlocked.
080 * @throws GeneralSecurityException
081 */
082 SSLSocketFactory createSSLFactory(String provider, String protocol,
083 String algorithm, String keyStore,
084 String keyAlias, String trustStore) throws GeneralSecurityException;
085
086 }