Source for java.security.cert.CertPathValidator

   1: /* CertPathValidator -- validates certificate paths.
   2:    Copyright (C) 2003, 2004  Free Software Foundation, Inc.
   3: 
   4: This file is part of GNU Classpath.
   5: 
   6: GNU Classpath is free software; you can redistribute it and/or modify
   7: it under the terms of the GNU General Public License as published by
   8: the Free Software Foundation; either version 2, or (at your option)
   9: any later version.
  10:  
  11: GNU Classpath is distributed in the hope that it will be useful, but
  12: WITHOUT ANY WARRANTY; without even the implied warranty of
  13: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14: General Public License for more details.
  15: 
  16: You should have received a copy of the GNU General Public License
  17: along with GNU Classpath; see the file COPYING.  If not, write to the
  18: Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
  19: 02110-1301 USA.
  20: 
  21: Linking this library statically or dynamically with other modules is
  22: making a combined work based on this library.  Thus, the terms and
  23: conditions of the GNU General Public License cover the whole
  24: combination.
  25: 
  26: As a special exception, the copyright holders of this library give you
  27: permission to link this library with independent modules to produce an
  28: executable, regardless of the license terms of these independent
  29: modules, and to copy and distribute the resulting executable under
  30: terms of your choice, provided that you also meet, for each linked
  31: independent module, the terms and conditions of the license of that
  32: module.  An independent module is a module which is not derived from
  33: or based on this library.  If you modify this library, you may extend
  34: this exception to your version of the library, but you are not
  35: obligated to do so.  If you do not wish to do so, delete this
  36: exception statement from your version. */
  37: 
  38: 
  39: package java.security.cert;
  40: 
  41: import gnu.java.security.Engine;
  42: 
  43: import java.security.AccessController;
  44: import java.security.InvalidAlgorithmParameterException;
  45: import java.security.NoSuchAlgorithmException;
  46: import java.security.NoSuchProviderException;
  47: import java.security.PrivilegedAction;
  48: import java.security.Provider;
  49: import java.security.Security;
  50: 
  51: /**
  52:  * Generic interface to classes that validate certificate paths.
  53:  *
  54:  * <p>Using this class is similar to all the provider-based security
  55:  * classes; the method of interest, {@link
  56:  * #validate(java.security.cert.CertPath,java.security.cert.CertPathParameters)},
  57:  * which takes provider-specific implementations of {@link
  58:  * CertPathParameters}, and return provider-specific implementations of
  59:  * {@link CertPathValidatorResult}.
  60:  *
  61:  * @since JDK 1.4
  62:  * @see CertPath
  63:  */
  64: public class CertPathValidator {
  65: 
  66:   // Constants and fields.
  67:   // ------------------------------------------------------------------------
  68: 
  69:   /** Service name for CertPathValidator. */
  70:   private static final String CERT_PATH_VALIDATOR = "CertPathValidator";
  71: 
  72:   /** The underlying implementation. */
  73:   private final CertPathValidatorSpi validatorSpi;
  74: 
  75:   /** The provider of this implementation. */
  76:   private final Provider provider;
  77: 
  78:   /** The algorithm's name. */
  79:   private final String algorithm;
  80: 
  81:   // Constructor.
  82:   // ------------------------------------------------------------------------
  83: 
  84:   /**
  85:    * Creates a new CertPathValidator.
  86:    *
  87:    * @param validatorSpi The underlying implementation.
  88:    * @param provider     The provider of the implementation.
  89:    * @param algorithm    The algorithm name.
  90:    */
  91:   protected CertPathValidator(CertPathValidatorSpi validatorSpi,
  92:                               Provider provider, String algorithm)
  93:   {
  94:     this.validatorSpi = validatorSpi;
  95:     this.provider = provider;
  96:     this.algorithm = algorithm;
  97:   }
  98: 
  99:   // Class methods.
 100:   // ------------------------------------------------------------------------
 101: 
 102:   /**
 103:    * Returns the default validator type.
 104:    *
 105:    * <p>This value may be set at run-time via the security property
 106:    * "certpathvalidator.type", or the value "PKIX" if this property is
 107:    * not set.
 108:    *
 109:    * @return The default validator type.
 110:    */
 111:   public static synchronized String getDefaultType() {
 112:     String type = (String) AccessController.doPrivileged(
 113:       new PrivilegedAction()
 114:         {
 115:           public Object run()
 116:           {
 117:             return Security.getProperty("certpathvalidator.type");
 118:           }
 119:         }
 120:     );
 121:     if (type == null)
 122:       type = "PKIX";
 123:     return type;
 124:   }
 125: 
 126:   /**
 127:    * Get an instance of the given validator from the first provider that
 128:    * implements it.
 129:    *
 130:    * @param algorithm The name of the algorithm to get.
 131:    * @return The new instance.
 132:    * @throws NoSuchAlgorithmException If no installed provider
 133:    * implements the requested algorithm.
 134:    */
 135:   public static CertPathValidator getInstance(String algorithm)
 136:     throws NoSuchAlgorithmException
 137:   {
 138:     Provider[] p = Security.getProviders();
 139:     for (int i = 0; i < p.length; i++)
 140:       {
 141:         try
 142:           {
 143:             return getInstance(algorithm, p[i]);
 144:           }
 145:         catch (NoSuchAlgorithmException e)
 146:           {
 147:         // Ignored.
 148:           }
 149:       }
 150:     throw new NoSuchAlgorithmException(algorithm);
 151:   }
 152: 
 153:   /**
 154:    * Get an instance of the given validator from the named provider.
 155:    *
 156:    * @param algorithm The name of the algorithm to get.
 157:    * @param provider  The name of the provider from which to get the
 158:    * implementation.
 159:    * @return The new instance.
 160:    * @throws NoSuchAlgorithmException If the named provider does not
 161:    * implement the algorithm.
 162:    * @throws NoSuchProviderException If no provider named
 163:    * <i>provider</i> is installed.
 164:    */
 165:   public static CertPathValidator getInstance(String algorithm,
 166:                                               String provider)
 167:     throws NoSuchAlgorithmException, NoSuchProviderException
 168:   {
 169:     Provider p = Security.getProvider(provider);
 170:     if (p == null)
 171:       throw new NoSuchProviderException(provider);
 172: 
 173:     return getInstance(algorithm, p);
 174:   }
 175: 
 176:   /**
 177:    * Get an instance of the given validator from the given provider.
 178:    *
 179:    * @param algorithm The name of the algorithm to get.
 180:    * @param provider  The provider from which to get the implementation.
 181:    * @return The new instance.
 182:    * @throws NoSuchAlgorithmException If the provider does not implement
 183:    * the algorithm.
 184:    * @throws IllegalArgumentException If <i>provider</i> is null.
 185:    */
 186:   public static CertPathValidator getInstance(String algorithm,
 187:                                               Provider provider)
 188:     throws NoSuchAlgorithmException
 189:   {
 190:     if (provider == null)
 191:       throw new IllegalArgumentException("null provider");
 192: 
 193:     try
 194:       {
 195:         return new CertPathValidator((CertPathValidatorSpi)
 196:           Engine.getInstance(CERT_PATH_VALIDATOR, algorithm, provider),
 197:           provider, algorithm);
 198:       }
 199:     catch (java.lang.reflect.InvocationTargetException ite)
 200:       {
 201:         throw new NoSuchAlgorithmException(algorithm);
 202:       }
 203:     catch (ClassCastException cce)
 204:       {
 205:         throw new NoSuchAlgorithmException(algorithm);
 206:       }
 207:   }
 208: 
 209:   // Instance methods.
 210:   // ------------------------------------------------------------------------
 211: 
 212:   /**
 213:    * Return the name of this validator.
 214:    *
 215:    * @return This validator's name.
 216:    */
 217:   public final String getAlgorithm()
 218:   {
 219:     return algorithm;
 220:   }
 221: 
 222:   /**
 223:    * Return the provider of this implementation.
 224:    *
 225:    * @return The provider.
 226:    */
 227:   public final Provider getProvider()
 228:   {
 229:     return provider;
 230:   }
 231: 
 232:   /**
 233:    * Attempt to validate a certificate path.
 234:    *
 235:    * @param certPath The path to validate.
 236:    * @param params   The algorithm-specific parameters.
 237:    * @return The result of this validation attempt.
 238:    * @throws CertPathValidatorException If the certificate path cannot
 239:    * be validated.
 240:    * @throws InvalidAlgorithmParameterException If this implementation
 241:    * rejects the specified parameters.
 242:    */
 243:   public final CertPathValidatorResult validate(CertPath certPath,
 244:                                                 CertPathParameters params)
 245:     throws CertPathValidatorException, InvalidAlgorithmParameterException
 246:   {
 247:     return validatorSpi.engineValidate(certPath, params);
 248:   }
 249: }