Frames | No Frames |
1: /* CertPathValidator -- validates certificate paths. 2: Copyright (C) 2003, 2004 Free Software Foundation, Inc. 3: 4: This file is part of GNU Classpath. 5: 6: GNU Classpath is free software; you can redistribute it and/or modify 7: it under the terms of the GNU General Public License as published by 8: the Free Software Foundation; either version 2, or (at your option) 9: any later version. 10: 11: GNU Classpath is distributed in the hope that it will be useful, but 12: WITHOUT ANY WARRANTY; without even the implied warranty of 13: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14: General Public License for more details. 15: 16: You should have received a copy of the GNU General Public License 17: along with GNU Classpath; see the file COPYING. If not, write to the 18: Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 19: 02110-1301 USA. 20: 21: Linking this library statically or dynamically with other modules is 22: making a combined work based on this library. Thus, the terms and 23: conditions of the GNU General Public License cover the whole 24: combination. 25: 26: As a special exception, the copyright holders of this library give you 27: permission to link this library with independent modules to produce an 28: executable, regardless of the license terms of these independent 29: modules, and to copy and distribute the resulting executable under 30: terms of your choice, provided that you also meet, for each linked 31: independent module, the terms and conditions of the license of that 32: module. An independent module is a module which is not derived from 33: or based on this library. If you modify this library, you may extend 34: this exception to your version of the library, but you are not 35: obligated to do so. If you do not wish to do so, delete this 36: exception statement from your version. */ 37: 38: 39: package java.security.cert; 40: 41: import gnu.java.security.Engine; 42: 43: import java.security.AccessController; 44: import java.security.InvalidAlgorithmParameterException; 45: import java.security.NoSuchAlgorithmException; 46: import java.security.NoSuchProviderException; 47: import java.security.PrivilegedAction; 48: import java.security.Provider; 49: import java.security.Security; 50: 51: /** 52: * Generic interface to classes that validate certificate paths. 53: * 54: * <p>Using this class is similar to all the provider-based security 55: * classes; the method of interest, {@link 56: * #validate(java.security.cert.CertPath,java.security.cert.CertPathParameters)}, 57: * which takes provider-specific implementations of {@link 58: * CertPathParameters}, and return provider-specific implementations of 59: * {@link CertPathValidatorResult}. 60: * 61: * @since JDK 1.4 62: * @see CertPath 63: */ 64: public class CertPathValidator { 65: 66: // Constants and fields. 67: // ------------------------------------------------------------------------ 68: 69: /** Service name for CertPathValidator. */ 70: private static final String CERT_PATH_VALIDATOR = "CertPathValidator"; 71: 72: /** The underlying implementation. */ 73: private final CertPathValidatorSpi validatorSpi; 74: 75: /** The provider of this implementation. */ 76: private final Provider provider; 77: 78: /** The algorithm's name. */ 79: private final String algorithm; 80: 81: // Constructor. 82: // ------------------------------------------------------------------------ 83: 84: /** 85: * Creates a new CertPathValidator. 86: * 87: * @param validatorSpi The underlying implementation. 88: * @param provider The provider of the implementation. 89: * @param algorithm The algorithm name. 90: */ 91: protected CertPathValidator(CertPathValidatorSpi validatorSpi, 92: Provider provider, String algorithm) 93: { 94: this.validatorSpi = validatorSpi; 95: this.provider = provider; 96: this.algorithm = algorithm; 97: } 98: 99: // Class methods. 100: // ------------------------------------------------------------------------ 101: 102: /** 103: * Returns the default validator type. 104: * 105: * <p>This value may be set at run-time via the security property 106: * "certpathvalidator.type", or the value "PKIX" if this property is 107: * not set. 108: * 109: * @return The default validator type. 110: */ 111: public static synchronized String getDefaultType() { 112: String type = (String) AccessController.doPrivileged( 113: new PrivilegedAction() 114: { 115: public Object run() 116: { 117: return Security.getProperty("certpathvalidator.type"); 118: } 119: } 120: ); 121: if (type == null) 122: type = "PKIX"; 123: return type; 124: } 125: 126: /** 127: * Get an instance of the given validator from the first provider that 128: * implements it. 129: * 130: * @param algorithm The name of the algorithm to get. 131: * @return The new instance. 132: * @throws NoSuchAlgorithmException If no installed provider 133: * implements the requested algorithm. 134: */ 135: public static CertPathValidator getInstance(String algorithm) 136: throws NoSuchAlgorithmException 137: { 138: Provider[] p = Security.getProviders(); 139: for (int i = 0; i < p.length; i++) 140: { 141: try 142: { 143: return getInstance(algorithm, p[i]); 144: } 145: catch (NoSuchAlgorithmException e) 146: { 147: // Ignored. 148: } 149: } 150: throw new NoSuchAlgorithmException(algorithm); 151: } 152: 153: /** 154: * Get an instance of the given validator from the named provider. 155: * 156: * @param algorithm The name of the algorithm to get. 157: * @param provider The name of the provider from which to get the 158: * implementation. 159: * @return The new instance. 160: * @throws NoSuchAlgorithmException If the named provider does not 161: * implement the algorithm. 162: * @throws NoSuchProviderException If no provider named 163: * <i>provider</i> is installed. 164: */ 165: public static CertPathValidator getInstance(String algorithm, 166: String provider) 167: throws NoSuchAlgorithmException, NoSuchProviderException 168: { 169: Provider p = Security.getProvider(provider); 170: if (p == null) 171: throw new NoSuchProviderException(provider); 172: 173: return getInstance(algorithm, p); 174: } 175: 176: /** 177: * Get an instance of the given validator from the given provider. 178: * 179: * @param algorithm The name of the algorithm to get. 180: * @param provider The provider from which to get the implementation. 181: * @return The new instance. 182: * @throws NoSuchAlgorithmException If the provider does not implement 183: * the algorithm. 184: * @throws IllegalArgumentException If <i>provider</i> is null. 185: */ 186: public static CertPathValidator getInstance(String algorithm, 187: Provider provider) 188: throws NoSuchAlgorithmException 189: { 190: if (provider == null) 191: throw new IllegalArgumentException("null provider"); 192: 193: try 194: { 195: return new CertPathValidator((CertPathValidatorSpi) 196: Engine.getInstance(CERT_PATH_VALIDATOR, algorithm, provider), 197: provider, algorithm); 198: } 199: catch (java.lang.reflect.InvocationTargetException ite) 200: { 201: throw new NoSuchAlgorithmException(algorithm); 202: } 203: catch (ClassCastException cce) 204: { 205: throw new NoSuchAlgorithmException(algorithm); 206: } 207: } 208: 209: // Instance methods. 210: // ------------------------------------------------------------------------ 211: 212: /** 213: * Return the name of this validator. 214: * 215: * @return This validator's name. 216: */ 217: public final String getAlgorithm() 218: { 219: return algorithm; 220: } 221: 222: /** 223: * Return the provider of this implementation. 224: * 225: * @return The provider. 226: */ 227: public final Provider getProvider() 228: { 229: return provider; 230: } 231: 232: /** 233: * Attempt to validate a certificate path. 234: * 235: * @param certPath The path to validate. 236: * @param params The algorithm-specific parameters. 237: * @return The result of this validation attempt. 238: * @throws CertPathValidatorException If the certificate path cannot 239: * be validated. 240: * @throws InvalidAlgorithmParameterException If this implementation 241: * rejects the specified parameters. 242: */ 243: public final CertPathValidatorResult validate(CertPath certPath, 244: CertPathParameters params) 245: throws CertPathValidatorException, InvalidAlgorithmParameterException 246: { 247: return validatorSpi.engineValidate(certPath, params); 248: } 249: }