Frames | No Frames |
1: /* CertificateFactory.java -- Certificate Factory Class 2: Copyright (C) 1999, 2002, 2003, 2004 Free Software Foundation, Inc. 3: 4: This file is part of GNU Classpath. 5: 6: GNU Classpath is free software; you can redistribute it and/or modify 7: it under the terms of the GNU General Public License as published by 8: the Free Software Foundation; either version 2, or (at your option) 9: any later version. 10: 11: GNU Classpath is distributed in the hope that it will be useful, but 12: WITHOUT ANY WARRANTY; without even the implied warranty of 13: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14: General Public License for more details. 15: 16: You should have received a copy of the GNU General Public License 17: along with GNU Classpath; see the file COPYING. If not, write to the 18: Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 19: 02110-1301 USA. 20: 21: Linking this library statically or dynamically with other modules is 22: making a combined work based on this library. Thus, the terms and 23: conditions of the GNU General Public License cover the whole 24: combination. 25: 26: As a special exception, the copyright holders of this library give you 27: permission to link this library with independent modules to produce an 28: executable, regardless of the license terms of these independent 29: modules, and to copy and distribute the resulting executable under 30: terms of your choice, provided that you also meet, for each linked 31: independent module, the terms and conditions of the license of that 32: module. An independent module is a module which is not derived from 33: or based on this library. If you modify this library, you may extend 34: this exception to your version of the library, but you are not 35: obligated to do so. If you do not wish to do so, delete this 36: exception statement from your version. */ 37: 38: 39: package java.security.cert; 40: 41: import gnu.java.security.Engine; 42: 43: import java.io.InputStream; 44: import java.security.NoSuchAlgorithmException; 45: import java.security.NoSuchProviderException; 46: import java.security.Provider; 47: import java.security.Security; 48: import java.util.Collection; 49: import java.util.Iterator; 50: import java.util.List; 51: 52: /** 53: * This class implements the CertificateFactory class interface used to 54: * generate certificates, certificate revocation lists (CRLs), and certificate 55: * paths objects from their encoded forms. 56: * 57: * @author Mark Benvenuto 58: * @author Casey Marshall 59: * @since JDK 1.2 60: * @status Fully compatible with JDK 1.4. 61: */ 62: public class CertificateFactory 63: { 64: 65: /** The service name for certificate factories. */ 66: private static final String CERTIFICATE_FACTORY = "CertificateFactory"; 67: 68: private CertificateFactorySpi certFacSpi; 69: private Provider provider; 70: private String type; 71: 72: /** 73: * Creates an instance of CertificateFactory. 74: * 75: * @param certFacSpi The underlying CertificateFactory engine. 76: * @param provider The provider of this implementation. 77: * @param type The type of Certificate this factory creates. 78: */ 79: protected CertificateFactory(CertificateFactorySpi certFacSpi, 80: Provider provider, String type) 81: { 82: this.certFacSpi = certFacSpi; 83: this.provider = provider; 84: this.type = type; 85: } 86: 87: // Class methods. 88: // ------------------------------------------------------------------------ 89: 90: /** 91: * Gets an instance of the CertificateFactory class representing 92: * the specified certificate factory. If the type is not 93: * found then, it throws CertificateException. 94: * 95: * @param type The type of certificate factory to create. 96: * @return a CertificateFactory repesenting the desired type 97: * @throws CertificateException If the type of certificate is not 98: * implemented by any installed provider. 99: */ 100: public static final CertificateFactory getInstance(String type) 101: throws CertificateException 102: { 103: Provider[] p = Security.getProviders(); 104: 105: for (int i = 0; i < p.length; i++) 106: { 107: try 108: { 109: return getInstance(type, p[i]); 110: } 111: catch (CertificateException e) 112: { 113: // Ignored. 114: } 115: } 116: 117: throw new CertificateException(type); 118: } 119: 120: /** 121: * Gets an instance of the CertificateFactory class representing 122: * the specified certificate factory from the specified provider. 123: * If the type is not found then, it throws {@link CertificateException}. 124: * If the provider is not found, then it throws 125: * {@link java.security.NoSuchProviderException}. 126: * 127: * @param type The type of certificate factory to create. 128: * @param provider The name of the provider from which to get the 129: * implementation. 130: * @return A CertificateFactory for the desired type. 131: * @throws CertificateException If the type of certificate is not 132: * implemented by the named provider. 133: * @throws NoSuchProviderException If the named provider is not installed. 134: */ 135: public static final CertificateFactory getInstance(String type, 136: String provider) 137: throws CertificateException, NoSuchProviderException 138: { 139: Provider p = Security.getProvider(provider); 140: if( p == null) 141: throw new NoSuchProviderException(provider); 142: 143: return getInstance(type, p); 144: } 145: 146: /** 147: * Get a certificate factory for the given certificate type from the 148: * given provider. 149: * 150: * @param type The type of certificate factory to create. 151: * @param provider The provider from which to get the implementation. 152: * @return A CertificateFactory for the desired type. 153: * @throws CertificateException If the type of certificate is not 154: * implemented by the provider. 155: * @throws IllegalArgumentException If the provider is null. 156: */ 157: public static final CertificateFactory getInstance(String type, 158: Provider provider) 159: throws CertificateException 160: { 161: if (provider == null) 162: throw new IllegalArgumentException("null provider"); 163: 164: try 165: { 166: return new CertificateFactory((CertificateFactorySpi) 167: Engine.getInstance(CERTIFICATE_FACTORY, type, provider), 168: provider, type); 169: } 170: catch (ClassCastException cce) 171: { 172: throw new CertificateException(type); 173: } 174: catch (java.lang.reflect.InvocationTargetException ite) 175: { 176: throw new CertificateException(type); 177: } 178: catch (NoSuchAlgorithmException nsae) 179: { 180: throw new CertificateException(nsae.getMessage()); 181: } 182: } 183: 184: // Instance methods. 185: // ------------------------------------------------------------------------ 186: 187: /** 188: * Gets the provider of this implementation. 189: * 190: * @return The provider of this implementation. 191: */ 192: public final Provider getProvider() 193: { 194: return provider; 195: } 196: 197: /** 198: * Returns the type of the certificate this factory creates. 199: * 200: * @return A string with the type of certificate 201: */ 202: public final String getType() 203: { 204: return type; 205: } 206: 207: /** 208: * Generates a Certificate from the encoded data read 209: * from an InputStream. 210: * 211: * <p>The input stream must contain only one certificate. 212: * 213: * <p>If there exists a specialized certificate class for the 214: * certificate format handled by the certificate factory 215: * then the return Ceritificate should be a typecast of it. 216: * Ex: A X.509 CertificateFactory should return X509Certificate. 217: * 218: * <p>For X.509 certificates, the certificate in inStream must be 219: * DER encoded and supplied in binary or printable (Base64) 220: * encoding. If the certificate is in Base64 encoding, it must be 221: * bounded by -----BEGINCERTIFICATE-----, and 222: * -----END CERTIFICATE-----. 223: * 224: * @param inStream An input stream containing the certificate data. 225: * @return A certificate initialized from the decoded InputStream data. 226: * @throws CertificateException If an error occurs decoding the 227: * certificate. 228: */ 229: public final Certificate generateCertificate(InputStream inStream) 230: throws CertificateException 231: { 232: return certFacSpi.engineGenerateCertificate(inStream); 233: } 234: 235: /** 236: * Returns a collection of certificates that were read from the 237: * input stream. It may be empty, have only one, or have 238: * multiple certificates. 239: * 240: * For a X.509 certificate factory, the stream may contain a 241: * single DER encoded certificate or a PKCS#7 certificate 242: * chain. This is a PKCS#7 <I>SignedData</I> object with the 243: * most significant field being <I>certificates</I>. If no 244: * CRLs are present, then an empty collection is returned. 245: * 246: * @param inStream An input stream containing the certificate data. 247: * @return A collection of certificates initialized from the decoded 248: * InputStream data. 249: * @throws CertificateException If an error occurs decoding the 250: * certificates. 251: */ 252: public final Collection generateCertificates(InputStream inStream) 253: throws CertificateException 254: { 255: return certFacSpi.engineGenerateCertificates(inStream); 256: } 257: 258: /** 259: * Generates a CRL based on the encoded data read 260: * from the InputStream. 261: * 262: * <p>The input stream must contain only one CRL. 263: * 264: * <p>If there exists a specialized CRL class for the 265: * CRL format handled by the certificate factory 266: * then the return CRL should be a typecast of it. 267: * Ex: A X.509 CertificateFactory should return X509CRL. 268: * 269: * @param inStream An input stream containing the CRL data. 270: * @return A CRL initialized from the decoded InputStream data. 271: * @throws CRLException If an error occurs decoding the CRL. 272: */ 273: public final CRL generateCRL(InputStream inStream) 274: throws CRLException 275: { 276: return certFacSpi.engineGenerateCRL(inStream); 277: } 278: 279: /** 280: * <p>Generates CRLs based on the encoded data read 281: * from the InputStream. 282: * 283: * <p>For a X.509 certificate factory, the stream may contain a 284: * single DER encoded CRL or a PKCS#7 CRL set. This is a 285: * PKCS#7 <I>SignedData</I> object with the most significant 286: * field being <I>crls</I>. If no CRLs are present, then an 287: * empty collection is returned. 288: * 289: * @param inStream an input stream containing the CRLs. 290: * @return a collection of CRLs initialized from the decoded 291: * InputStream data. 292: * @throws CRLException If an error occurs decoding the CRLs. 293: */ 294: public final Collection generateCRLs(InputStream inStream) 295: throws CRLException 296: { 297: return certFacSpi.engineGenerateCRLs( inStream ); 298: } 299: 300: /** 301: * Generate a {@link CertPath} and initialize it with data parsed from 302: * the input stream. The default encoding of this factory is used. 303: * 304: * @param inStream The InputStream containing the CertPath data. 305: * @return A CertPath initialized from the input stream data. 306: * @throws CertificateException If an error occurs decoding the 307: * CertPath. 308: */ 309: public final CertPath generateCertPath(InputStream inStream) 310: throws CertificateException 311: { 312: return certFacSpi.engineGenerateCertPath(inStream); 313: } 314: 315: /** 316: * Generate a {@link CertPath} and initialize it with data parsed from 317: * the input stream, using the specified encoding. 318: * 319: * @param inStream The InputStream containing the CertPath data. 320: * @param encoding The encoding of the InputStream data. 321: * @return A CertPath initialized from the input stream data. 322: * @throws CertificateException If an error occurs decoding the 323: * CertPath. 324: */ 325: public final CertPath generateCertPath(InputStream inStream, String encoding) 326: throws CertificateException 327: { 328: return certFacSpi.engineGenerateCertPath(inStream, encoding); 329: } 330: 331: /** 332: * Generate a {@link CertPath} and initialize it with the certificates 333: * in the {@link java.util.List} argument. 334: * 335: * @param certificates The list of certificates with which to create 336: * the CertPath. 337: * @return A CertPath initialized from the certificates. 338: * @throws CertificateException If an error occurs generating the 339: * CertPath. 340: */ 341: public final CertPath generateCertPath(List certificates) 342: throws CertificateException 343: { 344: return certFacSpi.engineGenerateCertPath(certificates); 345: } 346: 347: /** 348: * Returns an Iterator of CertPath encodings supported by this 349: * factory, with the default encoding first. The returned Iterator 350: * cannot be modified. 351: * 352: * @return The Iterator of supported encodings. 353: */ 354: public final Iterator getCertPathEncodings() 355: { 356: return certFacSpi.engineGetCertPathEncodings(); 357: } 358: } // class CertificateFactory