Overview Package Class Use Source Tree Index Deprecated About
Frames | No Frames

Source for gnu.java.security.x509.X509CertSelectorImpl

   1: /* X509CertSelectorImpl.java -- implementation of an X509CertSelector.
   2:    Copyright (C) 2004  Free Software Foundation, Inc.
   3: 
   4: This file is part of GNU Classpath.
   5: 
   6: GNU Classpath is free software; you can redistribute it and/or modify
   7: it under the terms of the GNU General Public License as published by
   8: the Free Software Foundation; either version 2, or (at your option)
   9: any later version.
  10: 
  11: GNU Classpath is distributed in the hope that it will be useful, but
  12: WITHOUT ANY WARRANTY; without even the implied warranty of
  13: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14: General Public License for more details.
  15: 
  16: You should have received a copy of the GNU General Public License
  17: along with GNU Classpath; see the file COPYING.  If not, write to the
  18: Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
  19: 02110-1301 USA.
  20: 
  21: Linking this library statically or dynamically with other modules is
  22: making a combined work based on this library.  Thus, the terms and
  23: conditions of the GNU General Public License cover the whole
  24: combination.
  25: 
  26: As a special exception, the copyright holders of this library give you
  27: permission to link this library with independent modules to produce an
  28: executable, regardless of the license terms of these independent
  29: modules, and to copy and distribute the resulting executable under
  30: terms of your choice, provided that you also meet, for each linked
  31: independent module, the terms and conditions of the license of that
  32: module.  An independent module is a module which is not derived from
  33: or based on this library.  If you modify this library, you may extend
  34: this exception to your version of the library, but you are not
  35: obligated to do so.  If you do not wish to do so, delete this
  36: exception statement from your version. */
  37: 
  38: 
  39: package gnu.java.security.x509;
  40: 
  41: import java.io.IOException;
  42: import java.security.Principal;
  43: import java.security.cert.CertSelector;
  44: import java.security.cert.Certificate;
  45: import java.security.cert.X509Certificate;
  46: import java.util.Collection;
  47: import java.util.Collections;
  48: import java.util.HashSet;
  49: import java.util.Iterator;
  50: import java.util.Set;
  51: 
  52: import javax.security.auth.x500.X500Principal;
  53: 
  54: /**
  55:  * Sun's implementation of X509CertSelector sucks. This one tries to work
  56:  * better.
  57:  */
  58: public class X509CertSelectorImpl implements CertSelector
  59: {
  60: 
  61:   // Fields.
  62:   // -------------------------------------------------------------------------
  63: 
  64:   private Set issuerNames;
  65:   private Set subjectNames;
  66: 
  67:   // Constructor.
  68:   // -------------------------------------------------------------------------
  69: 
  70:   public X509CertSelectorImpl()
  71:   {
  72:     issuerNames = new HashSet();
  73:     subjectNames = new HashSet();
  74:   }
  75: 
  76:   // Instance methods.
  77:   // -------------------------------------------------------------------------
  78: 
  79:   public void addIssuerName(byte[] issuerName) throws IOException
  80:   {
  81:     issuerNames.add(new X500DistinguishedName(issuerName));
  82:   }
  83: 
  84:   public void addIssuerName(String issuerName)
  85:   {
  86:     issuerNames.add(new X500DistinguishedName(issuerName));
  87:   }
  88: 
  89:   public void addIssuerName(Principal issuerName) throws IOException
  90:   {
  91:     if (issuerName instanceof X500DistinguishedName)
  92:       issuerNames.add(issuerName);
  93:     else if (issuerName instanceof X500Principal)
  94:       issuerNames.add(new X500DistinguishedName(((X500Principal) issuerName).getEncoded()));
  95:     else
  96:       issuerNames.add(new X500DistinguishedName(issuerName.getName()));
  97:   }
  98: 
  99:   public Collection getIssuerNames()
 100:   {
 101:     return Collections.unmodifiableSet(issuerNames);
 102:   }
 103: 
 104:   public void addSubjectName(byte[] subjectName) throws IOException
 105:   {
 106:     subjectNames.add(new X500DistinguishedName(subjectName));
 107:   }
 108: 
 109:   public void addSubjectName(String subjectName) throws IOException
 110:   {
 111:     subjectNames.add(new X500DistinguishedName(subjectName));
 112:   }
 113: 
 114:   public void addSubjectName(Principal subjectName) throws IOException
 115:   {
 116:     if (subjectName instanceof X500DistinguishedName)
 117:       subjectNames.add(subjectName);
 118:     else if (subjectName instanceof X500Principal)
 119:       subjectNames.add(new X500DistinguishedName(((X500Principal) subjectName).getEncoded()));
 120:     else
 121:       subjectNames.add(new X500DistinguishedName(subjectName.getName()));
 122:   }
 123: 
 124:   public Collection getSubjectNames()
 125:   {
 126:     return Collections.unmodifiableSet(subjectNames);
 127:   }
 128: 
 129:   public Object clone()
 130:   {
 131:     X509CertSelectorImpl copy = new X509CertSelectorImpl();
 132:     copy.issuerNames.addAll(issuerNames);
 133:     copy.subjectNames.addAll(subjectNames);
 134:     return copy;
 135:   }
 136: 
 137:   public boolean match(Certificate cert)
 138:   {
 139:     if (!(cert instanceof X509Certificate))
 140:       return false;
 141:     boolean matchIssuer = false;
 142:     boolean matchSubject = false;
 143:     try
 144:       {
 145:         Principal p = ((X509Certificate) cert).getIssuerDN();
 146:         X500DistinguishedName thisName = null;
 147:         if (p instanceof X500DistinguishedName)
 148:           thisName = (X500DistinguishedName) p;
 149:         else if (p instanceof X500Principal)
 150:           thisName = new X500DistinguishedName(((X500Principal) p).getEncoded());
 151:         else
 152:           thisName = new X500DistinguishedName(p.getName());
 153:         if (issuerNames.isEmpty())
 154:           matchIssuer = true;
 155:         else
 156:           {
 157:             for (Iterator it = issuerNames.iterator(); it.hasNext(); )
 158:               {
 159:                 X500DistinguishedName name = (X500DistinguishedName) it.next();
 160:                 if (thisName.equals(name))
 161:                   {
 162:                     matchIssuer = true;
 163:                     break;
 164:                   }
 165:               }
 166:           }
 167: 
 168:         p = ((X509Certificate) cert).getSubjectDN();
 169:         thisName = null;
 170:         if (p instanceof X500DistinguishedName)
 171:           thisName = (X500DistinguishedName) p;
 172:         else if (p instanceof X500Principal)
 173:           thisName = new X500DistinguishedName(((X500Principal) p).getEncoded());
 174:         else
 175:           thisName = new X500DistinguishedName(p.getName());
 176:         if (subjectNames.isEmpty())
 177:           matchSubject = true;
 178:         else
 179:           {
 180:             for (Iterator it = subjectNames.iterator(); it.hasNext(); )
 181:               {
 182:                 X500DistinguishedName name = (X500DistinguishedName) it.next();
 183:                 if (thisName.equals(name))
 184:                   {
 185:                     matchSubject = true;
 186:                     break;
 187:                   }
 188:               }
 189:           }
 190:       }
 191:     catch (Exception x)
 192:       {
 193:       }
 194:     return matchIssuer && matchSubject;
 195:   }
 196: }

Overview Package Class Use Source Tree Index Deprecated About