Source for java.security.cert.CertPathBuilder

   1: /* CertPathBuilder.java -- bulids CertPath objects from Certificates.
   2:    Copyright (C) 2003, 2004  Free Software Foundation, Inc.
   3: 
   4: This file is part of GNU Classpath.
   5: 
   6: GNU Classpath is free software; you can redistribute it and/or modify
   7: it under the terms of the GNU General Public License as published by
   8: the Free Software Foundation; either version 2, or (at your option)
   9: any later version.
  10: 
  11: GNU Classpath is distributed in the hope that it will be useful, but
  12: WITHOUT ANY WARRANTY; without even the implied warranty of
  13: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14: General Public License for more details.
  15: 
  16: You should have received a copy of the GNU General Public License
  17: along with GNU Classpath; see the file COPYING.  If not, write to the
  18: Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
  19: 02110-1301 USA.
  20: 
  21: Linking this library statically or dynamically with other modules is
  22: making a combined work based on this library.  Thus, the terms and
  23: conditions of the GNU General Public License cover the whole
  24: combination.
  25: 
  26: As a special exception, the copyright holders of this library give you
  27: permission to link this library with independent modules to produce an
  28: executable, regardless of the license terms of these independent
  29: modules, and to copy and distribute the resulting executable under
  30: terms of your choice, provided that you also meet, for each linked
  31: independent module, the terms and conditions of the license of that
  32: module.  An independent module is a module which is not derived from
  33: or based on this library.  If you modify this library, you may extend
  34: this exception to your version of the library, but you are not
  35: obligated to do so.  If you do not wish to do so, delete this
  36: exception statement from your version. */
  37: 
  38: 
  39: package java.security.cert;
  40: 
  41: import gnu.java.lang.CPStringBuilder;
  42: 
  43: import gnu.java.security.Engine;
  44: 
  45: import java.lang.reflect.InvocationTargetException;
  46: import java.security.InvalidAlgorithmParameterException;
  47: import java.security.NoSuchAlgorithmException;
  48: import java.security.NoSuchProviderException;
  49: import java.security.Provider;
  50: import java.security.Security;
  51: 
  52: /**
  53:  * This class builds certificate paths (also called certificate chains),
  54:  * which can be used to establish trust for a particular certificate by
  55:  * building a path from a trusted certificate (a trust anchor) to the
  56:  * untrusted certificate.
  57:  *
  58:  * @see CertPath
  59:  */
  60: public class CertPathBuilder
  61: {
  62: 
  63:   // Constants and fields.
  64:   // ------------------------------------------------------------------------
  65: 
  66:   /** Service name for CertPathBuilder. */
  67:   private static final String CERT_PATH_BUILDER = "CertPathBuilder";
  68: 
  69:   /** The underlying implementation. */
  70:   private CertPathBuilderSpi cpbSpi;
  71: 
  72:   /** The provider of this implementation. */
  73:   private Provider provider;
  74: 
  75:   /** The name of this implementation. */
  76:   private String algorithm;
  77: 
  78:   // Constructor.
  79:   // ------------------------------------------------------------------------
  80: 
  81:   /**
  82:    * Creates a new CertPathBuilder.
  83:    *
  84:    * @param cpbSpi    The underlying implementation.
  85:    * @param provider  The provider of the implementation.
  86:    * @param algorithm This implementation's name.
  87:    */
  88:   protected CertPathBuilder(CertPathBuilderSpi cpbSpi, Provider provider,
  89:                             String algorithm)
  90:   {
  91:     this.cpbSpi = cpbSpi;
  92:     this.provider = provider;
  93:     this.algorithm = algorithm;
  94:   }
  95: 
  96:   // Class methods.
  97:   // ------------------------------------------------------------------------
  98: 
  99:   /**
 100:    * Get the default cert path builder type.
 101:    *
 102:    * <p>This value can be set at run-time by the security property
 103:    * <code>"certpathbuilder.type"</code>. If this property is not set,
 104:    * then the value returned is <code>"PKIX"</code>.
 105:    *
 106:    * @return The default CertPathBuilder algorithm.
 107:    */
 108:   public static final String getDefaultType()
 109:   {
 110:     String type = Security.getProperty("certpathbuilder.type");
 111:     if (type == null)
 112:       type = "PKIX";
 113:     return type;
 114:   }
 115: 
 116:   /**
 117:    * Returns an instance of a named <code>CertPathBuilder</code> from the
 118:    * first provider that implements it.
 119:    *
 120:    * @param algorithm The name of the <code>CertPathBuilder</code> to create.
 121:    * @return The new instance.
 122:    * @throws NoSuchAlgorithmException If no installed provider implements the
 123:    *           named algorithm.
 124:    * @throws IllegalArgumentException if <code>algorithm</code> is
 125:    *           <code>null</code> or is an empty string.
 126:    */
 127:   public static CertPathBuilder getInstance(String algorithm)
 128:       throws NoSuchAlgorithmException
 129:   {
 130:     Provider[] p = Security.getProviders();
 131:     NoSuchAlgorithmException lastException = null;
 132:     for (int i = 0; i < p.length; i++)
 133:       try
 134:         {
 135:           return getInstance(algorithm, p[i]);
 136:         }
 137:       catch (NoSuchAlgorithmException x)
 138:         {
 139:           lastException = x;
 140:         }
 141:     if (lastException != null)
 142:       throw lastException;
 143:     throw new NoSuchAlgorithmException(algorithm);
 144:   }
 145: 
 146:   /**
 147:    * Returns an instance of a named <code>CertPathBuilder</code> from a named
 148:    * provider.
 149:    *
 150:    * @param algorithm The name of the <code>CertPathBuilder</code> to create.
 151:    * @param provider The name of the provider to use.
 152:    * @return The new instance.
 153:    * @throws NoSuchAlgorithmException If no installed provider implements the
 154:    *           named algorithm.
 155:    * @throws NoSuchProviderException If the named provider does not exist.
 156:    * @throws IllegalArgumentException if either <code>algorithm</code> or
 157:    *           <code>provider</code> is <code>null</code>, or if
 158:    *           <code>algorithm</code> is an empty string.
 159:    */
 160:   public static CertPathBuilder getInstance(String algorithm, String provider)
 161:       throws NoSuchAlgorithmException, NoSuchProviderException
 162:   {
 163:     if (provider == null)
 164:       throw new IllegalArgumentException("provider MUST NOT be null");
 165:     Provider p = Security.getProvider(provider);
 166:     if (p == null)
 167:       throw new NoSuchProviderException(provider);
 168:     return getInstance(algorithm, p);
 169:   }
 170: 
 171:   /**
 172:    * Returns an instance of a named <code>CertPathBuilder</code> from the
 173:    * specified provider.
 174:    *
 175:    * @param algorithm The name of the <code>CertPathBuilder</code> to create.
 176:    * @param provider The provider to use.
 177:    * @return The new instance.
 178:    * @throws NoSuchAlgorithmException If no installed provider implements the
 179:    *           named algorithm.
 180:    * @throws IllegalArgumentException if either <code>algorithm</code> or
 181:    *           <code>provider</code> is <code>null</code>, or if
 182:    *           <code>algorithm</code> is an empty string.
 183:    */
 184:   public static CertPathBuilder getInstance(String algorithm, Provider provider)
 185:       throws NoSuchAlgorithmException
 186:   {
 187:     CPStringBuilder sb = new CPStringBuilder("CertPathBuilder for algorithm [")
 188:         .append(algorithm).append("] from provider[")
 189:         .append(provider).append("] could not be created");
 190:     Throwable cause;
 191:     try
 192:       {
 193:         Object spi = Engine.getInstance(CERT_PATH_BUILDER, algorithm, provider);
 194:         return new CertPathBuilder((CertPathBuilderSpi) spi, provider, algorithm);
 195:       }
 196:     catch (InvocationTargetException x)
 197:       {
 198:         cause = x.getCause();
 199:         if (cause instanceof NoSuchAlgorithmException)
 200:           throw (NoSuchAlgorithmException) cause;
 201:         if (cause == null)
 202:           cause = x;
 203:       }
 204:     catch (ClassCastException x)
 205:       {
 206:         cause = x;
 207:       }
 208:     NoSuchAlgorithmException x = new NoSuchAlgorithmException(sb.toString());
 209:     x.initCause(cause);
 210:     throw x;
 211:   }
 212: 
 213:   /**
 214:    * Return the name of this CertPathBuilder algorithm.
 215:    *
 216:    * @return The algorithm name.
 217:    */
 218:   public final String getAlgorithm()
 219:   {
 220:     return algorithm;
 221:   }
 222: 
 223:   /**
 224:    * Return the provider of this instance's implementation.
 225:    *
 226:    * @return The provider.
 227:    */
 228:   public final Provider getProvider()
 229:   {
 230:     return provider;
 231:   }
 232: 
 233:   /**
 234:    * Builds a certificate path. The {@link CertPathParameters} parameter
 235:    * passed to this method is implementation-specific, but in general
 236:    * should contain some number of certificates and some number of
 237:    * trusted certificates (or "trust anchors").
 238:    *
 239:    * @param params The parameters.
 240:    * @retrun The certificate path result.
 241:    * @throws CertPathBuilderException If the certificate path cannot be
 242:    *   built.
 243:    * @throws InvalidAlgorithmParameterException If the implementation
 244:    *   rejects the specified parameters.
 245:    */
 246:   public final CertPathBuilderResult build(CertPathParameters params)
 247:     throws CertPathBuilderException, InvalidAlgorithmParameterException
 248:   {
 249:     return cpbSpi.engineBuild(params);
 250:   }
 251: }