| Frames | No Frames |
1: /* CertPathBuilder.java -- bulids CertPath objects from Certificates. 2: Copyright (C) 2003, 2004 Free Software Foundation, Inc. 3: 4: This file is part of GNU Classpath. 5: 6: GNU Classpath is free software; you can redistribute it and/or modify 7: it under the terms of the GNU General Public License as published by 8: the Free Software Foundation; either version 2, or (at your option) 9: any later version. 10: 11: GNU Classpath is distributed in the hope that it will be useful, but 12: WITHOUT ANY WARRANTY; without even the implied warranty of 13: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14: General Public License for more details. 15: 16: You should have received a copy of the GNU General Public License 17: along with GNU Classpath; see the file COPYING. If not, write to the 18: Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 19: 02110-1301 USA. 20: 21: Linking this library statically or dynamically with other modules is 22: making a combined work based on this library. Thus, the terms and 23: conditions of the GNU General Public License cover the whole 24: combination. 25: 26: As a special exception, the copyright holders of this library give you 27: permission to link this library with independent modules to produce an 28: executable, regardless of the license terms of these independent 29: modules, and to copy and distribute the resulting executable under 30: terms of your choice, provided that you also meet, for each linked 31: independent module, the terms and conditions of the license of that 32: module. An independent module is a module which is not derived from 33: or based on this library. If you modify this library, you may extend 34: this exception to your version of the library, but you are not 35: obligated to do so. If you do not wish to do so, delete this 36: exception statement from your version. */ 37: 38: 39: package java.security.cert; 40: 41: import gnu.java.lang.CPStringBuilder; 42: 43: import gnu.java.security.Engine; 44: 45: import java.lang.reflect.InvocationTargetException; 46: import java.security.InvalidAlgorithmParameterException; 47: import java.security.NoSuchAlgorithmException; 48: import java.security.NoSuchProviderException; 49: import java.security.Provider; 50: import java.security.Security; 51: 52: /** 53: * This class builds certificate paths (also called certificate chains), 54: * which can be used to establish trust for a particular certificate by 55: * building a path from a trusted certificate (a trust anchor) to the 56: * untrusted certificate. 57: * 58: * @see CertPath 59: */ 60: public class CertPathBuilder 61: { 62: 63: // Constants and fields. 64: // ------------------------------------------------------------------------ 65: 66: /** Service name for CertPathBuilder. */ 67: private static final String CERT_PATH_BUILDER = "CertPathBuilder"; 68: 69: /** The underlying implementation. */ 70: private CertPathBuilderSpi cpbSpi; 71: 72: /** The provider of this implementation. */ 73: private Provider provider; 74: 75: /** The name of this implementation. */ 76: private String algorithm; 77: 78: // Constructor. 79: // ------------------------------------------------------------------------ 80: 81: /** 82: * Creates a new CertPathBuilder. 83: * 84: * @param cpbSpi The underlying implementation. 85: * @param provider The provider of the implementation. 86: * @param algorithm This implementation's name. 87: */ 88: protected CertPathBuilder(CertPathBuilderSpi cpbSpi, Provider provider, 89: String algorithm) 90: { 91: this.cpbSpi = cpbSpi; 92: this.provider = provider; 93: this.algorithm = algorithm; 94: } 95: 96: // Class methods. 97: // ------------------------------------------------------------------------ 98: 99: /** 100: * Get the default cert path builder type. 101: * 102: * <p>This value can be set at run-time by the security property 103: * <code>"certpathbuilder.type"</code>. If this property is not set, 104: * then the value returned is <code>"PKIX"</code>. 105: * 106: * @return The default CertPathBuilder algorithm. 107: */ 108: public static final String getDefaultType() 109: { 110: String type = Security.getProperty("certpathbuilder.type"); 111: if (type == null) 112: type = "PKIX"; 113: return type; 114: } 115: 116: /** 117: * Returns an instance of a named <code>CertPathBuilder</code> from the 118: * first provider that implements it. 119: * 120: * @param algorithm The name of the <code>CertPathBuilder</code> to create. 121: * @return The new instance. 122: * @throws NoSuchAlgorithmException If no installed provider implements the 123: * named algorithm. 124: * @throws IllegalArgumentException if <code>algorithm</code> is 125: * <code>null</code> or is an empty string. 126: */ 127: public static CertPathBuilder getInstance(String algorithm) 128: throws NoSuchAlgorithmException 129: { 130: Provider[] p = Security.getProviders(); 131: NoSuchAlgorithmException lastException = null; 132: for (int i = 0; i < p.length; i++) 133: try 134: { 135: return getInstance(algorithm, p[i]); 136: } 137: catch (NoSuchAlgorithmException x) 138: { 139: lastException = x; 140: } 141: if (lastException != null) 142: throw lastException; 143: throw new NoSuchAlgorithmException(algorithm); 144: } 145: 146: /** 147: * Returns an instance of a named <code>CertPathBuilder</code> from a named 148: * provider. 149: * 150: * @param algorithm The name of the <code>CertPathBuilder</code> to create. 151: * @param provider The name of the provider to use. 152: * @return The new instance. 153: * @throws NoSuchAlgorithmException If no installed provider implements the 154: * named algorithm. 155: * @throws NoSuchProviderException If the named provider does not exist. 156: * @throws IllegalArgumentException if either <code>algorithm</code> or 157: * <code>provider</code> is <code>null</code>, or if 158: * <code>algorithm</code> is an empty string. 159: */ 160: public static CertPathBuilder getInstance(String algorithm, String provider) 161: throws NoSuchAlgorithmException, NoSuchProviderException 162: { 163: if (provider == null) 164: throw new IllegalArgumentException("provider MUST NOT be null"); 165: Provider p = Security.getProvider(provider); 166: if (p == null) 167: throw new NoSuchProviderException(provider); 168: return getInstance(algorithm, p); 169: } 170: 171: /** 172: * Returns an instance of a named <code>CertPathBuilder</code> from the 173: * specified provider. 174: * 175: * @param algorithm The name of the <code>CertPathBuilder</code> to create. 176: * @param provider The provider to use. 177: * @return The new instance. 178: * @throws NoSuchAlgorithmException If no installed provider implements the 179: * named algorithm. 180: * @throws IllegalArgumentException if either <code>algorithm</code> or 181: * <code>provider</code> is <code>null</code>, or if 182: * <code>algorithm</code> is an empty string. 183: */ 184: public static CertPathBuilder getInstance(String algorithm, Provider provider) 185: throws NoSuchAlgorithmException 186: { 187: CPStringBuilder sb = new CPStringBuilder("CertPathBuilder for algorithm [") 188: .append(algorithm).append("] from provider[") 189: .append(provider).append("] could not be created"); 190: Throwable cause; 191: try 192: { 193: Object spi = Engine.getInstance(CERT_PATH_BUILDER, algorithm, provider); 194: return new CertPathBuilder((CertPathBuilderSpi) spi, provider, algorithm); 195: } 196: catch (InvocationTargetException x) 197: { 198: cause = x.getCause(); 199: if (cause instanceof NoSuchAlgorithmException) 200: throw (NoSuchAlgorithmException) cause; 201: if (cause == null) 202: cause = x; 203: } 204: catch (ClassCastException x) 205: { 206: cause = x; 207: } 208: NoSuchAlgorithmException x = new NoSuchAlgorithmException(sb.toString()); 209: x.initCause(cause); 210: throw x; 211: } 212: 213: /** 214: * Return the name of this CertPathBuilder algorithm. 215: * 216: * @return The algorithm name. 217: */ 218: public final String getAlgorithm() 219: { 220: return algorithm; 221: } 222: 223: /** 224: * Return the provider of this instance's implementation. 225: * 226: * @return The provider. 227: */ 228: public final Provider getProvider() 229: { 230: return provider; 231: } 232: 233: /** 234: * Builds a certificate path. The {@link CertPathParameters} parameter 235: * passed to this method is implementation-specific, but in general 236: * should contain some number of certificates and some number of 237: * trusted certificates (or "trust anchors"). 238: * 239: * @param params The parameters. 240: * @retrun The certificate path result. 241: * @throws CertPathBuilderException If the certificate path cannot be 242: * built. 243: * @throws InvalidAlgorithmParameterException If the implementation 244: * rejects the specified parameters. 245: */ 246: public final CertPathBuilderResult build(CertPathParameters params) 247: throws CertPathBuilderException, InvalidAlgorithmParameterException 248: { 249: return cpbSpi.engineBuild(params); 250: } 251: }