Source for java.security.cert.CertificateFactory

   1: /* CertificateFactory.java -- Certificate Factory Class
   2:    Copyright (C) 1999, 2002, 2003, 2004  Free Software Foundation, Inc.
   3: 
   4: This file is part of GNU Classpath.
   5: 
   6: GNU Classpath is free software; you can redistribute it and/or modify
   7: it under the terms of the GNU General Public License as published by
   8: the Free Software Foundation; either version 2, or (at your option)
   9: any later version.
  10:  
  11: GNU Classpath is distributed in the hope that it will be useful, but
  12: WITHOUT ANY WARRANTY; without even the implied warranty of
  13: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14: General Public License for more details.
  15: 
  16: You should have received a copy of the GNU General Public License
  17: along with GNU Classpath; see the file COPYING.  If not, write to the
  18: Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
  19: 02110-1301 USA.
  20: 
  21: Linking this library statically or dynamically with other modules is
  22: making a combined work based on this library.  Thus, the terms and
  23: conditions of the GNU General Public License cover the whole
  24: combination.
  25: 
  26: As a special exception, the copyright holders of this library give you
  27: permission to link this library with independent modules to produce an
  28: executable, regardless of the license terms of these independent
  29: modules, and to copy and distribute the resulting executable under
  30: terms of your choice, provided that you also meet, for each linked
  31: independent module, the terms and conditions of the license of that
  32: module.  An independent module is a module which is not derived from
  33: or based on this library.  If you modify this library, you may extend
  34: this exception to your version of the library, but you are not
  35: obligated to do so.  If you do not wish to do so, delete this
  36: exception statement from your version. */
  37: 
  38: 
  39: package java.security.cert;
  40: 
  41: import gnu.java.security.Engine;
  42: 
  43: import java.io.InputStream;
  44: import java.security.NoSuchAlgorithmException;
  45: import java.security.NoSuchProviderException;
  46: import java.security.Provider;
  47: import java.security.Security;
  48: import java.util.Collection;
  49: import java.util.Iterator;
  50: import java.util.List;
  51: 
  52: /**
  53:  * This class implements the CertificateFactory class interface used to
  54:  * generate certificates, certificate revocation lists (CRLs), and certificate
  55:  * paths objects from their encoded forms.
  56:  *
  57:  * @author Mark Benvenuto
  58:  * @author Casey Marshall
  59:  * @since JDK 1.2
  60:  * @status Fully compatible with JDK 1.4.
  61:  */
  62: public class CertificateFactory
  63: {
  64: 
  65:   /** The service name for certificate factories. */
  66:   private static final String CERTIFICATE_FACTORY = "CertificateFactory";
  67: 
  68:   private CertificateFactorySpi certFacSpi;
  69:   private Provider provider;
  70:   private String type;
  71: 
  72:   /**
  73:    * Creates an instance of CertificateFactory.
  74:    *
  75:    * @param certFacSpi The underlying CertificateFactory engine.
  76:    * @param provider   The provider of this implementation.
  77:    * @param type       The type of Certificate this factory creates.
  78:    */
  79:   protected CertificateFactory(CertificateFactorySpi certFacSpi,
  80:                                Provider provider, String type)
  81:   {
  82:     this.certFacSpi = certFacSpi;
  83:     this.provider = provider;
  84:     this.type = type;
  85:   }
  86: 
  87: // Class methods.
  88:   // ------------------------------------------------------------------------
  89: 
  90:   /** 
  91:    * Gets an instance of the CertificateFactory class representing
  92:    * the specified certificate factory. If the type is not 
  93:    * found then, it throws CertificateException.
  94:    *
  95:    * @param type     The type of certificate factory to create.
  96:    * @return a CertificateFactory repesenting the desired type
  97:    * @throws CertificateException If the type of certificate is not
  98:    *    implemented by any installed provider.
  99:    */
 100:   public static final CertificateFactory getInstance(String type)
 101:     throws CertificateException
 102:   {
 103:     Provider[] p = Security.getProviders();
 104: 
 105:     for (int i = 0; i < p.length; i++)
 106:       {
 107:         try
 108:           {
 109:             return getInstance(type, p[i]);
 110:           }
 111:         catch (CertificateException e)
 112:           {
 113:         // Ignored.
 114:           }
 115:       }
 116: 
 117:     throw new CertificateException(type);
 118:   }
 119: 
 120:   /** 
 121:    * Gets an instance of the CertificateFactory class representing
 122:    * the specified certificate factory from the specified provider. 
 123:    * If the type is not found then, it throws {@link CertificateException}. 
 124:    * If the provider is not found, then it throws 
 125:    * {@link java.security.NoSuchProviderException}.
 126:    *
 127:    * @param type     The type of certificate factory to create.
 128:    * @param provider The name of the provider from which to get the
 129:    *        implementation.
 130:    * @return A CertificateFactory for the desired type.
 131:    * @throws CertificateException If the type of certificate is not
 132:    *         implemented by the named provider.
 133:    * @throws NoSuchProviderException If the named provider is not installed.
 134:    */
 135:   public static final CertificateFactory getInstance(String type,
 136:                                                      String provider) 
 137:     throws CertificateException, NoSuchProviderException
 138:   {
 139:     Provider p = Security.getProvider(provider);
 140:     if( p == null)
 141:       throw new NoSuchProviderException(provider);
 142: 
 143:     return getInstance(type, p);
 144:   }
 145: 
 146:   /**
 147:    * Get a certificate factory for the given certificate type from the
 148:    * given provider.
 149:    *
 150:    * @param type     The type of certificate factory to create.
 151:    * @param provider The provider from which to get the implementation.
 152:    * @return A CertificateFactory for the desired type.
 153:    * @throws CertificateException If the type of certificate is not
 154:    *         implemented by the provider.
 155:    * @throws IllegalArgumentException If the provider is null.
 156:    */
 157:   public static final CertificateFactory getInstance(String type,
 158:                                                      Provider provider)
 159:     throws CertificateException
 160:   {
 161:     if (provider == null)
 162:       throw new IllegalArgumentException("null provider");
 163: 
 164:     try
 165:       {
 166:         return new CertificateFactory((CertificateFactorySpi)
 167:           Engine.getInstance(CERTIFICATE_FACTORY, type, provider),
 168:           provider, type);
 169:       }
 170:     catch (ClassCastException cce)
 171:       {
 172:         throw new CertificateException(type);
 173:       }
 174:     catch (java.lang.reflect.InvocationTargetException ite)
 175:       {
 176:         throw new CertificateException(type);
 177:       }
 178:     catch (NoSuchAlgorithmException nsae)
 179:       {
 180:         throw new CertificateException(nsae.getMessage());
 181:       }
 182:   }
 183: 
 184: // Instance methods.
 185:   // ------------------------------------------------------------------------
 186: 
 187:   /**
 188:    * Gets the provider of this implementation.
 189:    *
 190:    * @return The provider of this implementation.
 191:    */
 192:   public final Provider getProvider()
 193:   {
 194:     return provider;
 195:   }
 196: 
 197:   /**
 198:    * Returns the type of the certificate this factory creates.
 199:    *
 200:    * @return A string with the type of certificate
 201:    */
 202:   public final String getType()
 203:   {
 204:     return type;
 205:   }
 206: 
 207:   /**
 208:    * Generates a Certificate from the encoded data read
 209:    * from an InputStream.
 210:    *
 211:    * <p>The input stream must contain only one certificate.
 212:    *
 213:    * <p>If there exists a specialized certificate class for the
 214:    * certificate format handled by the certificate factory
 215:    * then the return Ceritificate should be a typecast of it.
 216:    * Ex: A X.509 CertificateFactory should return X509Certificate.
 217:    *
 218:    * <p>For X.509 certificates, the certificate in inStream must be
 219:    * DER encoded and supplied in binary or printable (Base64) 
 220:    * encoding. If the certificate is in Base64 encoding, it must be 
 221:    * bounded by -----BEGINCERTIFICATE-----, and 
 222:    * -----END CERTIFICATE-----. 
 223:    *
 224:    * @param inStream An input stream containing the certificate data.
 225:    * @return A certificate initialized from the decoded InputStream data.
 226:    * @throws CertificateException If an error occurs decoding the
 227:    *   certificate.
 228:    */
 229:   public final Certificate generateCertificate(InputStream inStream)
 230:     throws CertificateException
 231:   {
 232:     return certFacSpi.engineGenerateCertificate(inStream);
 233:   }
 234: 
 235:   /**
 236:    * Returns a collection of certificates that were read from the 
 237:    * input stream. It may be empty, have only one, or have 
 238:    * multiple certificates.
 239:    *
 240:    * For a X.509 certificate factory, the stream may contain a
 241:    * single DER encoded certificate or a PKCS#7 certificate 
 242:    * chain. This is a PKCS#7 <I>SignedData</I> object with the 
 243:    * most significant field being <I>certificates</I>. If no 
 244:    * CRLs are present, then an empty collection is returned.
 245:      *
 246:    * @param inStream An input stream containing the certificate data.
 247:    * @return A collection of certificates initialized from the decoded
 248:    *   InputStream data.
 249:    * @throws CertificateException If an error occurs decoding the
 250:    *   certificates.
 251:    */
 252:   public final Collection generateCertificates(InputStream inStream)
 253:     throws CertificateException
 254:   {
 255:     return certFacSpi.engineGenerateCertificates(inStream);
 256:   }
 257: 
 258:   /**
 259:    * Generates a CRL based on the encoded data read
 260:    * from the InputStream.
 261:    *
 262:    * <p>The input stream must contain only one CRL.
 263:    *
 264:    * <p>If there exists a specialized CRL class for the
 265:    * CRL format handled by the certificate factory
 266:    * then the return CRL should be a typecast of it.
 267:    * Ex: A X.509 CertificateFactory should return X509CRL.
 268:    *
 269:    * @param inStream An input stream containing the CRL data.
 270:    * @return A CRL initialized from the decoded InputStream data.
 271:    * @throws CRLException If an error occurs decoding the CRL.
 272:    */
 273:   public final CRL generateCRL(InputStream inStream)
 274:     throws CRLException
 275:   {
 276:     return certFacSpi.engineGenerateCRL(inStream);
 277:   }
 278: 
 279:   /**
 280:    * <p>Generates CRLs based on the encoded data read
 281:    * from the InputStream.
 282:    *
 283:    * <p>For a X.509 certificate factory, the stream may contain a
 284:    * single DER encoded CRL or a PKCS#7 CRL set. This is a 
 285:    * PKCS#7 <I>SignedData</I> object with the most significant 
 286:    * field being <I>crls</I>. If no CRLs are present, then an
 287:    * empty collection is returned.
 288:    *
 289:    * @param inStream an input stream containing the CRLs.
 290:    * @return a collection of CRLs initialized from the decoded
 291:    *    InputStream data.
 292:    * @throws CRLException If an error occurs decoding the CRLs.
 293:    */
 294:   public final Collection generateCRLs(InputStream inStream)
 295:     throws CRLException
 296:   {
 297:     return certFacSpi.engineGenerateCRLs( inStream );
 298:   }
 299: 
 300:   /**
 301:    * Generate a {@link CertPath} and initialize it with data parsed from
 302:    * the input stream. The default encoding of this factory is used.
 303:    *
 304:    * @param inStream The InputStream containing the CertPath data.
 305:    * @return A CertPath initialized from the input stream data.
 306:    * @throws CertificateException If an error occurs decoding the
 307:    * CertPath.
 308:    */
 309:   public final CertPath generateCertPath(InputStream inStream)
 310:     throws CertificateException
 311:   {
 312:     return certFacSpi.engineGenerateCertPath(inStream);
 313:   }
 314: 
 315:   /**
 316:    * Generate a {@link CertPath} and initialize it with data parsed from
 317:    * the input stream, using the specified encoding.
 318:    *
 319:    * @param inStream The InputStream containing the CertPath data.
 320:    * @param encoding The encoding of the InputStream data.
 321:    * @return A CertPath initialized from the input stream data.
 322:    * @throws CertificateException If an error occurs decoding the
 323:    *   CertPath.
 324:    */
 325:   public final CertPath generateCertPath(InputStream inStream, String encoding)
 326:     throws CertificateException
 327:   {
 328:     return certFacSpi.engineGenerateCertPath(inStream, encoding);
 329:   }
 330: 
 331:   /**
 332:    * Generate a {@link CertPath} and initialize it with the certificates
 333:    * in the {@link java.util.List} argument.
 334:    *
 335:    * @param certificates The list of certificates with which to create
 336:    *   the CertPath.
 337:    * @return A CertPath initialized from the certificates.
 338:    * @throws CertificateException If an error occurs generating the
 339:    *   CertPath.
 340:    */
 341:   public final CertPath generateCertPath(List certificates)
 342:     throws CertificateException
 343:   {
 344:     return certFacSpi.engineGenerateCertPath(certificates);
 345:   }
 346: 
 347:   /**
 348:    * Returns an Iterator of CertPath encodings supported by this
 349:    * factory, with the default encoding first. The returned Iterator
 350:    * cannot be modified.
 351:    *
 352:    * @return The Iterator of supported encodings.
 353:    */
 354:   public final Iterator getCertPathEncodings()
 355:   {
 356:     return certFacSpi.engineGetCertPathEncodings();
 357:   }
 358: } // class CertificateFactory