| Frames | No Frames |
1: /* CertStore -- stores and retrieves certificates. 2: Copyright (C) 2003, 2004 Free Software Foundation, Inc. 3: 4: This file is part of GNU Classpath. 5: 6: GNU Classpath is free software; you can redistribute it and/or modify 7: it under the terms of the GNU General Public License as published by 8: the Free Software Foundation; either version 2, or (at your option) 9: any later version. 10: 11: GNU Classpath is distributed in the hope that it will be useful, but 12: WITHOUT ANY WARRANTY; without even the implied warranty of 13: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14: General Public License for more details. 15: 16: You should have received a copy of the GNU General Public License 17: along with GNU Classpath; see the file COPYING. If not, write to the 18: Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 19: 02110-1301 USA. 20: 21: Linking this library statically or dynamically with other modules is 22: making a combined work based on this library. Thus, the terms and 23: conditions of the GNU General Public License cover the whole 24: combination. 25: 26: As a special exception, the copyright holders of this library give you 27: permission to link this library with independent modules to produce an 28: executable, regardless of the license terms of these independent 29: modules, and to copy and distribute the resulting executable under 30: terms of your choice, provided that you also meet, for each linked 31: independent module, the terms and conditions of the license of that 32: module. An independent module is a module which is not derived from 33: or based on this library. If you modify this library, you may extend 34: this exception to your version of the library, but you are not 35: obligated to do so. If you do not wish to do so, delete this 36: exception statement from your version. */ 37: 38: 39: package java.security.cert; 40: 41: import gnu.java.lang.CPStringBuilder; 42: 43: import gnu.java.security.Engine; 44: 45: import java.lang.reflect.InvocationTargetException; 46: import java.security.InvalidAlgorithmParameterException; 47: import java.security.NoSuchAlgorithmException; 48: import java.security.NoSuchProviderException; 49: import java.security.PrivilegedAction; 50: import java.security.Provider; 51: import java.security.Security; 52: import java.util.Collection; 53: 54: /** 55: * A CertStore is a read-only repository for certificates and 56: * certificate revocation lists. 57: * 58: * @since 1.4 59: */ 60: public class CertStore 61: { 62: 63: // Constants and fields. 64: // ------------------------------------------------------------------------ 65: 66: /** Service name for CertStore. */ 67: private static final String CERT_STORE = "CertStore"; 68: 69: /** The underlying implementation. */ 70: private CertStoreSpi storeSpi; 71: 72: /** This implementation's provider. */ 73: private Provider provider; 74: 75: /** The name of this key store type. */ 76: private String type; 77: 78: /** The parameters used to initialize this instance, if any. */ 79: private CertStoreParameters params; 80: 81: // Constructor. 82: // ------------------------------------------------------------------------ 83: 84: /** 85: * Create a new CertStore. 86: * 87: * @param storeSpi The underlying implementation. 88: * @param provider The provider of this implementation. 89: * @param type The type of CertStore this class represents. 90: * @param params The parameters used to initialize this instance, if any. 91: */ 92: protected CertStore(CertStoreSpi storeSpi, Provider provider, String type, 93: CertStoreParameters params) 94: { 95: this.storeSpi = storeSpi; 96: this.provider = provider; 97: this.type = type; 98: this.params = params; 99: } 100: 101: // Class methods. 102: // ------------------------------------------------------------------------ 103: 104: /** 105: * Returns the default certificate store type. 106: * 107: * <p>This value can be set at run-time via the security property 108: * "certstore.type"; if not specified than the default type will be 109: * "LDAP". 110: * 111: * @return The default CertStore type. 112: */ 113: public static final synchronized String getDefaultType() 114: { 115: String type = null; 116: type = (String) java.security.AccessController.doPrivileged( 117: new PrivilegedAction() { 118: public Object run() { 119: return Security.getProperty("certstore.type"); 120: } 121: } 122: ); 123: if (type == null) 124: type = "LDAP"; 125: return type; 126: } 127: 128: /** 129: * Returns an instance of the given certificate store type from the first 130: * installed provider. 131: * 132: * @param type The type of <code>CertStore</code> to create. 133: * @param params The parameters to initialize this cert store with. 134: * @return The new instance. 135: * @throws InvalidAlgorithmParameterException If the instance rejects the 136: * specified parameters. 137: * @throws NoSuchAlgorithmException If no installed provider implements the 138: * specified CertStore. 139: * @throws IllegalArgumentException if <code>type</code> is 140: * <code>null</code> or is an empty string. 141: */ 142: public static CertStore getInstance(String type, CertStoreParameters params) 143: throws InvalidAlgorithmParameterException, NoSuchAlgorithmException 144: { 145: Provider[] p = Security.getProviders(); 146: NoSuchAlgorithmException lastException = null; 147: for (int i = 0; i < p.length; i++) 148: try 149: { 150: return getInstance(type, params, p[i]); 151: } 152: catch (NoSuchAlgorithmException x) 153: { 154: lastException = x; 155: } 156: if (lastException != null) 157: throw lastException; 158: throw new NoSuchAlgorithmException(type); 159: } 160: 161: /** 162: * Returns an instance of the given certificate store type from a named 163: * provider. 164: * 165: * @param type The type of <code>CertStore</code> to create. 166: * @param params The parameters to initialize this cert store with. 167: * @param provider The name of the provider to use. 168: * @return The new instance. 169: * @throws InvalidAlgorithmParameterException If the instance rejects the 170: * specified parameters. 171: * @throws NoSuchAlgorithmException If the specified provider does not 172: * implement the specified CertStore. 173: * @throws NoSuchProviderException If no provider named <i>provider</i> is 174: * installed. 175: * @throws IllegalArgumentException if either <code>type</code> or 176: * <code>provider</code> is <code>null</code>, or if 177: * <code>type</code> is an empty string. 178: */ 179: public static CertStore getInstance(String type, CertStoreParameters params, 180: String provider) 181: throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, 182: NoSuchProviderException 183: { 184: if (provider == null) 185: throw new IllegalArgumentException("provider MUST NOT be null"); 186: Provider p = Security.getProvider(provider); 187: if (p == null) 188: throw new NoSuchProviderException(provider); 189: return getInstance(type, params, p); 190: } 191: 192: /** 193: * Returns an instance of the given certificate store type from a given 194: * provider. 195: * 196: * @param type The type of <code>CertStore</code> to create. 197: * @param params The parameters to initialize this cert store with. 198: * @param provider The provider to use. 199: * @return The new instance. 200: * @throws InvalidAlgorithmParameterException If the instance rejects 201: * the specified parameters. 202: * @throws NoSuchAlgorithmException If the specified provider does not 203: * implement the specified CertStore. 204: * @throws IllegalArgumentException if either <code>type</code> or 205: * <code>provider</code> is <code>null</code>, or if 206: * <code>type</code> is an empty string. 207: */ 208: public static CertStore getInstance(String type, CertStoreParameters params, 209: Provider provider) 210: throws InvalidAlgorithmParameterException, NoSuchAlgorithmException 211: { 212: CPStringBuilder sb = new CPStringBuilder("CertStore of type [") 213: .append(type).append("] from provider[") 214: .append(provider).append("] could not be created"); 215: Throwable cause; 216: try 217: { 218: Object[] args = new Object[] { params }; 219: Object spi = Engine.getInstance(CERT_STORE, type, provider, args); 220: return new CertStore((CertStoreSpi) spi, provider, type, params); 221: } 222: catch (InvocationTargetException x) 223: { 224: cause = x.getCause(); 225: if (cause instanceof NoSuchAlgorithmException) 226: throw (NoSuchAlgorithmException) cause; 227: if (cause == null) 228: cause = x; 229: } 230: catch (ClassCastException x) 231: { 232: cause = x; 233: } 234: NoSuchAlgorithmException x = new NoSuchAlgorithmException(sb.toString()); 235: x.initCause(cause); 236: throw x; 237: } 238: 239: /** 240: * Return the type of certificate store this instance represents. 241: * 242: * @return The CertStore type. 243: */ 244: public final String getType() 245: { 246: return type; 247: } 248: 249: /** 250: * Return the provider of this implementation. 251: * 252: * @return The provider. 253: */ 254: public final Provider getProvider() 255: { 256: return provider; 257: } 258: 259: /** 260: * Get the parameters this instance was created with, if any. The 261: * parameters will be cloned before they are returned. 262: * 263: * @return The parameters, or null. 264: */ 265: public final CertStoreParameters getCertStoreParameters() 266: { 267: return params != null ? (CertStoreParameters) params.clone() : null; 268: } 269: 270: /** 271: * Get a collection of certificates from this CertStore, optionally 272: * filtered by the specified CertSelector. The Collection returned may 273: * be empty, but will never be null. 274: * 275: * <p>Implementations may not allow a null argument, even if no 276: * filtering is desired. 277: * 278: * @param selector The certificate selector. 279: * @return The collection of certificates. 280: * @throws CertStoreException If the certificates cannot be retrieved. 281: */ 282: public final Collection<? extends Certificate> getCertificates(CertSelector selector) 283: throws CertStoreException 284: { 285: return storeSpi.engineGetCertificates(selector); 286: } 287: 288: /** 289: * Get a collection of certificate revocation lists from this CertStore, 290: * optionally filtered by the specified CRLSelector. The Collection 291: * returned may be empty, but will never be null. 292: * 293: * <p>Implementations may not allow a null argument, even if no 294: * filtering is desired. 295: * 296: * @param selector The certificate selector. 297: * @return The collection of certificate revocation lists. 298: * @throws CertStoreException If the CRLs cannot be retrieved. 299: */ 300: public final Collection<? extends CRL> getCRLs(CRLSelector selector) 301: throws CertStoreException 302: { 303: return storeSpi.engineGetCRLs(selector); 304: } 305: }