diff options
Diffstat (limited to 'libraries/spongycastle/core/src/main/jdk1.1/java/security/cert/CertPathValidator.java')
-rw-r--r-- | libraries/spongycastle/core/src/main/jdk1.1/java/security/cert/CertPathValidator.java | 250 |
1 files changed, 250 insertions, 0 deletions
diff --git a/libraries/spongycastle/core/src/main/jdk1.1/java/security/cert/CertPathValidator.java b/libraries/spongycastle/core/src/main/jdk1.1/java/security/cert/CertPathValidator.java new file mode 100644 index 000000000..aaddbf0e5 --- /dev/null +++ b/libraries/spongycastle/core/src/main/jdk1.1/java/security/cert/CertPathValidator.java @@ -0,0 +1,250 @@ +package java.security.cert; + +import java.security.InvalidAlgorithmParameterException; +import java.security.NoSuchAlgorithmException; +import java.security.NoSuchProviderException; +import java.security.Provider; +import java.security.Security; + +/** + * A class for validating certification paths (also known as certificate + * chains).<br /> + * <br /> + * This class uses a provider-based architecture, as described in the Java + * Cryptography Architecture. To create a <code>CertPathValidator</code>, + * call one of the static <code>getInstance</code> methods, passing in the + * algorithm name of the <code>CertPathValidator</code> desired and + * optionally the name of the provider desired. <br /> + * <br /> + * Once a <code>CertPathValidator</code> object has been created, it can + * be used to validate certification paths by calling the {@link #validate + * validate} method and passing it the <code>CertPath</code> to be validated + * and an algorithm-specific set of parameters. If successful, the result is + * returned in an object that implements the + * <code>CertPathValidatorResult</code> interface.<br /> + * <br /> + * <b>Concurrent Access</b><br /> + * <br /> + * The static methods of this class are guaranteed to be thread-safe. + * Multiple threads may concurrently invoke the static methods defined in + * this class with no ill effects.<br /> + * <br /> + * However, this is not true for the non-static methods defined by this class. + * Unless otherwise documented by a specific provider, threads that need to + * access a single <code>CertPathValidator</code> instance concurrently should + * synchronize amongst themselves and provide the necessary locking. Multiple + * threads each manipulating a different <code>CertPathValidator</code> + * instance need not synchronize.<br /> + * <br /> + * Uses {@link CertUtil CertUtil} to actualiy load the SPI classes. + * + * @see CertPath + * @see CertUtil + **/ +public class CertPathValidator extends Object +{ + private CertPathValidatorSpi validatorSpi; + private Provider provider; + private String algorithm; + + /** + * Creates a <code>CertPathValidator</code> object of the given algorithm, + * and encapsulates the given provider implementation (SPI object) in it. + * + * @param validatorSpi the provider implementation + * @param provider the provider + * @param algorithm the algorithm name + */ + protected CertPathValidator( CertPathValidatorSpi validatorSpi, + Provider provider, + String algorithm) + { + this.validatorSpi = validatorSpi; + this.provider = provider; + this.algorithm = algorithm; + } + + /** + * Returns a <code>CertPathValidator</code> object that implements the + * specified algorithm.<br /> + * <br /> + * If the default provider package provides an implementation of the + * specified <code>CertPathValidator</code> algorithm, an instance of + * <code>CertPathValidator</code> containing that implementation is + * returned. If the requested algorithm is not available in the default + * package, other packages are searched. + * + * @param algorithm the name of the requested <code>CertPathValidator</code> + * algorithm + * + * @return a <code>CertPathValidator</code> object that implements the + * specified algorithm + * + * @exception NoSuchAlgorithmException if the requested algorithm + * is not available in the default provider package or any of the other + * provider packages that were searched + */ + public static CertPathValidator getInstance(String algorithm) + throws NoSuchAlgorithmException + { + try { + CertUtil.Implementation imp = + CertUtil.getImplementation("CertPathValidator", algorithm, (String)null ); + if (imp != null) + { + return new CertPathValidator((CertPathValidatorSpi)imp.getEngine(), imp.getProvider(), algorithm); + } + } catch (NoSuchProviderException ex ) {} + throw new NoSuchAlgorithmException("can't find algorithm " + algorithm); + } + + /** + * Returns a <code>CertPathValidator</code> object that implements the + * specified algorithm, as supplied by the specified provider. + * + * @param algorithm the name of the requested <code>CertPathValidator</code> + * algorithm + * @param provider the name of the provider + * + * @return a <code>CertPathValidator</code> object that implements the + * specified algorithm, as supplied by the specified provider + * + * @exception NoSuchAlgorithmException if the requested algorithm + * is not available from the specified provider + * @exception NoSuchProviderException if the provider has not been + * configured + * @exception IllegalArgumentException if the <code>provider</code> is + * null + */ + public static CertPathValidator getInstance(String algorithm, + String provider) + throws NoSuchAlgorithmException, + NoSuchProviderException + { + if ( provider == null ) + throw new IllegalArgumentException("provider must be non-null"); + + CertUtil.Implementation imp = CertUtil.getImplementation("CertPathValidator", algorithm, provider ); + if (imp != null) + { + return new CertPathValidator((CertPathValidatorSpi)imp.getEngine(), imp.getProvider(), algorithm); + } + throw new NoSuchAlgorithmException("can't find algorithm " + algorithm); + } + + /** + * Returns a <code>CertPathValidator</code> object that implements the + * specified algorithm, as supplied by the specified provider. + * Note: the <code>provider</code> doesn't have to be registered. + * + * @param algorithm the name of the requested + * <code>CertPathValidator</code> algorithm + * @param provider the provider + * + * @return a <code>CertPathValidator</code> object that implements the + * specified algorithm, as supplied by the specified provider + * + * @exception NoSuchAlgorithmException if the requested algorithm + * is not available from the specified provider + * @exception IllegalArgumentException if the <code>provider</code> is + * null + */ + public static CertPathValidator getInstance(String algorithm, + Provider provider) + throws NoSuchAlgorithmException + { + if ( provider == null ) + throw new IllegalArgumentException("provider must be non-null"); + + CertUtil.Implementation imp = CertUtil.getImplementation("CertPathValidator", algorithm, provider ); + if (imp != null) + { + return new CertPathValidator((CertPathValidatorSpi)imp.getEngine(), provider, algorithm); + } + throw new NoSuchAlgorithmException("can't find algorithm " + algorithm); + } + + /** + * Returns the <code>Provider</code> of this + * <code>CertPathValidator</code>. + * + * @return the <code>Provider</code> of this <code>CertPathValidator</code> + */ + public final Provider getProvider() + { + return provider; + } + + /** + * Returns the algorithm name of this <code>CertPathValidator</code>. + * + * @return the algorithm name of this <code>CertPathValidator</code> + */ + public final String getAlgorithm() + { + return algorithm; + } + + /** + * Validates the specified certification path using the specified + * algorithm parameter set.<br /> + * <br /> + * The <code>CertPath</code> specified must be of a type that is + * supported by the validation algorithm, otherwise an + * <code>InvalidAlgorithmParameterException</code> will be thrown. For + * example, a <code>CertPathValidator</code> that implements the PKIX + * algorithm validates <code>CertPath</code> objects of type X.509. + * + * @param certPath the <code>CertPath</code> to be validated + * @param params the algorithm parameters + * + * @return the result of the validation algorithm + * + * @exception CertPathValidatorException if the <code>CertPath</code> + * does not validate + * @exception InvalidAlgorithmParameterException if the specified + * parameters or the type of the specified <code>CertPath</code> are + * inappropriate for this <code>CertPathValidator</code> + */ + public final CertPathValidatorResult validate( CertPath certPath, + CertPathParameters params) + throws CertPathValidatorException, + InvalidAlgorithmParameterException + { + return validatorSpi.engineValidate( certPath, params ); + } + + + /** + * Returns the default <code>CertPathValidator</code> type as specified in + * the Java security properties file, or the string "PKIX" + * if no such property exists. The Java security properties file is + * located in the file named <JAVA_HOME>/lib/security/java.security, + * where <JAVA_HOME> refers to the directory where the SDK was + * installed.<br /> + * <br /> + * The default <code>CertPathValidator</code> type can be used by + * applications that do not want to use a hard-coded type when calling one + * of the <code>getInstance</code> methods, and want to provide a default + * type in case a user does not specify its own.<br /> + * <br /> + * The default <code>CertPathValidator</code> type can be changed by + * setting the value of the "certpathvalidator.type" security property + * (in the Java security properties file) to the desired type. + * + * @return the default <code>CertPathValidator</code> type as specified + * in the Java security properties file, or the string "PKIX" + * if no such property exists. + */ + public static final String getDefaultType() + { + String defaulttype = null; + defaulttype = Security.getProperty("certpathvalidator.type"); + + if ( defaulttype == null || defaulttype.length() <= 0 ) + return "PKIX"; + else + return defaulttype; + } +} + |