diff options
Diffstat (limited to 'libraries/spongycastle/core/src/main/jdk1.1/java/security/cert/CertStore.java')
| -rw-r--r-- | libraries/spongycastle/core/src/main/jdk1.1/java/security/cert/CertStore.java | 352 |
1 files changed, 352 insertions, 0 deletions
diff --git a/libraries/spongycastle/core/src/main/jdk1.1/java/security/cert/CertStore.java b/libraries/spongycastle/core/src/main/jdk1.1/java/security/cert/CertStore.java new file mode 100644 index 000000000..0e2c6d2f7 --- /dev/null +++ b/libraries/spongycastle/core/src/main/jdk1.1/java/security/cert/CertStore.java @@ -0,0 +1,352 @@ +package java.security.cert; + +import java.security.InvalidAlgorithmParameterException; +import java.security.NoSuchAlgorithmException; +import java.security.NoSuchProviderException; +import java.security.Provider; +import java.security.Security; +import java.util.Collection; + +/** + * A class for retrieving <code>Certificate</code>s and <code>CRL</code>s + * from a repository.<br /> + * <br /> + * This class uses a provider-based architecture, as described in the + * Java Cryptography Architecture. + * To create a <code>CertStore</code>, call one of the static + * <code>getInstance</code> methods, passing in the type of + * <code>CertStore</code> desired, any applicable initialization parameters + * and optionally the name of the provider desired. <br /> + * <br /> + * Once the <code>CertStore</code> has been created, it can be used to + * retrieve <code>Certificate</code>s and <code>CRL</code>s by calling its + * {@link #getCertificates(CertSelector selector) getCertificates} and + * {@link #getCRLs(CRLSelector selector) getCRLs} methods.<br /> + * <br /> + * Unlike a {@link java.security.KeyStore KeyStore}, which provides access + * to a cache of private keys and trusted certificates, a + * <code>CertStore</code> is designed to provide access to a potentially + * vast repository of untrusted certificates and CRLs. For example, an LDAP + * implementation of <code>CertStore</code> provides access to certificates + * and CRLs stored in one or more directories using the LDAP protocol and the + * schema as defined in the RFC service attribute. See Appendix A in the + * Java Certification Path API Programmer's Guide for more information about + * standard <code>CertStore</code> types.<br /> + * <br /> + * <b>Concurrent Access</b><br /> + * <br /> + * All public methods of <code>CertStore</code> objects must be thread-safe. + * That is, multiple threads may concurrently invoke these methods on a + * single <code>CertStore</code> object (or more than one) with no + * ill effects. This allows a <code>CertPathBuilder</code> to search for a + * CRL while simultaneously searching for further certificates, for instance.<br /> + * <br /> + * The static methods of this class are also guaranteed to be thread-safe. + * Multiple threads may concurrently invoke the static methods defined in + * this class with no ill effects.<br /> + * <br /> + * Uses {@link CertUtil CertUtil} to actualiy load the SPI classes. + * + * @see CertUtil + **/ +public class CertStore extends Object +{ + private CertStoreSpi storeSpi; + private Provider provider; + private String type; + private CertStoreParameters params; + + /** + * Creates a <code>CertStore</code> object of the given type, and + * encapsulates the given provider implementation (SPI object) in it. + * + * @param storeSpi the provider implementation + * @param provider the provider + * @param type the type + * @param params the initialization parameters (may be <code>null</code>) + */ + protected CertStore( CertStoreSpi storeSpi, + Provider provider, + String type, + CertStoreParameters params ) + { + this.storeSpi = storeSpi; + this.provider = provider; + this.type = type; + this.params = params; + } + + /** + * Returns a <code>Collection</code> of <code>Certificate</code>s that + * match the specified selector. If no <code>Certificate</code>s + * match the selector, an empty <code>Collection</code> will be returned.<br /> + * <br /> + * For some <code>CertStore</code> types, the resulting + * <code>Collection</code> may not contain <b>all</b> of the + * <code>Certificate</code>s that match the selector. For instance, + * an LDAP <code>CertStore</code> may not search all entries in the + * directory. Instead, it may just search entries that are likely to + * contain the <code>Certificate</code>s it is looking for.<br /> + * <br /> + * Some <code>CertStore</code> implementations (especially LDAP + * <code>CertStore</code>s) may throw a <code>CertStoreException</code> + * unless a non-null <code>CertSelector</code> is provided that + * includes specific criteria that can be used to find the certificates. + * Issuer and/or subject names are especially useful criteria. + * + * @param selector A <code>CertSelector</code> used to select which + * <code>Certificate</code>s should be returned. Specify <code>null</code> + * to return all <code>Certificate</code>s (if supported). + * + * @return A <code>Collection</code> of <code>Certificate</code>s that + * match the specified selector (never <code>null</code>) + * @exception CertStoreException if an exception occurs + */ + public final Collection getCertificates( CertSelector selector ) + throws CertStoreException + { + return storeSpi.engineGetCertificates( selector ); + } + + /** + * Returns a <code>Collection</code> of <code>CRL</code>s that + * match the specified selector. If no <code>CRL</code>s + * match the selector, an empty <code>Collection</code> will be returned.<br /> + * <br /> + * For some <code>CertStore</code> types, the resulting + * <code>Collection</code> may not contain <b>all</b> of the + * <code>CRL</code>s that match the selector. For instance, + * an LDAP <code>CertStore</code> may not search all entries in the + * directory. Instead, it may just search entries that are likely to + * contain the <code>CRL</code>s it is looking for.<br /> + * <br /> + * Some <code>CertStore</code> implementations (especially LDAP + * <code>CertStore</code>s) may throw a <code>CertStoreException</code> + * unless a non-null <code>CRLSelector</code> is provided that + * includes specific criteria that can be used to find the CRLs. + * Issuer names and/or the certificate to be checked are especially useful. + * + * @param selector A <code>CRLSelector</code> used to select which + * <code>CRL</code>s should be returned. Specify <code>null</code> + * to return all <code>CRL</code>s (if supported). + * + * @return A <code>Collection</code> of <code>CRL</code>s that + * match the specified selector (never <code>null</code>) + * + * @exception CertStoreException if an exception occurs + */ + public final Collection getCRLs( CRLSelector selector ) + throws CertStoreException + { + return storeSpi.engineGetCRLs( selector ); + } + + /** + * Returns a <code>CertStore</code> object that implements the specified + * <code>CertStore</code> type and is initialized with the specified + * parameters.<br /> + * <br /> + * If the default provider package provides an implementation + * of the specified <code>CertStore</code> type, an instance of + * <code>CertStore</code> containing that implementation is returned. + * If the requested type is not available in the default package, other + * packages are searched.<br /> + * <br /> + * The <code>CertStore</code> that is returned is initialized with the + * specified <code>CertStoreParameters</code>. The type of parameters + * needed may vary between different types of <code>CertStore</code>s. + * Note that the specified <code>CertStoreParameters</code> object is + * cloned. + * + * @param type the name of the requested <code>CertStore</code> type + * @param params the initialization parameters (may be <code>null</code>) + * + * @return a <code>CertStore</code> object that implements the specified + * <code>CertStore</code> type + * + * @exception NoSuchAlgorithmException if the requested type is not + * available in the default provider package or any of the other provider + * packages that were searched + * @exception InvalidAlgorithmParameterException if the specified + * initialization parameters are inappropriate for this + * <code>CertStore</code> + */ + public static CertStore getInstance( String type, + CertStoreParameters params) + throws InvalidAlgorithmParameterException, + NoSuchAlgorithmException + { + try { + CertUtil.Implementation imp = + CertUtil.getImplementation( "CertStore", type, (String)null, + new Class[] { CertStoreParameters.class }, + new Object[] { params } ); + if (imp != null) + { + return new CertStore((CertStoreSpi)imp.getEngine(), imp.getProvider(), type, params ); + } + } catch ( NoSuchProviderException ex ) {} + throw new NoSuchAlgorithmException("can't find type " + type); + } + + /** + * Returns a <code>CertStore</code> object that implements the specified + * <code>CertStore</code> type, as supplied by the specified provider + * and initialized with the specified parameters.<br /> + * <br /> + * The <code>CertStore</code> that is returned is initialized with the + * specified <code>CertStoreParameters</code>. The type of parameters + * needed may vary between different types of <code>CertStore</code>s. + * Note that the specified <code>CertStoreParameters</code> object is + * cloned. + * + * @param type the requested <code>CertStore</code> type + * @param params the initialization parameters (may be <code>null</code>) + * @param provider the name of the provider + * + * @return a <code>CertStore</code> object that implements the + * specified type, as supplied by the specified provider + * + * @exception NoSuchAlgorithmException if the requested type is not + * available from the specified provider + * @exception InvalidAlgorithmParameterException if the specified + * initialization parameters are inappropriate for this + * <code>CertStore</code> + * @exception NoSuchProviderException if the provider has not been configured + * @exception IllegalArgumentException if the <code>provider</code> is + * null + */ + public static CertStore getInstance( String type, + CertStoreParameters params, + String provider) + throws InvalidAlgorithmParameterException, + NoSuchAlgorithmException, + NoSuchProviderException, + IllegalArgumentException + { + if ( provider == null ) + throw new IllegalArgumentException( "provider must be non-null" ); + + CertUtil.Implementation imp = + CertUtil.getImplementation( "CertStore", type, provider, + new Class[] { CertStoreParameters.class }, + new Object[] { params } ); + if (imp != null) + { + return new CertStore((CertStoreSpi)imp.getEngine(), imp.getProvider(), type, params ); + } + throw new NoSuchAlgorithmException("can't find type " + type); + } + + /** + * Returns a <code>CertStore</code> object that implements the specified + * <code>CertStore</code> type, as supplied by the specified provider and + * initialized with the specified parameters. + * Note: the <code>provider</code> doesn't have to be registered.<br /> + * <br /> + * The <code>CertStore</code> that is returned is initialized with the + * specified <code>CertStoreParameters</code>. The type of parameters + * needed may vary between different types of <code>CertStore</code>s. + * Note that the specified <code>CertStoreParameters</code> object is + * cloned. + * + * @param type the requested <code>CertStore</code> type + * @param params the initialization parameters (may be <code>null</code>) + * @param provider the provider + * + * @return a <code>CertStore</code> object that implements the + * specified type, as supplied by the specified provider + * + * @exception NoSuchAlgorithmException if the requested type is not + * available from the specified provider + * @exception InvalidAlgorithmParameterException if the specified + * initialization parameters are inappropriate for this + * <code>CertStore</code> + * @exception IllegalArgumentException if the <code>provider</code> is + * null + */ + public static CertStore getInstance( String type, + CertStoreParameters params, + Provider provider ) + throws NoSuchAlgorithmException, + InvalidAlgorithmParameterException, + IllegalArgumentException + { + if ( provider == null ) + throw new IllegalArgumentException( "provider must be non-null" ); + CertUtil.Implementation imp = + CertUtil.getImplementation( "CertStore", type, provider, + new Class[] { CertStoreParameters.class }, + new Object[] { params } ); + if (imp != null) + { + return new CertStore((CertStoreSpi)imp.getEngine(), provider, type, params ); + } + throw new NoSuchAlgorithmException("can't find type " + type); + } + + /** + * Returns the parameters used to initialize this <code>CertStore</code>. + * Note that the <code>CertStoreParameters</code> object is cloned before + * it is returned. + * + * @return the parameters used to initialize this <code>CertStore</code> + * (may be <code>null</code>) + */ + public final CertStoreParameters getCertStoreParameters() + { + return params; + } + + /** + * Returns the type of this <code>CertStore</code>. + * + * @return the type of this <code>CertStore</code> + */ + public final String getType() + { + return type; + } + + /** + * Returns the provider of this <code>CertStore</code>. + * + * @return the provider of this <code>CertStore</code> + */ + public final Provider getProvider() + { + return provider; + } + + /** + * Returns the default <code>CertStore</code> type as specified in the + * Java security properties file, or the string "LDAP" if no + * such property exists. The Java security properties file is located in + * the file named <JAVA_HOME>/lib/security/java.security, where + * <JAVA_HOME> refers to the directory where the SDK was installed.<br /> + * <br /> + * The default <code>CertStore</code> type can be used by applications + * that do not want to use a hard-coded type when calling one of the + * <code>getInstance</code> methods, and want to provide a default + * <code>CertStore</code> type in case a user does not specify its own.<br /> + * <br /> + * The default <code>CertStore</code> type can be changed by setting + * the value of the "certstore.type" security property (in the Java + * security properties file) to the desired type. + * + * @return the default <code>CertStore</code> type as specified in the + * Java security properties file, or the string "LDAP" + * if no such property exists. + */ + public static final String getDefaultType() + { + String defaulttype = null; + defaulttype = Security.getProperty("certstore.type"); + + if ( defaulttype == null || defaulttype.length() <= 0 ) + return "LDAP"; + else + return defaulttype; + } +} + |