1 /* CertStore -- stores and retrieves certificates. 2 Copyright (C) 2003, 2004 Free Software Foundation, Inc. 3 4 This file is part of GNU Classpath. 5 6 GNU Classpath is free software; you can redistribute it and/or modify 7 it under the terms of the GNU General Public License as published by 8 the Free Software Foundation; either version 2, or (at your option) 9 any later version. 10 11 GNU Classpath is distributed in the hope that it will be useful, but 12 WITHOUT ANY WARRANTY; without even the implied warranty of 13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14 General Public License for more details. 15 16 You should have received a copy of the GNU General Public License 17 along with GNU Classpath; see the file COPYING. If not, write to the 18 Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 19 02110-1301 USA. 20 21 Linking this library statically or dynamically with other modules is 22 making a combined work based on this library. Thus, the terms and 23 conditions of the GNU General Public License cover the whole 24 combination. 25 26 As a special exception, the copyright holders of this library give you 27 permission to link this library with independent modules to produce an 28 executable, regardless of the license terms of these independent 29 modules, and to copy and distribute the resulting executable under 30 terms of your choice, provided that you also meet, for each linked 31 independent module, the terms and conditions of the license of that 32 module. An independent module is a module which is not derived from 33 or based on this library. If you modify this library, you may extend 34 this exception to your version of the library, but you are not 35 obligated to do so. If you do not wish to do so, delete this 36 exception statement from your version. */ 37 38 39 package java.security.cert; 40 41 import gnu.java.security.Engine; 42 43 import java.security.InvalidAlgorithmParameterException; 44 import java.security.NoSuchAlgorithmException; 45 import java.security.NoSuchProviderException; 46 import java.security.PrivilegedAction; 47 import java.security.Provider; 48 import java.security.Security; 49 import java.util.Collection; 50 51 /** 52 * A CertStore is a read-only repository for certificates and 53 * certificate revocation lists. 54 * 55 * @since JDK 1.4 56 */ 57 public class CertStore 58 { 59 60 // Constants and fields. 61 // ------------------------------------------------------------------------ 62 63 /** Service name for CertStore. */ 64 private static final String CERT_STORE = "CertStore"; 65 66 /** The underlying implementation. */ 67 private CertStoreSpi storeSpi; 68 69 /** This implementation's provider. */ 70 private Provider provider; 71 72 /** The name of this key store type. */ 73 private String type; 74 75 /** The parameters used to initialize this instance, if any. */ 76 private CertStoreParameters params; 77 78 // Constructor. 79 // ------------------------------------------------------------------------ 80 81 /** 82 * Create a new CertStore. 83 * 84 * @param storeSpi The underlying implementation. 85 * @param provider The provider of this implementation. 86 * @param type The type of CertStore this class represents. 87 * @param params The parameters used to initialize this instance, if any. 88 */ CertStore(CertStoreSpi storeSpi, Provider provider, String type, CertStoreParameters params)89 protected CertStore(CertStoreSpi storeSpi, Provider provider, String type, 90 CertStoreParameters params) 91 { 92 this.storeSpi = storeSpi; 93 this.provider = provider; 94 this.type = type; 95 this.params = params; 96 } 97 98 // Class methods. 99 // ------------------------------------------------------------------------ 100 101 /** 102 * Returns the default certificate store type. 103 * 104 * <p>This value can be set at run-time via the security property 105 * "certstore.type"; if not specified than the default type will be 106 * "LDAP". 107 * 108 * @return The default CertStore type. 109 */ getDefaultType()110 public static final synchronized String getDefaultType() 111 { 112 String type = null; 113 type = (String) java.security.AccessController.doPrivileged( 114 new PrivilegedAction() { 115 public Object run() { 116 return Security.getProperty("certstore.type"); 117 } 118 } 119 ); 120 if (type == null) 121 type = "LDAP"; 122 return type; 123 } 124 125 /** 126 * Get an instance of the given certificate store from the first 127 * installed provider. 128 * 129 * @param type The type of CertStore to create. 130 * @param params The parameters to initialize this cert store with. 131 * @return The new instance. 132 * @throws InvalidAlgorithmParameterException If the instance rejects 133 * the specified parameters. 134 * @throws NoSuchAlgorithmException If no installed provider 135 * implements the specified CertStore. 136 * @throws IllegalArgumentException If <i>provider</i> is null. 137 */ getInstance(String type, CertStoreParameters params)138 public static CertStore getInstance(String type, CertStoreParameters params) 139 throws InvalidAlgorithmParameterException, NoSuchAlgorithmException 140 { 141 Provider[] p = Security.getProviders(); 142 for (int i = 0; i < p.length; i++) 143 { 144 try 145 { 146 return getInstance(type, params, p[i]); 147 } 148 catch (NoSuchAlgorithmException e) 149 { 150 // Ignored. 151 } 152 } 153 154 throw new NoSuchAlgorithmException(type); 155 } 156 157 /** 158 * Get an instance of the given certificate store from the named 159 * provider. 160 * 161 * @param type The type of CertStore to create. 162 * @param params The parameters to initialize this cert store with. 163 * @param provider The name of the provider from which to get the 164 * implementation. 165 * @return The new instance. 166 * @throws InvalidAlgorithmParameterException If the instance rejects 167 * the specified parameters. 168 * @throws NoSuchAlgorithmException If the specified provider does not 169 * implement the specified CertStore. 170 * @throws NoSuchProviderException If no provider named 171 * <i>provider</i> is installed. 172 * @throws IllegalArgumentException If <i>provider</i> is null. 173 */ getInstance(String type, CertStoreParameters params, String provider)174 public static CertStore getInstance(String type, CertStoreParameters params, 175 String provider) 176 throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, 177 NoSuchProviderException 178 { 179 Provider p = Security.getProvider(provider); 180 if (p == null) 181 throw new NoSuchProviderException(provider); 182 return getInstance(type, params, p); 183 } 184 185 /** 186 * Get an instance of the given certificate store from the given 187 * provider. 188 * 189 * @param type The type of CertStore to create. 190 * @param params The parameters to initialize this cert store with. 191 * @param provider The provider from which to get the implementation. 192 * @return The new instance. 193 * @throws InvalidAlgorithmParameterException If the instance rejects 194 * the specified parameters. 195 * @throws NoSuchAlgorithmException If the specified provider does not 196 * implement the specified CertStore. 197 * @throws IllegalArgumentException If <i>provider</i> is null. 198 */ getInstance(String type, CertStoreParameters params, Provider provider)199 public static CertStore getInstance(String type, CertStoreParameters params, 200 Provider provider) 201 throws InvalidAlgorithmParameterException, NoSuchAlgorithmException 202 { 203 if (provider == null) 204 throw new IllegalArgumentException("null provider"); 205 206 try 207 { 208 return new CertStore((CertStoreSpi) Engine.getInstance(CERT_STORE, 209 type, provider, new Object[] { params }), provider, type, params); 210 } 211 catch (ClassCastException cce) 212 { 213 throw new NoSuchAlgorithmException(type); 214 } 215 catch (java.lang.reflect.InvocationTargetException ite) 216 { 217 Throwable cause = ite.getCause(); 218 if (cause instanceof InvalidAlgorithmParameterException) 219 throw (InvalidAlgorithmParameterException) cause; 220 else 221 throw new NoSuchAlgorithmException(type); 222 } 223 } 224 225 // Instance methods. 226 // ------------------------------------------------------------------------ 227 228 /** 229 * Return the type of certificate store this instance represents. 230 * 231 * @return The CertStore type. 232 */ getType()233 public final String getType() 234 { 235 return type; 236 } 237 238 /** 239 * Return the provider of this implementation. 240 * 241 * @return The provider. 242 */ getProvider()243 public final Provider getProvider() 244 { 245 return provider; 246 } 247 248 /** 249 * Get the parameters this instance was created with, if any. The 250 * parameters will be cloned before they are returned. 251 * 252 * @return The parameters, or null. 253 */ getCertStoreParameters()254 public final CertStoreParameters getCertStoreParameters() 255 { 256 return params != null ? (CertStoreParameters) params.clone() : null; 257 } 258 259 /** 260 * Get a collection of certificates from this CertStore, optionally 261 * filtered by the specified CertSelector. The Collection returned may 262 * be empty, but will never be null. 263 * 264 * <p>Implementations may not allow a null argument, even if no 265 * filtering is desired. 266 * 267 * @param selector The certificate selector. 268 * @return The collection of certificates. 269 * @throws CertStoreException If the certificates cannot be retrieved. 270 */ getCertificates(CertSelector selector)271 public final Collection getCertificates(CertSelector selector) 272 throws CertStoreException 273 { 274 return storeSpi.engineGetCertificates(selector); 275 } 276 277 /** 278 * Get a collection of certificate revocation lists from this CertStore, 279 * optionally filtered by the specified CRLSelector. The Collection 280 * returned may be empty, but will never be null. 281 * 282 * <p>Implementations may not allow a null argument, even if no 283 * filtering is desired. 284 * 285 * @param selector The certificate selector. 286 * @return The collection of certificate revocation lists. 287 * @throws CertStoreException If the CRLs cannot be retrieved. 288 */ getCRLs(CRLSelector selector)289 public final Collection getCRLs(CRLSelector selector) 290 throws CertStoreException 291 { 292 return storeSpi.engineGetCRLs(selector); 293 } 294 } 295