1 /* CertPathBuilder.java -- bulids CertPath objects from Certificates.
2 Copyright (C) 2003, 2004 Free Software Foundation, Inc.
4 This file is part of GNU Classpath.
6 GNU Classpath is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2, or (at your option)
11 GNU Classpath is distributed in the hope that it will be useful, but
12 WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with GNU Classpath; see the file COPYING. If not, write to the
18 Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
21 Linking this library statically or dynamically with other modules is
22 making a combined work based on this library. Thus, the terms and
23 conditions of the GNU General Public License cover the whole
26 As a special exception, the copyright holders of this library give you
27 permission to link this library with independent modules to produce an
28 executable, regardless of the license terms of these independent
29 modules, and to copy and distribute the resulting executable under
30 terms of your choice, provided that you also meet, for each linked
31 independent module, the terms and conditions of the license of that
32 module. An independent module is a module which is not derived from
33 or based on this library. If you modify this library, you may extend
34 this exception to your version of the library, but you are not
35 obligated to do so. If you do not wish to do so, delete this
36 exception statement from your version. */
39 package java.security.cert;
41 import gnu.java.security.Engine;
43 import java.lang.reflect.InvocationTargetException;
44 import java.security.InvalidAlgorithmParameterException;
45 import java.security.NoSuchAlgorithmException;
46 import java.security.NoSuchProviderException;
47 import java.security.Provider;
48 import java.security.Security;
51 * This class builds certificate paths (also called certificate chains),
52 * which can be used to establish trust for a particular certificate by
53 * building a path from a trusted certificate (a trust anchor) to the
54 * untrusted certificate.
58 public class CertPathBuilder
61 // Constants and fields.
62 // ------------------------------------------------------------------------
64 /** Service name for CertPathBuilder. */
65 private static final String CERT_PATH_BUILDER = "CertPathBuilder";
67 /** The underlying implementation. */
68 private CertPathBuilderSpi cpbSpi;
70 /** The provider of this implementation. */
71 private Provider provider;
73 /** The name of this implementation. */
74 private String algorithm;
77 // ------------------------------------------------------------------------
80 * Creates a new CertPathBuilder.
82 * @param cpbSpi The underlying implementation.
83 * @param provider The provider of the implementation.
84 * @param algorithm This implementation's name.
86 protected CertPathBuilder(CertPathBuilderSpi cpbSpi, Provider provider,
90 this.provider = provider;
91 this.algorithm = algorithm;
95 // ------------------------------------------------------------------------
98 * Get the default cert path builder type.
100 * <p>This value can be set at run-time by the security property
101 * <code>"certpathbuilder.type"</code>. If this property is not set,
102 * then the value returned is <code>"PKIX"</code>.
104 * @return The default CertPathBuilder algorithm.
106 public static final String getDefaultType()
108 String type = Security.getProperty("certpathbuilder.type");
115 * Returns an instance of a named <code>CertPathBuilder</code> from the
116 * first provider that implements it.
118 * @param algorithm The name of the <code>CertPathBuilder</code> to create.
119 * @return The new instance.
120 * @throws NoSuchAlgorithmException If no installed provider implements the
122 * @throws IllegalArgumentException if <code>algorithm</code> is
123 * <code>null</code> or is an empty string.
125 public static CertPathBuilder getInstance(String algorithm)
126 throws NoSuchAlgorithmException
128 Provider[] p = Security.getProviders();
129 NoSuchAlgorithmException lastException = null;
130 for (int i = 0; i < p.length; i++)
133 return getInstance(algorithm, p[i]);
135 catch (NoSuchAlgorithmException x)
139 if (lastException != null)
141 throw new NoSuchAlgorithmException(algorithm);
145 * Returns an instance of a named <code>CertPathBuilder</code> from a named
148 * @param algorithm The name of the <code>CertPathBuilder</code> to create.
149 * @param provider The name of the provider to use.
150 * @return The new instance.
151 * @throws NoSuchAlgorithmException If no installed provider implements the
153 * @throws NoSuchProviderException If the named provider does not exist.
154 * @throws IllegalArgumentException if either <code>algorithm</code> or
155 * <code>provider</code> is <code>null</code>, or if
156 * <code>algorithm</code> is an empty string.
158 public static CertPathBuilder getInstance(String algorithm, String provider)
159 throws NoSuchAlgorithmException, NoSuchProviderException
161 if (provider == null)
162 throw new IllegalArgumentException("provider MUST NOT be null");
163 Provider p = Security.getProvider(provider);
165 throw new NoSuchProviderException(provider);
166 return getInstance(algorithm, p);
170 * Returns an instance of a named <code>CertPathBuilder</code> from the
171 * specified provider.
173 * @param algorithm The name of the <code>CertPathBuilder</code> to create.
174 * @param provider The provider to use.
175 * @return The new instance.
176 * @throws NoSuchAlgorithmException If no installed provider implements the
178 * @throws IllegalArgumentException if either <code>algorithm</code> or
179 * <code>provider</code> is <code>null</code>, or if
180 * <code>algorithm</code> is an empty string.
182 public static CertPathBuilder getInstance(String algorithm, Provider provider)
183 throws NoSuchAlgorithmException
185 StringBuilder sb = new StringBuilder("CertPathBuilder for algorithm [")
186 .append(algorithm).append("] from provider[")
187 .append(provider).append("] could not be created");
191 Object spi = Engine.getInstance(CERT_PATH_BUILDER, algorithm, provider);
192 return new CertPathBuilder((CertPathBuilderSpi) spi, provider, algorithm);
194 catch (InvocationTargetException x)
196 cause = x.getCause();
197 if (cause instanceof NoSuchAlgorithmException)
198 throw (NoSuchAlgorithmException) cause;
202 catch (ClassCastException x)
206 NoSuchAlgorithmException x = new NoSuchAlgorithmException(sb.toString());
212 * Return the name of this CertPathBuilder algorithm.
214 * @return The algorithm name.
216 public final String getAlgorithm()
222 * Return the provider of this instance's implementation.
224 * @return The provider.
226 public final Provider getProvider()
232 * Builds a certificate path. The {@link CertPathParameters} parameter
233 * passed to this method is implementation-specific, but in general
234 * should contain some number of certificates and some number of
235 * trusted certificates (or "trust anchors").
237 * @param params The parameters.
238 * @retrun The certificate path result.
239 * @throws CertPathBuilderException If the certificate path cannot be
241 * @throws InvalidAlgorithmParameterException If the implementation
242 * rejects the specified parameters.
244 public final CertPathBuilderResult build(CertPathParameters params)
245 throws CertPathBuilderException, InvalidAlgorithmParameterException
247 return cpbSpi.engineBuild(params);