1 /* CertificateFactory.java -- Certificate Factory Class
2 Copyright (C) 1999, 2002, 2003, 2004 Free Software Foundation, Inc.
4 This file is part of GNU Classpath.
6 GNU Classpath is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2, or (at your option)
11 GNU Classpath is distributed in the hope that it will be useful, but
12 WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with GNU Classpath; see the file COPYING. If not, write to the
18 Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
21 Linking this library statically or dynamically with other modules is
22 making a combined work based on this library. Thus, the terms and
23 conditions of the GNU General Public License cover the whole
26 As a special exception, the copyright holders of this library give you
27 permission to link this library with independent modules to produce an
28 executable, regardless of the license terms of these independent
29 modules, and to copy and distribute the resulting executable under
30 terms of your choice, provided that you also meet, for each linked
31 independent module, the terms and conditions of the license of that
32 module. An independent module is a module which is not derived from
33 or based on this library. If you modify this library, you may extend
34 this exception to your version of the library, but you are not
35 obligated to do so. If you do not wish to do so, delete this
36 exception statement from your version. */
39 package java.security.cert;
41 import gnu.java.security.Engine;
43 import java.io.InputStream;
44 import java.lang.reflect.InvocationTargetException;
45 import java.security.KeyStoreException;
46 import java.security.NoSuchAlgorithmException;
47 import java.security.NoSuchProviderException;
48 import java.security.Provider;
49 import java.security.Security;
50 import java.util.Collection;
51 import java.util.Iterator;
52 import java.util.List;
55 * This class implements the CertificateFactory class interface used to
56 * generate certificates, certificate revocation lists (CRLs), and certificate
57 * paths objects from their encoded forms.
59 * @author Mark Benvenuto
60 * @author Casey Marshall
62 * @status Fully compatible with JDK 1.4.
64 public class CertificateFactory
67 /** The service name for certificate factories. */
68 private static final String CERTIFICATE_FACTORY = "CertificateFactory";
70 private CertificateFactorySpi certFacSpi;
71 private Provider provider;
75 * Creates an instance of CertificateFactory.
77 * @param certFacSpi The underlying CertificateFactory engine.
78 * @param provider The provider of this implementation.
79 * @param type The type of Certificate this factory creates.
81 protected CertificateFactory(CertificateFactorySpi certFacSpi,
82 Provider provider, String type)
84 this.certFacSpi = certFacSpi;
85 this.provider = provider;
90 * Returns an instance of a <code>CertificateFactory</code> representing the
91 * specified certificate factory type.
93 * @param type The type of certificate factory to create.
94 * @return A <code>CertificateFactory</code> of the desired type.
95 * @throws CertificateException If the type of certificate factory is not
96 * implemented by any installed provider.
97 * @throws IllegalArgumentException if <code>type</code> is
98 * <code>null</code> or is an empty string.
100 public static final CertificateFactory getInstance(String type)
101 throws CertificateException
103 Provider[] p = Security.getProviders();
104 CertificateException lastException = null;
105 for (int i = 0; i < p.length; i++)
108 return getInstance(type, p[i]);
110 catch (CertificateException x)
114 if (lastException != null)
116 throw new CertificateException(type);
120 * Returns an instance of a <code>CertificateFactory</code> representing the
121 * specified certificate factory type from the named provider.
123 * @param type The type of certificate factory to create.
124 * @param provider The name of the provider to use.
125 * @return A <code>CertificateFactory</code> for the desired type.
126 * @throws CertificateException If the type of certificate is not implemented
127 * by the named provider.
128 * @throws NoSuchProviderException If the named provider is not installed.
129 * @throws IllegalArgumentException if either <code>type</code> or
130 * <code>provider</code> is <code>null</code>, or if
131 * <code>type</code> is an empty string.
133 public static final CertificateFactory getInstance(String type,
135 throws CertificateException, NoSuchProviderException
137 if (provider == null)
138 throw new IllegalArgumentException("provider MUST NOT be null");
139 Provider p = Security.getProvider(provider);
141 throw new NoSuchProviderException(provider);
142 return getInstance(type, p);
146 * Returns an instance of a <code>CertificateFactory</code> representing the
147 * specified certificate factory type from the designated provider.
149 * @param type The type of certificate factory to create.
150 * @param provider The provider from which to get the implementation.
151 * @return A <code>CertificateFactory</code> for the desired type.
152 * @throws CertificateException If the type of certificate is not implemented
154 * @throws IllegalArgumentException if either <code>type</code> or
155 * <code>provider</code> is <code>null</code>, or if
156 * <code>type</code> is an empty string.
158 public static final CertificateFactory getInstance(String type,
160 throws CertificateException
165 Object spi = Engine.getInstance(CERTIFICATE_FACTORY, type, provider);
166 return new CertificateFactory((CertificateFactorySpi) spi, provider, type);
168 catch (ClassCastException x)
172 catch (InvocationTargetException x)
174 cause = x.getCause() != null ? x.getCause() : x;
176 catch (NoSuchAlgorithmException x)
180 CertificateException x = new CertificateException(type);
186 * Gets the provider of this implementation.
188 * @return The provider of this implementation.
190 public final Provider getProvider()
196 * Returns the type of the certificate this factory creates.
198 * @return A string with the type of certificate
200 public final String getType()
206 * Generates a Certificate from the encoded data read
207 * from an InputStream.
209 * <p>The input stream must contain only one certificate.
211 * <p>If there exists a specialized certificate class for the
212 * certificate format handled by the certificate factory
213 * then the return Ceritificate should be a typecast of it.
214 * Ex: A X.509 CertificateFactory should return X509Certificate.
216 * <p>For X.509 certificates, the certificate in inStream must be
217 * DER encoded and supplied in binary or printable (Base64)
218 * encoding. If the certificate is in Base64 encoding, it must be
219 * bounded by -----BEGINCERTIFICATE-----, and
220 * -----END CERTIFICATE-----.
222 * @param inStream An input stream containing the certificate data.
223 * @return A certificate initialized from the decoded InputStream data.
224 * @throws CertificateException If an error occurs decoding the
227 public final Certificate generateCertificate(InputStream inStream)
228 throws CertificateException
230 return certFacSpi.engineGenerateCertificate(inStream);
234 * Returns a collection of certificates that were read from the
235 * input stream. It may be empty, have only one, or have
236 * multiple certificates.
238 * For a X.509 certificate factory, the stream may contain a
239 * single DER encoded certificate or a PKCS#7 certificate
240 * chain. This is a PKCS#7 <I>SignedData</I> object with the
241 * most significant field being <I>certificates</I>. If no
242 * CRLs are present, then an empty collection is returned.
244 * @param inStream An input stream containing the certificate data.
245 * @return A collection of certificates initialized from the decoded
247 * @throws CertificateException If an error occurs decoding the
250 public final Collection<? extends Certificate> generateCertificates(InputStream inStream)
251 throws CertificateException
253 return certFacSpi.engineGenerateCertificates(inStream);
257 * Generates a CRL based on the encoded data read
258 * from the InputStream.
260 * <p>The input stream must contain only one CRL.
262 * <p>If there exists a specialized CRL class for the
263 * CRL format handled by the certificate factory
264 * then the return CRL should be a typecast of it.
265 * Ex: A X.509 CertificateFactory should return X509CRL.
267 * @param inStream An input stream containing the CRL data.
268 * @return A CRL initialized from the decoded InputStream data.
269 * @throws CRLException If an error occurs decoding the CRL.
271 public final CRL generateCRL(InputStream inStream)
274 return certFacSpi.engineGenerateCRL(inStream);
278 * <p>Generates CRLs based on the encoded data read
279 * from the InputStream.
281 * <p>For a X.509 certificate factory, the stream may contain a
282 * single DER encoded CRL or a PKCS#7 CRL set. This is a
283 * PKCS#7 <I>SignedData</I> object with the most significant
284 * field being <I>crls</I>. If no CRLs are present, then an
285 * empty collection is returned.
287 * @param inStream an input stream containing the CRLs.
288 * @return a collection of CRLs initialized from the decoded
290 * @throws CRLException If an error occurs decoding the CRLs.
292 public final Collection<? extends CRL> generateCRLs(InputStream inStream)
295 return certFacSpi.engineGenerateCRLs( inStream );
299 * Generate a {@link CertPath} and initialize it with data parsed from
300 * the input stream. The default encoding of this factory is used.
302 * @param inStream The InputStream containing the CertPath data.
303 * @return A CertPath initialized from the input stream data.
304 * @throws CertificateException If an error occurs decoding the
307 public final CertPath generateCertPath(InputStream inStream)
308 throws CertificateException
310 return certFacSpi.engineGenerateCertPath(inStream);
314 * Generate a {@link CertPath} and initialize it with data parsed from
315 * the input stream, using the specified encoding.
317 * @param inStream The InputStream containing the CertPath data.
318 * @param encoding The encoding of the InputStream data.
319 * @return A CertPath initialized from the input stream data.
320 * @throws CertificateException If an error occurs decoding the
323 public final CertPath generateCertPath(InputStream inStream, String encoding)
324 throws CertificateException
326 return certFacSpi.engineGenerateCertPath(inStream, encoding);
330 * Generate a {@link CertPath} and initialize it with the certificates
331 * in the {@link java.util.List} argument.
333 * @param certificates The list of certificates with which to create
335 * @return A CertPath initialized from the certificates.
336 * @throws CertificateException If an error occurs generating the
339 public final CertPath generateCertPath(List<? extends Certificate> certificates)
340 throws CertificateException
342 return certFacSpi.engineGenerateCertPath(certificates);
346 * Returns an Iterator of CertPath encodings supported by this
347 * factory, with the default encoding first. The returned Iterator
348 * cannot be modified.
350 * @return The Iterator of supported encodings.
352 public final Iterator<String> getCertPathEncodings()
354 return certFacSpi.engineGetCertPathEncodings();
356 } // class CertificateFactory