1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
|
/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package java.security.cert;
import java.io.InputStream;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Provider;
import java.security.Security;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import org.apache.harmony.security.fortress.Engine;
/**
* This class implements the functionality of a certificate factory algorithm,
* relying on parsing a stream of bytes.
* <p>
* It defines methods for parsing certificate chains (certificate paths) and
* <i>Certificate Revocation Lists</i> (CRLs).
*/
public class CertificateFactory {
// Store CertificateFactory service name
private static final String SERVICE = "CertificateFactory";
// Used to access common engine functionality
private static final Engine ENGINE = new Engine(SERVICE);
// Store used provider
private final Provider provider;
// Store used CertificateFactorySpi implementation
private final CertificateFactorySpi spiImpl;
// Store used type
private final String type;
/**
* Creates a new {@code CertificateFactory} instance.
*
* @param certFacSpi
* the implementation delegate.
* @param provider
* the associated provider.
* @param type
* the certificate type.
*/
protected CertificateFactory(CertificateFactorySpi certFacSpi,
Provider provider, String type) {
this.provider = provider;
this.type = type;
this.spiImpl = certFacSpi;
}
/**
* Creates a new {@code CertificateFactory} instance that provides the
* requested certificate type.
*
* @param type
* the certificate type.
* @return the new {@code CertificateFactory} instance.
* @throws CertificateException
* if the specified certificate type is not available at any
* installed provider.
* @throws NullPointerException if {@code type == null}
*/
public static final CertificateFactory getInstance(String type)
throws CertificateException {
if (type == null) {
throw new NullPointerException();
}
try {
Engine.SpiAndProvider sap = ENGINE.getInstance(type, null);
return new CertificateFactory((CertificateFactorySpi) sap.spi, sap.provider, type);
} catch (NoSuchAlgorithmException e) {
throw new CertificateException(e);
}
}
/**
* Creates a new {@code CertificateFactory} instance from the specified
* provider that provides the requested certificate type.
*
* @param type
* the certificate type.
* @param provider
* the name of the provider providing certificates of the
* specified type.
* @return the new {@code CertificateFactory} instance.
* @throws CertificateException
* if the specified certificate type is not available by the
* specified provider.
* @throws NoSuchProviderException
* if no provider with the specified name can be found.
* @throws IllegalArgumentException if {@code provider == null || provider.isEmpty()}
* @throws NullPointerException
* it {@code type} is {@code null}.
*/
public static final CertificateFactory getInstance(String type,
String provider) throws CertificateException,
NoSuchProviderException {
if (provider == null || provider.isEmpty()) {
throw new IllegalArgumentException();
}
Provider impProvider = Security.getProvider(provider);
if (impProvider == null) {
throw new NoSuchProviderException(provider);
}
return getInstance(type, impProvider);
}
/**
* Creates a new {@code CertificateFactory} instance from the specified
* provider that provides the requested certificate type.
*
* @param type
* the certificate type.
* @param provider
* the name of the provider providing certificates of the
* specified type.
* @return the new {@code CertificateFactory} instance.
* @throws CertificateException
* if the specified certificate type is not available at the
* specified provider.
* @throws IllegalArgumentException
* if the specified provider is {@code null}.
* @throws NullPointerException if {@code type == null}
* @throws IllegalArgumentException if {@code provider == null}
*/
public static final CertificateFactory getInstance(String type,
Provider provider) throws CertificateException {
if (provider == null) {
throw new IllegalArgumentException();
}
if (type == null) {
throw new NullPointerException();
}
try {
Object spi = ENGINE.getInstance(type, provider, null);
return new CertificateFactory((CertificateFactorySpi) spi, provider, type);
} catch (NoSuchAlgorithmException e) {
throw new CertificateException(e);
}
}
/**
* Returns the {@code Provider} of the certificate factory represented by
* the certificate.
*
* @return the provider of this certificate factory.
*/
public final Provider getProvider() {
return provider;
}
/**
* Returns the Certificate type.
*
* @return type of certificate being used.
*/
public final String getType() {
return type;
}
/**
* Generates and initializes a {@code Certificate} from the provided input
* stream.
*
* @param inStream
* the stream from where data is read to create the {@code
* Certificate}.
* @return an initialized Certificate.
* @throws CertificateException
* if parsing problems are detected.
*/
public final Certificate generateCertificate(InputStream inStream)
throws CertificateException {
return spiImpl.engineGenerateCertificate(inStream);
}
/**
* Returns an {@code Iterator} over the supported {@code CertPath} encodings
* (as Strings). The first element is the default encoding scheme to apply.
*
* @return an iterator over supported {@link CertPath} encodings (as
* Strings).
*/
public final Iterator<String> getCertPathEncodings() {
return spiImpl.engineGetCertPathEncodings();
}
/**
* Generates a {@code CertPath} (a certificate chain) from the provided
* {@code InputStream}. The default encoding scheme is applied.
*
* @param inStream
* {@code InputStream} with encoded data.
* @return a {@code CertPath} initialized from the provided data.
* @throws CertificateException
* if parsing problems are detected.
*/
public final CertPath generateCertPath(InputStream inStream) throws CertificateException {
Iterator<String> it = getCertPathEncodings();
if (!it.hasNext()) {
throw new CertificateException("There are no CertPath encodings");
}
return spiImpl.engineGenerateCertPath(inStream, it.next());
}
/**
* Generates a {@code CertPath} (a certificate chain) from the provided
* {@code InputStream} and the specified encoding scheme.
*
* @param inStream
* {@code InputStream} containing certificate path data in
* specified encoding.
* @param encoding
* encoding of the data in the input stream.
* @return a {@code CertPath} initialized from the provided data.
* @throws CertificateException
* if parsing problems are detected.
* @throws UnsupportedOperationException
* if the provider does not implement this method.
*/
public final CertPath generateCertPath(InputStream inStream, String encoding)
throws CertificateException {
return spiImpl.engineGenerateCertPath(inStream, encoding);
}
/**
* Generates a {@code CertPath} from the provided list of certificates. The
* encoding is the default encoding.
*
* @param certificates
* the list containing certificates in a format supported by the
* {@code CertificateFactory}.
* @return a {@code CertPath} initialized from the provided data.
* @throws CertificateException
* if parsing problems are detected.
* @throws UnsupportedOperationException
* if the provider does not implement this method.
*/
public final CertPath generateCertPath(List<? extends Certificate> certificates)
throws CertificateException {
return spiImpl.engineGenerateCertPath(certificates);
}
/**
* Generates and initializes a collection of (unrelated) certificates from
* the provided input stream.
*
* @param inStream
* the stream from which the data is read to create the
* collection.
* @return an initialized collection of certificates.
* @throws CertificateException
* if parsing problems are detected.
*/
public final Collection<? extends Certificate> generateCertificates(InputStream inStream)
throws CertificateException {
return spiImpl.engineGenerateCertificates(inStream);
}
/**
* Generates and initializes a <i>Certificate Revocation List</i> (CRL) from
* the provided input stream.
*
* @param inStream
* the stream from where data is read to create the CRL.
* @return an initialized CRL.
* @exception CRLException
* if parsing problems are detected.
*/
public final CRL generateCRL(InputStream inStream) throws CRLException {
return spiImpl.engineGenerateCRL(inStream);
}
/**
* Generates and initializes a collection of <i>Certificate Revocation
* List</i> (CRL) from the provided input stream.
*
* @param inStream
* the stream from which the data is read to create the CRLs.
* @return an initialized collection of CRLs.
* @exception CRLException
* if parsing problems are detected.
*/
public final Collection<? extends CRL> generateCRLs(InputStream inStream)
throws CRLException {
return spiImpl.engineGenerateCRLs(inStream);
}
}
|
