001    /* CertStore -- stores and retrieves certificates.
002       Copyright (C) 2003, 2004  Free Software Foundation, Inc.
003    
004    This file is part of GNU Classpath.
005    
006    GNU Classpath is free software; you can redistribute it and/or modify
007    it under the terms of the GNU General Public License as published by
008    the Free Software Foundation; either version 2, or (at your option)
009    any later version.
010     
011    GNU Classpath is distributed in the hope that it will be useful, but
012    WITHOUT ANY WARRANTY; without even the implied warranty of
013    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
014    General Public License for more details.
015    
016    You should have received a copy of the GNU General Public License
017    along with GNU Classpath; see the file COPYING.  If not, write to the
018    Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
019    02110-1301 USA.
020    
021    Linking this library statically or dynamically with other modules is
022    making a combined work based on this library.  Thus, the terms and
023    conditions of the GNU General Public License cover the whole
024    combination.
025    
026    As a special exception, the copyright holders of this library give you
027    permission to link this library with independent modules to produce an
028    executable, regardless of the license terms of these independent
029    modules, and to copy and distribute the resulting executable under
030    terms of your choice, provided that you also meet, for each linked
031    independent module, the terms and conditions of the license of that
032    module.  An independent module is a module which is not derived from
033    or based on this library.  If you modify this library, you may extend
034    this exception to your version of the library, but you are not
035    obligated to do so.  If you do not wish to do so, delete this
036    exception statement from your version. */
037    
038    
039    package java.security.cert;
040    
041    import gnu.java.security.Engine;
042    
043    import java.lang.reflect.InvocationTargetException;
044    import java.security.InvalidAlgorithmParameterException;
045    import java.security.NoSuchAlgorithmException;
046    import java.security.NoSuchProviderException;
047    import java.security.PrivilegedAction;
048    import java.security.Provider;
049    import java.security.Security;
050    import java.util.Collection;
051    
052    /**
053     * A CertStore is a read-only repository for certificates and
054     * certificate revocation lists.
055     *
056     * @since 1.4
057     */
058    public class CertStore
059    {
060    
061      // Constants and fields.
062      // ------------------------------------------------------------------------
063    
064      /** Service name for CertStore. */
065      private static final String CERT_STORE = "CertStore";
066    
067      /** The underlying implementation. */
068      private CertStoreSpi storeSpi;
069    
070      /** This implementation's provider. */
071      private Provider provider;
072    
073      /** The name of this key store type. */
074      private String type;
075    
076      /** The parameters used to initialize this instance, if any. */
077      private CertStoreParameters params;
078    
079      // Constructor.
080      // ------------------------------------------------------------------------
081    
082      /**
083       * Create a new CertStore.
084       *
085       * @param storeSpi The underlying implementation.
086       * @param provider The provider of this implementation.
087       * @param type     The type of CertStore this class represents.
088       * @param params   The parameters used to initialize this instance, if any.
089       */
090      protected CertStore(CertStoreSpi storeSpi, Provider provider, String type,
091                          CertStoreParameters params)
092      {
093        this.storeSpi = storeSpi;
094        this.provider = provider;
095        this.type = type;
096        this.params = params;
097      }
098    
099    // Class methods.
100      // ------------------------------------------------------------------------
101    
102      /**
103       * Returns the default certificate store type.
104       *
105       * <p>This value can be set at run-time via the security property
106       * "certstore.type"; if not specified than the default type will be
107       * "LDAP".
108       *
109       * @return The default CertStore type.
110       */
111      public static final synchronized String getDefaultType()
112      {
113        String type = null;
114        type = (String) java.security.AccessController.doPrivileged(
115          new PrivilegedAction() {
116            public Object run() {
117              return Security.getProperty("certstore.type");
118            }
119          }
120        );
121        if (type == null)
122          type = "LDAP";
123        return type;
124      }
125    
126      /**
127       * Returns an instance of the given certificate store type from the first
128       * installed provider.
129       * 
130       * @param type The type of <code>CertStore</code> to create.
131       * @param params The parameters to initialize this cert store with.
132       * @return The new instance.
133       * @throws InvalidAlgorithmParameterException If the instance rejects the
134       *           specified parameters.
135       * @throws NoSuchAlgorithmException If no installed provider implements the
136       *           specified CertStore.
137       * @throws IllegalArgumentException if <code>type</code> is
138       *           <code>null</code> or is an empty string.
139       */
140      public static CertStore getInstance(String type, CertStoreParameters params)
141        throws InvalidAlgorithmParameterException, NoSuchAlgorithmException
142      {
143        Provider[] p = Security.getProviders();
144        NoSuchAlgorithmException lastException = null;
145        for (int i = 0; i < p.length; i++)
146          try
147            {
148              return getInstance(type, params, p[i]);
149            }
150          catch (NoSuchAlgorithmException x)
151            {
152              lastException = x;
153            }
154        if (lastException != null)
155          throw lastException;
156        throw new NoSuchAlgorithmException(type);
157      }
158    
159      /**
160       * Returns an instance of the given certificate store type from a named
161       * provider.
162       * 
163       * @param type The type of <code>CertStore</code> to create.
164       * @param params The parameters to initialize this cert store with.
165       * @param provider The name of the provider to use.
166       * @return The new instance.
167       * @throws InvalidAlgorithmParameterException If the instance rejects the
168       *           specified parameters.
169       * @throws NoSuchAlgorithmException If the specified provider does not
170       *           implement the specified CertStore.
171       * @throws NoSuchProviderException If no provider named <i>provider</i> is
172       *           installed.
173       * @throws IllegalArgumentException if either <code>type</code> or
174       *           <code>provider</code> is <code>null</code>, or if
175       *           <code>type</code> is an empty string.
176       */
177      public static CertStore getInstance(String type, CertStoreParameters params,
178                                          String provider)
179        throws InvalidAlgorithmParameterException, NoSuchAlgorithmException,
180               NoSuchProviderException
181      {
182        if (provider == null)
183          throw new IllegalArgumentException("provider MUST NOT be null");
184        Provider p = Security.getProvider(provider);
185        if (p == null)
186          throw new NoSuchProviderException(provider);
187        return getInstance(type, params, p);
188      }
189    
190      /**
191       * Returns an instance of the given certificate store type from a given
192       * provider.
193       *
194       * @param type The type of <code>CertStore</code> to create.
195       * @param params   The parameters to initialize this cert store with.
196       * @param provider The provider to use.
197       * @return The new instance.
198       * @throws InvalidAlgorithmParameterException If the instance rejects
199       *         the specified parameters.
200       * @throws NoSuchAlgorithmException If the specified provider does not
201       *         implement the specified CertStore.
202       * @throws IllegalArgumentException if either <code>type</code> or
203       *           <code>provider</code> is <code>null</code>, or if
204       *           <code>type</code> is an empty string.
205       */
206      public static CertStore getInstance(String type, CertStoreParameters params,
207                                          Provider provider)
208          throws InvalidAlgorithmParameterException, NoSuchAlgorithmException
209      {
210        StringBuilder sb = new StringBuilder("CertStore of type [")
211            .append(type).append("] from provider[")
212            .append(provider).append("] could not be created");
213        Throwable cause;
214        try
215          {
216            Object[] args = new Object[] { params };
217            Object spi = Engine.getInstance(CERT_STORE, type, provider, args);
218            return new CertStore((CertStoreSpi) spi, provider, type, params);
219          }
220        catch (InvocationTargetException x)
221          {
222            cause = x.getCause();
223            if (cause instanceof NoSuchAlgorithmException)
224              throw (NoSuchAlgorithmException) cause;
225            if (cause == null)
226              cause = x;
227          }
228        catch (ClassCastException x)
229          {
230            cause = x;
231          }
232        NoSuchAlgorithmException x = new NoSuchAlgorithmException(sb.toString());
233        x.initCause(cause);
234        throw x;
235      }
236    
237      /**
238       * Return the type of certificate store this instance represents.
239       *
240       * @return The CertStore type.
241       */
242      public final String getType()
243      {
244        return type;
245      }
246    
247      /**
248       * Return the provider of this implementation.
249       *
250       * @return The provider.
251       */
252      public final Provider getProvider()
253      {
254        return provider;
255      }
256    
257      /**
258       * Get the parameters this instance was created with, if any. The
259       * parameters will be cloned before they are returned.
260       *
261       * @return The parameters, or null.
262       */
263      public final CertStoreParameters getCertStoreParameters()
264      {
265        return params != null ? (CertStoreParameters) params.clone() : null;
266      }
267    
268      /**
269       * Get a collection of certificates from this CertStore, optionally
270       * filtered by the specified CertSelector. The Collection returned may
271       * be empty, but will never be null.
272       *
273       * <p>Implementations may not allow a null argument, even if no
274       * filtering is desired.
275       *
276       * @param selector The certificate selector.
277       * @return The collection of certificates.
278       * @throws CertStoreException If the certificates cannot be retrieved.
279       */
280      public final Collection<? extends Certificate> getCertificates(CertSelector selector)
281        throws CertStoreException
282      {
283        return storeSpi.engineGetCertificates(selector);
284      }
285    
286      /**
287       * Get a collection of certificate revocation lists from this CertStore,
288       * optionally filtered by the specified CRLSelector. The Collection
289       * returned may be empty, but will never be null.
290       *
291       * <p>Implementations may not allow a null argument, even if no
292       * filtering is desired.
293       *
294       * @param selector The certificate selector.
295       * @return The collection of certificate revocation lists.
296       * @throws CertStoreException If the CRLs cannot be retrieved.
297       */
298      public final Collection<? extends CRL> getCRLs(CRLSelector selector)
299        throws CertStoreException
300      {
301        return storeSpi.engineGetCRLs(selector);
302      }
303    }