/* * Licensed to the Apache Software Foundation (ASF) under one or more * contributor license agreements. See the NOTICE file distributed with * this work for additional information regarding copyright ownership. * The ASF licenses this file to You under the Apache License, Version 2.0 * (the "License"); you may not use this file except in compliance with * the License. You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package java.security.cert; import java.security.InvalidAlgorithmParameterException; import java.security.NoSuchAlgorithmException; import java.security.NoSuchProviderException; import java.security.Provider; import java.security.Security; import java.util.Collection; import org.apache.harmony.security.fortress.Engine; /** * This class provides the functionality to retrieve {@code Certificate}s and * {@code CRL}s from a read-only repository. This repository may be very large * and may store trusted as well as untrusted certificates. */ public class CertStore { // Store spi implementation service name private static final String SERVICE = "CertStore"; // Used to access common engine functionality private static final Engine ENGINE = new Engine(SERVICE); // Store default property name private static final String PROPERTY_NAME = "certstore.type"; // Default value of CertStore type. It returns if certpathbuild.type // property is not defined in java.security file private static final String DEFAULT_PROPERTY = "LDAP"; // Store used provider private final Provider provider; // Store CertStoreSpi implementation private final CertStoreSpi spiImpl; // Store used type private final String type; // Store used parameters private final CertStoreParameters certStoreParams; /** * Creates a new {@code CertStore} instance. * * @param storeSpi * the implementation delegate. * @param provider * the security provider. * @param type * the certificate store type. * @param params * the certificate store parameters (may be {@code null}. */ protected CertStore(CertStoreSpi storeSpi, Provider provider, String type, CertStoreParameters params) { this.provider = provider; this.type = type; this.spiImpl = storeSpi; this.certStoreParams = params; } /** * Creates a new {@code CertStore} instance with the specified type and * initialized with the specified parameters. * * @param type * the certificate store type. * @param params * the certificate store parameters (may be {@code null}). * @return the new certificate store instance. * @throws NoSuchAlgorithmException * if no provider can provide the specified certificate store * type. * @throws InvalidAlgorithmParameterException * if the specified parameters cannot be used to initialize this * certificate store instance. * @throws NullPointerException if {@code type == null} */ public static CertStore getInstance(String type, CertStoreParameters params) throws InvalidAlgorithmParameterException, NoSuchAlgorithmException { if (type == null) { throw new NullPointerException("type == null"); } try { Engine.SpiAndProvider sap = ENGINE.getInstance(type, params); return new CertStore((CertStoreSpi) sap.spi, sap.provider, type, params); } catch (NoSuchAlgorithmException e) { Throwable th = e.getCause(); if (th == null) { throw e; } else { throw new InvalidAlgorithmParameterException(e.getMessage(), th); } } } /** * Creates a new {@code CertStore} instance from the specified provider with * the specified type and initialized with the specified parameters. * * @param type * the certificate store type. * @param params * the certificate store parameters (may be {@code null}). * @param provider * the name of the provider. * @return the new certificate store instance. * @throws NoSuchAlgorithmException * if the specified provider cannot provide the requested * certificate store type. * @throws NoSuchProviderException * if no provider with the specified name can be found. * @throws InvalidAlgorithmParameterException * if the specified parameters cannot be used to initialize this * certificate store instance. * @throws IllegalArgumentException if {@code provider == null || provider.isEmpty()} * @throws NullPointerException * if {@code type} is {@code null}. */ public static CertStore getInstance(String type, CertStoreParameters params, String provider) throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, NoSuchProviderException { if (provider == null || provider.isEmpty()) { throw new IllegalArgumentException("provider == null || provider.isEmpty()"); } Provider impProvider = Security.getProvider(provider); if (impProvider == null) { throw new NoSuchProviderException(provider); } return getInstance(type, params, impProvider); } /** * Creates a new {@code CertStore} instance from the specified provider with * the specified type and initialized with the specified parameters. * @param type * the certificate store type. * @param params * the certificate store parameters (may be {@code null}). * @param provider * the name of the provider. * @return the new certificate store instance. * @throws NoSuchAlgorithmException * if the specified provider cannot provide the requested * certificate store type. * @throws InvalidAlgorithmParameterException * if the specified parameters cannot be used to initialize this * certificate store instance. * @throws IllegalArgumentException if {@code provider == null} * @throws NullPointerException if {@code type == null} */ public static CertStore getInstance(String type, CertStoreParameters params, Provider provider) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException { if (provider == null) { throw new IllegalArgumentException("provider == null"); } if (type == null) { throw new NullPointerException("type == null"); } try { Object spi = ENGINE.getInstance(type, provider, params); return new CertStore((CertStoreSpi) spi, provider, type, params); } catch (NoSuchAlgorithmException e) { Throwable th = e.getCause(); if (th == null) { throw e; } else { throw new InvalidAlgorithmParameterException(e.getMessage(), th); } } } /** * Returns the certificate store type. * * @return the certificate store type. */ public final String getType() { return type; } /** * Returns the security provider. * * @return the security provider. */ public final Provider getProvider() { return provider; } /** * Returns a copy of the certificate store parameters that were used to * initialize this instance. * * @return a copy of the certificate store parameters or {@code null} if * none were specified. */ public final CertStoreParameters getCertStoreParameters() { if (certStoreParams == null) { return null; } else { return (CertStoreParameters) certStoreParams.clone(); } } /** * Returns the list of {@code Certificate}s for the specified {@code * CertSelector} from this certificate store. * * @param selector * the selector containing the criteria to search for * certificates in this certificate store. * @return the list of {@code Certificate}s that match the criteria of the * specified selector. * @throws CertStoreException * if error(s) occur. */ public final Collection getCertificates(CertSelector selector) throws CertStoreException { return spiImpl.engineGetCertificates(selector); } /** * Returns the list of {@code CRL}s for the specified {@code CRLSelector} * from this certificate store. * * @param selector * the selector containing the criteria to search for certificate * revocation lists in this store. * @return the list of {@code CRL}s that match the criteria of the specified * selector * @throws CertStoreException * if error(s) occur. */ public final Collection getCRLs(CRLSelector selector) throws CertStoreException { return spiImpl.engineGetCRLs(selector); } /** * Returns the default {@code CertStore} type from the Security * Properties. * * @return the default {@code CertStore} type from the Security * Properties, or the string {@code "LDAP"} if it cannot be * determined. */ public static final String getDefaultType() { String defaultType = Security.getProperty(PROPERTY_NAME); return (defaultType == null ? DEFAULT_PROPERTY : defaultType); } }