KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > java > security > cert > CertificateFactorySpi


1 /*
2  * @(#)CertificateFactorySpi.java 1.19 04/05/05
3  *
4  * Copyright 2004 Sun Microsystems, Inc. All rights reserved.
5  * SUN PROPRIETARY/CONFIDENTIAL. Use is subject to license terms.
6  */
7
8 package java.security.cert;
9
10 import java.io.InputStream JavaDoc;
11 import java.util.Collection JavaDoc;
12 import java.util.Iterator JavaDoc;
13 import java.util.List JavaDoc;
14 import java.security.Provider JavaDoc;
15 import java.security.NoSuchAlgorithmException JavaDoc;
16 import java.security.NoSuchProviderException JavaDoc;
17
18 /**
19  * This class defines the <i>Service Provider Interface</i> (<b>SPI</b>)
20  * for the <code>CertificateFactory</code> class.
21  * All the abstract methods in this class must be implemented by each
22  * cryptographic service provider who wishes to supply the implementation
23  * of a certificate factory for a particular certificate type, e.g., X.509.
24  *
25  * <p>Certificate factories are used to generate certificate, certification path
26  * (<code>CertPath</code>) and certificate revocation list (CRL) objects from
27  * their encodings.
28  *
29  * <p>A certificate factory for X.509 must return certificates that are an
30  * instance of <code>java.security.cert.X509Certificate</code>, and CRLs
31  * that are an instance of <code>java.security.cert.X509CRL</code>.
32  *
33  * @author Hemma Prafullchandra
34  * @author Jan Luehe
35  * @author Sean Mullan
36  *
37  * @version 1.19, 05/05/04
38  *
39  * @see CertificateFactory
40  * @see Certificate
41  * @see X509Certificate
42  * @see CertPath
43  * @see CRL
44  * @see X509CRL
45  *
46  * @since 1.2
47  */
48
49 public abstract class CertificateFactorySpi {
50
51     /**
52      * Generates a certificate object and initializes it with
53      * the data read from the input stream <code>inStream</code>.
54      *
55      * <p>In order to take advantage of the specialized certificate format
56      * supported by this certificate factory,
57      * the returned certificate object can be typecast to the corresponding
58      * certificate class. For example, if this certificate
59      * factory implements X.509 certificates, the returned certificate object
60      * can be typecast to the <code>X509Certificate</code> class.
61      *
62      * <p>In the case of a certificate factory for X.509 certificates, the
63      * certificate provided in <code>inStream</code> must be DER-encoded and
64      * may be supplied in binary or printable (Base64) encoding. If the
65      * certificate is provided in Base64 encoding, it must be bounded at
66      * the beginning by -----BEGIN CERTIFICATE-----, and must be bounded at
67      * the end by -----END CERTIFICATE-----.
68      *
69      * <p>Note that if the given input stream does not support
70      * {@link java.io.InputStream#mark(int) mark} and
71      * {@link java.io.InputStream#reset() reset}, this method will
72      * consume the entire input stream. Otherwise, each call to this
73      * method consumes one certificate and the read position of the input stream
74      * is positioned to the next available byte after the the inherent
75      * end-of-certificate marker. If the data in the
76      * input stream does not contain an inherent end-of-certificate marker (other
77      * than EOF) and there is trailing data after the certificate is parsed, a
78      * <code>CertificateException</code> is thrown.
79      *
80      * @param inStream an input stream with the certificate data.
81      *
82      * @return a certificate object initialized with the data
83      * from the input stream.
84      *
85      * @exception CertificateException on parsing errors.
86      */
87     public abstract Certificate JavaDoc engineGenerateCertificate(InputStream JavaDoc inStream)
88         throws CertificateException JavaDoc;
89
90     /**
91      * Generates a <code>CertPath</code> object and initializes it with
92      * the data read from the <code>InputStream</code> inStream. The data
93      * is assumed to be in the default encoding.
94      *
95      * <p> This method was added to version 1.4 of the Java 2 Platform
96      * Standard Edition. In order to maintain backwards compatibility with
97      * existing service providers, this method cannot be <code>abstract</code>
98      * and by default throws an <code>UnsupportedOperationException</code>.
99      *
100      * @param inStream an <code>InputStream</code> containing the data
101      * @return a <code>CertPath</code> initialized with the data from the
102      * <code>InputStream</code>
103      * @exception CertificateException if an exception occurs while decoding
104      * @exception UnsupportedOperationException if the method is not supported
105      * @since 1.4
106      */
107     public CertPath JavaDoc engineGenerateCertPath(InputStream JavaDoc inStream)
108         throws CertificateException JavaDoc
109     {
110         throw new UnsupportedOperationException JavaDoc();
111     }
112
113     /**
114      * Generates a <code>CertPath</code> object and initializes it with
115      * the data read from the <code>InputStream</code> inStream. The data
116      * is assumed to be in the specified encoding.
117      *
118      * <p> This method was added to version 1.4 of the Java 2 Platform
119      * Standard Edition. In order to maintain backwards compatibility with
120      * existing service providers, this method cannot be <code>abstract</code>
121      * and by default throws an <code>UnsupportedOperationException</code>.
122      *
123      * @param inStream an <code>InputStream</code> containing the data
124      * @param encoding the encoding used for the data
125      * @return a <code>CertPath</code> initialized with the data from the
126      * <code>InputStream</code>
127      * @exception CertificateException if an exception occurs while decoding or
128      * the encoding requested is not supported
129      * @exception UnsupportedOperationException if the method is not supported
130      * @since 1.4
131      */
132     public CertPath JavaDoc engineGenerateCertPath(InputStream JavaDoc inStream,
133         String JavaDoc encoding) throws CertificateException JavaDoc
134     {
135         throw new UnsupportedOperationException JavaDoc();
136     }
137
138     /**
139      * Generates a <code>CertPath</code> object and initializes it with
140      * a <code>List</code> of <code>Certificate</code>s.
141      * <p>
142      * The certificates supplied must be of a type supported by the
143      * <code>CertificateFactory</code>. They will be copied out of the supplied
144      * <code>List</code> object.
145      *
146      * <p> This method was added to version 1.4 of the Java 2 Platform
147      * Standard Edition. In order to maintain backwards compatibility with
148      * existing service providers, this method cannot be <code>abstract</code>
149      * and by default throws an <code>UnsupportedOperationException</code>.
150      *
151      * @param certificates a <code>List</code> of <code>Certificate</code>s
152      * @return a <code>CertPath</code> initialized with the supplied list of
153      * certificates
154      * @exception CertificateException if an exception occurs
155      * @exception UnsupportedOperationException if the method is not supported
156      * @since 1.4
157      */
158     public CertPath JavaDoc
159     engineGenerateCertPath(List JavaDoc<? extends Certificate JavaDoc> certificates)
160         throws CertificateException JavaDoc
161     {
162         throw new UnsupportedOperationException JavaDoc();
163     }
164
165     /**
166      * Returns an iteration of the <code>CertPath</code> encodings supported
167      * by this certificate factory, with the default encoding first. See
168      * Appendix A in the
169      * <a HREF="../../../../guide/security/certpath/CertPathProgGuide.html#AppA">
170      * Java Certification Path API Programmer's Guide</a>
171      * for information about standard encoding names.
172      * <p>
173      * Attempts to modify the returned <code>Iterator</code> via its
174      * <code>remove</code> method result in an
175      * <code>UnsupportedOperationException</code>.
176      *
177      * <p> This method was added to version 1.4 of the Java 2 Platform
178      * Standard Edition. In order to maintain backwards compatibility with
179      * existing service providers, this method cannot be <code>abstract</code>
180      * and by default throws an <code>UnsupportedOperationException</code>.
181      *
182      * @return an <code>Iterator</code> over the names of the supported
183      * <code>CertPath</code> encodings (as <code>String</code>s)
184      * @exception UnsupportedOperationException if the method is not supported
185      * @since 1.4
186      */
187     public Iterator JavaDoc<String JavaDoc> engineGetCertPathEncodings() {
188         throw new UnsupportedOperationException JavaDoc();
189     }
190
191     /**
192      * Returns a (possibly empty) collection view of the certificates read
193      * from the given input stream <code>inStream</code>.
194      *
195      * <p>In order to take advantage of the specialized certificate format
196      * supported by this certificate factory, each element in
197      * the returned collection view can be typecast to the corresponding
198      * certificate class. For example, if this certificate
199      * factory implements X.509 certificates, the elements in the returned
200      * collection can be typecast to the <code>X509Certificate</code> class.
201      *
202      * <p>In the case of a certificate factory for X.509 certificates,
203      * <code>inStream</code> may contain a single DER-encoded certificate
204      * in the formats described for
205      * {@link CertificateFactory#generateCertificate(java.io.InputStream)
206      * generateCertificate}.
207      * In addition, <code>inStream</code> may contain a PKCS#7 certificate
208      * chain. This is a PKCS#7 <i>SignedData</i> object, with the only
209      * significant field being <i>certificates</i>. In particular, the
210      * signature and the contents are ignored. This format allows multiple
211      * certificates to be downloaded at once. If no certificates are present,
212      * an empty collection is returned.
213      *
214      * <p>Note that if the given input stream does not support
215      * {@link java.io.InputStream#mark(int) mark} and
216      * {@link java.io.InputStream#reset() reset}, this method will
217      * consume the entire input stream.
218      *
219      * @param inStream the input stream with the certificates.
220      *
221      * @return a (possibly empty) collection view of
222      * java.security.cert.Certificate objects
223      * initialized with the data from the input stream.
224      *
225      * @exception CertificateException on parsing errors.
226      */
227     public abstract Collection JavaDoc<? extends Certificate JavaDoc>
228         engineGenerateCertificates(InputStream JavaDoc inStream)
229         throws CertificateException JavaDoc;
230
231     /**
232      * Generates a certificate revocation list (CRL) object and initializes it
233      * with the data read from the input stream <code>inStream</code>.
234      *
235      * <p>In order to take advantage of the specialized CRL format
236      * supported by this certificate factory,
237      * the returned CRL object can be typecast to the corresponding
238      * CRL class. For example, if this certificate
239      * factory implements X.509 CRLs, the returned CRL object
240      * can be typecast to the <code>X509CRL</code> class.
241      *
242      * <p>Note that if the given input stream does not support
243      * {@link java.io.InputStream#mark(int) mark} and
244      * {@link java.io.InputStream#reset() reset}, this method will
245      * consume the entire input stream. Otherwise, each call to this
246      * method consumes one CRL and the read position of the input stream
247      * is positioned to the next available byte after the the inherent
248      * end-of-CRL marker. If the data in the
249      * input stream does not contain an inherent end-of-CRL marker (other
250      * than EOF) and there is trailing data after the CRL is parsed, a
251      * <code>CRLException</code> is thrown.
252      *
253      * @param inStream an input stream with the CRL data.
254      *
255      * @return a CRL object initialized with the data
256      * from the input stream.
257      *
258      * @exception CRLException on parsing errors.
259      */
260     public abstract CRL JavaDoc engineGenerateCRL(InputStream JavaDoc inStream)
261         throws CRLException JavaDoc;
262
263     /**
264      * Returns a (possibly empty) collection view of the CRLs read
265      * from the given input stream <code>inStream</code>.
266      *
267      * <p>In order to take advantage of the specialized CRL format
268      * supported by this certificate factory, each element in
269      * the returned collection view can be typecast to the corresponding
270      * CRL class. For example, if this certificate
271      * factory implements X.509 CRLs, the elements in the returned
272      * collection can be typecast to the <code>X509CRL</code> class.
273      *
274      * <p>In the case of a certificate factory for X.509 CRLs,
275      * <code>inStream</code> may contain a single DER-encoded CRL.
276      * In addition, <code>inStream</code> may contain a PKCS#7 CRL
277      * set. This is a PKCS#7 <i>SignedData</i> object, with the only
278      * significant field being <i>crls</i>. In particular, the
279      * signature and the contents are ignored. This format allows multiple
280      * CRLs to be downloaded at once. If no CRLs are present,
281      * an empty collection is returned.
282      *
283      * <p>Note that if the given input stream does not support
284      * {@link java.io.InputStream#mark(int) mark} and
285      * {@link java.io.InputStream#reset() reset}, this method will
286      * consume the entire input stream.
287      *
288      * @param inStream the input stream with the CRLs.
289      *
290      * @return a (possibly empty) collection view of
291      * java.security.cert.CRL objects initialized with the data from the input
292      * stream.
293      *
294      * @exception CRLException on parsing errors.
295      */
296     public abstract Collection JavaDoc<? extends CRL JavaDoc> engineGenerateCRLs
297         (InputStream JavaDoc inStream) throws CRLException JavaDoc;
298 }
299
Popular Tags