certificatefactory.java

JAVA基本类源代码,大家可以学习学习!

/*
 * @(#)CertificateFactory.java	1.24 03/01/23
 *
 * Copyright 2003 Sun Microsystems, Inc. All rights reserved.
 * SUN PROPRIETARY/CONFIDENTIAL. Use is subject to license terms.
 */

package java.security.cert;

import java.io.InputStream;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import java.security.Provider;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.lang.reflect.Method;
import java.lang.reflect.InvocationTargetException;

/**
 * This class defines the functionality of a certificate factory, which is
 * used to generate certificate, certification path (<code>CertPath</code>)
 * and certificate revocation list (CRL) objects from their encodings.
 *
 * <p>For encodings consisting of multiple certificates, use
 * <code>generateCertificates</code> when you want to
 * parse a collection of possibly unrelated certificates. Otherwise,
 * use <code>generateCertPath</code> when you want to generate
 * a <code>CertPath</code> (a certificate chain) and subsequently
 * validate it with a <code>CertPathValidator</code>.
 *
 * <p>A certificate factory for X.509 must return certificates that are an
 * instance of <code>java.security.cert.X509Certificate</code>, and CRLs
 * that are an instance of <code>java.security.cert.X509CRL</code>.
 *
 * <p>The following example reads a file with Base64 encoded certificates,
 * which are each bounded at the beginning by -----BEGIN CERTIFICATE-----, and
 * bounded at the end by -----END CERTIFICATE-----. We convert the
 * <code>FileInputStream</code> (which does not support <code>mark</code>
 * and <code>reset</code>) to a <code>BufferedInputStream</code> (which
 * supports those methods), so that each call to
 * <code>generateCertificate</code> consumes only one certificate, and the
 * read position of the input stream is positioned to the next certificate in
 * the file:<p>
 *
 * <pre>
 * FileInputStream fis = new FileInputStream(filename);
 * BufferedInputStream bis = new BufferedInputStream(fis);
 *
 * CertificateFactory cf = CertificateFactory.getInstance("X.509");
 *
 * while (bis.available() > 0) {
 *    Certificate cert = cf.generateCertificate(bis);
 *    System.out.println(cert.toString());
 * }
 * </pre>
 *
 * <p>The following example parses a PKCS#7-formatted certificate reply stored
 * in a file and extracts all the certificates from it:<p>
 *
 * <pre>
 * FileInputStream fis = new FileInputStream(filename);
 * CertificateFactory cf = CertificateFactory.getInstance("X.509");
 * Collection c = cf.generateCertificates(fis);
 * Iterator i = c.iterator();
 * while (i.hasNext()) {
 *    Certificate cert = (Certificate)i.next();
 *    System.out.println(cert);
 * }
 * </pre>
 *
 * @author Hemma Prafullchandra
 * @author Jan Luehe
 * @author Sean Mullan
 *
 * @version 1.24, 01/23/03
 *
 * @see Certificate
 * @see X509Certificate
 * @see CertPath
 * @see CRL
 * @see X509CRL
 *
 * @since 1.2
 */

public class CertificateFactory {
    // for use with the reflection API
    private static final Class cl = java.security.Security.class;
    private static final Class[] GET_IMPL_PARAMS = { String.class,
						     String.class,
						     String.class };
    private static final Class[] GET_IMPL_PARAMS2 = { String.class,
						      String.class,
						      Provider.class };
    // Get the implMethod via the name of a provider. Note: the name could
    // be null. 
    private static Method implMethod;
    // Get the implMethod2 via a Provider object. 
    private static Method implMethod2;
    private static Boolean implMethod2Set = new Boolean(false);

    static {
	implMethod = (Method)
	    AccessController.doPrivileged(new PrivilegedAction() {
	    public Object run() {
		Method m = null;
		try {
		    m = cl.getDeclaredMethod("getImpl", GET_IMPL_PARAMS);
		    if (m != null)
			m.setAccessible(true);
		} catch (NoSuchMethodException nsme) {
		}
		return m;
	    }
	});
    }

    // The certificate type
    private String type;

    // The provider
    private Provider provider;

    // The provider implementation
    private CertificateFactorySpi certFacSpi;

    /**
     * Creates a CertificateFactory object of the given type, and encapsulates
     * the given provider implementation (SPI object) in it.
     *
     * @param certFacSpi the provider implementation.
     * @param provider the provider.
     * @param type the certificate type.
     */
    protected CertificateFactory(CertificateFactorySpi certFacSpi,
				 Provider provider, String type)
    {
	this.certFacSpi = certFacSpi;
	this.provider = provider;
	this.type = type;
    }

    /**
     * Generates a certificate factory object that implements the
     * specified certificate type. If the default provider package
     * provides an implementation of the requested certificate type,
     * an instance of certificate factory containing that
     * implementation is returned.
     * If the type is not available in the default
     * package, other packages are searched.
     *
     * @param type the name of the requested certificate type.
     * See Appendix A in the <a href=
     * "../../../../guide/security/CryptoSpec.html#AppA">
     * Java Cryptography Architecture API Specification &amp; Reference </a>
     * for information about standard certificate types.
     *
     * @return a certificate factory object for the specified type.
     *
     * @exception CertificateException if the requested certificate type is
     * not available in the default provider package or any of the other
     * provider packages that were searched.
     */
    public static final CertificateFactory getInstance(String type)
	throws CertificateException
    {
	try {
	    if (implMethod == null) {
		throw new CertificateException(type + " not found");
	    }

	    // The underlying method is static, so we set the object
	    // argument to null.
	    Object[] objs = (Object[])implMethod.invoke(null,
					       new Object[]
					       { type,
						 "CertificateFactory",
						 null
					       } );
	    return new CertificateFactory((CertificateFactorySpi)objs[0],
					  (Provider)objs[1], type);
	} catch (IllegalAccessException iae) {
	    CertificateException ce = new
	               CertificateException(type + " not found");
	    ce.initCause(iae);
	    throw ce;
	} catch (InvocationTargetException ite) {
	    CertificateException ce = new
	               CertificateException(type + " not found");
	    ce.initCause(ite);
	    throw ce;
	}
    }

    /**
     * Generates a certificate factory object for the specified
     * certificate type from the specified provider.
     *
     * @param type the certificate type
     * @param provider the name of the provider.
     *
     * @return a certificate factory object for the specified type.
     *
     * @exception CertificateException if the certificate type is
     * not available from the specified provider.
     *
     * @exception NoSuchProviderException if the provider has not been
     * configured.
     *
     * @see Provider
     */
    public static final CertificateFactory getInstance(String type,
					  	       String provider)
	throws CertificateException, NoSuchProviderException
    {
	if (provider == null || provider.length() == 0)
	    throw new IllegalArgumentException("missing provider");
	try {
	    if (implMethod == null) {
		throw new CertificateException(type + " not found");
	    }

	    // The underlying method is static, so we set the object
	    // argument to null.
	    Object[] objs = (Object[])implMethod.invoke(null,
					       new Object[]
					       { type,
						 "CertificateFactory",
						 provider
					       } );
	    return new CertificateFactory((CertificateFactorySpi)objs[0],
					  (Provider)objs[1], type);
	} catch (IllegalAccessException iae) {
	    CertificateException ce = new
	               CertificateException(type + " not found");
	    ce.initCause(iae);
	    throw ce;
	} catch (InvocationTargetException ite) {
	    Throwable t = ite.getTargetException();
	    if (t != null && t instanceof NoSuchProviderException)
		throw (NoSuchProviderException)t;
	    CertificateException ce = new 
                CertificateException(type + " not found");
	    ce.initCause(ite);
	    throw ce;
	}
    }

    /**
     * Generates a certificate factory object for the specified
     * certificate type from the specified provider.
     * Note: the <code>provider</code> doesn't have to be registered.
     *
     * @param type the certificate type
     * @param provider the provider
     *
     * @return a certificate factory object for the specified type.
     *
     * @exception CertificateException if the certificate type is
     * not available from the specified provider.
     *
     * @exception IllegalArgumentException if the <code>provider</code> is
     * null.
     *
     * @see Provider
     *
     * @since 1.4
     */
    public static final CertificateFactory getInstance(String type,
                                                       Provider provider)
        throws CertificateException
    {
	if (provider == null)
	    throw new IllegalArgumentException("missing provider");

	if (implMethod2Set.booleanValue() == false) {
	    synchronized (implMethod2Set) {
		if (implMethod2Set.booleanValue() == false) {
		    implMethod2 = (Method)
			AccessController.doPrivileged(
					   new PrivilegedAction() {
			    public Object run() {
				Method m = null;
				try {
				    m = cl.getDeclaredMethod("getImpl",
							     GET_IMPL_PARAMS2);
				    if (m != null)
					m.setAccessible(true);
				} catch (NoSuchMethodException nsme) {
				}
				return m;