001 /*
002 * Copyright 1999-2006 Sun Microsystems, Inc. All Rights Reserved.
003 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
004 *
005 * This code is free software; you can redistribute it and/or modify it
006 * under the terms of the GNU General Public License version 2 only, as
007 * published by the Free Software Foundation. Sun designates this
008 * particular file as subject to the "Classpath" exception as provided
009 * by Sun in the LICENSE file that accompanied this code.
010 *
011 * This code is distributed in the hope that it will be useful, but WITHOUT
012 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
013 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
014 * version 2 for more details (a copy is included in the LICENSE file that
015 * accompanied this code).
016 *
017 * You should have received a copy of the GNU General Public License version
018 * 2 along with this work; if not, write to the Free Software Foundation,
019 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
020 *
021 * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
022 * CA 95054 USA or visit www.sun.com if you need additional information or
023 * have any questions.
024 */
025
026 package javax.net.ssl;
027
028 import java.security.Security;
029 import java.security.*;
030
031 import sun.security.jca.GetInstance;
032
033 /**
034 * This class acts as a factory for trust managers based on a
035 * source of trust material. Each trust manager manages a specific
036 * type of trust material for use by secure sockets. The trust
037 * material is based on a KeyStore and/or provider specific sources.
038 *
039 * @since 1.4
040 * @see TrustManager
041 * @version 1.24, 05/05/07
042 */
043 public class TrustManagerFactory {
044 // The provider
045 private Provider provider;
046
047 // The provider implementation (delegate)
048 private TrustManagerFactorySpi factorySpi;
049
050 // The name of the trust management algorithm.
051 private String algorithm;
052
053 /**
054 * Obtains the default TrustManagerFactory algorithm name.
055 *
056 * <p>The default TrustManager can be changed at runtime by setting
057 * the value of the "ssl.TrustManagerFactory.algorithm" security
058 * property (set in the Java security properties file or by calling
059 * {@link java.security.Security#setProperty(String, String) })
060 * to the desired algorithm name.
061 *
062 * @return the default algorithm name as specified in the
063 * Java security properties, or an implementation-specific default
064 * if no such property exists.
065 */
066 public final static String getDefaultAlgorithm() {
067 String type;
068 type = AccessController
069 .doPrivileged(new PrivilegedAction<String>() {
070 public String run() {
071 return Security
072 .getProperty("ssl.TrustManagerFactory.algorithm");
073 }
074 });
075 if (type == null) {
076 type = "SunX509";
077 }
078 return type;
079 }
080
081 /**
082 * Creates a TrustManagerFactory object.
083 *
084 * @param factorySpi the delegate
085 * @param provider the provider
086 * @param algorithm the algorithm
087 */
088 protected TrustManagerFactory(TrustManagerFactorySpi factorySpi,
089 Provider provider, String algorithm) {
090 this .factorySpi = factorySpi;
091 this .provider = provider;
092 this .algorithm = algorithm;
093 }
094
095 /**
096 * Returns the algorithm name of this <code>TrustManagerFactory</code>
097 * object.
098 *
099 * <p>This is the same name that was specified in one of the
100 * <code>getInstance</code> calls that created this
101 * <code>TrustManagerFactory</code> object.
102 *
103 * @return the algorithm name of this <code>TrustManagerFactory</code>
104 * object
105 */
106 public final String getAlgorithm() {
107 return this .algorithm;
108 }
109
110 /**
111 * Returns a <code>TrustManagerFactory</code> object that acts as a
112 * factory for trust managers.
113 *
114 * <p> This method traverses the list of registered security Providers,
115 * starting with the most preferred Provider.
116 * A new TrustManagerFactory object encapsulating the
117 * TrustManagerFactorySpi implementation from the first
118 * Provider that supports the specified algorithm is returned.
119 *
120 * <p> Note that the list of registered providers may be retrieved via
121 * the {@link Security#getProviders() Security.getProviders()} method.
122 *
123 * @param algorithm the standard name of the requested trust management
124 * algorithm. See the <a href=
125 * "{@docRoot}/../technotes/guides/security/jsse/JSSERefGuide.html">
126 * Java Secure Socket Extension Reference Guide </a>
127 * for information about standard algorithm names.
128 *
129 * @return the new <code>TrustManagerFactory</code> object.
130 *
131 * @exception NoSuchAlgorithmException if no Provider supports a
132 * TrustManagerFactorySpi implementation for the
133 * specified algorithm.
134 *
135 * @see java.security.Provider
136 */
137 public static final TrustManagerFactory getInstance(String algorithm)
138 throws NoSuchAlgorithmException {
139 GetInstance.Instance instance = GetInstance.getInstance(
140 "TrustManagerFactory", TrustManagerFactorySpi.class,
141 algorithm);
142 return new TrustManagerFactory(
143 (TrustManagerFactorySpi) instance.impl,
144 instance.provider, algorithm);
145 }
146
147 /**
148 * Returns a <code>TrustManagerFactory</code> object that acts as a
149 * factory for trust managers.
150 *
151 * <p> A new KeyManagerFactory object encapsulating the
152 * KeyManagerFactorySpi implementation from the specified provider
153 * is returned. The specified provider must be registered
154 * in the security provider list.
155 *
156 * <p> Note that the list of registered providers may be retrieved via
157 * the {@link Security#getProviders() Security.getProviders()} method.
158 *
159 * @param algorithm the standard name of the requested trust management
160 * algorithm. See the <a href=
161 * "{@docRoot}/../technotes/guides/security/jsse/JSSERefGuide.html">
162 * Java Secure Socket Extension Reference Guide </a>
163 * for information about standard algorithm names.
164 *
165 * @param provider the name of the provider.
166 *
167 * @return the new <code>TrustManagerFactory</code> object
168 *
169 * @throws NoSuchAlgorithmException if a TrustManagerFactorySpi
170 * implementation for the specified algorithm is not
171 * available from the specified provider.
172 *
173 * @throws NoSuchProviderException if the specified provider is not
174 * registered in the security provider list.
175 *
176 * @throws IllegalArgumentException if the provider name is null or empty.
177 *
178 * @see java.security.Provider
179 */
180 public static final TrustManagerFactory getInstance(
181 String algorithm, String provider)
182 throws NoSuchAlgorithmException, NoSuchProviderException {
183 GetInstance.Instance instance = GetInstance.getInstance(
184 "TrustManagerFactory", TrustManagerFactorySpi.class,
185 algorithm, provider);
186 return new TrustManagerFactory(
187 (TrustManagerFactorySpi) instance.impl,
188 instance.provider, algorithm);
189 }
190
191 /**
192 * Returns a <code>TrustManagerFactory</code> object that acts as a
193 * factory for trust managers.
194 *
195 * <p> A new TrustManagerFactory object encapsulating the
196 * TrustManagerFactorySpi implementation from the specified Provider
197 * object is returned. Note that the specified Provider object
198 * does not have to be registered in the provider list.
199 *
200 * @param algorithm the standard name of the requested trust management
201 * algorithm. See the <a href=
202 * "{@docRoot}/../technotes/guides/security/jsse/JSSERefGuide.html">
203 * Java Secure Socket Extension Reference Guide </a>
204 * for information about standard algorithm names.
205 *
206 * @param provider an instance of the provider.
207 *
208 * @return the new <code>TrustManagerFactory</code> object.
209 *
210 * @throws NoSuchAlgorithmException if a TrustManagerFactorySpi
211 * implementation for the specified algorithm is not available
212 * from the specified Provider object.
213 *
214 * @throws IllegalArgumentException if the provider is null.
215 *
216 * @see java.security.Provider
217 */
218 public static final TrustManagerFactory getInstance(
219 String algorithm, Provider provider)
220 throws NoSuchAlgorithmException {
221 GetInstance.Instance instance = GetInstance.getInstance(
222 "TrustManagerFactory", TrustManagerFactorySpi.class,
223 algorithm, provider);
224 return new TrustManagerFactory(
225 (TrustManagerFactorySpi) instance.impl,
226 instance.provider, algorithm);
227 }
228
229 /**
230 * Returns the provider of this <code>TrustManagerFactory</code> object.
231 *
232 * @return the provider of this <code>TrustManagerFactory</code> object
233 */
234 public final Provider getProvider() {
235 return this .provider;
236 }
237
238 /**
239 * Initializes this factory with a source of certificate
240 * authorities and related trust material.
241 * <P>
242 * The provider typically uses a KeyStore as a basis for making
243 * trust decisions.
244 * <P>
245 * For more flexible initialization, please see
246 * {@link #init(ManagerFactoryParameters)}.
247 *
248 * @param ks the key store, or null
249 * @throws KeyStoreException if this operation fails
250 */
251 public final void init(KeyStore ks) throws KeyStoreException {
252 factorySpi.engineInit(ks);
253 }
254
255 /**
256 * Initializes this factory with a source of provider-specific
257 * trust material.
258 * <P>
259 * In some cases, initialization parameters other than a keystore
260 * may be needed by a provider. Users of that particular provider
261 * are expected to pass an implementation of the appropriate
262 * <CODE>ManagerFactoryParameters</CODE> as defined by the
263 * provider. The provider can then call the specified methods in
264 * the <CODE>ManagerFactoryParameters</CODE> implementation to obtain the
265 * needed information.
266 *
267 * @param spec an implementation of a provider-specific parameter
268 * specification
269 * @throws InvalidAlgorithmParameterException if an error is
270 * encountered
271 */
272 public final void init(ManagerFactoryParameters spec)
273 throws InvalidAlgorithmParameterException {
274 factorySpi.engineInit(spec);
275 }
276
277 /**
278 * Returns one trust manager for each type of trust material.
279 *
280 * @return the trust managers
281 */
282 public final TrustManager[] getTrustManagers() {
283 return factorySpi.engineGetTrustManagers();
284 }
285 }
|