New src/share/classes/sun/security/provider/certpath/CertStoreHelper.java

   1 /*
   2  * Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.  Oracle designates this
   8  * particular file as subject to the "Classpath" exception as provided
   9  * by Oracle in the LICENSE file that accompanied this code.
  10  *
  11  * This code is distributed in the hope that it will be useful, but WITHOUT
  12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  14  * version 2 for more details (a copy is included in the LICENSE file that
  15  * accompanied this code).
  16  *
  17  * You should have received a copy of the GNU General Public License version
  18  * 2 along with this work; if not, write to the Free Software Foundation,
  19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  20  *
  21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  22  * or visit www.oracle.com if you need additional information or have any
  23  * questions.
  24  */
  25 
  26 package sun.security.provider.certpath;
  27 
  28 import java.net.URI;
  29 import java.util.Collection;
  30 import java.util.HashMap;
  31 import java.util.Map;
  32 import java.security.AccessController;
  33 import java.security.NoSuchAlgorithmException;
  34 import java.security.InvalidAlgorithmParameterException;
  35 import java.security.PrivilegedActionException;
  36 import java.security.PrivilegedExceptionAction;
  37 import java.security.cert.CertStore;
  38 import java.security.cert.X509CertSelector;
  39 import java.security.cert.X509CRLSelector;
  40 import javax.security.auth.x500.X500Principal;
  41 import java.io.IOException;
  42 
  43 import sun.security.util.Cache;
  44 
  45 /**
  46  * Helper used by URICertStore and others when delegating to another CertStore
  47  * to fetch certs and CRLs.
  48  */
  49 
  50 public abstract class CertStoreHelper {
  51 
  52     private static final int NUM_TYPES = 2;
  53     private final static Map<String,String> classMap = new HashMap<String,String>(NUM_TYPES);
  54     static {
  55         classMap.put(
  56             "LDAP",
  57             "sun.security.provider.certpath.ldap.LDAPCertStoreHelper");
  58         classMap.put(
  59             "SSLServer",
  60             "sun.security.provider.certpath.ssl.SSLServerCertStoreHelper");
  61     };
  62     private static Cache cache = Cache.newSoftMemoryCache(NUM_TYPES);
  63 
  64     public static CertStoreHelper getInstance(final String type)
  65         throws NoSuchAlgorithmException
  66     {
  67         CertStoreHelper helper = (CertStoreHelper)cache.get(type);
  68         if (helper != null) {
  69             return helper;
  70         }
  71         final String cl = classMap.get(type);
  72         if (cl == null) {
  73             throw new NoSuchAlgorithmException(type + " not available");
  74         }
  75         try {
  76             helper = AccessController.doPrivileged(
  77                 new PrivilegedExceptionAction<CertStoreHelper>() {
  78                     public CertStoreHelper run() throws ClassNotFoundException {
  79                         try {
  80                             Class<?> c = Class.forName(cl, true, null);
  81                             CertStoreHelper csh
  82                                 = (CertStoreHelper)c.newInstance();
  83                             cache.put(type, csh);
  84                             return csh;
  85                         } catch (InstantiationException e) {
  86                             throw new AssertionError(e);
  87                         } catch (IllegalAccessException e) {
  88                             throw new AssertionError(e);
  89                         }
  90                     }
  91             });
  92             return helper;
  93         } catch (PrivilegedActionException e) {
  94             throw new NoSuchAlgorithmException(type + " not available",
  95                                                e.getException());
  96         }
  97     }
  98 
  99     /**
 100      * Returns a CertStore using the given URI as parameters.
 101      */
 102     public abstract CertStore getCertStore(URI uri)
 103         throws NoSuchAlgorithmException, InvalidAlgorithmParameterException;
 104 
 105     /**
 106      * Wraps an existing X509CertSelector when needing to avoid DN matching
 107      * issues.
 108      */
 109     public abstract X509CertSelector wrap(X509CertSelector selector,
 110                           X500Principal certSubject,
 111                           String dn)
 112         throws IOException;
 113 
 114     /**
 115      * Wraps an existing X509CRLSelector when needing to avoid DN matching
 116      * issues.
 117      */
 118     public abstract X509CRLSelector wrap(X509CRLSelector selector,
 119                          Collection<X500Principal> certIssuers,
 120                          String dn)
 121         throws IOException;
 122 }