Overview Package Class Use Source Tree Index Deprecated About
Frames | No Frames

Source for java.security.cert.TrustAnchor

   1: /* TrustAnchor.java -- an ultimately-trusted certificate.
   2:    Copyright (C) 2003, 2004  Free Software Foundation, Inc.
   3: 
   4: This file is part of GNU Classpath.
   5: 
   6: GNU Classpath is free software; you can redistribute it and/or modify
   7: it under the terms of the GNU General Public License as published by
   8: the Free Software Foundation; either version 2, or (at your option)
   9: any later version.
  10: 
  11: GNU Classpath is distributed in the hope that it will be useful, but
  12: WITHOUT ANY WARRANTY; without even the implied warranty of
  13: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14: General Public License for more details.
  15: 
  16: You should have received a copy of the GNU General Public License
  17: along with GNU Classpath; see the file COPYING.  If not, write to the
  18: Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
  19: 02110-1301 USA.
  20: 
  21: Linking this library statically or dynamically with other modules is
  22: making a combined work based on this library.  Thus, the terms and
  23: conditions of the GNU General Public License cover the whole
  24: combination.
  25: 
  26: As a special exception, the copyright holders of this library give you
  27: permission to link this library with independent modules to produce an
  28: executable, regardless of the license terms of these independent
  29: modules, and to copy and distribute the resulting executable under
  30: terms of your choice, provided that you also meet, for each linked
  31: independent module, the terms and conditions of the license of that
  32: module.  An independent module is a module which is not derived from
  33: or based on this library.  If you modify this library, you may extend
  34: this exception to your version of the library, but you are not
  35: obligated to do so.  If you do not wish to do so, delete this
  36: exception statement from your version. */
  37: 
  38: 
  39: package java.security.cert;
  40: 
  41: import gnu.java.security.x509.X500DistinguishedName;
  42: 
  43: import java.security.PublicKey;
  44: 
  45: /**
  46:  * An ultimately-trusted certificate to serve as the root of a
  47:  * certificate chain.
  48:  *
  49:  * @author Casey Marshall (rsdio@metastatic.org)
  50:  */
  51: public class TrustAnchor
  52: {
  53: 
  54:   // Fields.
  55:   // ------------------------------------------------------------------------
  56: 
  57:   /** The certificate authority's distinguished name. */
  58:   private final X500DistinguishedName caName;
  59: 
  60:   /** The certficate authority's public key. */
  61:   private final PublicKey caKey;
  62: 
  63:   /** The certficate authority's certificate. */
  64:   private final X509Certificate trustedCert;
  65: 
  66:   /** The encoded name constraints bytes. */
  67:   private final byte[] nameConstraints;
  68: 
  69:   // Constnuctors.
  70:   // ------------------------------------------------------------------------
  71: 
  72:   /**
  73:    * Create a new trust anchor from a certificate and (optional) name
  74:    * constraints.
  75:    *
  76:    * <p>If the <i>nameConstraints</i> argument in non-null, it will be
  77:    * copied to prevent modification.
  78:    *
  79:    * @param trustedCert The trusted certificate.
  80:    * @param nameConstraints The encoded nameConstraints.
  81:    */
  82:   public TrustAnchor(X509Certificate trustedCert, byte[] nameConstraints)
  83:   {
  84:     if (trustedCert == null)
  85:       throw new NullPointerException();
  86:     this.trustedCert = trustedCert;
  87:     caName = null;
  88:     caKey = null;
  89:     if (nameConstraints != null)
  90:       this.nameConstraints = (byte[]) nameConstraints.clone();
  91:     else
  92:       this.nameConstraints = null;
  93:   }
  94: 
  95:   /**
  96:    * Create a new trust anchor from a certificate authority's
  97:    * distinguished name, public key, and (optional) name constraints.
  98:    *
  99:    * <p>If the <i>nameConstraints</i> argument in non-null, it will be
 100:    * copied to prevent modification.
 101:    *
 102:    * @params caName The CA's distinguished name.
 103:    * @params caKey The CA's public key.
 104:    * @params nameConstraints The encoded nameConstraints.
 105:    */
 106:   public TrustAnchor(String caName, PublicKey caKey, byte[] nameConstraints)
 107:   {
 108:     if (caName == null || caKey == null)
 109:       throw new NullPointerException();
 110:     if (caName.length() == 0)
 111:       throw new IllegalArgumentException();
 112:     trustedCert = null;
 113:     this.caName = new X500DistinguishedName(caName);
 114:     this.caKey = caKey;
 115:     if (nameConstraints != null)
 116:       this.nameConstraints = (byte[]) nameConstraints.clone();
 117:     else
 118:       this.nameConstraints = null;
 119:   }
 120: 
 121:   // Instance methods.
 122:   // ------------------------------------------------------------------------
 123: 
 124:   /**
 125:    * Return the trusted certificate, or null if none was specified.
 126:    *
 127:    * @return The trusted certificate.
 128:    */
 129:   public final X509Certificate getTrustedCert()
 130:   {
 131:     return trustedCert;
 132:   }
 133: 
 134:   /**
 135:    * Return the certificate authority's distinguished name, or null if
 136:    * none was specified.
 137:    *
 138:    * @return The CA's distinguished name.
 139:    */
 140:   public final String getCAName()
 141:   {
 142:     if (caName != null)
 143:       return caName.toString();
 144:     return null;
 145:   }
 146: 
 147:   /**
 148:    * Return the certificate authority's public key, or null if none was
 149:    * specified.
 150:    *
 151:    * @return The CA's public key.
 152:    */
 153:   public final PublicKey getCAPublicKey()
 154:   {
 155:     return caKey;
 156:   }
 157: 
 158:   /**
 159:    * Return the encoded name constraints, or null if none was specified.
 160:    *
 161:    * <p>The name constraints byte array is copied when this method is
 162:    * called to prevent modification.
 163:    *
 164:    * @return The encoded name constraints.
 165:    */
 166:   public final byte[] getNameConstraints()
 167:   {
 168:     if (nameConstraints == null)
 169:       return null;
 170:     return (byte[]) nameConstraints.clone();
 171:   }
 172: 
 173:   /**
 174:    * Return a printable representation of this trust anchor.
 175:    *
 176:    * @return The printable representation.
 177:    */
 178:   public String toString()
 179:   {
 180:     if (trustedCert == null)
 181:       return "[ Trusted CA Public Key=" + caKey + ", Trusted CA Issuer Name="
 182:         + caName.toString() + " ]";
 183:     return "[ Trusted CA Certificate=" + trustedCert + " ]";
 184:   }
 185: }

Overview Package Class Use Source Tree Index Deprecated About