Path: blob/aarch64-shenandoah-jdk8u272-b10/jdk/src/share/classes/javax/net/ssl/TrustManagerFactory.java
38918 views
/*1* Copyright (c) 1999, 2012, Oracle and/or its affiliates. All rights reserved.2* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.3*4* This code is free software; you can redistribute it and/or modify it5* under the terms of the GNU General Public License version 2 only, as6* published by the Free Software Foundation. Oracle designates this7* particular file as subject to the "Classpath" exception as provided8* by Oracle in the LICENSE file that accompanied this code.9*10* This code is distributed in the hope that it will be useful, but WITHOUT11* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or12* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License13* version 2 for more details (a copy is included in the LICENSE file that14* accompanied this code).15*16* You should have received a copy of the GNU General Public License version17* 2 along with this work; if not, write to the Free Software Foundation,18* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.19*20* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA21* or visit www.oracle.com if you need additional information or have any22* questions.23*/2425package javax.net.ssl;2627import java.security.Security;28import java.security.*;2930import sun.security.jca.GetInstance;3132/**33* This class acts as a factory for trust managers based on a34* source of trust material. Each trust manager manages a specific35* type of trust material for use by secure sockets. The trust36* material is based on a KeyStore and/or provider specific sources.37*38* @since 1.439* @see TrustManager40*/41public class TrustManagerFactory {42// The provider43private Provider provider;4445// The provider implementation (delegate)46private TrustManagerFactorySpi factorySpi;4748// The name of the trust management algorithm.49private String algorithm;5051/**52* Obtains the default TrustManagerFactory algorithm name.53*54* <p>The default TrustManager can be changed at runtime by setting55* the value of the {@code ssl.TrustManagerFactory.algorithm}56* security property to the desired algorithm name.57*58* @see java.security.Security security properties59* @return the default algorithm name as specified by the60* {@code ssl.TrustManagerFactory.algorithm} security property, or an61* implementation-specific default if no such property exists.62*/63public final static String getDefaultAlgorithm() {64String type;65type = AccessController.doPrivileged(new PrivilegedAction<String>() {66@Override67public String run() {68return Security.getProperty(69"ssl.TrustManagerFactory.algorithm");70}71});72if (type == null) {73type = "SunX509";74}75return type;76}7778/**79* Creates a TrustManagerFactory object.80*81* @param factorySpi the delegate82* @param provider the provider83* @param algorithm the algorithm84*/85protected TrustManagerFactory(TrustManagerFactorySpi factorySpi,86Provider provider, String algorithm) {87this.factorySpi = factorySpi;88this.provider = provider;89this.algorithm = algorithm;90}9192/**93* Returns the algorithm name of this <code>TrustManagerFactory</code>94* object.95*96* <p>This is the same name that was specified in one of the97* <code>getInstance</code> calls that created this98* <code>TrustManagerFactory</code> object.99*100* @return the algorithm name of this <code>TrustManagerFactory</code>101* object102*/103public final String getAlgorithm() {104return this.algorithm;105}106107/**108* Returns a <code>TrustManagerFactory</code> object that acts as a109* factory for trust managers.110*111* <p> This method traverses the list of registered security Providers,112* starting with the most preferred Provider.113* A new TrustManagerFactory object encapsulating the114* TrustManagerFactorySpi implementation from the first115* Provider that supports the specified algorithm is returned.116*117* <p> Note that the list of registered providers may be retrieved via118* the {@link Security#getProviders() Security.getProviders()} method.119*120* @param algorithm the standard name of the requested trust management121* algorithm. See the <a href=122* "{@docRoot}/../technotes/guides/security/jsse/JSSERefGuide.html">123* Java Secure Socket Extension Reference Guide </a>124* for information about standard algorithm names.125*126* @return the new <code>TrustManagerFactory</code> object.127*128* @exception NoSuchAlgorithmException if no Provider supports a129* TrustManagerFactorySpi implementation for the130* specified algorithm.131* @exception NullPointerException if algorithm is null.132*133* @see java.security.Provider134*/135public static final TrustManagerFactory getInstance(String algorithm)136throws NoSuchAlgorithmException {137GetInstance.Instance instance = GetInstance.getInstance138("TrustManagerFactory", TrustManagerFactorySpi.class,139algorithm);140return new TrustManagerFactory((TrustManagerFactorySpi)instance.impl,141instance.provider, algorithm);142}143144/**145* Returns a <code>TrustManagerFactory</code> object that acts as a146* factory for trust managers.147*148* <p> A new KeyManagerFactory object encapsulating the149* KeyManagerFactorySpi implementation from the specified provider150* is returned. The specified provider must be registered151* in the security provider list.152*153* <p> Note that the list of registered providers may be retrieved via154* the {@link Security#getProviders() Security.getProviders()} method.155*156* @param algorithm the standard name of the requested trust management157* algorithm. See the <a href=158* "{@docRoot}/../technotes/guides/security/jsse/JSSERefGuide.html">159* Java Secure Socket Extension Reference Guide </a>160* for information about standard algorithm names.161*162* @param provider the name of the provider.163*164* @return the new <code>TrustManagerFactory</code> object165*166* @throws NoSuchAlgorithmException if a TrustManagerFactorySpi167* implementation for the specified algorithm is not168* available from the specified provider.169*170* @throws NoSuchProviderException if the specified provider is not171* registered in the security provider list.172*173* @throws IllegalArgumentException if the provider name is null or empty.174* @throws NullPointerException if algorithm is null.175*176* @see java.security.Provider177*/178public static final TrustManagerFactory getInstance(String algorithm,179String provider) throws NoSuchAlgorithmException,180NoSuchProviderException {181GetInstance.Instance instance = GetInstance.getInstance182("TrustManagerFactory", TrustManagerFactorySpi.class,183algorithm, provider);184return new TrustManagerFactory((TrustManagerFactorySpi)instance.impl,185instance.provider, algorithm);186}187188/**189* Returns a <code>TrustManagerFactory</code> object that acts as a190* factory for trust managers.191*192* <p> A new TrustManagerFactory object encapsulating the193* TrustManagerFactorySpi implementation from the specified Provider194* object is returned. Note that the specified Provider object195* does not have to be registered in the provider list.196*197* @param algorithm the standard name of the requested trust management198* algorithm. See the <a href=199* "{@docRoot}/../technotes/guides/security/jsse/JSSERefGuide.html">200* Java Secure Socket Extension Reference Guide </a>201* for information about standard algorithm names.202*203* @param provider an instance of the provider.204*205* @return the new <code>TrustManagerFactory</code> object.206*207* @throws NoSuchAlgorithmException if a TrustManagerFactorySpi208* implementation for the specified algorithm is not available209* from the specified Provider object.210*211* @throws IllegalArgumentException if the provider is null.212* @throws NullPointerException if algorithm is null.213*214* @see java.security.Provider215*/216public static final TrustManagerFactory getInstance(String algorithm,217Provider provider) throws NoSuchAlgorithmException {218GetInstance.Instance instance = GetInstance.getInstance219("TrustManagerFactory", TrustManagerFactorySpi.class,220algorithm, provider);221return new TrustManagerFactory((TrustManagerFactorySpi)instance.impl,222instance.provider, algorithm);223}224225/**226* Returns the provider of this <code>TrustManagerFactory</code> object.227*228* @return the provider of this <code>TrustManagerFactory</code> object229*/230public final Provider getProvider() {231return this.provider;232}233234235/**236* Initializes this factory with a source of certificate237* authorities and related trust material.238* <P>239* The provider typically uses a KeyStore as a basis for making240* trust decisions.241* <P>242* For more flexible initialization, please see243* {@link #init(ManagerFactoryParameters)}.244*245* @param ks the key store, or null246* @throws KeyStoreException if this operation fails247*/248public final void init(KeyStore ks) throws KeyStoreException {249factorySpi.engineInit(ks);250}251252253/**254* Initializes this factory with a source of provider-specific255* trust material.256* <P>257* In some cases, initialization parameters other than a keystore258* may be needed by a provider. Users of that particular provider259* are expected to pass an implementation of the appropriate260* <CODE>ManagerFactoryParameters</CODE> as defined by the261* provider. The provider can then call the specified methods in262* the <CODE>ManagerFactoryParameters</CODE> implementation to obtain the263* needed information.264*265* @param spec an implementation of a provider-specific parameter266* specification267* @throws InvalidAlgorithmParameterException if an error is268* encountered269*/270public final void init(ManagerFactoryParameters spec) throws271InvalidAlgorithmParameterException {272factorySpi.engineInit(spec);273}274275276/**277* Returns one trust manager for each type of trust material.278*279* @throws IllegalStateException if the factory is not initialized.280*281* @return the trust managers282*/283public final TrustManager[] getTrustManagers() {284return factorySpi.engineGetTrustManagers();285}286}287288289