All Downloads are FREE. Search and download functionalities are using the official Maven repository.

javax.xml.crypto.dsig.keyinfo.KeyInfoFactory Maven / Gradle / Ivy

Go to download

Apache XML Security for Java supports XML-Signature Syntax and Processing, W3C Recommendation 12 February 2002, and XML Encryption Syntax and Processing, W3C Recommendation 10 December 2002. As of version 1.4, the library supports the standard Java API JSR-105: XML Digital Signature APIs.

There is a newer version: 4.0.3
Show newest version
/**
 * Licensed to the Apache Software Foundation (ASF) under one
 * or more contributor license agreements. See the NOTICE file
 * distributed with this work for additional information
 * regarding copyright ownership. The ASF licenses this file
 * to you under the Apache License, Version 2.0 (the
 * "License"); you may not use this file except in compliance
 * with the License. You may obtain a copy of the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing,
 * software distributed under the License is distributed on an
 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 * KIND, either express or implied. See the License for the
 * specific language governing permissions and limitations
 * under the License.
 */
/*
 * Copyright 2005 Sun Microsystems, Inc. All rights reserved.
 */
/*
 * $Id: KeyInfoFactory.java 1203722 2011-11-18 16:27:37Z mullan $
 */
package javax.xml.crypto.dsig.keyinfo;

import java.math.BigInteger;
import java.security.KeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Provider;
import java.security.PublicKey;
import java.security.Security;
import java.security.cert.X509CRL;
import java.util.List;
import javax.xml.crypto.MarshalException;
import javax.xml.crypto.NoSuchMechanismException;
import javax.xml.crypto.URIDereferencer;
import javax.xml.crypto.XMLStructure;
import javax.xml.crypto.dom.DOMStructure;
import javax.xml.crypto.dsig.*;

/**
 * A factory for creating {@link KeyInfo} objects from scratch or for
 * unmarshalling a KeyInfo object from a corresponding XML 
 * representation.
 *
 * 

Each instance of KeyInfoFactory supports a specific * XML mechanism type. To create a KeyInfoFactory, call one of the * static {@link #getInstance getInstance} methods, passing in the XML * mechanism type desired, for example: * *

* KeyInfoFactory factory = KeyInfoFactory.getInstance("DOM"); *
* *

The objects that this factory produces will be based * on DOM and abide by the DOM interoperability requirements as defined in the * * DOM Mechanism Requirements section of the API overview. See the * Service * Providers section of the API overview for a list of standard mechanism * types. * *

KeyInfoFactory implementations are registered and loaded * using the {@link java.security.Provider} mechanism. * For example, a service provider that supports the * DOM mechanism would be specified in the Provider subclass as: *

 *     put("KeyInfoFactory.DOM", "org.example.DOMKeyInfoFactory");
 * 
* *

Also, the XMLStructures that are created by this factory * may contain state specific to the KeyInfo and are not * intended to be reusable. * *

An implementation MUST minimally support the default mechanism type: DOM. * *

Note that a caller must use the same KeyInfoFactory * instance to create the XMLStructures of a particular * KeyInfo object. The behavior is undefined if * XMLStructures from different providers or different mechanism * types are used together. * *

Concurrent Access *

The static methods of this class are guaranteed to be thread-safe. * Multiple threads may concurrently invoke the static methods defined in this * class with no ill effects. * *

However, this is not true for the non-static methods defined by this * class. Unless otherwise documented by a specific provider, threads that * need to access a single KeyInfoFactory instance concurrently * should synchronize amongst themselves and provide the necessary locking. * Multiple threads each manipulating a different KeyInfoFactory * instance need not synchronize. * * @author Sean Mullan * @author JSR 105 Expert Group */ public abstract class KeyInfoFactory { private String mechanismType; private Provider provider; /** * Default constructor, for invocation by subclasses. */ protected KeyInfoFactory() {} /** * Returns a KeyInfoFactory that supports the * specified XML processing mechanism and representation type (ex: "DOM"). * *

This method uses the standard JCA provider lookup mechanism to * locate and instantiate a KeyInfoFactory implementation of * the desired mechanism type. It traverses the list of registered security * Providers, starting with the most preferred * Provider. A new KeyInfoFactory object * from the first Provider that supports the specified * mechanism is returned. * *

Note that the list of registered providers may be retrieved via * the {@link Security#getProviders() Security.getProviders()} method. * * @param mechanismType the type of the XML processing mechanism and * representation. See the Service * Providers section of the API overview for a list of standard * mechanism types. * @return a new KeyInfoFactory * @throws NullPointerException if mechanismType is * null * @throws NoSuchMechanismException if no Provider supports a * KeyInfoFactory implementation for the specified mechanism * @see Provider */ public static KeyInfoFactory getInstance(String mechanismType) { if (mechanismType == null) { throw new NullPointerException("mechanismType cannot be null"); } return findInstance(mechanismType, null); } private static KeyInfoFactory findInstance(String mechanismType, Provider provider) { if (provider == null) { provider = getProvider("KeyInfoFactory", mechanismType); } Provider.Service ps = provider.getService("KeyInfoFactory", mechanismType); if (ps == null) { throw new NoSuchMechanismException("Cannot find " + mechanismType + " mechanism type"); } try { KeyInfoFactory fac = (KeyInfoFactory)ps.newInstance(null); fac.mechanismType = mechanismType; fac.provider = provider; return fac; } catch (NoSuchAlgorithmException nsae) { throw new NoSuchMechanismException("Cannot find " + mechanismType + " mechanism type", nsae); } } private static Provider getProvider(String engine, String mech) { Provider[] providers = Security.getProviders(engine + "." + mech); if (providers == null) { throw new NoSuchMechanismException("Mechanism type " + mech + " not available"); } return providers[0]; } /** * Returns a KeyInfoFactory that supports the * requested XML processing mechanism and representation type (ex: "DOM"), * as supplied by the specified provider. Note that the specified * Provider object does not have to be registered in the * provider list. * * @param mechanismType the type of the XML processing mechanism and * representation. See the Service * Providers section of the API overview for a list of standard * mechanism types. * @param provider the Provider object * @return a new KeyInfoFactory * @throws NullPointerException if mechanismType or * provider are null * @throws NoSuchMechanismException if a KeyInfoFactory * implementation for the specified mechanism is not available from the * specified Provider object * @see Provider */ public static KeyInfoFactory getInstance(String mechanismType, Provider provider) { if (mechanismType == null) { throw new NullPointerException("mechanismType cannot be null"); } else if (provider == null) { throw new NullPointerException("provider cannot be null"); } return findInstance(mechanismType, provider); } /** * Returns a KeyInfoFactory that supports the * requested XML processing mechanism and representation type (ex: "DOM"), * as supplied by the specified provider. The specified provider must be * registered in the security provider list. * *

Note that the list of registered providers may be retrieved via * the {@link Security#getProviders() Security.getProviders()} method. * * @param mechanismType the type of the XML processing mechanism and * representation. See the Service * Providers section of the API overview for a list of standard * mechanism types. * @param provider the string name of the provider * @return a new KeyInfoFactory * @throws NoSuchProviderException if the specified provider is not * registered in the security provider list * @throws NullPointerException if mechanismType or * provider are null * @throws NoSuchMechanismException if a KeyInfoFactory * implementation for the specified mechanism is not available from the * specified provider * @see Provider */ public static KeyInfoFactory getInstance(String mechanismType, String provider) throws NoSuchProviderException { if (mechanismType == null) { throw new NullPointerException("mechanismType cannot be null"); } else if (provider == null) { throw new NullPointerException("provider cannot be null"); } Provider prov = Security.getProvider(provider); if (prov == null) { throw new NoSuchProviderException("cannot find provider named " + provider); } return findInstance(mechanismType, prov); } /** * Returns a KeyInfoFactory that supports the * default XML processing mechanism and representation type ("DOM"). * *

This method uses the standard JCA provider lookup mechanism to * locate and instantiate a KeyInfoFactory implementation of * the default mechanism type. It traverses the list of registered security * Providers, starting with the most preferred * Provider. A new KeyInfoFactory object * from the first Provider that supports the DOM mechanism is * returned. * *

Note that the list of registered providers may be retrieved via * the {@link Security#getProviders() Security.getProviders()} method. * * @return a new KeyInfoFactory * @throws NoSuchMechanismException if no Provider supports a * KeyInfoFactory implementation for the DOM mechanism * @see Provider */ public static KeyInfoFactory getInstance() { return getInstance("DOM"); } /** * Returns the type of the XML processing mechanism and representation * supported by this KeyInfoFactory (ex: "DOM") * * @return the XML processing mechanism type supported by this * KeyInfoFactory */ public final String getMechanismType() { return mechanismType; } /** * Returns the provider of this KeyInfoFactory. * * @return the provider of this KeyInfoFactory */ public final Provider getProvider() { return provider; } /** * Creates a KeyInfo containing the specified list of * key information types. * * @param content a list of one or more {@link XMLStructure}s representing * key information types. The list is defensively copied to protect * against subsequent modification. * @return a KeyInfo * @throws NullPointerException if content is null * @throws IllegalArgumentException if content is empty * @throws ClassCastException if content contains any entries * that are not of type {@link XMLStructure} */ public abstract KeyInfo newKeyInfo(List content); /** * Creates a KeyInfo containing the specified list of key * information types and optional id. The * id parameter represents the value of an XML * ID attribute and is useful for referencing * the KeyInfo from other XML structures. * * @param content a list of one or more {@link XMLStructure}s representing * key information types. The list is defensively copied to protect * against subsequent modification. * @param id the value of an XML ID (may be null) * @return a KeyInfo * @throws NullPointerException if content is null * @throws IllegalArgumentException if content is empty * @throws ClassCastException if content contains any entries * that are not of type {@link XMLStructure} */ public abstract KeyInfo newKeyInfo(List content, String id); /** * Creates a KeyName from the specified name. * * @param name the name that identifies the key * @return a KeyName * @throws NullPointerException if name is null */ public abstract KeyName newKeyName(String name); /** * Creates a KeyValue from the specified public key. * * @param key the public key * @return a KeyValue * @throws KeyException if the key's algorithm is not * recognized or supported by this KeyInfoFactory * @throws NullPointerException if key is null */ public abstract KeyValue newKeyValue(PublicKey key) throws KeyException; /** * Creates a PGPData from the specified PGP public key * identifier. * * @param keyId a PGP public key identifier as defined in RFC 2440, section 11.2. * The array is cloned to protect against subsequent modification. * @return a PGPData * @throws NullPointerException if keyId is null * @throws IllegalArgumentException if the key id is not in the correct * format */ public abstract PGPData newPGPData(byte[] keyId); /** * Creates a PGPData from the specified PGP public key * identifier, and optional key material packet and list of external * elements. * * @param keyId a PGP public key identifier as defined in RFC 2440, section 11.2. * The array is cloned to protect against subsequent modification. * @param keyPacket a PGP key material packet as defined in RFC 2440, section 5.5. * The array is cloned to protect against subsequent modification. May * be null. * @param other a list of {@link XMLStructure}s representing elements from * an external namespace. The list is defensively copied to protect * against subsequent modification. May be null or empty. * @return a PGPData * @throws NullPointerException if keyId is null * @throws IllegalArgumentException if the keyId or * keyPacket is not in the correct format. For * keyPacket, the format of the packet header is * checked and the tag is verified that it is of type key material. The * contents and format of the packet body are not checked. * @throws ClassCastException if other contains any * entries that are not of type {@link XMLStructure} */ public abstract PGPData newPGPData(byte[] keyId, byte[] keyPacket, List other); /** * Creates a PGPData from the specified PGP key material * packet and optional list of external elements. * * @param keyPacket a PGP key material packet as defined in RFC 2440, section 5.5. * The array is cloned to protect against subsequent modification. * @param other a list of {@link XMLStructure}s representing elements from * an external namespace. The list is defensively copied to protect * against subsequent modification. May be null or empty. * @return a PGPData * @throws NullPointerException if keyPacket is * null * @throws IllegalArgumentException if keyPacket is not in the * correct format. For keyPacket, the format of the packet * header is checked and the tag is verified that it is of type key * material. The contents and format of the packet body are not checked. * @throws ClassCastException if other contains any * entries that are not of type {@link XMLStructure} */ public abstract PGPData newPGPData(byte[] keyPacket, List other); /** * Creates a RetrievalMethod from the specified URI. * * @param uri the URI that identifies the KeyInfo information * to be retrieved * @return a RetrievalMethod * @throws NullPointerException if uri is null * @throws IllegalArgumentException if uri is not RFC 2396 * compliant */ public abstract RetrievalMethod newRetrievalMethod(String uri); /** * Creates a RetrievalMethod from the specified parameters. * * @param uri the URI that identifies the KeyInfo information * to be retrieved * @param type a URI that identifies the type of KeyInfo * information to be retrieved (may be null) * @param transforms a list of {@link Transform}s. The list is defensively * copied to protect against subsequent modification. May be * null or empty. * @return a RetrievalMethod * @throws NullPointerException if uri is null * @throws IllegalArgumentException if uri is not RFC 2396 * compliant * @throws ClassCastException if transforms contains any * entries that are not of type {@link Transform} */ public abstract RetrievalMethod newRetrievalMethod(String uri, String type, List transforms); /** * Creates a X509Data containing the specified list of * X.509 content. * * @param content a list of one or more X.509 content types. Valid types are * {@link String} (subject names), byte[] (subject key ids), * {@link java.security.cert.X509Certificate}, {@link X509CRL}, * or {@link XMLStructure} ({@link X509IssuerSerial} * objects or elements from an external namespace). Subject names are * distinguished names in RFC 2253 String format. Implementations MUST * support the attribute type keywords defined in RFC 2253 (CN, L, ST, * O, OU, C, STREET, DC and UID). Implementations MAY support additional * keywords. The list is defensively copied to protect against * subsequent modification. * @return a X509Data * @throws NullPointerException if content is null * @throws IllegalArgumentException if content is empty, or * if a subject name is not RFC 2253 compliant or one of the attribute * type keywords is not recognized. * @throws ClassCastException if content contains any entries * that are not of one of the valid types mentioned above */ public abstract X509Data newX509Data(List content); /** * Creates an X509IssuerSerial from the specified X.500 issuer * distinguished name and serial number. * * @param issuerName the issuer's distinguished name in RFC 2253 String * format. Implementations MUST support the attribute type keywords * defined in RFC 2253 (CN, L, ST, O, OU, C, STREET, DC and UID). * Implementations MAY support additional keywords. * @param serialNumber the serial number * @return an X509IssuerSerial * @throws NullPointerException if issuerName or * serialNumber are null * @throws IllegalArgumentException if the issuer name is not RFC 2253 * compliant or one of the attribute type keywords is not recognized. */ public abstract X509IssuerSerial newX509IssuerSerial (String issuerName, BigInteger serialNumber); /** * Indicates whether a specified feature is supported. * * @param feature the feature name (as an absolute URI) * @return true if the specified feature is supported, * false otherwise * @throws NullPointerException if feature is null */ public abstract boolean isFeatureSupported(String feature); /** * Returns a reference to the URIDereferencer that is used by * default to dereference URIs in {@link RetrievalMethod} objects. * * @return a reference to the default URIDereferencer */ public abstract URIDereferencer getURIDereferencer(); /** * Unmarshals a new KeyInfo instance from a * mechanism-specific XMLStructure (ex: {@link DOMStructure}) * instance. * * @param xmlStructure a mechanism-specific XML structure from which to * unmarshal the keyinfo from * @return the KeyInfo * @throws NullPointerException if xmlStructure is * null * @throws ClassCastException if the type of xmlStructure is * inappropriate for this factory * @throws MarshalException if an unrecoverable exception occurs during * unmarshalling */ public abstract KeyInfo unmarshalKeyInfo(XMLStructure xmlStructure) throws MarshalException; }





© 2015 - 2024 Weber Informatics LLC | Privacy Policy