1 /*
2 * Copyright 2000-2003 Sun Microsystems, Inc. All Rights Reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Sun designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Sun in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
22 * CA 95054 USA or visit www.sun.com if you need additional information or
23 * have any questions.
24 */
25
26 package java.security.cert;
27
28 import java.security.InvalidAlgorithmParameterException;
29 import java.util.Collection;
30
31 /**
32 * The <i>Service Provider Interface</i> (<b>SPI</b>)
33 * for the {@link CertStore CertStore} class. All <code>CertStore</code>
34 * implementations must include a class (the SPI class) that extends
35 * this class (<code>CertStoreSpi</code>), provides a constructor with
36 * a single argument of type <code>CertStoreParameters</code>, and implements
37 * all of its methods. In general, instances of this class should only be
38 * accessed through the <code>CertStore</code> class.
39 * For details, see the Java Cryptography Architecture.
40 * <p>
41 * <b>Concurrent Access</b>
42 * <p>
43 * The public methods of all <code>CertStoreSpi</code> objects must be
44 * thread-safe. That is, multiple threads may concurrently invoke these
45 * methods on a single <code>CertStoreSpi</code> object (or more than one)
46 * with no ill effects. This allows a <code>CertPathBuilder</code> to search
47 * for a CRL while simultaneously searching for further certificates, for
48 * instance.
49 * <p>
50 * Simple <code>CertStoreSpi</code> implementations will probably ensure
51 * thread safety by adding a <code>synchronized</code> keyword to their
52 * <code>engineGetCertificates</code> and <code>engineGetCRLs</code> methods.
53 * More sophisticated ones may allow truly concurrent access.
54 *
55 * @since 1.4
56 * @author Steve Hanna
57 */
58 public abstract class CertStoreSpi {
59
60 /**
61 * The sole constructor.
62 *
63 * @param params the initialization parameters (may be <code>null</code>)
64 * @throws InvalidAlgorithmParameterException if the initialization
65 * parameters are inappropriate for this <code>CertStoreSpi</code>
66 */
67 public CertStoreSpi(CertStoreParameters params)
68 throws InvalidAlgorithmParameterException { }
69
70 /**
71 * Returns a <code>Collection</code> of <code>Certificate</code>s that
72 * match the specified selector. If no <code>Certificate</code>s
73 * match the selector, an empty <code>Collection</code> will be returned.
74 * <p>
75 * For some <code>CertStore</code> types, the resulting
76 * <code>Collection</code> may not contain <b>all</b> of the
77 * <code>Certificate</code>s that match the selector. For instance,
78 * an LDAP <code>CertStore</code> may not search all entries in the
79 * directory. Instead, it may just search entries that are likely to
80 * contain the <code>Certificate</code>s it is looking for.
81 * <p>
82 * Some <code>CertStore</code> implementations (especially LDAP
83 * <code>CertStore</code>s) may throw a <code>CertStoreException</code>
84 * unless a non-null <code>CertSelector</code> is provided that includes
85 * specific criteria that can be used to find the certificates. Issuer
86 * and/or subject names are especially useful criteria.
87 *
88 * @param selector A <code>CertSelector</code> used to select which
89 * <code>Certificate</code>s should be returned. Specify <code>null</code>
90 * to return all <code>Certificate</code>s (if supported).
91 * @return A <code>Collection</code> of <code>Certificate</code>s that
92 * match the specified selector (never <code>null</code>)
93 * @throws CertStoreException if an exception occurs
94 */
95 public abstract Collection<? extends Certificate> engineGetCertificates
96 (CertSelector selector) throws CertStoreException;
97
98 /**
99 * Returns a <code>Collection</code> of <code>CRL</code>s that
100 * match the specified selector. If no <code>CRL</code>s
101 * match the selector, an empty <code>Collection</code> will be returned.
102 * <p>
103 * For some <code>CertStore</code> types, the resulting
104 * <code>Collection</code> may not contain <b>all</b> of the
105 * <code>CRL</code>s that match the selector. For instance,
106 * an LDAP <code>CertStore</code> may not search all entries in the
107 * directory. Instead, it may just search entries that are likely to
108 * contain the <code>CRL</code>s it is looking for.
109 * <p>
110 * Some <code>CertStore</code> implementations (especially LDAP
111 * <code>CertStore</code>s) may throw a <code>CertStoreException</code>
112 * unless a non-null <code>CRLSelector</code> is provided that includes
113 * specific criteria that can be used to find the CRLs. Issuer names
114 * and/or the certificate to be checked are especially useful.
115 *
116 * @param selector A <code>CRLSelector</code> used to select which
117 * <code>CRL</code>s should be returned. Specify <code>null</code>
118 * to return all <code>CRL</code>s (if supported).
119 * @return A <code>Collection</code> of <code>CRL</code>s that
120 * match the specified selector (never <code>null</code>)
121 * @throws CertStoreException if an exception occurs
122 */
123 public abstract Collection<? extends CRL> engineGetCRLs
124 (CRLSelector selector) throws CertStoreException;
125 }
Save This Page