1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142
/* * @(#)PKIXCertPathValidatorResult.java 1.10 05/11/17 * * Copyright 2006 Sun Microsystems, Inc. All rights reserved. * SUN PROPRIETARY/CONFIDENTIAL. Use is subject to license terms. */ package java.security.cert; import java.security.PublicKey; /** * This class represents the successful result of the PKIX certification * path validation algorithm. * * <p>Instances of <code>PKIXCertPathValidatorResult</code> are returned by the * {@link CertPathValidator#validate validate} method of * <code>CertPathValidator</code> objects implementing the PKIX algorithm. * * <p> All <code>PKIXCertPathValidatorResult</code> objects contain the * valid policy tree and subject public key resulting from the * validation algorithm, as well as a <code>TrustAnchor</code> describing * the certification authority (CA) that served as a trust anchor for the * certification path. * <p> * <b>Concurrent Access</b> * <p> * Unless otherwise specified, the methods defined in this class are not * thread-safe. Multiple threads that need to access a single * object concurrently should synchronize amongst themselves and * provide the necessary locking. Multiple threads each manipulating * separate objects need not synchronize. * * @see CertPathValidatorResult * * @version 1.10 11/17/05 * @since 1.4 * @author Yassir Elley * @author Sean Mullan */ public class PKIXCertPathValidatorResult implements CertPathValidatorResult { private TrustAnchor trustAnchor; private PolicyNode policyTree; private PublicKey subjectPublicKey; /** * Creates an instance of <code>PKIXCertPathValidatorResult</code> * containing the specified parameters. * * @param trustAnchor a <code>TrustAnchor</code> describing the CA that * served as a trust anchor for the certification path * @param policyTree the immutable valid policy tree, or <code>null</code> * if there are no valid policies * @param subjectPublicKey the public key of the subject * @throws NullPointerException if the <code>subjectPublicKey</code> or * <code>trustAnchor</code> parameters are <code>null</code> */ public PKIXCertPathValidatorResult(TrustAnchor trustAnchor, PolicyNode policyTree, PublicKey subjectPublicKey) { if (subjectPublicKey == null) throw new NullPointerException("subjectPublicKey must be non-null"); if (trustAnchor == null) throw new NullPointerException("trustAnchor must be non-null"); this.trustAnchor = trustAnchor; this.policyTree = policyTree; this.subjectPublicKey = subjectPublicKey; } /** * Returns the <code>TrustAnchor</code> describing the CA that served * as a trust anchor for the certification path. * * @return the <code>TrustAnchor</code> (never <code>null</code>) */ public TrustAnchor getTrustAnchor() { return trustAnchor; } /** * Returns the root node of the valid policy tree resulting from the * PKIX certification path validation algorithm. The * <code>PolicyNode</code> object that is returned and any objects that * it returns through public methods are immutable. * * <p>Most applications will not need to examine the valid policy tree. * They can achieve their policy processing goals by setting the * policy-related parameters in <code>PKIXParameters</code>. However, more * sophisticated applications, especially those that process policy * qualifiers, may need to traverse the valid policy tree using the * {@link PolicyNode#getParent PolicyNode.getParent} and * {@link PolicyNode#getChildren PolicyNode.getChildren} methods. * * @return the root node of the valid policy tree, or <code>null</code> * if there are no valid policies */ public PolicyNode getPolicyTree() { return policyTree; } /** * Returns the public key of the subject (target) of the certification * path, including any inherited public key parameters if applicable. * * @return the public key of the subject (never <code>null</code>) */ public PublicKey getPublicKey() { return subjectPublicKey; } /** * Returns a copy of this object. * * @return the copy */ public Object clone() { try { return super.clone(); } catch (CloneNotSupportedException e) { /* Cannot happen */ throw new InternalError(e.toString()); } } /** * Return a printable representation of this * <code>PKIXCertPathValidatorResult</code>. * * @return a <code>String</code> describing the contents of this * <code>PKIXCertPathValidatorResult</code> */ public String toString() { StringBuffer sb = new StringBuffer(); sb.append("PKIXCertPathValidatorResult: [\n"); sb.append(" Trust Anchor: " + trustAnchor.toString() + "\n"); sb.append(" Policy Tree: " + String.valueOf(policyTree) + "\n"); sb.append(" Subject Public Key: " + subjectPublicKey + "\n"); sb.append("]"); return sb.toString(); } }