1 /*
   2  * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.  Oracle designates this
   8  * particular file as subject to the "Classpath" exception as provided
   9  * by Oracle in the LICENSE file that accompanied this code.
  10  *
  11  * This code is distributed in the hope that it will be useful, but WITHOUT
  12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  14  * version 2 for more details (a copy is included in the LICENSE file that
  15  * accompanied this code).
  16  *
  17  * You should have received a copy of the GNU General Public License version
  18  * 2 along with this work; if not, write to the Free Software Foundation,
  19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  20  *
  21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  22  * or visit www.oracle.com if you need additional information or have any
  23  * questions.
  24  */
  25 
  26 package java.security.cert;
  27 
  28 import java.security.InvalidAlgorithmParameterException;
  29 
  30 /**
  31  *
  32  * The <i>Service Provider Interface</i> (<b>SPI</b>)
  33  * for the {@link CertPathValidator CertPathValidator} class. All
  34  * {@code CertPathValidator} implementations must include a class (the
  35  * SPI class) that extends this class ({@code CertPathValidatorSpi})
  36  * and implements all of its methods. In general, instances of this class
  37  * should only be accessed through the {@code CertPathValidator} class.
  38  * For details, see the Java Cryptography Architecture.
  39  * <p>
  40  * <b>Concurrent Access</b>
  41  * <p>
  42  * Instances of this class need not be protected against concurrent
  43  * access from multiple threads. Threads that need to access a single
  44  * {@code CertPathValidatorSpi} instance concurrently should synchronize
  45  * amongst themselves and provide the necessary locking before calling the
  46  * wrapping {@code CertPathValidator} object.
  47  * <p>
  48  * However, implementations of {@code CertPathValidatorSpi} may still
  49  * encounter concurrency issues, since multiple threads each
  50  * manipulating a different {@code CertPathValidatorSpi} instance need not
  51  * synchronize.
  52  *
  53  * @since       1.4
  54  * @author      Yassir Elley
  55  */
  56 public abstract class CertPathValidatorSpi {
  57 
  58     /**
  59      * The default constructor.
  60      */
  61     public CertPathValidatorSpi() {}
  62 
  63     /**
  64      * Validates the specified certification path using the specified
  65      * algorithm parameter set.
  66      * <p>
  67      * The {@code CertPath} specified must be of a type that is
  68      * supported by the validation algorithm, otherwise an
  69      * {@code InvalidAlgorithmParameterException} will be thrown. For
  70      * example, a {@code CertPathValidator} that implements the PKIX
  71      * algorithm validates {@code CertPath} objects of type X.509.
  72      *
  73      * @param certPath the {@code CertPath} to be validated
  74      * @param params the algorithm parameters
  75      * @return the result of the validation algorithm
  76      * @exception CertPathValidatorException if the {@code CertPath}
  77      * does not validate
  78      * @exception InvalidAlgorithmParameterException if the specified
  79      * parameters or the type of the specified {@code CertPath} are
  80      * inappropriate for this {@code CertPathValidator}
  81      */
  82     public abstract CertPathValidatorResult
  83         engineValidate(CertPath certPath, CertPathParameters params)
  84         throws CertPathValidatorException, InvalidAlgorithmParameterException;
  85 
  86     /**
  87      * Returns a {@code CertPathChecker} that this implementation uses to
  88      * check the revocation status of certificates. A PKIX implementation
  89      * returns objects of type {@code PKIXRevocationChecker}.
  90      *
  91      * <p>The primary purpose of this method is to allow callers to specify
  92      * additional input parameters and options specific to revocation checking.
  93      * See the class description of {@code CertPathValidator} for an example.
  94      *
  95      * <p>This method was added to version 1.8 of the Java Platform Standard
  96      * Edition. In order to maintain backwards compatibility with existing
  97      * service providers, this method cannot be abstract and by default throws
  98      * an {@code UnsupportedOperationException}.
  99      *
 100      * @throws UnsupportedOperationException if this method is not supported
 101      * @since 1.8
 102      */
 103     public CertPathChecker engineGetRevocationChecker() {
 104         throw new UnsupportedOperationException();
 105     }
 106 }