1 /*
   2  * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.  Oracle designates this
   8  * particular file as subject to the "Classpath" exception as provided
   9  * by Oracle in the LICENSE file that accompanied this code.
  10  *
  11  * This code is distributed in the hope that it will be useful, but WITHOUT
  12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  14  * version 2 for more details (a copy is included in the LICENSE file that
  15  * accompanied this code).
  16  *
  17  * You should have received a copy of the GNU General Public License version
  18  * 2 along with this work; if not, write to the Free Software Foundation,
  19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  20  *
  21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  22  * or visit www.oracle.com if you need additional information or have any
  23  * questions.
  24  */
  25 
  26 package sun.security.provider.certpath;
  27 
  28 import java.security.InvalidAlgorithmParameterException;
  29 import java.security.KeyStore;
  30 import java.security.KeyStoreException;
  31 import java.security.cert.*;
  32 import java.util.Set;
  33 
  34 /**
  35  * This class specifies the set of parameters used as input for the Sun
  36  * certification path build algorithm. It is identical to PKIXBuilderParameters
  37  * with the addition of a <code>buildForward</code> parameter which allows
  38  * the caller to specify whether or not the path should be constructed in
  39  * the forward direction.
  40  *
  41  * The default for the <code>buildForward</code> parameter is
  42  * true, which means that the build algorithm should construct paths
  43  * from the target subject back to the trusted anchor.
  44  *
  45  * @since       1.4
  46  * @author      Sean Mullan
  47  * @author      Yassir Elley
  48  */
  49 public class SunCertPathBuilderParameters extends PKIXBuilderParameters {
  50 
  51     private boolean buildForward = true;
  52 
  53     /**
  54      * Creates an instance of <code>SunCertPathBuilderParameters</code> with the
  55      * specified parameter values.
  56      *
  57      * @param trustAnchors a <code>Set</code> of <code>TrustAnchor</code>s
  58      * @param targetConstraints a <code>CertSelector</code> specifying the
  59      * constraints on the target certificate
  60      * @throws InvalidAlgorithmParameterException if the specified
  61      * <code>Set</code> is empty <code>(trustAnchors.isEmpty() == true)</code>
  62      * @throws NullPointerException if the specified <code>Set</code> is
  63      * <code>null</code>
  64      * @throws ClassCastException if any of the elements in the <code>Set</code>
  65      * are not of type <code>java.security.cert.TrustAnchor</code>
  66      */
  67     public SunCertPathBuilderParameters(Set<TrustAnchor> trustAnchors,
  68         CertSelector targetConstraints) throws InvalidAlgorithmParameterException
  69     {
  70         super(trustAnchors, targetConstraints);
  71         setBuildForward(true);
  72     }
  73 
  74     /**
  75      * Creates an instance of <code>SunCertPathBuilderParameters</code> that
  76      * uses the specified <code>KeyStore</code> to populate the set
  77      * of most-trusted CA certificates.
  78      *
  79      * @param keystore A keystore from which the set of most-trusted
  80      * CA certificates will be populated.
  81      * @param targetConstraints a <code>CertSelector</code> specifying the
  82      * constraints on the target certificate
  83      * @throws KeyStoreException if the keystore has not been initialized.
  84      * @throws InvalidAlgorithmParameterException if the keystore does
  85      * not contain at least one trusted certificate entry
  86      * @throws NullPointerException if the keystore is <code>null</code>
  87      */
  88     public SunCertPathBuilderParameters(KeyStore keystore,
  89         CertSelector targetConstraints)
  90         throws KeyStoreException, InvalidAlgorithmParameterException
  91     {
  92         super(keystore, targetConstraints);
  93         setBuildForward(true);
  94     }
  95 
  96     /**
  97      * Returns the value of the buildForward flag.
  98      *
  99      * @return the value of the buildForward flag
 100      */
 101     public boolean getBuildForward() {
 102         return this.buildForward;
 103     }
 104 
 105     /**
 106      * Sets the value of the buildForward flag. If true, paths
 107      * are built from the target subject to the trusted anchor.
 108      * If false, paths are built from the trusted anchor to the
 109      * target subject. The default value if not specified is true.
 110      *
 111      * @param buildForward the value of the buildForward flag
 112      */
 113     public void setBuildForward(boolean buildForward) {
 114         this.buildForward = buildForward;
 115     }
 116 
 117     /**
 118      * Returns a formatted string describing the parameters.
 119      *
 120      * @return a formatted string describing the parameters.
 121      */
 122     @Override
 123     public String toString() {
 124         StringBuilder sb = new StringBuilder();
 125         sb.append("[\n");
 126         sb.append(super.toString());
 127         sb.append("  Build Forward Flag: " + String.valueOf(buildForward) + "\n");
 128         sb.append("]\n");
 129         return sb.toString();
 130     }
 131 }