001/* PKIXBuilderParameters.java -- parameters for PKIX cert path builders
002   Copyright (C) 2003 Free Software Foundation, Inc.
003
004This file is part of GNU Classpath.
005
006GNU Classpath is free software; you can redistribute it and/or modify
007it under the terms of the GNU General Public License as published by
008the Free Software Foundation; either version 2, or (at your option)
009any later version.
010 
011GNU Classpath is distributed in the hope that it will be useful, but
012WITHOUT ANY WARRANTY; without even the implied warranty of
013MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
014General Public License for more details.
015
016You should have received a copy of the GNU General Public License
017along with GNU Classpath; see the file COPYING.  If not, write to the
018Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
01902110-1301 USA.
020
021Linking this library statically or dynamically with other modules is
022making a combined work based on this library.  Thus, the terms and
023conditions of the GNU General Public License cover the whole
024combination.
025
026As a special exception, the copyright holders of this library give you
027permission to link this library with independent modules to produce an
028executable, regardless of the license terms of these independent
029modules, and to copy and distribute the resulting executable under
030terms of your choice, provided that you also meet, for each linked
031independent module, the terms and conditions of the license of that
032module.  An independent module is a module which is not derived from
033or based on this library.  If you modify this library, you may extend
034this exception to your version of the library, but you are not
035obligated to do so.  If you do not wish to do so, delete this
036exception statement from your version. */
037
038
039package java.security.cert;
040
041import gnu.java.lang.CPStringBuilder;
042
043import java.security.InvalidAlgorithmParameterException;
044import java.security.KeyStore;
045import java.security.KeyStoreException;
046
047import java.util.Set;
048
049/**
050 * Parameters for building certificate paths using the PKIX algorithm.
051 *
052 * @see CertPathBuilder
053 * @since 1.4
054 */
055public class PKIXBuilderParameters extends PKIXParameters
056{
057
058  // Fields.
059  // ------------------------------------------------------------------------
060
061  /** The maximum path length. */
062  private int maxPathLength;
063
064  // Constructors.
065  // ------------------------------------------------------------------------
066
067  /**
068   * Create a new PKIXBuilderParameters object, populating the trusted
069   * certificates set with all X.509 certificates found in the given key
070   * store. All certificates found in the key store are assumed to be
071   * trusted by this constructor.
072   *
073   * @param keystore The key store.
074   * @param targetConstraints The target certificate constraints.
075   * @throws KeyStoreException If the certificates cannot be retrieved
076   *         from the key store.
077   * @throws InvalidAlgorithmParameterException If there are no
078   *         certificates in the key store.
079   * @throws NullPointerException If <i>keystore</i> is null.
080   */
081  public PKIXBuilderParameters(KeyStore keystore,
082                               CertSelector targetConstraints)
083    throws KeyStoreException, InvalidAlgorithmParameterException
084  {
085    super(keystore);
086    setTargetCertConstraints(targetConstraints);
087    maxPathLength = 5;
088  }
089
090  /**
091   * Create a new PKIXBuilderParameters object, populating the trusted
092   * certificates set with the elements of the given set, each of which
093   * must be a {@link TrustAnchor}.
094   *
095   * @param trustAnchors The set of trust anchors.
096   * @param targetConstraints The target certificate constraints.
097   * @throws InvalidAlgorithmParameterException If there are no
098   *         certificates in the set.
099   * @throws NullPointerException If <i>trustAnchors</i> is null.
100   * @throws ClassCastException If every element in <i>trustAnchors</i>
101   *         is not a {@link TrustAnchor}.
102   */
103  public PKIXBuilderParameters(Set<TrustAnchor> trustAnchors,
104                               CertSelector targetConstraints)
105    throws InvalidAlgorithmParameterException
106  {
107    super(trustAnchors);
108    setTargetCertConstraints(targetConstraints);
109    maxPathLength = 5;
110  }
111
112  // Instance methods.
113  // ------------------------------------------------------------------------
114
115  /**
116   * Returns the maximum length of certificate paths to build.
117   *
118   * <p>If this value is 0 it is taken to mean that the certificate path
119   * should contain only one certificate. A value of -1 means that the
120   * certificate path length is unconstrained. The default value is 5.
121   *
122   * @return The maximum path length.
123   */
124  public int getMaxPathLength()
125  {
126    return maxPathLength;
127  }
128
129  /**
130   * Sets the maximum length of certificate paths to build.
131   *
132   * @param maxPathLength The new path length.
133   * @throws IllegalArgumentException If <i>maxPathLength</i> is less
134   *         than -1.
135   */
136  public void setMaxPathLength(int maxPathLength)
137  {
138    if (maxPathLength < -1)
139      throw new IllegalArgumentException();
140    this.maxPathLength = maxPathLength;
141  }
142
143  public String toString()
144  {
145    CPStringBuilder buf = new CPStringBuilder(super.toString());
146    buf.insert(buf.length() - 2, "; Max Path Length=" + maxPathLength);
147    return buf.toString();
148  }
149}