CertificateFactory

This class defines the functionality of a certificate factory, which is used to generate certificate, certification path ({@code CertPath}) and certificate revocation list (CRL) objects from their encodings.

<p>For encodings consisting of multiple certificates, use {@code generateCertificates} when you want to parse a collection of possibly unrelated certificates. Otherwise, use {@code generateCertPath} when you want to generate a {@code CertPath} (a certificate chain) and subsequently validate it with a {@code CertPathValidator}.

<p>A certificate factory for X.509 must return certificates that are an instance of {@code java.security.cert.X509Certificate}, and CRLs that are an instance of {@code java.security.cert.X509CRL}.

<p>The following example reads a file with Base64 encoded certificates, which are each bounded at the beginning by -----BEGIN CERTIFICATE-----, and bounded at the end by -----END CERTIFICATE-----. We convert the {@code FileInputStream} (which does not support {@code mark} and {@code reset}) to a {@code BufferedInputStream} (which supports those methods), so that each call to {@code generateCertificate} consumes only one certificate, and the read position of the input stream is positioned to the next certificate in the file:

<pre>{@code FileInputStream fis = new FileInputStream(filename); BufferedInputStream bis = new BufferedInputStream(fis);

CertificateFactory cf = CertificateFactory.getInstance("X.509");

while (bis.available() > 0) { Certificate cert = cf.generateCertificate(bis); System.out.println(cert.toString()); } }</pre>

<p>The following example parses a PKCS#7-formatted certificate reply stored in a file and extracts all the certificates from it:

<pre> FileInputStream fis = new FileInputStream(filename); CertificateFactory cf = CertificateFactory.getInstance("X.509"); Collection c = cf.generateCertificates(fis); Iterator i = c.iterator(); while (i.hasNext()) { Certificate cert = (Certificate)i.next(); System.out.println(cert); } </pre>

<p> Every implementation of the Java platform is required to support the following standard {@code CertificateFactory} type: <ul> <li>{@code X.509}</li> </ul> and the following standard {@code CertPath} encodings: <ul> <li>{@code PKCS7}</li> <li>{@code PkiPath}</li> </ul> The type and encodings are described in the <a href= "{@docRoot}/../technotes/guides/security/StandardNames.html#CertificateFactory"> CertificateFactory section</a> and the <a href= "{@docRoot}/../technotes/guides/security/StandardNames.html#CertPathEncodings"> CertPath Encodings section</a> of the Java Cryptography Architecture Standard Algorithm Name Documentation. Consult the release documentation for your implementation to see if any other types or encodings are supported.

@author Hemma Prafullchandra @author Jan Luehe @author Sean Mullan

@see Certificate @see X509Certificate @see CertPath @see CRL @see X509CRL

@since 1.2

Constructors

this
this(CertificateFactorySpi certFacSpi, Provider provider, string type)

Creates a CertificateFactory object of the given type, and encapsulates the given provider implementation (SPI object) in it.

Members

Functions

generateCRL
CRL generateCRL(InputStream inStream)

Generates a certificate revocation list (CRL) object and initializes it with the data read from the input stream {@code inStream}.

generateCRLs
Collection!CRL generateCRLs(InputStream inStream)

Returns a (possibly empty) collection view of the CRLs read from the given input stream {@code inStream}.

generateCertPath
CertPath generateCertPath(InputStream inStream)

Generates a {@code CertPath} object and initializes it with the data read from the {@code InputStream} inStream. The data is assumed to be in the default encoding. The name of the default encoding is the first element of the {@code Iterator} returned by the {@link #getCertPathEncodings getCertPathEncodings} method.

generateCertPath
CertPath generateCertPath(InputStream inStream, string encoding)

Generates a {@code CertPath} object and initializes it with the data read from the {@code InputStream} inStream. The data is assumed to be in the specified encoding. See the CertPath Encodings section in the <a href= "{@docRoot}/../technotes/guides/security/StandardNames.html#CertPathEncodings"> Java Cryptography Architecture Standard Algorithm Name Documentation</a> for information about standard encoding names and their formats.

generateCertPath
CertPath generateCertPath(List!Certificate certificates)

Generates a {@code CertPath} object and initializes it with a {@code List} of {@code Certificate}s. <p> The certificates supplied must be of a type supported by the {@code CertificateFactory}. They will be copied out of the supplied {@code List} object.

generateCertificate
Certificate generateCertificate(InputStream inStream)

Generates a certificate object and initializes it with the data read from the input stream {@code inStream}.

generateCertificates
Collection!Certificate generateCertificates(InputStream inStream)

Returns a (possibly empty) collection view of the certificates read from the given input stream {@code inStream}.

getCertPathEncodings
Iterator!string getCertPathEncodings()

Returns an iteration of the {@code CertPath} encodings supported by this certificate factory, with the default encoding first. See the CertPath Encodings section in the <a href= "{@docRoot}/../technotes/guides/security/StandardNames.html#CertPathEncodings"> Java Cryptography Architecture Standard Algorithm Name Documentation</a> for information about standard encoding names and their formats. <p> Attempts to modify the returned {@code Iterator} via its {@code remove} method result in an {@code UnsupportedOperationException}.

getProvider
Provider getProvider()

Returns the provider of this certificate factory.

getType
string getType()

Returns the name of the certificate type associated with this certificate factory.

Static functions

getFactorySpi
CertificateFactorySpi getFactorySpi(string type)
Undocumented in source. Be warned that the author may not have intended to support it.
getInstance
CertificateFactory getInstance(string type)

Returns a certificate factory object that implements the specified certificate type.

Meta