- java.lang.Object
-
- javax.xml.crypto.dsig.keyinfo.KeyInfoFactory
-
public abstract class KeyInfoFactory extends Object
A factory for creatingKeyInfoobjects from scratch or for unmarshalling aKeyInfoobject from a corresponding XML representation.Each instance of
KeyInfoFactorysupports a specific XML mechanism type. To create aKeyInfoFactory, call one of the staticgetInstancemethods, passing in the XML mechanism type desired, for example:KeyInfoFactory factory = KeyInfoFactory.getInstance("DOM");The objects that this factory produces will be based on DOM and abide by the DOM interoperability requirements as defined in the DOM Mechanism Requirements section of the API overview. See the Java Security Standard Algorithm Names document for more information.
KeyInfoFactoryimplementations are registered and loaded using theProvidermechanism. For example, a service provider that supports the DOM mechanism would be specified in theProvidersubclass as:put("KeyInfoFactory.DOM", "org.example.DOMKeyInfoFactory");Also, the
XMLStructures that are created by this factory may contain state specific to theKeyInfoand are not intended to be reusable.An implementation MUST minimally support the default mechanism type: DOM.
Note that a caller must use the same
KeyInfoFactoryinstance to create theXMLStructures of a particularKeyInfoobject. The behavior is undefined ifXMLStructures from different providers or different mechanism types are used together.Concurrent Access
The static methods of this class are guaranteed to be thread-safe. Multiple threads may concurrently invoke the static methods defined in this class with no ill effects.
However, this is not true for the non-static methods defined by this class. Unless otherwise documented by a specific provider, threads that need to access a single
KeyInfoFactoryinstance concurrently should synchronize amongst themselves and provide the necessary locking. Multiple threads each manipulating a differentKeyInfoFactoryinstance need not synchronize.- Since:
- 1.6
-
-
Constructor Summary
Constructors Modifier Constructor Description protectedKeyInfoFactory()Default constructor, for invocation by subclasses.
-
Method Summary
All Methods Static Methods Instance Methods Abstract Methods Concrete Methods Modifier and Type Method Description static KeyInfoFactorygetInstance()Returns aKeyInfoFactorythat supports the default XML processing mechanism and representation type ("DOM").static KeyInfoFactorygetInstance(String mechanismType)Returns aKeyInfoFactorythat supports the specified XML processing mechanism and representation type (ex: "DOM").static KeyInfoFactorygetInstance(String mechanismType, String provider)Returns aKeyInfoFactorythat supports the requested XML processing mechanism and representation type (ex: "DOM"), as supplied by the specified provider.static KeyInfoFactorygetInstance(String mechanismType, Provider provider)Returns aKeyInfoFactorythat supports the requested XML processing mechanism and representation type (ex: "DOM"), as supplied by the specified provider.StringgetMechanismType()Returns the type of the XML processing mechanism and representation supported by thisKeyInfoFactory(ex: "DOM")ProvidergetProvider()Returns the provider of thisKeyInfoFactory.abstract URIDereferencergetURIDereferencer()Returns a reference to theURIDereferencerthat is used by default to dereference URIs inRetrievalMethodobjects.abstract booleanisFeatureSupported(String feature)Indicates whether a specified feature is supported.abstract KeyInfonewKeyInfo(List<? extends XMLStructure> content)Creates aKeyInfocontaining the specified list of key information types.abstract KeyInfonewKeyInfo(List<? extends XMLStructure> content, String id)Creates aKeyInfocontaining the specified list of key information types and optional id.abstract KeyNamenewKeyName(String name)Creates aKeyNamefrom the specified name.abstract KeyValuenewKeyValue(PublicKey key)Creates aKeyValuefrom the specified public key.abstract PGPDatanewPGPData(byte[] keyId)Creates aPGPDatafrom the specified PGP public key identifier.abstract PGPDatanewPGPData(byte[] keyId, byte[] keyPacket, List<? extends XMLStructure> other)Creates aPGPDatafrom the specified PGP public key identifier, and optional key material packet and list of external elements.abstract PGPDatanewPGPData(byte[] keyPacket, List<? extends XMLStructure> other)Creates aPGPDatafrom the specified PGP key material packet and optional list of external elements.abstract RetrievalMethodnewRetrievalMethod(String uri)Creates aRetrievalMethodfrom the specified URI.abstract RetrievalMethodnewRetrievalMethod(String uri, String type, List<? extends Transform> transforms)Creates aRetrievalMethodfrom the specified parameters.abstract X509DatanewX509Data(List<?> content)Creates aX509Datacontaining the specified list of X.509 content.abstract X509IssuerSerialnewX509IssuerSerial(String issuerName, BigInteger serialNumber)Creates anX509IssuerSerialfrom the specified X.500 issuer distinguished name and serial number.abstract KeyInfounmarshalKeyInfo(XMLStructure xmlStructure)Unmarshals a newKeyInfoinstance from a mechanism-specificXMLStructure(ex:DOMStructure) instance.
-
-
-
Method Detail
-
getInstance
public static KeyInfoFactory getInstance(String mechanismType)
Returns aKeyInfoFactorythat supports the specified XML processing mechanism and representation type (ex: "DOM").This method uses the standard JCA provider lookup mechanism to locate and instantiate a
KeyInfoFactoryimplementation of the desired mechanism type. It traverses the list of registered securityProviders, starting with the most preferredProvider. A newKeyInfoFactoryobject from the firstProviderthat supports the specified mechanism is returned.Note that the list of registered providers may be retrieved via the
Security.getProviders()method.- Implementation Note:
- The JDK Reference Implementation additionally uses the
jdk.security.provider.preferredSecurityproperty to determine the preferred provider order for the specified algorithm. This may be different than the order of providers returned bySecurity.getProviders(). - Parameters:
mechanismType- the type of the XML processing mechanism and representation. See the Java Security Standard Algorithm Names document for more information.- Returns:
- a new
KeyInfoFactory - Throws:
NullPointerException- ifmechanismTypeisnullNoSuchMechanismException- if noProvidersupports aKeyInfoFactoryimplementation for the specified mechanism- See Also:
Provider
-
getInstance
public static KeyInfoFactory getInstance(String mechanismType, Provider provider)
Returns aKeyInfoFactorythat supports the requested XML processing mechanism and representation type (ex: "DOM"), as supplied by the specified provider. Note that the specifiedProviderobject does not have to be registered in the provider list.- Parameters:
mechanismType- the type of the XML processing mechanism and representation. See the Java Security Standard Algorithm Names document for more information.provider- theProviderobject- Returns:
- a new
KeyInfoFactory - Throws:
NullPointerException- ifmechanismTypeorproviderarenullNoSuchMechanismException- if aKeyInfoFactoryimplementation for the specified mechanism is not available from the specifiedProviderobject- See Also:
Provider
-
getInstance
public static KeyInfoFactory getInstance(String mechanismType, String provider) throws NoSuchProviderException
Returns aKeyInfoFactorythat supports the requested XML processing mechanism and representation type (ex: "DOM"), as supplied by the specified provider. The specified provider must be registered in the security provider list.Note that the list of registered providers may be retrieved via the
Security.getProviders()method.- Parameters:
mechanismType- the type of the XML processing mechanism and representation. See the Java Security Standard Algorithm Names document for more information.provider- the string name of the provider- Returns:
- a new
KeyInfoFactory - Throws:
NoSuchProviderException- if the specified provider is not registered in the security provider listNullPointerException- ifmechanismTypeorproviderarenullNoSuchMechanismException- if aKeyInfoFactoryimplementation for the specified mechanism is not available from the specified provider- See Also:
Provider
-
getInstance
public static KeyInfoFactory getInstance()
Returns aKeyInfoFactorythat supports the default XML processing mechanism and representation type ("DOM").This method uses the standard JCA provider lookup mechanism to locate and instantiate a
KeyInfoFactoryimplementation of the default mechanism type. It traverses the list of registered securityProviders, starting with the most preferredProvider. A newKeyInfoFactoryobject from the firstProviderthat supports the DOM mechanism is returned.Note that the list of registered providers may be retrieved via the
Security.getProviders()method.- Implementation Note:
- The JDK Reference Implementation additionally uses the
jdk.security.provider.preferredSecurityproperty to determine the preferred provider order for the specified algorithm. This may be different than the order of providers returned bySecurity.getProviders(). - Returns:
- a new
KeyInfoFactory - Throws:
NoSuchMechanismException- if noProvidersupports aKeyInfoFactoryimplementation for the DOM mechanism- See Also:
Provider
-
getMechanismType
public final String getMechanismType()
Returns the type of the XML processing mechanism and representation supported by thisKeyInfoFactory(ex: "DOM")- Returns:
- the XML processing mechanism type supported by this
KeyInfoFactory
-
getProvider
public final Provider getProvider()
Returns the provider of thisKeyInfoFactory.- Returns:
- the provider of this
KeyInfoFactory
-
newKeyInfo
public abstract KeyInfo newKeyInfo(List<? extends XMLStructure> content)
Creates aKeyInfocontaining the specified list of key information types.- Parameters:
content- a list of one or moreXMLStructures representing key information types. The list is defensively copied to protect against subsequent modification.- Returns:
- a
KeyInfo - Throws:
NullPointerException- ifcontentisnullIllegalArgumentException- ifcontentis emptyClassCastException- ifcontentcontains any entries that are not of typeXMLStructure
-
newKeyInfo
public abstract KeyInfo newKeyInfo(List<? extends XMLStructure> content, String id)
Creates aKeyInfocontaining the specified list of key information types and optional id. Theidparameter represents the value of an XMLIDattribute and is useful for referencing theKeyInfofrom other XML structures.- Parameters:
content- a list of one or moreXMLStructures representing key information types. The list is defensively copied to protect against subsequent modification.id- the value of an XMLID(may benull)- Returns:
- a
KeyInfo - Throws:
NullPointerException- ifcontentisnullIllegalArgumentException- ifcontentis emptyClassCastException- ifcontentcontains any entries that are not of typeXMLStructure
-
newKeyName
public abstract KeyName newKeyName(String name)
Creates aKeyNamefrom the specified name.- Parameters:
name- the name that identifies the key- Returns:
- a
KeyName - Throws:
NullPointerException- ifnameisnull
-
newKeyValue
public abstract KeyValue newKeyValue(PublicKey key) throws KeyException
Creates aKeyValuefrom the specified public key.- Parameters:
key- the public key- Returns:
- a
KeyValue - Throws:
KeyException- if thekey's algorithm is not recognized or supported by thisKeyInfoFactoryNullPointerException- ifkeyisnull
-
newPGPData
public abstract PGPData newPGPData(byte[] keyId)
Creates aPGPDatafrom the specified PGP public key identifier.- Parameters:
keyId- a PGP public key identifier as defined in RFC 2440, section 11.2. The array is cloned to protect against subsequent modification.- Returns:
- a
PGPData - Throws:
NullPointerException- ifkeyIdisnullIllegalArgumentException- if the key id is not in the correct format
-
newPGPData
public abstract PGPData newPGPData(byte[] keyId, byte[] keyPacket, List<? extends XMLStructure> other)
Creates aPGPDatafrom the specified PGP public key identifier, and optional key material packet and list of external elements.- Parameters:
keyId- a PGP public key identifier as defined in RFC 2440, section 11.2. The array is cloned to protect against subsequent modification.keyPacket- a PGP key material packet as defined in RFC 2440, section 5.5. The array is cloned to protect against subsequent modification. May benull.other- a list ofXMLStructures representing elements from an external namespace. The list is defensively copied to protect against subsequent modification. May benullor empty.- Returns:
- a
PGPData - Throws:
NullPointerException- ifkeyIdisnullIllegalArgumentException- if thekeyIdorkeyPacketis not in the correct format. ForkeyPacket, the format of the packet header is checked and the tag is verified that it is of type key material. The contents and format of the packet body are not checked.ClassCastException- ifothercontains any entries that are not of typeXMLStructure
-
newPGPData
public abstract PGPData newPGPData(byte[] keyPacket, List<? extends XMLStructure> other)
Creates aPGPDatafrom the specified PGP key material packet and optional list of external elements.- Parameters:
keyPacket- a PGP key material packet as defined in RFC 2440, section 5.5. The array is cloned to protect against subsequent modification.other- a list ofXMLStructures representing elements from an external namespace. The list is defensively copied to protect against subsequent modification. May benullor empty.- Returns:
- a
PGPData - Throws:
NullPointerException- ifkeyPacketisnullIllegalArgumentException- ifkeyPacketis not in the correct format. ForkeyPacket, the format of the packet header is checked and the tag is verified that it is of type key material. The contents and format of the packet body are not checked.ClassCastException- ifothercontains any entries that are not of typeXMLStructure
-
newRetrievalMethod
public abstract RetrievalMethod newRetrievalMethod(String uri)
Creates aRetrievalMethodfrom the specified URI.- Parameters:
uri- the URI that identifies theKeyInfoinformation to be retrieved- Returns:
- a
RetrievalMethod - Throws:
NullPointerException- ifuriisnullIllegalArgumentException- ifuriis not RFC 2396 compliant
-
newRetrievalMethod
public abstract RetrievalMethod newRetrievalMethod(String uri, String type, List<? extends Transform> transforms)
Creates aRetrievalMethodfrom the specified parameters.- Parameters:
uri- the URI that identifies theKeyInfoinformation to be retrievedtype- a URI that identifies the type ofKeyInfoinformation to be retrieved (may benull)transforms- a list ofTransforms. The list is defensively copied to protect against subsequent modification. May benullor empty.- Returns:
- a
RetrievalMethod - Throws:
NullPointerException- ifuriisnullIllegalArgumentException- ifuriis not RFC 2396 compliantClassCastException- iftransformscontains any entries that are not of typeTransform
-
newX509Data
public abstract X509Data newX509Data(List<?> content)
Creates aX509Datacontaining the specified list of X.509 content.- Parameters:
content- a list of one or more X.509 content types. Valid types areString(subject names),byte[](subject key ids),X509Certificate,X509CRL, orXMLStructure(X509IssuerSerialobjects or elements from an external namespace). Subject names are distinguished names in RFC 2253 String format. Implementations MUST support the attribute type keywords defined in RFC 2253 (CN, L, ST, O, OU, C, STREET, DC and UID). Implementations MAY support additional keywords. The list is defensively copied to protect against subsequent modification.- Returns:
- a
X509Data - Throws:
NullPointerException- ifcontentisnullIllegalArgumentException- ifcontentis empty, or if a subject name is not RFC 2253 compliant or one of the attribute type keywords is not recognized.ClassCastException- ifcontentcontains any entries that are not of one of the valid types mentioned above
-
newX509IssuerSerial
public abstract X509IssuerSerial newX509IssuerSerial(String issuerName, BigInteger serialNumber)
Creates anX509IssuerSerialfrom the specified X.500 issuer distinguished name and serial number.- Parameters:
issuerName- the issuer's distinguished name in RFC 2253 String format. Implementations MUST support the attribute type keywords defined in RFC 2253 (CN, L, ST, O, OU, C, STREET, DC and UID). Implementations MAY support additional keywords.serialNumber- the serial number- Returns:
- an
X509IssuerSerial - Throws:
NullPointerException- ifissuerNameorserialNumberarenullIllegalArgumentException- if the issuer name is not RFC 2253 compliant or one of the attribute type keywords is not recognized.
-
isFeatureSupported
public abstract boolean isFeatureSupported(String feature)
Indicates whether a specified feature is supported.- Parameters:
feature- the feature name (as an absolute URI)- Returns:
trueif the specified feature is supported,falseotherwise- Throws:
NullPointerException- iffeatureisnull
-
getURIDereferencer
public abstract URIDereferencer getURIDereferencer()
Returns a reference to theURIDereferencerthat is used by default to dereference URIs inRetrievalMethodobjects.- Returns:
- a reference to the default
URIDereferencer
-
unmarshalKeyInfo
public abstract KeyInfo unmarshalKeyInfo(XMLStructure xmlStructure) throws MarshalException
Unmarshals a newKeyInfoinstance from a mechanism-specificXMLStructure(ex:DOMStructure) instance.- Parameters:
xmlStructure- a mechanism-specific XML structure from which to unmarshal the keyinfo from- Returns:
- the
KeyInfo - Throws:
NullPointerException- ifxmlStructureisnullClassCastException- if the type ofxmlStructureis inappropriate for this factoryMarshalException- if an unrecoverable exception occurs during unmarshalling
-
-