Engine.java, [...]: New files from classpath.

2003-04-30  Michael Koch  <konqueror@gmx.de>

	* gnu/java/security/Engine.java,
	gnu/java/security/OID.java,
	gnu/java/security/der/BitString.java,
	gnu/java/security/der/DER.java,
	gnu/java/security/der/DERReader.java,
	gnu/java/security/der/DERValue.java,
	gnu/java/security/der/DERWriter.java,
	gnu/java/security/provider/DSAKeyFactory.java,
	gnu/java/security/provider/X509CertificateFactory.java,
	gnu/java/security/x509/X500DistinguishedName.java,
	gnu/java/security/x509/X509CRL.java,
	gnu/java/security/x509/X509CRLEntry.java,
	gnu/java/security/x509/X509Certificate.java,
	java/security/cert/CRLSelector.java,
	java/security/cert/CertPathBuilder.java,
	java/security/cert/CertPathBuilderResult.java,
	java/security/cert/CertPathBuilderSpi.java,
	java/security/cert/CertPathParameters.java,
	java/security/cert/CertPathValidator.java,
	java/security/cert/CertPathValidatorResult.java,
	java/security/cert/CertPathValidatorSpi.java,
	java/security/cert/CertSelector.java,
	java/security/cert/CertStore.java,
	java/security/cert/CertStoreParameters.java,
	java/security/cert/CertStoreSpi.java,
	java/security/cert/CollectionCertStoreParameters.java,
	java/security/cert/LDAPCertStoreParameters.java,
	java/security/cert/PKIXBuilderParameters.java,
	java/security/cert/PKIXCertPathBuilderResult.java,
	java/security/cert/PKIXCertPathChecker.java,
	java/security/cert/PKIXCertPathValidatorResult.java,
	java/security/cert/PKIXParameters.java,
	java/security/cert/PolicyNode.java,
	java/security/cert/PolicyQualifierInfo.java,
	java/security/cert/TrustAnchor.java,
	javax/security/auth/x500/X500Principal.java:
	New files from classpath.
	* gnu/java/io/ASN1ParsingException.java,
	gnu/java/io/Base64InputStream.java,
	gnu/java/security/der/DEREncodingException.java,
	gnu/java/security/provider/DSAParameters.java,
	gnu/java/security/provider/DSASignature.java,
	gnu/java/security/provider/Gnu.java,
	gnu/java/security/provider/GnuDSAPrivateKey.java,
	gnu/java/security/provider/GnuDSAPublicKey.java,
	java/security/AlgorithmParameterGenerator.java,
	java/security/AlgorithmParameters.java,
	java/security/KeyFactory.java,
	java/security/KeyPairGenerator.java,
	java/security/KeyStore.java,
	java/security/MessageDigest.java,
	java/security/SecureClassLoader.java,
	java/security/SecureRandom.java,
	java/security/Security.java,
	java/security/Signature.java,
	java/security/cert/Certificate.java,
	java/security/cert/CertificateFactory.java,
	java/security/cert/CertificateFactorySpi.java,
	java/security/cert/X509CRL.java,
	java/security/cert/X509Certificate.java,
	java/security/spec/DSAPublicKeySpec.java:
	New versions from classpath.
	* gnu/java/security/provider/DERReader.java,
	gnu/java/security/provider/DERWriter.java,
	java/security/Engine.java: Removed.
	* Makefile.am
	(java_source_files, javax_source_files): Added new files.
	* Makefile.in: Regenerated.

From-SVN: r66283

libjava/java/security/cert/TrustAnchor.java

@@ -0,0 +1,188 @@
+/* TrustAnchor.java -- an ultimately-trusted certificate.
+   Copyright (C) 2003 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+ 
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+02111-1307 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package java.security.cert;
+
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+
+import java.security.PublicKey;
+
+import gnu.java.security.x509.X500DistinguishedName;
+
+/**
+ * An ultimately-trusted certificate to serve as the root of a
+ * certificate chain.
+ *
+ * @author Casey Marshall (rsdio@metastatic.org)
+ */
+public class TrustAnchor
+{
+
+  // Fields.
+  // ------------------------------------------------------------------------
+
+  /** The certificate authority's distinguished name. */
+  private final X500DistinguishedName caName;
+
+  /** The certficate authority's public key. */
+  private final PublicKey caKey;
+
+  /** The certficate authority's certificate. */
+  private final X509Certificate trustedCert;
+
+  /** The encoded name constraints bytes. */
+  private final byte[] nameConstraints;
+
+  // Constnuctors.
+  // ------------------------------------------------------------------------
+
+  /**
+   * Create a new trust anchor from a certificate and (optional) name
+   * constraints.
+   *
+   * <p>If the <i>nameConstraints</i> argument in non-null, it will be
+   * copied to prevent modification.
+   *
+   * @param trustedCert The trusted certificate.
+   * @param nameConstraints The encoded nameConstraints.
+   */
+  public TrustAnchor(X509Certificate trustedCert, byte[] nameConstraints)
+  {
+    if (trustedCert == null)
+      throw new NullPointerException();
+    this.trustedCert = trustedCert;
+    caName = null;
+    caKey = null;
+    if (nameConstraints != null)
+      this.nameConstraints = (byte[]) nameConstraints.clone();
+    else
+      this.nameConstraints = null;
+  }
+
+  /**
+   * Create a new trust anchor from a certificate authority's
+   * distinguished name, public key, and (optional) name constraints.
+   *
+   * <p>If the <i>nameConstraints</i> argument in non-null, it will be
+   * copied to prevent modification.
+   *
+   * @params caName The CA's distinguished name.
+   * @params caKey The CA's public key.
+   * @params nameConstraints The encoded nameConstraints.
+   */
+  public TrustAnchor(String caName, PublicKey caKey, byte[] nameConstraints)
+  {
+    if (caName == null || caKey == null)
+      throw new NullPointerException();
+    if (caName.length() == 0)
+      throw new IllegalArgumentException();
+    trustedCert = null;
+    this.caName = new X500DistinguishedName(caName);
+    this.caKey = caKey;
+    if (nameConstraints != null)
+      this.nameConstraints = (byte[]) nameConstraints.clone();
+    else
+      this.nameConstraints = null;
+  }
+
+  // Instance methods.
+  // ------------------------------------------------------------------------
+
+  /**
+   * Return the trusted certificate, or null if none was specified.
+   *
+   * @return The trusted certificate.
+   */
+  public final X509Certificate getTrustedCert()
+  {
+    return trustedCert;
+  }
+
+  /**
+   * Return the certificate authority's distinguished name, or null if
+   * none was specified.
+   *
+   * @return The CA's distinguished name.
+   */
+  public final String getCAName()
+  {
+    if (caName != null)
+      return caName.toRFC2253();
+    return null;
+  }
+
+  /**
+   * Return the certificate authority's public key, or null if none was
+   * specified.
+   *
+   * @return The CA's public key.
+   */
+  public final PublicKey getCAPublicKey()
+  {
+    return caKey;
+  }
+
+  /**
+   * Return the encoded name constraints, or null if none was specified.
+   *
+   * <p>The name constraints byte array is copied when this method is
+   * called to prevent modification.
+   *
+   * @return The encoded name constraints.
+   */
+  public final byte[] getNameConstraints()
+  {
+    if (nameConstraints == null)
+      return null;
+    return (byte[]) nameConstraints.clone();
+  }
+
+  /**
+   * Return a printable representation of this trust anchor.
+   *
+   * @return The printable representation.
+   */
+  public String toString()
+  {
+    if (trustedCert == null)
+      return "[ Trusted CA Public Key=" + caKey + ", Trusted CA Issuer Name="
+        + caName.toRFC2253() + " ]";
+    return "[ Trusted CA Certificate=" + trustedCert + " ]";
+  }
+}