java.security.cert
Class CertificateFactorySpi
java.lang.Object
|
+--java.security.cert.CertificateFactorySpi
public abstract class
CertificateFactorySpiextends
ObjectCertificateFactorySpi is the abstract class Service Provider
Interface (SPI) for the CertificateFactory class. A provider
must implment all the abstract methods if they wish to
supply a certificate factory for a particular certificate
type. Ex: X.509
Certificate factories are used to generate certificates and
certificate revocation lists (CRL) from their encoding.
Since:Author:CertificateFactorySpi
public CertificateFactorySpi()
Constructs a new CertificateFactorySpi
engineGenerateCRL
public CRL engineGenerateCRL(java.io.InputStream inStream)
Generates a CRL based on the encoded data read
from the InputStream.
The input stream must contain only one CRL.
If there exists a specialized CRL class for the
CRL format handled by the certificate factory
then the return CRL should be a typecast of it.
Ex: A X.509 CertificateFactory should return X509CRL.
Parameters:
Returns:
- a CRL initialized with InputStream data.
Throws:
engineGenerateCRLs
public Collection engineGenerateCRLs(java.io.InputStream inStream)
Generates CRLs based on the encoded data read
from the InputStream.
For a X.509 certificate factory, the stream may contain a
single DER encoded CRL or a PKCS#7 CRL set. This is a
PKCS#7 SignedData object with the most significant
field being crls. If no CRLs are present, then an
empty collection is returned.
Parameters:
Returns:
- a collection of CRLs initialized with
the InputStream data.
Throws:
engineGenerateCertificate
public Certificate engineGenerateCertificate(java.io.InputStream inStream)
Generates a Certificate based on the encoded data read
from the InputStream.
The input stream must contain only one certificate.
If there exists a specialized certificate class for the
certificate format handled by the certificate factory
then the return Ceritificate should be a typecast of it.
Ex: A X.509 CertificateFactory should return X509Certificate.
For X.509 certificates, the certificate in inStream must be
DER encoded and supplied in binary or printable (Base64)
encoding. If the certificate is in Base64 encoding, it must be
bounded by -----BEGINCERTIFICATE-----, and
-----END CERTIFICATE-----.
Parameters:
Returns:
- a certificate initialized with InputStream data.
Throws:
engineGenerateCertificates
public Collection engineGenerateCertificates(java.io.InputStream inStream)
Returns a collection of certificates that were read from the
input stream. It may be empty, have only one, or have
multiple certificates.
For a X.509 certificate factory, the stream may contain a
single DER encoded certificate or a PKCS#7 certificate
chain. This is a PKCS#7 SignedData object with the
most significant field being certificates. If no
CRLs are present, then an empty collection is returned.
Parameters:
Returns:
- a collection of certificates initialized with
the InputStream data.
Throws: