1. /*
  2. * @(#)Identity.java 1.52 01/11/29
  3. *
  4. * Copyright 2002 Sun Microsystems, Inc. All rights reserved.
  5. * SUN PROPRIETARY/CONFIDENTIAL. Use is subject to license terms.
  6. */
  7. package java.security;
  8. import java.io.Serializable;
  9. import java.util.*;
  10. /**
  11. * <p>This class represents identities: real-world objects such as people,
  12. * companies or organizations whose identities can be authenticated using
  13. * their public keys. Identities may also be more abstract (or concrete)
  14. * constructs, such as daemon threads or smart cards.
  15. *
  16. * <p>All Identity objects have a name and a public key. Names are
  17. * immutable. Identities may also be scoped. That is, if an Identity is
  18. * specified to have a particular scope, then the name and public
  19. * key of the Identity are unique within that scope.
  20. *
  21. * <p>An Identity also has a set of certificates (all certifying its own
  22. * public key). The Principal names specified in these certificates need
  23. * not be the same, only the key.
  24. *
  25. * <p>An Identity can be subclassed, to include postal and email addresses,
  26. * telephone numbers, images of faces and logos, and so on.
  27. *
  28. * @see IdentityScope
  29. * @see Signer
  30. * @see Principal
  31. *
  32. * @version 1.52
  33. * @author Benjamin Renaud
  34. * @deprecated This class is no longer used. Its functionality has been
  35. * replaced by <code>java.security.KeyStore</code>, the
  36. * <code>java.security.cert</code> package, and
  37. * <code>java.security.Principal</code>.
  38. */
  39. public abstract class Identity implements Principal, Serializable {
  40. /** use serialVersionUID from JDK 1.1.x for interoperability */
  41. private static final long serialVersionUID = 3609922007826600659L;
  42. /**
  43. * The name for this identity.
  44. *
  45. * @serial
  46. */
  47. private String name;
  48. /**
  49. * The public key for this identity.
  50. *
  51. * @serial
  52. */
  53. private PublicKey publicKey;
  54. /**
  55. * Generic, descriptive information about the identity.
  56. *
  57. * @serial
  58. */
  59. String info = "No further information available.";
  60. /**
  61. * The scope of the identity.
  62. *
  63. * @serial
  64. */
  65. IdentityScope scope;
  66. /**
  67. * The certificates for this identity.
  68. *
  69. * @serial
  70. */
  71. Vector certificates;
  72. /**
  73. * Constructor for serialization only.
  74. */
  75. protected Identity() {
  76. this("restoring...");
  77. }
  78. /**
  79. * Constructs an identity with the specified name and scope.
  80. *
  81. * @param name the identity name.
  82. * @param scope the scope of the identity.
  83. *
  84. * @exception KeyManagementException if there is already an identity
  85. * with the same name in the scope.
  86. */
  87. public Identity(String name, IdentityScope scope) throws
  88. KeyManagementException {
  89. this(name);
  90. this.scope = scope;
  91. }
  92. /**
  93. * Constructs an identity with the specified name and no scope.
  94. *
  95. * @param name the identity name.
  96. */
  97. public Identity(String name) {
  98. this.name = name;
  99. }
  100. /**
  101. * Returns this identity's name.
  102. *
  103. * @return the name of this identity.
  104. */
  105. public final String getName() {
  106. return name;
  107. }
  108. /**
  109. * Returns this identity's scope.
  110. *
  111. * @return the scope of this identity.
  112. */
  113. public final IdentityScope getScope() {
  114. return scope;
  115. }
  116. /**
  117. * Returns this identity's public key.
  118. *
  119. * @return the public key for this identity.
  120. */
  121. public PublicKey getPublicKey() {
  122. return publicKey;
  123. }
  124. /**
  125. * Sets this identity's public key. The old key and all of this
  126. * identity's certificates are removed by this operation.
  127. *
  128. * <p>First, if there is a security manager, its <code>checkSecurityAccess</code>
  129. * method is called with <code>"setIdentityPublicKey"</code>
  130. * as its argument to see if it's ok to set the public key.
  131. *
  132. * @param key the public key for this identity.
  133. *
  134. * @exception KeyManagementException if another identity in the
  135. * identity's scope has the same public key, or if another exception occurs.
  136. *
  137. * @exception SecurityException if a security manager exists and its
  138. * <code>checkSecurityAccess</code> method doesn't allow
  139. * setting the public key.
  140. *
  141. * @see SecurityManager#checkSecurityAccess
  142. */
  143. /* Should we throw an exception if this is already set? */
  144. public void setPublicKey(PublicKey key) throws KeyManagementException {
  145. check("setIdentityPublicKey");
  146. this.publicKey = key;
  147. certificates = new Vector();
  148. }
  149. /**
  150. * Specifies a general information string for this identity.
  151. *
  152. * <p>First, if there is a security manager, its <code>checkSecurityAccess</code>
  153. * method is called with <code>"setIdentityInfo"</code>
  154. * as its argument to see if it's ok to specify the information string.
  155. *
  156. * @param info the information string.
  157. *
  158. * @exception SecurityException if a security manager exists and its
  159. * <code>checkSecurityAccess</code> method doesn't allow
  160. * setting the information string.
  161. *
  162. * @see #getInfo
  163. * @see SecurityManager#checkSecurityAccess
  164. */
  165. public void setInfo(String info) {
  166. check("setIdentityInfo");
  167. this.info = info;
  168. }
  169. /**
  170. * Returns general information previously specified for this identity.
  171. *
  172. * @return general information about this identity.
  173. *
  174. * @see #setInfo
  175. */
  176. public String getInfo() {
  177. return info;
  178. }
  179. /**
  180. * Adds a certificate for this identity. If the identity has a public
  181. * key, the public key in the certificate must be the same, and if
  182. * the identity does not have a public key, the identity's
  183. * public key is set to be that specified in the certificate.
  184. *
  185. * <p>First, if there is a security manager, its <code>checkSecurityAccess</code>
  186. * method is called with <code>"addIdentityCertificate"</code>
  187. * as its argument to see if it's ok to add a certificate.
  188. *
  189. * @param certificate the certificate to be added.
  190. *
  191. * @exception KeyManagementException if the certificate is not valid,
  192. * if the public key in the certificate being added conflicts with
  193. * this identity's public key, or if another exception occurs.
  194. *
  195. * @exception SecurityException if a security manager exists and its
  196. * <code>checkSecurityAccess</code> method doesn't allow
  197. * adding a certificate.
  198. *
  199. * @see SecurityManager#checkSecurityAccess
  200. */
  201. public void addCertificate(Certificate certificate)
  202. throws KeyManagementException {
  203. check("addIdentityCertificate");
  204. if (certificates == null) {
  205. certificates = new Vector();
  206. }
  207. if (publicKey != null) {
  208. if (!keyEquals(publicKey, certificate.getPublicKey())) {
  209. throw new KeyManagementException(
  210. "public key different from cert public key");
  211. }
  212. } else {
  213. publicKey = certificate.getPublicKey();
  214. }
  215. certificates.addElement(certificate);
  216. }
  217. private boolean keyEquals(Key aKey, Key anotherKey) {
  218. if (aKey.getFormat().equalsIgnoreCase(anotherKey.getFormat())) {
  219. return MessageDigest.isEqual(aKey.getEncoded(),
  220. anotherKey.getEncoded());
  221. } else {
  222. return false;
  223. }
  224. }
  225. /**
  226. * Removes a certificate from this identity.
  227. *
  228. * <p>First, if there is a security manager, its <code>checkSecurityAccess</code>
  229. * method is called with <code>"removeIdentityCertificate"</code>
  230. * as its argument to see if it's ok to remove a certificate.
  231. *
  232. * @param certificate the certificate to be removed.
  233. *
  234. * @exception KeyManagementException if the certificate is
  235. * missing, or if another exception occurs.
  236. *
  237. * @exception SecurityException if a security manager exists and its
  238. * <code>checkSecurityAccess</code> method doesn't allow
  239. * removing a certificate.
  240. *
  241. * @see SecurityManager#checkSecurityAccess
  242. */
  243. public void removeCertificate(Certificate certificate)
  244. throws KeyManagementException {
  245. check("removeIdentityCertificate");
  246. if (certificates != null) {
  247. certificates.removeElement(certificate);
  248. }
  249. }
  250. /**
  251. * Returns a copy of all the certificates for this identity.
  252. *
  253. * @return a copy of all the certificates for this identity.
  254. */
  255. public Certificate[] certificates() {
  256. if (certificates == null) {
  257. return new Certificate[0];
  258. }
  259. int len = certificates.size();
  260. Certificate[] certs = new Certificate[len];
  261. certificates.copyInto(certs);
  262. return certs;
  263. }
  264. /**
  265. * Tests for equality between the specified object and this identity.
  266. * This first tests to see if the entities actually refer to the same
  267. * object, in which case it returns true. Next, it checks to see if
  268. * the entities have the same name and the same scope. If they do,
  269. * the method returns true. Otherwise, it calls
  270. * {@link #identityEquals(Identity) identityEquals}, which subclasses should
  271. * override.
  272. *
  273. * @param identity the object to test for equality with this identity.
  274. *
  275. * @return true if the objects are considered equal, false otherwise.
  276. *
  277. * @see #identityEquals
  278. */
  279. public final boolean equals(Object identity) {
  280. if (identity == this) {
  281. return true;
  282. }
  283. if (identity instanceof Identity) {
  284. Identity i = (Identity)identity;
  285. if ((scope != null) &&
  286. (i.getScope() == scope) &&
  287. i.getName().equals(name)) {
  288. return true;
  289. } else {
  290. return identityEquals(i);
  291. }
  292. }
  293. return false;
  294. }
  295. /**
  296. * Tests for equality between the specified identity and this identity.
  297. * This method should be overriden by subclasses to test for equality.
  298. * The default behavior is to return true if the names and public keys
  299. * are equal.
  300. *
  301. * @param identity the identity to test for equality with this identity.
  302. *
  303. * @return true if the identities are considered equal, false
  304. * otherwise.
  305. *
  306. * @see #equals
  307. */
  308. protected boolean identityEquals(Identity identity) {
  309. return (name.equals(identity.name) &&
  310. publicKey.equals(identity.publicKey));
  311. }
  312. /**
  313. * Returns a parsable name for identity: identityName.scopeName
  314. */
  315. String fullName() {
  316. String parsable = name;
  317. if (scope != null) {
  318. parsable += "." + scope.getName();
  319. }
  320. return parsable;
  321. }
  322. /**
  323. * Returns a short string describing this identity, telling its
  324. * name and its scope (if any).
  325. *
  326. * <p>First, if there is a security manager, its <code>checkSecurityAccess</code>
  327. * method is called with <code>"printIdentity"</code>
  328. * as its argument to see if it's ok to return the string.
  329. *
  330. * @return information about this identity, such as its name and the
  331. * name of its scope (if any).
  332. *
  333. * @exception SecurityException if a security manager exists and its
  334. * <code>checkSecurityAccess</code> method doesn't allow
  335. * returning a string describing this identity.
  336. *
  337. * @see SecurityManager#checkSecurityAccess
  338. */
  339. public String toString() {
  340. check("printIdentity");
  341. String printable = name;
  342. if (scope != null) {
  343. printable += "[" + scope.getName() + "]";
  344. }
  345. return printable;
  346. }
  347. /**
  348. * Returns a string representation of this identity, with
  349. * optionally more details than that provided by the
  350. * <code>toString</code> method without any arguments.
  351. *
  352. * <p>First, if there is a security manager, its <code>checkSecurityAccess</code>
  353. * method is called with <code>"printIdentity"</code>
  354. * as its argument to see if it's ok to return the string.
  355. *
  356. * @param detailed whether or not to provide detailed information.
  357. *
  358. * @return information about this identity. If <code>detailed</code>
  359. * is true, then this method returns more information than that
  360. * provided by the <code>toString</code> method without any arguments.
  361. *
  362. * @exception SecurityException if a security manager exists and its
  363. * <code>checkSecurityAccess</code> method doesn't allow
  364. * returning a string describing this identity.
  365. *
  366. * @see #toString
  367. * @see SecurityManager#checkSecurityAccess
  368. */
  369. public String toString(boolean detailed) {
  370. String out = toString();
  371. if (detailed) {
  372. out += "\n";
  373. out += printKeys();
  374. out += "\n" + printCertificates();
  375. if (info != null) {
  376. out += "\n\t" + info;
  377. } else {
  378. out += "\n\tno additional information available.";
  379. }
  380. }
  381. return out;
  382. }
  383. String printKeys() {
  384. String key = "";
  385. if (publicKey != null) {
  386. key = "\tpublic key initialized";
  387. } else {
  388. key = "\tno public key";
  389. }
  390. return key;
  391. }
  392. String printCertificates() {
  393. String out = "";
  394. if (certificates == null) {
  395. return "\tno certificates";
  396. } else {
  397. out += "\tcertificates: \n";
  398. Enumeration e = certificates.elements();
  399. int i = 1;
  400. while (e.hasMoreElements()) {
  401. Certificate cert = (Certificate)e.nextElement();
  402. out += "\tcertificate " + i++ +
  403. "\tfor : " + cert.getPrincipal() + "\n";
  404. out += "\t\t\tfrom : " +
  405. cert.getGuarantor() + "\n";
  406. }
  407. }
  408. return out;
  409. }
  410. /**
  411. * Returns a hashcode for this identity.
  412. *
  413. * @return a hashcode for this identity.
  414. */
  415. public int hashCode() {
  416. String scopedName = name;
  417. if (scope != null) {
  418. scopedName += scope.getName();
  419. }
  420. return scopedName.hashCode();
  421. }
  422. private static void check(String directive) {
  423. SecurityManager security = System.getSecurityManager();
  424. if (security != null) {
  425. security.checkSecurityAccess(directive);
  426. }
  427. }
  428. }