1. /*

  2.  * @(#)Certificate.java	1.18 00/02/02

  3.  *

  4.  * Copyright 1997-2000 Sun Microsystems, Inc. All Rights Reserved.

  5.  * 

  6.  * This software is the proprietary information of Sun Microsystems, Inc.  

  7.  * Use is subject to license terms.

  8.  * 

  9.  */

  10. 

  11. package java.security.cert;

  12. 

  13. import java.security.PublicKey;

  14. import java.security.NoSuchAlgorithmException;

  15. import java.security.NoSuchProviderException;

  16. import java.security.InvalidKeyException;

  17. import java.security.SignatureException;

  18. 

  19. /**

  20.  * <p>Abstract class for managing a variety of identity certificates.

  21.  * An identity certificate is a binding of a principal to a public key which

  22.  * is vouched for by another principal.  (A principal represents

  23.  * an entity such as an individual user, a group, or a corporation.)

  24.  *<p>

  25.  * This class is an abstraction for certificates that have different

  26.  * formats but important common uses.  For example, different types of

  27.  * certificates, such as X.509 and PGP, share general certificate

  28.  * functionality (like encoding and verifying) and

  29.  * some types of information (like a public key).

  30.  * <p>

  31.  * X.509, PGP, and SDSI certificates can all be implemented by

  32.  * subclassing the Certificate class, even though they contain different

  33.  * sets of information, and they store and retrieve the information in

  34.  * different ways.

  35.  *

  36.  * @see X509Certificate

  37.  * @see CertificateFactory

  38.  *

  39.  * @author Hemma Prafullchandra

  40.  * @version 1.18 00/02/02

  41.  */

  42. 

  43. public abstract class Certificate implements java.io.Serializable {

  44. 

  45.     // the certificate type

  46.     private String type;

  47. 

  48.     /**

  49.      * Creates a certificate of the specified type.

  50.      *

  51.      * @param type the standard name of the certificate type.

  52.      * See Appendix A in the <a href=

  53.      * "../../../../guide/security/CryptoSpec.html#AppA">

  54.      * Java Cryptography Architecture API Specification & Reference </a>

  55.      * for information about standard certificate types.

  56.      */

  57.     protected Certificate(String type) {

  58. 	this.type = type;

  59.     }

  60. 

  61.     /**

  62.      * Returns the type of this certificate.

  63.      *

  64.      * @return the type of this certificate.

  65.      */

  66.     public final String getType() {

  67. 	return this.type;

  68.     }

  69. 

  70.     /**

  71.      * Compares this certificate for equality with the specified

  72.      * object. If the <code>other</code> object is an

  73.      * <code>instanceof</code> <code>Certificate</code>, then

  74.      * its encoded form is retrieved and compared with the

  75.      * encoded form of this certificate.

  76.      *

  77.      * @param other the object to test for equality with this certificate.

  78.      * @return true iff the encoded forms of the two certificates

  79.      * match, false otherwise.

  80.      */

  81.     public boolean equals(Object other) {

  82.         if (this == other)

  83.             return true;

  84.         if (!(other instanceof Certificate))

  85.             return false;

  86.         try {

  87.             byte[] thisCert = this.getEncoded();

  88.             byte[] otherCert = ((Certificate)other).getEncoded();

  89. 

  90.             if (thisCert.length != otherCert.length)

  91.                 return false;

  92.             for (int i = 0; i < thisCert.length; i++)

  93.                  if (thisCert[i] != otherCert[i])

  94.                      return false;

  95.             return true;

  96.         } catch (CertificateException e) {

  97. 	    return false;

  98.         }

  99.     }

  100. 

  101.     /**

  102.      * Returns a hashcode value for this certificate from its

  103.      * encoded form.

  104.      *

  105.      * @return the hashcode value.

  106.      */

  107.     public int hashCode() {

  108.         int     retval = 0;

  109.         try {

  110.             byte[] certData = this.getEncoded();

  111.             for (int i = 1; i < certData.length; i++) {

  112.                  retval += certData[i] * i;

  113.             }

  114.             return(retval);

  115.         } catch (CertificateException e) {

  116.             return(retval);

  117.         }

  118.     }

  119. 

  120.     /**

  121.      * Returns the encoded form of this certificate. It is

  122.      * assumed that each certificate type would have only a single

  123.      * form of encoding; for example, X.509 certificates would

  124.      * be encoded as ASN.1 DER.

  125.      *

  126.      * @return the encoded form of this certificate

  127.      *

  128.      * @exception CertificateEncodingException if an encoding error occurs.

  129.      */

  130.     public abstract byte[] getEncoded()

  131.         throws CertificateEncodingException;

  132. 

  133.     /**

  134.      * Verifies that this certificate was signed using the

  135.      * private key that corresponds to the specified public key.

  136.      *

  137.      * @param key the PublicKey used to carry out the verification.

  138.      *

  139.      * @exception NoSuchAlgorithmException on unsupported signature

  140.      * algorithms.

  141.      * @exception InvalidKeyException on incorrect key.

  142.      * @exception NoSuchProviderException if there's no default provider.

  143.      * @exception SignatureException on signature errors.

  144.      * @exception CertificateException on encoding errors.

  145.      */

  146.     public abstract void verify(PublicKey key)

  147.         throws CertificateException, NoSuchAlgorithmException,

  148.         InvalidKeyException, NoSuchProviderException,

  149.         SignatureException;

  150. 

  151.     /**

  152. 

  153.      * Verifies that this certificate was signed using the

  154.      * private key that corresponds to the specified public key.

  155.      * This method uses the signature verification engine

  156.      * supplied by the specified provider.

  157.      *

  158.      * @param key the PublicKey used to carry out the verification.

  159.      * @param sigProvider the name of the signature provider.

  160.      *

  161.      * @exception NoSuchAlgorithmException on unsupported signature

  162.      * algorithms.

  163.      * @exception InvalidKeyException on incorrect key.

  164.      * @exception NoSuchProviderException on incorrect provider.

  165.      * @exception SignatureException on signature errors.

  166.      * @exception CertificateException on encoding errors.

  167.      */

  168.     public abstract void verify(PublicKey key, String sigProvider)

  169.         throws CertificateException, NoSuchAlgorithmException,

  170.         InvalidKeyException, NoSuchProviderException,

  171.         SignatureException;

  172. 

  173.     /**

  174.      * Returns a string representation of this certificate.

  175.      *

  176.      * @return a string representation of this certificate.

  177.      */

  178.     public abstract String toString();

  179. 

  180.     /**

  181.      * Gets the public key from this certificate.

  182.      *

  183.      * @return the public key.

  184.      */

  185.     public abstract PublicKey getPublicKey();

  186. 

  187.     /**

  188.      * Alternate Certificate class for serialization.

  189.      */

  190.     protected static class CertificateRep implements java.io.Serializable {

  191. 	private String type;

  192. 	private byte[] data;

  193. 

  194. 	/**

  195. 	 * Construct the alternate Certificate class with the Certificate

  196. 	 * type and Certificate encoding bytes.

  197. 	 *

  198. 	 * <p>

  199. 	 *

  200. 	 * @param type the standard name of the Certificate type. <p>

  201. 	 *

  202. 	 * @param data the Certificate data.

  203. 	 */

  204. 	protected CertificateRep(String type, byte[] data) {

  205. 	    this.type = type;

  206. 	    this.data = data;

  207. 	}

  208. 

  209. 	/**

  210. 	 * Resolve the Certificate Object.

  211.  	 *

  212.  	 * <p>

  213.  	 *

  214. 	 * @return the resolved Certificate Object.

  215. 	 *

  216. 	 * @throws ObjectStreamException if the Certificate could not

  217. 	 *	be resolved.

  218. 	 */

  219. 	protected Object readResolve() throws java.io.ObjectStreamException {

  220. 	    try {

  221. 		CertificateFactory cf = CertificateFactory.getInstance(type);

  222. 		return cf.generateCertificate

  223. 			(new java.io.ByteArrayInputStream(data));

  224. 	    } catch (CertificateException e) {

  225. 		throw new java.io.NotSerializableException

  226. 				("java.security.cert.Certificate: " +

  227. 				type +

  228. 				": " +

  229. 				e.getMessage());

  230. 	    }

  231. 	}

  232.     }

  233. 

  234.     /**

  235.      * Replace the Certificate to be serialized.

  236.      *

  237.      * @return the alternate Certificate object to be serialized.

  238.      *

  239.      * @throws ObjectStreamException if a new object representing this

  240.      * certificate could not be created

  241.      */

  242.     protected Object writeReplace() throws java.io.ObjectStreamException {

  243. 	try {

  244. 	    return new CertificateRep(type, getEncoded());

  245. 	} catch (CertificateException e) {

  246. 	    throw new java.io.NotSerializableException

  247. 				("java.security.cert.Certificate: " +

  248. 				type +

  249. 				": " +

  250. 				e.getMessage());

  251. 	}

  252.     }

  253. }