1. /*
  2. * @(#)Certificate.java 1.22 03/01/23
  3. *
  4. * Copyright 2003 Sun Microsystems, Inc. All rights reserved.
  5. * SUN PROPRIETARY/CONFIDENTIAL. Use is subject to license terms.
  6. */
  7. package java.security.cert;
  8. import java.util.Arrays;
  9. import java.security.PublicKey;
  10. import java.security.NoSuchAlgorithmException;
  11. import java.security.NoSuchProviderException;
  12. import java.security.InvalidKeyException;
  13. import java.security.SignatureException;
  14. import sun.security.x509.X509CertImpl;
  15. /**
  16. * <p>Abstract class for managing a variety of identity certificates.
  17. * An identity certificate is a binding of a principal to a public key which
  18. * is vouched for by another principal. (A principal represents
  19. * an entity such as an individual user, a group, or a corporation.)
  20. *<p>
  21. * This class is an abstraction for certificates that have different
  22. * formats but important common uses. For example, different types of
  23. * certificates, such as X.509 and PGP, share general certificate
  24. * functionality (like encoding and verifying) and
  25. * some types of information (like a public key).
  26. * <p>
  27. * X.509, PGP, and SDSI certificates can all be implemented by
  28. * subclassing the Certificate class, even though they contain different
  29. * sets of information, and they store and retrieve the information in
  30. * different ways.
  31. *
  32. * @see X509Certificate
  33. * @see CertificateFactory
  34. *
  35. * @author Hemma Prafullchandra
  36. * @version 1.22, 01/23/03
  37. */
  38. public abstract class Certificate implements java.io.Serializable {
  39. // the certificate type
  40. private final String type;
  41. /**
  42. * Creates a certificate of the specified type.
  43. *
  44. * @param type the standard name of the certificate type.
  45. * See Appendix A in the <a href=
  46. * "../../../../guide/security/CryptoSpec.html#AppA">
  47. * Java Cryptography Architecture API Specification & Reference </a>
  48. * for information about standard certificate types.
  49. */
  50. protected Certificate(String type) {
  51. this.type = type;
  52. }
  53. /**
  54. * Returns the type of this certificate.
  55. *
  56. * @return the type of this certificate.
  57. */
  58. public final String getType() {
  59. return this.type;
  60. }
  61. /**
  62. * Compares this certificate for equality with the specified
  63. * object. If the <code>other</code> object is an
  64. * <code>instanceof</code> <code>Certificate</code>, then
  65. * its encoded form is retrieved and compared with the
  66. * encoded form of this certificate.
  67. *
  68. * @param other the object to test for equality with this certificate.
  69. * @return true iff the encoded forms of the two certificates
  70. * match, false otherwise.
  71. */
  72. public boolean equals(Object other) {
  73. if (this == other) {
  74. return true;
  75. }
  76. if (!(other instanceof Certificate)) {
  77. return false;
  78. }
  79. try {
  80. byte[] thisCert = X509CertImpl.getEncodedInternal(this);
  81. byte[] otherCert = X509CertImpl.getEncodedInternal((Certificate)other);
  82. return Arrays.equals(thisCert, otherCert);
  83. } catch (CertificateException e) {
  84. return false;
  85. }
  86. }
  87. /**
  88. * Returns a hashcode value for this certificate from its
  89. * encoded form.
  90. *
  91. * @return the hashcode value.
  92. */
  93. public int hashCode() {
  94. int retval = 0;
  95. try {
  96. byte[] certData = X509CertImpl.getEncodedInternal(this);
  97. for (int i = 1; i < certData.length; i++) {
  98. retval += certData[i] * i;
  99. }
  100. return retval;
  101. } catch (CertificateException e) {
  102. return retval;
  103. }
  104. }
  105. /**
  106. * Returns the encoded form of this certificate. It is
  107. * assumed that each certificate type would have only a single
  108. * form of encoding; for example, X.509 certificates would
  109. * be encoded as ASN.1 DER.
  110. *
  111. * @return the encoded form of this certificate
  112. *
  113. * @exception CertificateEncodingException if an encoding error occurs.
  114. */
  115. public abstract byte[] getEncoded()
  116. throws CertificateEncodingException;
  117. /**
  118. * Verifies that this certificate was signed using the
  119. * private key that corresponds to the specified public key.
  120. *
  121. * @param key the PublicKey used to carry out the verification.
  122. *
  123. * @exception NoSuchAlgorithmException on unsupported signature
  124. * algorithms.
  125. * @exception InvalidKeyException on incorrect key.
  126. * @exception NoSuchProviderException if there's no default provider.
  127. * @exception SignatureException on signature errors.
  128. * @exception CertificateException on encoding errors.
  129. */
  130. public abstract void verify(PublicKey key)
  131. throws CertificateException, NoSuchAlgorithmException,
  132. InvalidKeyException, NoSuchProviderException,
  133. SignatureException;
  134. /**
  135. * Verifies that this certificate was signed using the
  136. * private key that corresponds to the specified public key.
  137. * This method uses the signature verification engine
  138. * supplied by the specified provider.
  139. *
  140. * @param key the PublicKey used to carry out the verification.
  141. * @param sigProvider the name of the signature provider.
  142. *
  143. * @exception NoSuchAlgorithmException on unsupported signature
  144. * algorithms.
  145. * @exception InvalidKeyException on incorrect key.
  146. * @exception NoSuchProviderException on incorrect provider.
  147. * @exception SignatureException on signature errors.
  148. * @exception CertificateException on encoding errors.
  149. */
  150. public abstract void verify(PublicKey key, String sigProvider)
  151. throws CertificateException, NoSuchAlgorithmException,
  152. InvalidKeyException, NoSuchProviderException,
  153. SignatureException;
  154. /**
  155. * Returns a string representation of this certificate.
  156. *
  157. * @return a string representation of this certificate.
  158. */
  159. public abstract String toString();
  160. /**
  161. * Gets the public key from this certificate.
  162. *
  163. * @return the public key.
  164. */
  165. public abstract PublicKey getPublicKey();
  166. /**
  167. * Alternate Certificate class for serialization.
  168. */
  169. protected static class CertificateRep implements java.io.Serializable {
  170. private String type;
  171. private byte[] data;
  172. /**
  173. * Construct the alternate Certificate class with the Certificate
  174. * type and Certificate encoding bytes.
  175. *
  176. * <p>
  177. *
  178. * @param type the standard name of the Certificate type. <p>
  179. *
  180. * @param data the Certificate data.
  181. */
  182. protected CertificateRep(String type, byte[] data) {
  183. this.type = type;
  184. this.data = data;
  185. }
  186. /**
  187. * Resolve the Certificate Object.
  188. *
  189. * <p>
  190. *
  191. * @return the resolved Certificate Object
  192. *
  193. * @throws java.io.ObjectStreamException if the Certificate
  194. * could not be resolved
  195. */
  196. protected Object readResolve() throws java.io.ObjectStreamException {
  197. try {
  198. CertificateFactory cf = CertificateFactory.getInstance(type);
  199. return cf.generateCertificate
  200. (new java.io.ByteArrayInputStream(data));
  201. } catch (CertificateException e) {
  202. throw new java.io.NotSerializableException
  203. ("java.security.cert.Certificate: " +
  204. type +
  205. ": " +
  206. e.getMessage());
  207. }
  208. }
  209. }
  210. /**
  211. * Replace the Certificate to be serialized.
  212. *
  213. * @return the alternate Certificate object to be serialized
  214. *
  215. * @throws java.io.ObjectStreamException if a new object representing
  216. * this Certificate could not be created
  217. */
  218. protected Object writeReplace() throws java.io.ObjectStreamException {
  219. try {
  220. return new CertificateRep(type, getEncoded());
  221. } catch (CertificateException e) {
  222. throw new java.io.NotSerializableException
  223. ("java.security.cert.Certificate: " +
  224. type +
  225. ": " +
  226. e.getMessage());
  227. }
  228. }
  229. }