1. /*

  2.  * @(#)KeyRep.java	1.7 04/04/20

  3.  *

  4.  * Copyright 2004 Sun Microsystems, Inc. All rights reserved.

  5.  * SUN PROPRIETARY/CONFIDENTIAL. Use is subject to license terms.

  6.  */

  7. 

  8. package java.security;

  9. 

  10. import java.io.*;

  11. 

  12. import java.security.spec.PKCS8EncodedKeySpec;

  13. import java.security.spec.X509EncodedKeySpec;

  14. import java.security.spec.InvalidKeySpecException;

  15. 

  16. import javax.crypto.SecretKeyFactory;

  17. import javax.crypto.spec.SecretKeySpec;

  18. 

  19. /**

  20.  * Standardized representation for serialized Key objects.

  21.  *

  22.  * <p>

  23.  *

  24.  * Note that a serialized Key may contain sensitive information

  25.  * which should not be exposed in untrusted environments.  See the

  26.  * <a href="../../../guide/serialization/spec/security.html">

  27.  * Security Appendix</a>

  28.  * of the Serialization Specification for more information.

  29.  *

  30.  * @see Key

  31.  * @see KeyFactory

  32.  * @see javax.crypto.spec.SecretKeySpec

  33.  * @see java.security.spec.X509EncodedKeySpec

  34.  * @see java.security.spec.PKCS8EncodedKeySpec

  35.  *

  36.  * @version 1.7, 04/04/20

  37.  * @since 1.5

  38.  */

  39. 

  40. public class KeyRep implements Serializable {

  41.  

  42.     private static final long serialVersionUID = -4757683898830641853L;

  43. 

  44.     /**

  45.      * Key type.

  46.      *

  47.      * @since 1.5

  48.      */

  49.     public static enum Type {

  50.     

  51. 	/** Type for secret keys. */

  52. 	SECRET, 

  53. 	

  54. 	/** Type for public keys. */

  55. 	PUBLIC, 

  56. 	

  57. 	/** Type for private keys. */

  58. 	PRIVATE,

  59.     

  60.     }

  61. 

  62.     private static final String PKCS8 = "PKCS#8";

  63.     private static final String X509 = "X.509";

  64.     private static final String RAW = "RAW";

  65. 

  66.     /**

  67.      * Either one of Type.SECRET, Type.PUBLIC, or Type.PRIVATE

  68.      *

  69.      * @serial

  70.      */

  71.     private Type type;

  72.  

  73.     /**

  74.      * The Key algorithm

  75.      *

  76.      * @serial

  77.      */

  78.     private String algorithm;

  79.  

  80.     /**

  81.      * The Key encoding format

  82.      *

  83.      * @serial

  84.      */

  85.     private String format;

  86.  

  87.     /**

  88.      * The encoded Key bytes

  89.      *

  90.      * @serial

  91.      */

  92.     private byte[] encoded;

  93.  

  94.     /**

  95.      * Construct the alternate Key class.

  96.      *

  97.      * <p>

  98.      *

  99.      * @param type either one of Type.SECRET, Type.PUBLIC, or Type.PRIVATE

  100.      * @param algorithm the algorithm returned from

  101.      *		<code>Key.getAlgorithm()</code>

  102.      * @param format the encoding format returned from

  103.      *		<code>Key.getFormat()</code>

  104.      * @param encoded the encoded bytes returned from

  105.      *		<code>Key.getEncoded()</code>

  106.      *

  107.      * @exception NullPointerException

  108.      *		if type is <code>null</code>,

  109.      *		if algorithm is <code>null</code>,

  110.      *		if format is <code>null</code>,

  111.      *		or if encoded is <code>null</code>

  112.      */

  113.     public KeyRep(Type type, String algorithm,

  114. 		String format, byte[] encoded) {

  115. 

  116. 	if (type == null || algorithm == null ||

  117. 	    format == null || encoded == null) {

  118. 	    throw new NullPointerException("invalid null input(s)");

  119. 	}

  120. 

  121. 	this.type = type;

  122. 	this.algorithm = algorithm;

  123. 	this.format = format.toUpperCase();

  124. 	this.encoded = (byte[])encoded.clone();

  125.     }

  126.  

  127.     /**

  128.      * Resolve the Key object.

  129.      *

  130.      * <p> This method supports three Type/format combinations:

  131.      * <ul>

  132.      * <li> Type.SECRET/"RAW" - returns a SecretKeySpec object

  133.      * constructed using encoded key bytes and algorithm

  134.      * <li> Type.PUBLIC/"X.509" - gets a KeyFactory instance for

  135.      * the key algorithm, constructs an X509EncodedKeySpec with the

  136.      * encoded key bytes, and generates a public key from the spec

  137.      * <li> Type.PRIVATE/"PKCS#8" - gets a KeyFactory instance for

  138.      * the key algorithm, constructs a PKCS8EncodedKeySpec with the

  139.      * encoded key bytes, and generates a private key from the spec

  140.      * </ul>

  141.      *

  142.      * <p>

  143.      *

  144.      * @return the resolved Key object

  145.      *

  146.      * @exception NotSerializableException if the Type/format

  147.      *	combination is unrecognized, if the algorithm, key format, or

  148.      *	encoded key bytes are unrecognized/invalid, of if the

  149.      *	resolution of the key fails for any reason

  150.      */

  151.     protected Object readResolve() throws ObjectStreamException {

  152. 	try {

  153. 	    if (type == Type.SECRET && RAW.equals(format)) {

  154. 		return new SecretKeySpec(encoded, algorithm);

  155. 	    } else if (type == Type.PUBLIC && X509.equals(format)) {

  156. 		KeyFactory f = KeyFactory.getInstance(algorithm);

  157. 		return f.generatePublic(new X509EncodedKeySpec(encoded));

  158. 	    } else if (type == Type.PRIVATE && PKCS8.equals(format)) {

  159. 		KeyFactory f = KeyFactory.getInstance(algorithm);

  160. 		return f.generatePrivate(new PKCS8EncodedKeySpec(encoded));

  161. 	    } else {

  162. 		throw new NotSerializableException

  163. 			("unrecognized type/format combination: " +

  164. 			type + "/" + format);

  165. 	    }

  166. 	} catch (NotSerializableException nse) {

  167. 	    throw nse;

  168. 	} catch (Exception e) {

  169. 	    NotSerializableException nse = new NotSerializableException

  170. 					("java.security.Key: " +

  171. 					"[" + type + "] " +

  172. 					"[" + algorithm + "] " +

  173. 					"[" + format + "]");

  174. 	    nse.initCause(e);

  175. 	    throw nse;

  176. 	}

  177.     }

  178. }