1. /*

  2.  * @(#)Certificate.java	1.24 03/12/19

  3.  *

  4.  * Copyright 2004 Sun Microsystems, Inc. All rights reserved.

  5.  * SUN PROPRIETARY/CONFIDENTIAL. Use is subject to license terms.

  6.  */

  7. 

  8. package java.security.cert;

  9. 

  10. import java.util.Arrays;

  11. 

  12. import java.security.PublicKey;

  13. import java.security.NoSuchAlgorithmException;

  14. import java.security.NoSuchProviderException;

  15. import java.security.InvalidKeyException;

  16. import java.security.SignatureException;

  17. 

  18. import sun.security.x509.X509CertImpl;

  19. 

  20. /**

  21.  * <p>Abstract class for managing a variety of identity certificates.

  22.  * An identity certificate is a binding of a principal to a public key which

  23.  * is vouched for by another principal.  (A principal represents

  24.  * an entity such as an individual user, a group, or a corporation.)

  25.  *<p>

  26.  * This class is an abstraction for certificates that have different

  27.  * formats but important common uses.  For example, different types of

  28.  * certificates, such as X.509 and PGP, share general certificate

  29.  * functionality (like encoding and verifying) and

  30.  * some types of information (like a public key).

  31.  * <p>

  32.  * X.509, PGP, and SDSI certificates can all be implemented by

  33.  * subclassing the Certificate class, even though they contain different

  34.  * sets of information, and they store and retrieve the information in

  35.  * different ways.

  36.  *

  37.  * @see X509Certificate

  38.  * @see CertificateFactory

  39.  *

  40.  * @author Hemma Prafullchandra

  41.  * @version 1.24, 12/19/03

  42.  */

  43. 

  44. public abstract class Certificate implements java.io.Serializable {

  45. 

  46.     private static final long serialVersionUID = -3585440601605666277L;

  47. 

  48.     // the certificate type

  49.     private final String type;

  50. 

  51.     /**

  52.      * Creates a certificate of the specified type.

  53.      *

  54.      * @param type the standard name of the certificate type.

  55.      * See Appendix A in the <a href=

  56.      * "../../../../guide/security/CryptoSpec.html#AppA">

  57.      * Java Cryptography Architecture API Specification & Reference </a>

  58.      * for information about standard certificate types.

  59.      */

  60.     protected Certificate(String type) {

  61. 	this.type = type;

  62.     }

  63. 

  64.     /**

  65.      * Returns the type of this certificate.

  66.      *

  67.      * @return the type of this certificate.

  68.      */

  69.     public final String getType() {

  70. 	return this.type;

  71.     }

  72.     

  73.     /**

  74.      * Compares this certificate for equality with the specified

  75.      * object. If the <code>other</code> object is an

  76.      * <code>instanceof</code> <code>Certificate</code>, then

  77.      * its encoded form is retrieved and compared with the

  78.      * encoded form of this certificate.

  79.      *

  80.      * @param other the object to test for equality with this certificate.

  81.      * @return true iff the encoded forms of the two certificates

  82.      * match, false otherwise.

  83.      */

  84.     public boolean equals(Object other) {

  85.         if (this == other) {

  86.             return true;

  87. 	}

  88.         if (!(other instanceof Certificate)) {

  89.             return false;

  90. 	}

  91.         try {

  92.             byte[] thisCert = X509CertImpl.getEncodedInternal(this);

  93.             byte[] otherCert = X509CertImpl.getEncodedInternal((Certificate)other);

  94. 	    

  95. 	    return Arrays.equals(thisCert, otherCert);

  96.         } catch (CertificateException e) {

  97. 	    return false;

  98.         }

  99.     }

  100. 

  101.     /**

  102.      * Returns a hashcode value for this certificate from its

  103.      * encoded form.

  104.      *

  105.      * @return the hashcode value.

  106.      */

  107.     public int hashCode() {

  108.         int retval = 0;

  109.         try {

  110.             byte[] certData = X509CertImpl.getEncodedInternal(this);

  111.             for (int i = 1; i < certData.length; i++) {

  112.                  retval += certData[i] * i;

  113.             }

  114.             return retval;

  115.         } catch (CertificateException e) {

  116.             return retval;

  117.         }

  118.     }

  119. 

  120.     /**

  121.      * Returns the encoded form of this certificate. It is

  122.      * assumed that each certificate type would have only a single

  123.      * form of encoding; for example, X.509 certificates would

  124.      * be encoded as ASN.1 DER.

  125.      *

  126.      * @return the encoded form of this certificate

  127.      *

  128.      * @exception CertificateEncodingException if an encoding error occurs.

  129.      */

  130.     public abstract byte[] getEncoded()

  131.         throws CertificateEncodingException;

  132. 

  133.     /**

  134.      * Verifies that this certificate was signed using the

  135.      * private key that corresponds to the specified public key.

  136.      *

  137.      * @param key the PublicKey used to carry out the verification.

  138.      *

  139.      * @exception NoSuchAlgorithmException on unsupported signature

  140.      * algorithms.

  141.      * @exception InvalidKeyException on incorrect key.

  142.      * @exception NoSuchProviderException if there's no default provider.

  143.      * @exception SignatureException on signature errors.

  144.      * @exception CertificateException on encoding errors.

  145.      */

  146.     public abstract void verify(PublicKey key)

  147.         throws CertificateException, NoSuchAlgorithmException,

  148.         InvalidKeyException, NoSuchProviderException,

  149.         SignatureException;

  150. 

  151.     /**

  152.      * Verifies that this certificate was signed using the

  153.      * private key that corresponds to the specified public key.

  154.      * This method uses the signature verification engine

  155.      * supplied by the specified provider.

  156.      *

  157.      * @param key the PublicKey used to carry out the verification.

  158.      * @param sigProvider the name of the signature provider.

  159.      *

  160.      * @exception NoSuchAlgorithmException on unsupported signature

  161.      * algorithms.

  162.      * @exception InvalidKeyException on incorrect key.

  163.      * @exception NoSuchProviderException on incorrect provider.

  164.      * @exception SignatureException on signature errors.

  165.      * @exception CertificateException on encoding errors.

  166.      */

  167.     public abstract void verify(PublicKey key, String sigProvider)

  168.         throws CertificateException, NoSuchAlgorithmException,

  169.         InvalidKeyException, NoSuchProviderException,

  170.         SignatureException;

  171. 

  172.     /**

  173.      * Returns a string representation of this certificate.

  174.      *

  175.      * @return a string representation of this certificate.

  176.      */

  177.     public abstract String toString();

  178. 

  179.     /**

  180.      * Gets the public key from this certificate.

  181.      *

  182.      * @return the public key.

  183.      */

  184.     public abstract PublicKey getPublicKey();

  185. 

  186.     /**

  187.      * Alternate Certificate class for serialization.

  188.      */

  189.     protected static class CertificateRep implements java.io.Serializable {

  190. 

  191. 	private static final long serialVersionUID = -8563758940495660020L;

  192. 

  193. 	private String type;

  194. 	private byte[] data;

  195. 

  196. 	/**

  197. 	 * Construct the alternate Certificate class with the Certificate

  198. 	 * type and Certificate encoding bytes.

  199. 	 *

  200. 	 * <p>

  201. 	 *

  202. 	 * @param type the standard name of the Certificate type. <p>

  203. 	 *

  204. 	 * @param data the Certificate data.

  205. 	 */

  206. 	protected CertificateRep(String type, byte[] data) {

  207. 	    this.type = type;

  208. 	    this.data = data;

  209. 	}

  210. 

  211. 	/**

  212. 	 * Resolve the Certificate Object.

  213.  	 *

  214.  	 * <p>

  215.  	 *

  216. 	 * @return the resolved Certificate Object

  217. 	 *

  218. 	 * @throws java.io.ObjectStreamException if the Certificate 

  219. 	 *	could not be resolved

  220. 	 */

  221. 	protected Object readResolve() throws java.io.ObjectStreamException {

  222. 	    try {

  223. 		CertificateFactory cf = CertificateFactory.getInstance(type);

  224. 		return cf.generateCertificate

  225. 			(new java.io.ByteArrayInputStream(data));

  226. 	    } catch (CertificateException e) {

  227. 		throw new java.io.NotSerializableException

  228. 				("java.security.cert.Certificate: " +

  229. 				type +

  230. 				": " +

  231. 				e.getMessage());

  232. 	    }

  233. 	}

  234.     }

  235. 

  236.     /**

  237.      * Replace the Certificate to be serialized.

  238.      *

  239.      * @return the alternate Certificate object to be serialized

  240.      *

  241.      * @throws java.io.ObjectStreamException if a new object representing 

  242.      * this Certificate could not be created

  243.      */

  244.     protected Object writeReplace() throws java.io.ObjectStreamException {

  245. 	try {

  246. 	    return new CertificateRep(type, getEncoded());

  247. 	} catch (CertificateException e) {

  248. 	    throw new java.io.NotSerializableException

  249. 				("java.security.cert.Certificate: " +

  250. 				type +

  251. 				": " +

  252. 				e.getMessage());

  253. 	}

  254.     }

  255. }