Home | History | Annotate | Download | only in x509 
      1 /*
      2  * Copyright (c) 1997, 2001, Oracle and/or its affiliates. All rights reserved.
      3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
      4  *
      5  * This code is free software; you can redistribute it and/or modify it
      6  * under the terms of the GNU General Public License version 2 only, as
      7  * published by the Free Software Foundation.  Oracle designates this
      8  * particular file as subject to the "Classpath" exception as provided
      9  * by Oracle in the LICENSE file that accompanied this code.
     10  *
     11  * This code is distributed in the hope that it will be useful, but WITHOUT
     12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
     13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
     14  * version 2 for more details (a copy is included in the LICENSE file that
     15  * accompanied this code).
     16  *
     17  * You should have received a copy of the GNU General Public License version
     18  * 2 along with this work; if not, write to the Free Software Foundation,
     19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
     20  *
     21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
     22  * or visit www.oracle.com if you need additional information or have any
     23  * questions.
     24  */
     25 
     26 package com.sun.security.cert.internal.x509;
     27 
     28 import java.io.ByteArrayInputStream;
     29 import java.io.IOException;
     30 import java.io.Serializable;
     31 import java.io.InputStream;
     32 import java.io.ObjectInputStream;
     33 import java.io.OutputStream;
     34 import java.io.ObjectOutputStream;
     35 import java.math.BigInteger;
     36 import java.security.Signature;
     37 import javax.security.cert.*;
     38 import java.security.*;
     39 import java.util.Date;
     40 import java.util.BitSet;
     41 import java.util.Enumeration;
     42 import java.util.Vector;
     43 
     44 /**
     45  * The X509V1CertImpl class is used as a conversion wrapper around
     46  * sun.security.x509.X509Cert certificates when running under JDK1.1.x.
     47  *
     48  * @author Jeff Nisewanger
     49  */
     50 public class X509V1CertImpl extends X509Certificate implements Serializable {
     51     static final long serialVersionUID = -2048442350420423405L;
     52     private java.security.cert.X509Certificate wrappedCert;
     53 
     54     synchronized private static java.security.cert.CertificateFactory
     55     getFactory()
     56     throws java.security.cert.CertificateException
     57     {
     58         return java.security.cert.CertificateFactory.getInstance("X.509");
     59     }
     60 
     61     /**
     62      * Default constructor.
     63      */
     64     public X509V1CertImpl() { }
     65 
     66     /**
     67      * Unmarshals a certificate from its encoded form, parsing the
     68      * encoded bytes.  This form of constructor is used by agents which
     69      * need to examine and use certificate contents.  That is, this is
     70      * one of the more commonly used constructors.  Note that the buffer
     71      * must include only a certificate, and no "garbage" may be left at
     72      * the end.  If you need to ignore data at the end of a certificate,
     73      * use another constructor.
     74      *
     75      * @param certData the encoded bytes, with no trailing padding.
     76      * @exception CertificateException on parsing errors.
     77      */
     78     public X509V1CertImpl(byte[] certData)
     79     throws CertificateException {
     80         try {
     81             ByteArrayInputStream bs;
     82 
     83             bs = new ByteArrayInputStream(certData);
     84             wrappedCert = (java.security.cert.X509Certificate)
     85                 getFactory().generateCertificate(bs);
     86         } catch (java.security.cert.CertificateException e) {
     87             throw new CertificateException(e.getMessage());
     88         }
     89     }
     90 
     91     /**
     92      * unmarshals an X.509 certificate from an input stream.
     93      *
     94      * @param in an input stream holding at least one certificate
     95      * @exception CertificateException on parsing errors.
     96      */
     97     public X509V1CertImpl(InputStream in)
     98     throws CertificateException {
     99         try {
    100             wrappedCert = (java.security.cert.X509Certificate)
    101                 getFactory().generateCertificate(in);
    102         } catch (java.security.cert.CertificateException e) {
    103             throw new CertificateException(e.getMessage());
    104         }
    105     }
    106 
    107     /**
    108      * Returns the encoded form of this certificate. It is
    109      * assumed that each certificate type would have only a single
    110      * form of encoding; for example, X.509 certificates would
    111      * be encoded as ASN.1 DER.
    112      */
    113     public byte[] getEncoded() throws CertificateEncodingException {
    114         try {
    115             return wrappedCert.getEncoded();
    116         } catch (java.security.cert.CertificateEncodingException e) {
    117             throw new CertificateEncodingException(e.getMessage());
    118         }
    119     }
    120 
    121     /**
    122      * Throws an exception if the certificate was not signed using the
    123      * verification key provided.  Successfully verifying a certificate
    124      * does <em>not</em> indicate that one should trust the entity which
    125      * it represents.
    126      *
    127      * @param key the public key used for verification.
    128      */
    129     public void verify(PublicKey key)
    130         throws CertificateException, NoSuchAlgorithmException,
    131         InvalidKeyException, NoSuchProviderException,
    132         SignatureException
    133     {
    134         try {
    135             wrappedCert.verify(key);
    136         } catch (java.security.cert.CertificateException e) {
    137             throw new CertificateException(e.getMessage());
    138         }
    139     }
    140 
    141     /**
    142      * Throws an exception if the certificate was not signed using the
    143      * verification key provided.  Successfully verifying a certificate
    144      * does <em>not</em> indicate that one should trust the entity which
    145      * it represents.
    146      *
    147      * @param key the public key used for verification.
    148      * @param sigProvider the name of the provider.
    149      */
    150     public void verify(PublicKey key, String sigProvider)
    151         throws CertificateException, NoSuchAlgorithmException,
    152         InvalidKeyException, NoSuchProviderException,
    153         SignatureException
    154     {
    155         try {
    156             wrappedCert.verify(key, sigProvider);
    157         } catch (java.security.cert.CertificateException e) {
    158             throw new CertificateException(e.getMessage());
    159         }
    160     }
    161 
    162     /**
    163      * Checks that the certificate is currently valid, i.e. the current
    164      * time is within the specified validity period.
    165      */
    166     public void checkValidity() throws
    167       CertificateExpiredException, CertificateNotYetValidException {
    168         checkValidity(new Date());
    169     }
    170 
    171     /**
    172      * Checks that the specified date is within the certificate's
    173      * validity period, or basically if the certificate would be
    174      * valid at the specified date/time.
    175      *
    176      * @param date the Date to check against to see if this certificate
    177      *        is valid at that date/time.
    178      */
    179     public void checkValidity(Date date) throws
    180       CertificateExpiredException, CertificateNotYetValidException {
    181         try {
    182             wrappedCert.checkValidity(date);
    183         } catch (java.security.cert.CertificateNotYetValidException e) {
    184             throw new CertificateNotYetValidException(e.getMessage());
    185         } catch (java.security.cert.CertificateExpiredException e) {
    186             throw new CertificateExpiredException(e.getMessage());
    187         }
    188     }
    189 
    190 
    191     /**
    192      * Returns a printable representation of the certificate.  This does not
    193      * contain all the information available to distinguish this from any
    194      * other certificate.  The certificate must be fully constructed
    195      * before this function may be called.
    196      */
    197     public String toString() {
    198         return wrappedCert.toString();
    199     }
    200 
    201     /**
    202      * Gets the publickey from this certificate.
    203      *
    204      * @return the publickey.
    205      */
    206     public PublicKey getPublicKey() {
    207         PublicKey key = wrappedCert.getPublicKey();
    208         return key;
    209     }
    210 
    211     /*
    212      * Gets the version number from the certificate.
    213      *
    214      * @return the version number.
    215      */
    216     public int getVersion() {
    217         return wrappedCert.getVersion() - 1;
    218     }
    219 
    220     /**
    221      * Gets the serial number from the certificate.
    222      *
    223      * @return the serial number.
    224      */
    225     public BigInteger getSerialNumber() {
    226         return wrappedCert.getSerialNumber();
    227     }
    228 
    229     /**
    230      * Gets the subject distinguished name from the certificate.
    231      *
    232      * @return the subject name.
    233      * @exception CertificateException if a parsing error occurs.
    234      */
    235     public Principal getSubjectDN() {
    236         return wrappedCert.getSubjectDN();
    237     }
    238 
    239     /**
    240      * Gets the issuer distinguished name from the certificate.
    241      *
    242      * @return the issuer name.
    243      * @exception CertificateException if a parsing error occurs.
    244      */
    245     public Principal getIssuerDN() {
    246         return wrappedCert.getIssuerDN();
    247     }
    248 
    249     /**
    250      * Gets the notBefore date from the validity period of the certificate.
    251      *
    252      * @return the start date of the validity period.
    253      * @exception CertificateException if a parsing error occurs.
    254      */
    255     public Date getNotBefore() {
    256         return wrappedCert.getNotBefore();
    257     }
    258 
    259     /**
    260      * Gets the notAfter date from the validity period of the certificate.
    261      *
    262      * @return the end date of the validity period.
    263      * @exception CertificateException if a parsing error occurs.
    264      */
    265     public Date getNotAfter() {
    266         return wrappedCert.getNotAfter();
    267     }
    268 
    269     /**
    270      * Gets the signature algorithm name for the certificate
    271      * signature algorithm.
    272      * For example, the string "SHA1/DSA".
    273      *
    274      * @return the signature algorithm name.
    275      * @exception CertificateException if a parsing error occurs.
    276      */
    277     public String getSigAlgName() {
    278         return wrappedCert.getSigAlgName();
    279     }
    280 
    281     /**
    282      * Gets the signature algorithm OID string from the certificate.
    283      * For example, the string "1.2.840.10040.4.3"
    284      *
    285      * @return the signature algorithm oid string.
    286      * @exception CertificateException if a parsing error occurs.
    287      */
    288     public String getSigAlgOID() {
    289         return wrappedCert.getSigAlgOID();
    290     }
    291 
    292     /**
    293      * Gets the DER encoded signature algorithm parameters from this
    294      * certificate's signature algorithm.
    295      *
    296      * @return the DER encoded signature algorithm parameters, or
    297      *         null if no parameters are present.
    298      * @exception CertificateException if a parsing error occurs.
    299      */
    300     public byte[] getSigAlgParams() {
    301         return wrappedCert.getSigAlgParams();
    302     }
    303 
    304     private synchronized void writeObject(ObjectOutputStream stream)
    305         throws IOException {
    306         try {
    307             stream.write(getEncoded());
    308         } catch (CertificateEncodingException e) {
    309             throw new IOException("getEncoded failed: " + e.getMessage());
    310         }
    311     }
    312 
    313     private synchronized void readObject(ObjectInputStream stream)
    314         throws IOException {
    315         try {
    316             wrappedCert = (java.security.cert.X509Certificate)
    317                 getFactory().generateCertificate(stream);
    318         } catch (java.security.cert.CertificateException e) {
    319             throw new IOException("generateCertificate failed: " + e.getMessage());
    320         }
    321     }
    322 
    323     public java.security.cert.X509Certificate getX509Certificate() {
    324         return wrappedCert;
    325     }
    326 }
    327