001 /*
002 * Copyright 2003-2006 Sun Microsystems, Inc. All Rights Reserved.
003 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
004 *
005 * This code is free software; you can redistribute it and/or modify it
006 * under the terms of the GNU General Public License version 2 only, as
007 * published by the Free Software Foundation. Sun designates this
008 * particular file as subject to the "Classpath" exception as provided
009 * by Sun in the LICENSE file that accompanied this code.
010 *
011 * This code is distributed in the hope that it will be useful, but WITHOUT
012 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
013 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
014 * version 2 for more details (a copy is included in the LICENSE file that
015 * accompanied this code).
016 *
017 * You should have received a copy of the GNU General Public License version
018 * 2 along with this work; if not, write to the Free Software Foundation,
019 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
020 *
021 * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
022 * CA 95054 USA or visit www.sun.com if you need additional information or
023 * have any questions.
024 */
025
026 package java.security;
027
028 import java.io.*;
029
030 import java.security.spec.PKCS8EncodedKeySpec;
031 import java.security.spec.X509EncodedKeySpec;
032 import java.security.spec.InvalidKeySpecException;
033
034 import javax.crypto.SecretKeyFactory;
035 import javax.crypto.spec.SecretKeySpec;
036
037 /**
038 * Standardized representation for serialized Key objects.
039 *
040 * <p>
041 *
042 * Note that a serialized Key may contain sensitive information
043 * which should not be exposed in untrusted environments. See the
044 * <a href="../../../platform/serialization/spec/security.html">
045 * Security Appendix</a>
046 * of the Serialization Specification for more information.
047 *
048 * @see Key
049 * @see KeyFactory
050 * @see javax.crypto.spec.SecretKeySpec
051 * @see java.security.spec.X509EncodedKeySpec
052 * @see java.security.spec.PKCS8EncodedKeySpec
053 *
054 * @version 1.16, 07/05/05
055 * @since 1.5
056 */
057
058 public class KeyRep implements Serializable {
059
060 private static final long serialVersionUID = -4757683898830641853L;
061
062 /**
063 * Key type.
064 *
065 * @since 1.5
066 */
067 public static enum Type {
068
069 /** Type for secret keys. */
070 SECRET,
071
072 /** Type for public keys. */
073 PUBLIC,
074
075 /** Type for private keys. */
076 PRIVATE,
077
078 }
079
080 private static final String PKCS8 = "PKCS#8";
081 private static final String X509 = "X.509";
082 private static final String RAW = "RAW";
083
084 /**
085 * Either one of Type.SECRET, Type.PUBLIC, or Type.PRIVATE
086 *
087 * @serial
088 */
089 private Type type;
090
091 /**
092 * The Key algorithm
093 *
094 * @serial
095 */
096 private String algorithm;
097
098 /**
099 * The Key encoding format
100 *
101 * @serial
102 */
103 private String format;
104
105 /**
106 * The encoded Key bytes
107 *
108 * @serial
109 */
110 private byte[] encoded;
111
112 /**
113 * Construct the alternate Key class.
114 *
115 * <p>
116 *
117 * @param type either one of Type.SECRET, Type.PUBLIC, or Type.PRIVATE
118 * @param algorithm the algorithm returned from
119 * <code>Key.getAlgorithm()</code>
120 * @param format the encoding format returned from
121 * <code>Key.getFormat()</code>
122 * @param encoded the encoded bytes returned from
123 * <code>Key.getEncoded()</code>
124 *
125 * @exception NullPointerException
126 * if type is <code>null</code>,
127 * if algorithm is <code>null</code>,
128 * if format is <code>null</code>,
129 * or if encoded is <code>null</code>
130 */
131 public KeyRep(Type type, String algorithm, String format,
132 byte[] encoded) {
133
134 if (type == null || algorithm == null || format == null
135 || encoded == null) {
136 throw new NullPointerException("invalid null input(s)");
137 }
138
139 this .type = type;
140 this .algorithm = algorithm;
141 this .format = format.toUpperCase();
142 this .encoded = (byte[]) encoded.clone();
143 }
144
145 /**
146 * Resolve the Key object.
147 *
148 * <p> This method supports three Type/format combinations:
149 * <ul>
150 * <li> Type.SECRET/"RAW" - returns a SecretKeySpec object
151 * constructed using encoded key bytes and algorithm
152 * <li> Type.PUBLIC/"X.509" - gets a KeyFactory instance for
153 * the key algorithm, constructs an X509EncodedKeySpec with the
154 * encoded key bytes, and generates a public key from the spec
155 * <li> Type.PRIVATE/"PKCS#8" - gets a KeyFactory instance for
156 * the key algorithm, constructs a PKCS8EncodedKeySpec with the
157 * encoded key bytes, and generates a private key from the spec
158 * </ul>
159 *
160 * <p>
161 *
162 * @return the resolved Key object
163 *
164 * @exception ObjectStreamException if the Type/format
165 * combination is unrecognized, if the algorithm, key format, or
166 * encoded key bytes are unrecognized/invalid, of if the
167 * resolution of the key fails for any reason
168 */
169 protected Object readResolve() throws ObjectStreamException {
170 try {
171 if (type == Type.SECRET && RAW.equals(format)) {
172 return new SecretKeySpec(encoded, algorithm);
173 } else if (type == Type.PUBLIC && X509.equals(format)) {
174 KeyFactory f = KeyFactory.getInstance(algorithm);
175 return f
176 .generatePublic(new X509EncodedKeySpec(encoded));
177 } else if (type == Type.PRIVATE && PKCS8.equals(format)) {
178 KeyFactory f = KeyFactory.getInstance(algorithm);
179 return f.generatePrivate(new PKCS8EncodedKeySpec(
180 encoded));
181 } else {
182 throw new NotSerializableException(
183 "unrecognized type/format combination: " + type
184 + "/" + format);
185 }
186 } catch (NotSerializableException nse) {
187 throw nse;
188 } catch (Exception e) {
189 NotSerializableException nse = new NotSerializableException(
190 "java.security.Key: " + "[" + type + "] " + "["
191 + algorithm + "] " + "[" + format + "]");
192 nse.initCause(e);
193 throw nse;
194 }
195 }
196 }
|