001: /*
002: * Copyright 1997-2001 Sun Microsystems, Inc. All Rights Reserved.
003: * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
004: *
005: * This code is free software; you can redistribute it and/or modify it
006: * under the terms of the GNU General Public License version 2 only, as
007: * published by the Free Software Foundation. Sun designates this
008: * particular file as subject to the "Classpath" exception as provided
009: * by Sun in the LICENSE file that accompanied this code.
010: *
011: * This code is distributed in the hope that it will be useful, but WITHOUT
012: * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
013: * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
014: * version 2 for more details (a copy is included in the LICENSE file that
015: * accompanied this code).
016: *
017: * You should have received a copy of the GNU General Public License version
018: * 2 along with this work; if not, write to the Free Software Foundation,
019: * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
020: *
021: * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
022: * CA 95054 USA or visit www.sun.com if you need additional information or
023: * have any questions.
024: */
025:
026: package com.sun.security.cert.internal.x509;
027:
028: import java.io.ByteArrayInputStream;
029: import java.io.IOException;
030: import java.io.Serializable;
031: import java.io.InputStream;
032: import java.io.ObjectInputStream;
033: import java.io.OutputStream;
034: import java.io.ObjectOutputStream;
035: import java.math.BigInteger;
036: import java.security.Signature;
037: import javax.security.cert.*;
038: import java.security.*;
039: import java.util.Date;
040: import java.util.BitSet;
041: import java.util.Enumeration;
042: import java.util.Vector;
043:
044: /**
045: * The X509V1CertImpl class is used as a conversion wrapper around
046: * sun.security.x509.X509Cert certificates when running under JDK1.1.x.
047: *
048: * @author Jeff Nisewanger
049: * @version 1.24
050: */
051: public class X509V1CertImpl extends X509Certificate implements
052: Serializable {
053: static final long serialVersionUID = -2048442350420423405L;
054: private java.security.cert.X509Certificate wrappedCert;
055:
056: synchronized private static java.security.cert.CertificateFactory getFactory()
057: throws java.security.cert.CertificateException {
058: return java.security.cert.CertificateFactory
059: .getInstance("X.509");
060: }
061:
062: /**
063: * Default constructor.
064: */
065: public X509V1CertImpl() {
066: }
067:
068: /**
069: * Unmarshals a certificate from its encoded form, parsing the
070: * encoded bytes. This form of constructor is used by agents which
071: * need to examine and use certificate contents. That is, this is
072: * one of the more commonly used constructors. Note that the buffer
073: * must include only a certificate, and no "garbage" may be left at
074: * the end. If you need to ignore data at the end of a certificate,
075: * use another constructor.
076: *
077: * @param certData the encoded bytes, with no trailing padding.
078: * @exception CertificateException on parsing errors.
079: */
080: public X509V1CertImpl(byte[] certData) throws CertificateException {
081: try {
082: ByteArrayInputStream bs;
083:
084: bs = new ByteArrayInputStream(certData);
085: wrappedCert = (java.security.cert.X509Certificate) getFactory()
086: .generateCertificate(bs);
087: } catch (java.security.cert.CertificateException e) {
088: throw new CertificateException(e.getMessage());
089: }
090: }
091:
092: /**
093: * unmarshals an X.509 certificate from an input stream.
094: *
095: * @param in an input stream holding at least one certificate
096: * @exception CertificateException on parsing errors.
097: */
098: public X509V1CertImpl(InputStream in) throws CertificateException {
099: try {
100: wrappedCert = (java.security.cert.X509Certificate) getFactory()
101: .generateCertificate(in);
102: } catch (java.security.cert.CertificateException e) {
103: throw new CertificateException(e.getMessage());
104: }
105: }
106:
107: /**
108: * Returns the encoded form of this certificate. It is
109: * assumed that each certificate type would have only a single
110: * form of encoding; for example, X.509 certificates would
111: * be encoded as ASN.1 DER.
112: */
113: public byte[] getEncoded() throws CertificateEncodingException {
114: try {
115: return wrappedCert.getEncoded();
116: } catch (java.security.cert.CertificateEncodingException e) {
117: throw new CertificateEncodingException(e.getMessage());
118: }
119: }
120:
121: /**
122: * Throws an exception if the certificate was not signed using the
123: * verification key provided. Successfully verifying a certificate
124: * does <em>not</em> indicate that one should trust the entity which
125: * it represents.
126: *
127: * @param key the public key used for verification.
128: */
129: public void verify(PublicKey key) throws CertificateException,
130: NoSuchAlgorithmException, InvalidKeyException,
131: NoSuchProviderException, SignatureException {
132: try {
133: wrappedCert.verify(key);
134: } catch (java.security.cert.CertificateException e) {
135: throw new CertificateException(e.getMessage());
136: }
137: }
138:
139: /**
140: * Throws an exception if the certificate was not signed using the
141: * verification key provided. Successfully verifying a certificate
142: * does <em>not</em> indicate that one should trust the entity which
143: * it represents.
144: *
145: * @param key the public key used for verification.
146: * @param sigProvider the name of the provider.
147: */
148: public void verify(PublicKey key, String sigProvider)
149: throws CertificateException, NoSuchAlgorithmException,
150: InvalidKeyException, NoSuchProviderException,
151: SignatureException {
152: try {
153: wrappedCert.verify(key, sigProvider);
154: } catch (java.security.cert.CertificateException e) {
155: throw new CertificateException(e.getMessage());
156: }
157: }
158:
159: /**
160: * Checks that the certificate is currently valid, i.e. the current
161: * time is within the specified validity period.
162: */
163: public void checkValidity() throws CertificateExpiredException,
164: CertificateNotYetValidException {
165: checkValidity(new Date());
166: }
167:
168: /**
169: * Checks that the specified date is within the certificate's
170: * validity period, or basically if the certificate would be
171: * valid at the specified date/time.
172: *
173: * @param date the Date to check against to see if this certificate
174: * is valid at that date/time.
175: */
176: public void checkValidity(Date date)
177: throws CertificateExpiredException,
178: CertificateNotYetValidException {
179: try {
180: wrappedCert.checkValidity(date);
181: } catch (java.security.cert.CertificateNotYetValidException e) {
182: throw new CertificateNotYetValidException(e.getMessage());
183: } catch (java.security.cert.CertificateExpiredException e) {
184: throw new CertificateExpiredException(e.getMessage());
185: }
186: }
187:
188: /**
189: * Returns a printable representation of the certificate. This does not
190: * contain all the information available to distinguish this from any
191: * other certificate. The certificate must be fully constructed
192: * before this function may be called.
193: */
194: public String toString() {
195: return wrappedCert.toString();
196: }
197:
198: /**
199: * Gets the publickey from this certificate.
200: *
201: * @return the publickey.
202: */
203: public PublicKey getPublicKey() {
204: PublicKey key = wrappedCert.getPublicKey();
205: return key;
206: }
207:
208: /*
209: * Gets the version number from the certificate.
210: *
211: * @return the version number.
212: */
213: public int getVersion() {
214: return wrappedCert.getVersion() - 1;
215: }
216:
217: /**
218: * Gets the serial number from the certificate.
219: *
220: * @return the serial number.
221: */
222: public BigInteger getSerialNumber() {
223: return wrappedCert.getSerialNumber();
224: }
225:
226: /**
227: * Gets the subject distinguished name from the certificate.
228: *
229: * @return the subject name.
230: * @exception CertificateException if a parsing error occurs.
231: */
232: public Principal getSubjectDN() {
233: return wrappedCert.getSubjectDN();
234: }
235:
236: /**
237: * Gets the issuer distinguished name from the certificate.
238: *
239: * @return the issuer name.
240: * @exception CertificateException if a parsing error occurs.
241: */
242: public Principal getIssuerDN() {
243: return wrappedCert.getIssuerDN();
244: }
245:
246: /**
247: * Gets the notBefore date from the validity period of the certificate.
248: *
249: * @return the start date of the validity period.
250: * @exception CertificateException if a parsing error occurs.
251: */
252: public Date getNotBefore() {
253: return wrappedCert.getNotBefore();
254: }
255:
256: /**
257: * Gets the notAfter date from the validity period of the certificate.
258: *
259: * @return the end date of the validity period.
260: * @exception CertificateException if a parsing error occurs.
261: */
262: public Date getNotAfter() {
263: return wrappedCert.getNotAfter();
264: }
265:
266: /**
267: * Gets the signature algorithm name for the certificate
268: * signature algorithm.
269: * For example, the string "SHA1/DSA".
270: *
271: * @return the signature algorithm name.
272: * @exception CertificateException if a parsing error occurs.
273: */
274: public String getSigAlgName() {
275: return wrappedCert.getSigAlgName();
276: }
277:
278: /**
279: * Gets the signature algorithm OID string from the certificate.
280: * For example, the string "1.2.840.10040.4.3"
281: *
282: * @return the signature algorithm oid string.
283: * @exception CertificateException if a parsing error occurs.
284: */
285: public String getSigAlgOID() {
286: return wrappedCert.getSigAlgOID();
287: }
288:
289: /**
290: * Gets the DER encoded signature algorithm parameters from this
291: * certificate's signature algorithm.
292: *
293: * @return the DER encoded signature algorithm parameters, or
294: * null if no parameters are present.
295: * @exception CertificateException if a parsing error occurs.
296: */
297: public byte[] getSigAlgParams() {
298: return wrappedCert.getSigAlgParams();
299: }
300:
301: private synchronized void writeObject(ObjectOutputStream stream)
302: throws IOException {
303: try {
304: stream.write(getEncoded());
305: } catch (CertificateEncodingException e) {
306: throw new IOException("getEncoded failed: "
307: + e.getMessage());
308: }
309: }
310:
311: private synchronized void readObject(ObjectInputStream stream)
312: throws IOException {
313: try {
314: wrappedCert = (java.security.cert.X509Certificate) getFactory()
315: .generateCertificate(stream);
316: } catch (java.security.cert.CertificateException e) {
317: throw new IOException("generateCertificate failed: "
318: + e.getMessage());
319: }
320: }
321:
322: public java.security.cert.X509Certificate getX509Certificate() {
323: return wrappedCert;
324: }
325: }
|