1 /* 2 * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 package java.security.cert; 27 28 import java.math.BigInteger; 29 import java.util.Date; 30 import javax.security.auth.x500.X500Principal; 31 32 import sun.security.x509.X509CRLEntryImpl; 33 34 /** 35 * <p>Abstract class for a revoked certificate in a CRL (Certificate 36 * Revocation List). 37 * 38 * The ASN.1 definition for <em>revokedCertificates</em> is: 39 * <pre> 40 * revokedCertificates SEQUENCE OF SEQUENCE { 41 * userCertificate CertificateSerialNumber, 42 * revocationDate ChoiceOfTime, 43 * crlEntryExtensions Extensions OPTIONAL 44 * -- if present, must be v2 45 * } OPTIONAL 46 * 47 * CertificateSerialNumber ::= INTEGER 48 * 49 * Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension 50 * 51 * Extension ::= SEQUENCE { 52 * extnId OBJECT IDENTIFIER, 53 * critical BOOLEAN DEFAULT FALSE, 54 * extnValue OCTET STRING 55 * -- contains a DER encoding of a value 56 * -- of the type registered for use with 57 * -- the extnId object identifier value 58 * } 59 * </pre> 60 * 61 * @see X509CRL 62 * @see X509Extension 63 * 64 * @author Hemma Prafullchandra 65 */ 66 67 public abstract class X509CRLEntry implements X509Extension { 68 69 /** 70 * Compares this CRL entry for equality with the given 71 * object. If the {@code other} object is an 72 * {@code instanceof} {@code X509CRLEntry}, then 73 * its encoded form (the inner SEQUENCE) is retrieved and compared 74 * with the encoded form of this CRL entry. 75 * 76 * @param other the object to test for equality with this CRL entry. 77 * @return true iff the encoded forms of the two CRL entries 78 * match, false otherwise. 79 */ equals(Object other)80 public boolean equals(Object other) { 81 if (this == other) 82 return true; 83 if (!(other instanceof X509CRLEntry)) 84 return false; 85 try { 86 byte[] thisCRLEntry = this.getEncoded(); 87 byte[] otherCRLEntry = ((X509CRLEntry)other).getEncoded(); 88 89 if (thisCRLEntry.length != otherCRLEntry.length) 90 return false; 91 for (int i = 0; i < thisCRLEntry.length; i++) 92 if (thisCRLEntry[i] != otherCRLEntry[i]) 93 return false; 94 } catch (CRLException ce) { 95 return false; 96 } 97 return true; 98 } 99 100 /** 101 * Returns a hashcode value for this CRL entry from its 102 * encoded form. 103 * 104 * @return the hashcode value. 105 */ hashCode()106 public int hashCode() { 107 int retval = 0; 108 try { 109 byte[] entryData = this.getEncoded(); 110 for (int i = 1; i < entryData.length; i++) 111 retval += entryData[i] * i; 112 113 } catch (CRLException ce) { 114 return(retval); 115 } 116 return(retval); 117 } 118 119 /** 120 * Returns the ASN.1 DER-encoded form of this CRL Entry, 121 * that is the inner SEQUENCE. 122 * 123 * @return the encoded form of this certificate 124 * @exception CRLException if an encoding error occurs. 125 */ getEncoded()126 public abstract byte[] getEncoded() throws CRLException; 127 128 /** 129 * Gets the serial number from this X509CRLEntry, 130 * the <em>userCertificate</em>. 131 * 132 * @return the serial number. 133 */ getSerialNumber()134 public abstract BigInteger getSerialNumber(); 135 136 /** 137 * Get the issuer of the X509Certificate described by this entry. If 138 * the certificate issuer is also the CRL issuer, this method returns 139 * null. 140 * 141 * <p>This method is used with indirect CRLs. The default implementation 142 * always returns null. Subclasses that wish to support indirect CRLs 143 * should override it. 144 * 145 * @return the issuer of the X509Certificate described by this entry 146 * or null if it is issued by the CRL issuer. 147 * 148 * @since 1.5 149 */ getCertificateIssuer()150 public X500Principal getCertificateIssuer() { 151 return null; 152 } 153 154 /** 155 * Gets the revocation date from this X509CRLEntry, 156 * the <em>revocationDate</em>. 157 * 158 * @return the revocation date. 159 */ getRevocationDate()160 public abstract Date getRevocationDate(); 161 162 /** 163 * Returns true if this CRL entry has extensions. 164 * 165 * @return true if this entry has extensions, false otherwise. 166 */ hasExtensions()167 public abstract boolean hasExtensions(); 168 169 /** 170 * Returns a string representation of this CRL entry. 171 * 172 * @return a string representation of this CRL entry. 173 */ toString()174 public abstract String toString(); 175 176 /** 177 * Returns the reason the certificate has been revoked, as specified 178 * in the Reason Code extension of this CRL entry. 179 * 180 * @return the reason the certificate has been revoked, or 181 * {@code null} if this CRL entry does not have 182 * a Reason Code extension 183 * @since 1.7 184 */ getRevocationReason()185 public CRLReason getRevocationReason() { 186 if (!hasExtensions()) { 187 return null; 188 } 189 return X509CRLEntryImpl.getRevocationReason(this); 190 } 191 } 192