1 /* 2 * Copyright (c) 1997, 2001, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 package com.sun.security.cert.internal.x509; 27 28 import java.io.ByteArrayInputStream; 29 import java.io.IOException; 30 import java.io.Serializable; 31 import java.io.InputStream; 32 import java.io.ObjectInputStream; 33 import java.io.OutputStream; 34 import java.io.ObjectOutputStream; 35 import java.math.BigInteger; 36 import java.security.Signature; 37 import javax.security.cert.*; 38 import java.security.*; 39 import java.util.Date; 40 import java.util.BitSet; 41 import java.util.Enumeration; 42 import java.util.Vector; 43 44 /** 45 * The X509V1CertImpl class is used as a conversion wrapper around 46 * sun.security.x509.X509Cert certificates when running under JDK1.1.x. 47 * 48 * @author Jeff Nisewanger 49 */ 50 public class X509V1CertImpl extends X509Certificate implements Serializable { 51 static final long serialVersionUID = -2048442350420423405L; 52 private java.security.cert.X509Certificate wrappedCert; 53 54 synchronized private static java.security.cert.CertificateFactory getFactory()55 getFactory() 56 throws java.security.cert.CertificateException 57 { 58 return java.security.cert.CertificateFactory.getInstance("X.509"); 59 } 60 61 /** 62 * Default constructor. 63 */ X509V1CertImpl()64 public X509V1CertImpl() { } 65 66 /** 67 * Unmarshals a certificate from its encoded form, parsing the 68 * encoded bytes. This form of constructor is used by agents which 69 * need to examine and use certificate contents. That is, this is 70 * one of the more commonly used constructors. Note that the buffer 71 * must include only a certificate, and no "garbage" may be left at 72 * the end. If you need to ignore data at the end of a certificate, 73 * use another constructor. 74 * 75 * @param certData the encoded bytes, with no trailing padding. 76 * @exception CertificateException on parsing errors. 77 */ X509V1CertImpl(byte[] certData)78 public X509V1CertImpl(byte[] certData) 79 throws CertificateException { 80 try { 81 ByteArrayInputStream bs; 82 83 bs = new ByteArrayInputStream(certData); 84 wrappedCert = (java.security.cert.X509Certificate) 85 getFactory().generateCertificate(bs); 86 } catch (java.security.cert.CertificateException e) { 87 throw new CertificateException(e.getMessage()); 88 } 89 } 90 91 /** 92 * unmarshals an X.509 certificate from an input stream. 93 * 94 * @param in an input stream holding at least one certificate 95 * @exception CertificateException on parsing errors. 96 */ X509V1CertImpl(InputStream in)97 public X509V1CertImpl(InputStream in) 98 throws CertificateException { 99 try { 100 wrappedCert = (java.security.cert.X509Certificate) 101 getFactory().generateCertificate(in); 102 } catch (java.security.cert.CertificateException e) { 103 throw new CertificateException(e.getMessage()); 104 } 105 } 106 107 /** 108 * Returns the encoded form of this certificate. It is 109 * assumed that each certificate type would have only a single 110 * form of encoding; for example, X.509 certificates would 111 * be encoded as ASN.1 DER. 112 */ getEncoded()113 public byte[] getEncoded() throws CertificateEncodingException { 114 try { 115 return wrappedCert.getEncoded(); 116 } catch (java.security.cert.CertificateEncodingException e) { 117 throw new CertificateEncodingException(e.getMessage()); 118 } 119 } 120 121 /** 122 * Throws an exception if the certificate was not signed using the 123 * verification key provided. Successfully verifying a certificate 124 * does <em>not</em> indicate that one should trust the entity which 125 * it represents. 126 * 127 * @param key the public key used for verification. 128 */ verify(PublicKey key)129 public void verify(PublicKey key) 130 throws CertificateException, NoSuchAlgorithmException, 131 InvalidKeyException, NoSuchProviderException, 132 SignatureException 133 { 134 try { 135 wrappedCert.verify(key); 136 } catch (java.security.cert.CertificateException e) { 137 throw new CertificateException(e.getMessage()); 138 } 139 } 140 141 /** 142 * Throws an exception if the certificate was not signed using the 143 * verification key provided. Successfully verifying a certificate 144 * does <em>not</em> indicate that one should trust the entity which 145 * it represents. 146 * 147 * @param key the public key used for verification. 148 * @param sigProvider the name of the provider. 149 */ verify(PublicKey key, String sigProvider)150 public void verify(PublicKey key, String sigProvider) 151 throws CertificateException, NoSuchAlgorithmException, 152 InvalidKeyException, NoSuchProviderException, 153 SignatureException 154 { 155 try { 156 wrappedCert.verify(key, sigProvider); 157 } catch (java.security.cert.CertificateException e) { 158 throw new CertificateException(e.getMessage()); 159 } 160 } 161 162 /** 163 * Checks that the certificate is currently valid, i.e. the current 164 * time is within the specified validity period. 165 */ checkValidity()166 public void checkValidity() throws 167 CertificateExpiredException, CertificateNotYetValidException { 168 checkValidity(new Date()); 169 } 170 171 /** 172 * Checks that the specified date is within the certificate's 173 * validity period, or basically if the certificate would be 174 * valid at the specified date/time. 175 * 176 * @param date the Date to check against to see if this certificate 177 * is valid at that date/time. 178 */ checkValidity(Date date)179 public void checkValidity(Date date) throws 180 CertificateExpiredException, CertificateNotYetValidException { 181 try { 182 wrappedCert.checkValidity(date); 183 } catch (java.security.cert.CertificateNotYetValidException e) { 184 throw new CertificateNotYetValidException(e.getMessage()); 185 } catch (java.security.cert.CertificateExpiredException e) { 186 throw new CertificateExpiredException(e.getMessage()); 187 } 188 } 189 190 191 /** 192 * Returns a printable representation of the certificate. This does not 193 * contain all the information available to distinguish this from any 194 * other certificate. The certificate must be fully constructed 195 * before this function may be called. 196 */ toString()197 public String toString() { 198 return wrappedCert.toString(); 199 } 200 201 /** 202 * Gets the publickey from this certificate. 203 * 204 * @return the publickey. 205 */ getPublicKey()206 public PublicKey getPublicKey() { 207 PublicKey key = wrappedCert.getPublicKey(); 208 return key; 209 } 210 211 /* 212 * Gets the version number from the certificate. 213 * 214 * @return the version number. 215 */ getVersion()216 public int getVersion() { 217 return wrappedCert.getVersion() - 1; 218 } 219 220 /** 221 * Gets the serial number from the certificate. 222 * 223 * @return the serial number. 224 */ getSerialNumber()225 public BigInteger getSerialNumber() { 226 return wrappedCert.getSerialNumber(); 227 } 228 229 /** 230 * Gets the subject distinguished name from the certificate. 231 * 232 * @return the subject name. 233 * @exception CertificateException if a parsing error occurs. 234 */ getSubjectDN()235 public Principal getSubjectDN() { 236 return wrappedCert.getSubjectDN(); 237 } 238 239 /** 240 * Gets the issuer distinguished name from the certificate. 241 * 242 * @return the issuer name. 243 * @exception CertificateException if a parsing error occurs. 244 */ getIssuerDN()245 public Principal getIssuerDN() { 246 return wrappedCert.getIssuerDN(); 247 } 248 249 /** 250 * Gets the notBefore date from the validity period of the certificate. 251 * 252 * @return the start date of the validity period. 253 * @exception CertificateException if a parsing error occurs. 254 */ getNotBefore()255 public Date getNotBefore() { 256 return wrappedCert.getNotBefore(); 257 } 258 259 /** 260 * Gets the notAfter date from the validity period of the certificate. 261 * 262 * @return the end date of the validity period. 263 * @exception CertificateException if a parsing error occurs. 264 */ getNotAfter()265 public Date getNotAfter() { 266 return wrappedCert.getNotAfter(); 267 } 268 269 /** 270 * Gets the signature algorithm name for the certificate 271 * signature algorithm. 272 * For example, the string "SHA1/DSA". 273 * 274 * @return the signature algorithm name. 275 * @exception CertificateException if a parsing error occurs. 276 */ getSigAlgName()277 public String getSigAlgName() { 278 return wrappedCert.getSigAlgName(); 279 } 280 281 /** 282 * Gets the signature algorithm OID string from the certificate. 283 * For example, the string "1.2.840.10040.4.3" 284 * 285 * @return the signature algorithm oid string. 286 * @exception CertificateException if a parsing error occurs. 287 */ getSigAlgOID()288 public String getSigAlgOID() { 289 return wrappedCert.getSigAlgOID(); 290 } 291 292 /** 293 * Gets the DER encoded signature algorithm parameters from this 294 * certificate's signature algorithm. 295 * 296 * @return the DER encoded signature algorithm parameters, or 297 * null if no parameters are present. 298 * @exception CertificateException if a parsing error occurs. 299 */ getSigAlgParams()300 public byte[] getSigAlgParams() { 301 return wrappedCert.getSigAlgParams(); 302 } 303 writeObject(ObjectOutputStream stream)304 private synchronized void writeObject(ObjectOutputStream stream) 305 throws IOException { 306 try { 307 stream.write(getEncoded()); 308 } catch (CertificateEncodingException e) { 309 throw new IOException("getEncoded failed: " + e.getMessage()); 310 } 311 } 312 readObject(ObjectInputStream stream)313 private synchronized void readObject(ObjectInputStream stream) 314 throws IOException { 315 try { 316 wrappedCert = (java.security.cert.X509Certificate) 317 getFactory().generateCertificate(stream); 318 } catch (java.security.cert.CertificateException e) { 319 throw new IOException("generateCertificate failed: " + e.getMessage()); 320 } 321 } 322 getX509Certificate()323 public java.security.cert.X509Certificate getX509Certificate() { 324 return wrappedCert; 325 } 326 } 327