1 /*
2  * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4  *
5  * This code is free software; you can redistribute it and/or modify it
6  * under the terms of the GNU General Public License version 2 only, as
7  * published by the Free Software Foundation.  Oracle designates this
8  * particular file as subject to the "Classpath" exception as provided
9  * by Oracle in the LICENSE file that accompanied this code.
10  *
11  * This code is distributed in the hope that it will be useful, but WITHOUT
12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
14  * version 2 for more details (a copy is included in the LICENSE file that
15  * accompanied this code).
16  *
17  * You should have received a copy of the GNU General Public License version
18  * 2 along with this work; if not, write to the Free Software Foundation,
19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20  *
21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22  * or visit www.oracle.com if you need additional information or have any
23  * questions.
24  */
25 
26 
27 package javax.security.cert;
28 
29 import java.security.PublicKey;
30 import java.security.NoSuchAlgorithmException;
31 import java.security.NoSuchProviderException;
32 import java.security.InvalidKeyException;
33 import java.security.SignatureException;
34 
35 /**
36  * <p>Abstract class for managing a variety of identity certificates.
37  * An identity certificate is a guarantee by a principal that
38  * a public key is that of another principal.  (A principal represents
39  * an entity such as an individual user, a group, or a corporation.)
40  *<p>
41  * This class is an abstraction for certificates that have different
42  * formats but important common uses.  For example, different types of
43  * certificates, such as X.509 and PGP, share general certificate
44  * functionality (like encoding and verifying) and
45  * some types of information (like a public key).
46  * <p>
47  * X.509, PGP, and SDSI certificates can all be implemented by
48  * subclassing the Certificate class, even though they contain different
49  * sets of information, and they store and retrieve the information in
50  * different ways.
51  *
52  * <p><em>Note: The classes in the package {@code javax.security.cert}
53  * exist for compatibility with earlier versions of the
54  * Java Secure Sockets Extension (JSSE). New applications should instead
55  * use the standard Java SE certificate classes located in
56  * {@code java.security.cert}.</em></p>
57  *
58  * @since 1.4
59  * @see X509Certificate
60  *
61  * @author Hemma Prafullchandra
62  */
63 public abstract class Certificate {
64 
65     /**
66      * Compares this certificate for equality with the specified
67      * object. If the {@code other} object is an
68      * {@code instanceof} {@code Certificate}, then
69      * its encoded form is retrieved and compared with the
70      * encoded form of this certificate.
71      *
72      * @param other the object to test for equality with this certificate.
73      * @return true if the encoded forms of the two certificates
74      *         match, false otherwise.
75      */
equals(Object other)76     public boolean equals(Object other) {
77         if (this == other)
78             return true;
79         if (!(other instanceof Certificate))
80             return false;
81         try {
82             byte[] thisCert = this.getEncoded();
83             byte[] otherCert = ((Certificate)other).getEncoded();
84 
85             if (thisCert.length != otherCert.length)
86                 return false;
87             for (int i = 0; i < thisCert.length; i++)
88                  if (thisCert[i] != otherCert[i])
89                      return false;
90             return true;
91         } catch (CertificateException e) {
92             return false;
93         }
94     }
95 
96     /**
97      * Returns a hashcode value for this certificate from its
98      * encoded form.
99      *
100      * @return the hashcode value.
101      */
hashCode()102     public int hashCode() {
103         int     retval = 0;
104         try {
105             byte[] certData = this.getEncoded();
106             for (int i = 1; i < certData.length; i++) {
107                  retval += certData[i] * i;
108             }
109             return (retval);
110         } catch (CertificateException e) {
111             return (retval);
112         }
113     }
114 
115     /**
116      * Returns the encoded form of this certificate. It is
117      * assumed that each certificate type would have only a single
118      * form of encoding; for example, X.509 certificates would
119      * be encoded as ASN.1 DER.
120      *
121      * @return encoded form of this certificate
122      * @exception CertificateEncodingException on internal certificate
123      *            encoding failure
124      */
getEncoded()125     public abstract byte[] getEncoded() throws CertificateEncodingException;
126 
127     /**
128      * Verifies that this certificate was signed using the
129      * private key that corresponds to the specified public key.
130      *
131      * @param key the PublicKey used to carry out the verification.
132      *
133      * @exception NoSuchAlgorithmException on unsupported signature
134      * algorithms.
135      * @exception InvalidKeyException on incorrect key.
136      * @exception NoSuchProviderException if there's no default provider.
137      * @exception SignatureException on signature errors.
138      * @exception CertificateException on encoding errors.
139      */
verify(PublicKey key)140     public abstract void verify(PublicKey key)
141         throws CertificateException, NoSuchAlgorithmException,
142         InvalidKeyException, NoSuchProviderException,
143         SignatureException;
144 
145     /**
146      * Verifies that this certificate was signed using the
147      * private key that corresponds to the specified public key.
148      * This method uses the signature verification engine
149      * supplied by the specified provider.
150      *
151      * @param key the PublicKey used to carry out the verification.
152      * @param sigProvider the name of the signature provider.
153      * @exception NoSuchAlgorithmException on unsupported signature algorithms.
154      * @exception InvalidKeyException on incorrect key.
155      * @exception NoSuchProviderException on incorrect provider.
156      * @exception SignatureException on signature errors.
157      * @exception CertificateException on encoding errors.
158      */
verify(PublicKey key, String sigProvider)159     public abstract void verify(PublicKey key, String sigProvider)
160         throws CertificateException, NoSuchAlgorithmException,
161         InvalidKeyException, NoSuchProviderException,
162         SignatureException;
163 
164     /**
165      * Returns a string representation of this certificate.
166      *
167      * @return a string representation of this certificate.
168      */
toString()169     public abstract String toString();
170 
171     /**
172      * Gets the public key from this certificate.
173      *
174      * @return the public key.
175      */
getPublicKey()176     public abstract PublicKey getPublicKey();
177 }
178