/* * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License version 2 only, as * published by the Free Software Foundation. Oracle designates this * particular file as subject to the "Classpath" exception as provided * by Oracle in the LICENSE file that accompanied this code. * * This code is distributed in the hope that it will be useful, but WITHOUT * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * version 2 for more details (a copy is included in the LICENSE file that * accompanied this code). * * You should have received a copy of the GNU General Public License version * 2 along with this work; if not, write to the Free Software Foundation, * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. * * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA * or visit www.oracle.com if you need additional information or have any * questions. */ package javax.security.cert; import java.security.PublicKey; import java.security.NoSuchAlgorithmException; import java.security.NoSuchProviderException; import java.security.InvalidKeyException; import java.security.SignatureException; /** *
Abstract class for managing a variety of identity certificates. * An identity certificate is a guarantee by a principal that * a public key is that of another principal. (A principal represents * an entity such as an individual user, a group, or a corporation.) *
* This class is an abstraction for certificates that have different * formats but important common uses. For example, different types of * certificates, such as X.509 and PGP, share general certificate * functionality (like encoding and verifying) and * some types of information (like a public key). *
* X.509, PGP, and SDSI certificates can all be implemented by * subclassing the Certificate class, even though they contain different * sets of information, and they store and retrieve the information in * different ways. * *
Note: The classes in the package {@code javax.security.cert} * exist for compatibility with earlier versions of the * Java Secure Sockets Extension (JSSE). New applications should instead * use the standard Java SE certificate classes located in * {@code java.security.cert}.
* * @since 1.4 * @see X509Certificate * * @author Hemma Prafullchandra */ public abstract class Certificate { /** * Compares this certificate for equality with the specified * object. If the {@code other} object is an * {@code instanceof} {@code Certificate}, then * its encoded form is retrieved and compared with the * encoded form of this certificate. * * @param other the object to test for equality with this certificate. * @return true if the encoded forms of the two certificates * match, false otherwise. */ public boolean equals(Object other) { if (this == other) return true; if (!(other instanceof Certificate)) return false; try { byte[] thisCert = this.getEncoded(); byte[] otherCert = ((Certificate)other).getEncoded(); if (thisCert.length != otherCert.length) return false; for (int i = 0; i < thisCert.length; i++) if (thisCert[i] != otherCert[i]) return false; return true; } catch (CertificateException e) { return false; } } /** * Returns a hashcode value for this certificate from its * encoded form. * * @return the hashcode value. */ public int hashCode() { int retval = 0; try { byte[] certData = this.getEncoded(); for (int i = 1; i < certData.length; i++) { retval += certData[i] * i; } return (retval); } catch (CertificateException e) { return (retval); } } /** * Returns the encoded form of this certificate. It is * assumed that each certificate type would have only a single * form of encoding; for example, X.509 certificates would * be encoded as ASN.1 DER. * * @return encoded form of this certificate * @exception CertificateEncodingException on internal certificate * encoding failure */ public abstract byte[] getEncoded() throws CertificateEncodingException; /** * Verifies that this certificate was signed using the * private key that corresponds to the specified public key. * * @param key the PublicKey used to carry out the verification. * * @exception NoSuchAlgorithmException on unsupported signature * algorithms. * @exception InvalidKeyException on incorrect key. * @exception NoSuchProviderException if there's no default provider. * @exception SignatureException on signature errors. * @exception CertificateException on encoding errors. */ public abstract void verify(PublicKey key) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException; /** * Verifies that this certificate was signed using the * private key that corresponds to the specified public key. * This method uses the signature verification engine * supplied by the specified provider. * * @param key the PublicKey used to carry out the verification. * @param sigProvider the name of the signature provider. * @exception NoSuchAlgorithmException on unsupported signature algorithms. * @exception InvalidKeyException on incorrect key. * @exception NoSuchProviderException on incorrect provider. * @exception SignatureException on signature errors. * @exception CertificateException on encoding errors. */ public abstract void verify(PublicKey key, String sigProvider) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException; /** * Returns a string representation of this certificate. * * @return a string representation of this certificate. */ public abstract String toString(); /** * Gets the public key from this certificate. * * @return the public key. */ public abstract PublicKey getPublicKey(); }