PC Pro 1999 April

home *** CD-ROM | disk | FTP | other *** search

/ PC Pro 1999 April / DPPCPRO0499.ISO / April / Notes / 50b2wic.exe / DATA1.CAB / NotesProgramFilesJavaSupport / rt.jar / sun / security / x509 / X509Cert.class (.txt) < prev next >

Wrap

Java Class File | 1998-04-23 | 9.2 KB | 360 lines

package sun.security.x509; import java.io.ByteArrayOutputStream; import java.io.IOException; import java.io.InputStream; import java.io.ObjectInputStream; import java.io.ObjectOutputStream; import java.io.OutputStream; import java.io.Serializable; import java.security.Certificate; import java.security.InvalidKeyException; import java.security.Key; import java.security.NoSuchAlgorithmException; import java.security.Principal; import java.security.PrivateKey; import java.security.PublicKey; import java.security.Signature; import java.security.SignatureException; import java.util.Date; import sun.security.util.BigInt; import sun.security.util.DerInputStream; import sun.security.util.DerOutputStream; import sun.security.util.DerValue; public class X509Cert implements Certificate, Serializable { protected AlgorithmId algid; private byte[] rawCert; private byte[] signature; private byte[] signedCert; private X500Name subject; private X509Key pubkey; private Date notafter; private Date notbefore; private int version; private BigInt serialnum; private X500Name issuer; private AlgorithmId issuerSigAlg; public X509Cert() { } public X509Cert(byte[] var1) throws IOException { DerValue var2 = new DerValue(var1); this.parse(var2); if (var2.data.available() != 0) { throw new CertParseError("garbage at end"); } else { this.signedCert = var1; } } public X509Cert(byte[] var1, int var2, int var3) throws IOException { DerValue var4 = new DerValue(var1, var2, var3); this.parse(var4); if (var4.data.available() != 0) { throw new CertParseError("garbage at end"); } else { this.signedCert = new byte[var3]; System.arraycopy(var1, var2, this.signedCert, 0, var3); } } public X509Cert(DerValue var1) throws IOException { this.parse(var1); if (var1.data.available() != 0) { throw new CertParseError("garbage at end"); } else { this.signedCert = var1.toByteArray(); } } public X509Cert(X500Name var1, X509Key var2, Date var3, Date var4) throws CertException { this.subject = var1; if (!(var2 instanceof PublicKey)) { throw new CertException(9, "Doesn't implement PublicKey interface"); } else { this.pubkey = var2; this.notbefore = var3; this.notafter = var4; this.version = 0; } } public void decode(InputStream var1) throws IOException { DerValue var2 = new DerValue(var1); this.parse(var2); if (var2.data.available() != 0) { throw new CertParseError("garbage at end"); } else { this.signedCert = var2.toByteArray(); } } public void encode(OutputStream var1) throws IOException { var1.write(this.getSignedCert()); } public boolean equals(Object var1) { return var1 instanceof X509Cert ? this.equals((X509Cert)var1) : false; } public boolean equals(X509Cert var1) { if (this == var1) { return true; } else if (this.signedCert != null && var1.signedCert != null) { if (this.signedCert.length != var1.signedCert.length) { return false; } else { for(int var2 = 0; var2 < this.signedCert.length; ++var2) { if (this.signedCert[var2] != var1.signedCert[var2]) { return false; } } return true; } } else { return false; } } public String getFormat() { return "X.509"; } public Principal getGuarantor() { return this.getIssuerName(); } public Principal getPrincipal() { return this.getSubjectName(); } public void verify(PublicKey var1) throws CertException { Date var2 = new Date(); if (var2.before(this.notbefore)) { throw new CertException(3); } else if (var2.after(this.notafter)) { throw new CertException(4); } else if (this.signedCert == null) { throw new CertException(1, "?? certificate is not signed yet ??"); } else { Object var3 = null; try { Object var4 = null; String var8 = this.issuerSigAlg.getName(); Signature var9 = Signature.getInstance(var8); var9.initVerify(var1); var9.update(this.rawCert, 0, this.rawCert.length); if (!var9.verify(this.signature)) { throw new CertException(1, "Signature ... by <" + this.issuer + "> for <" + this.subject + ">"); } } catch (NoSuchAlgorithmException var5) { throw new CertException(1, "Unsupported signature algorithm (" + var3 + ")"); } catch (InvalidKeyException var6) { throw new CertException(9, "Algorithm (" + var3 + ") rejected public key"); } catch (SignatureException var7) { throw new CertException(1, "Signature by <" + this.issuer + "> for <" + this.subject + ">"); } } } public byte[] encodeAndSign(BigInt var1, X500Signer var2) throws IOException, SignatureException { this.rawCert = null; this.version = 0; this.serialnum = var1; this.issuer = var2.getSigner(); this.issuerSigAlg = var2.getAlgorithmId(); if (this.subject != null && this.pubkey != null && this.notbefore != null && this.notafter != null) { this.rawCert = this.DERencode(); this.signedCert = this.sign(var2, this.rawCert); return this.signedCert; } else { throw new IOException("not enough cert parameters"); } } public X500Signer getSigner(AlgorithmId var1, PrivateKey var2) throws NoSuchAlgorithmException, InvalidKeyException { if (var2 instanceof Key) { String var3 = var2.getAlgorithm(); Signature var4 = Signature.getInstance(var1.getName()); if (!this.pubkey.getAlgorithm().equals(var3)) { throw new InvalidKeyException("Private key algorithm " + var3 + " incompatible with certificate " + this.pubkey.getAlgorithm()); } else { var4.initSign(var2); return new X500Signer(var4, this.subject); } } else { throw new InvalidKeyException("private key not a key!"); } } public Signature getVerifier(String var1) throws NoSuchAlgorithmException, InvalidKeyException { Signature var2 = Signature.getInstance(var1); var2.initVerify(this.pubkey); return var2; } public byte[] getSignedCert() { return this.signedCert; } public BigInt getSerialNumber() { return this.serialnum; } public X500Name getSubjectName() { return this.subject; } public X500Name getIssuerName() { return this.issuer; } public AlgorithmId getIssuerAlgorithmId() { return this.issuerSigAlg; } public Date getNotBefore() { return this.notbefore; } public Date getNotAfter() { return this.notafter; } public PublicKey getPublicKey() { return this.pubkey; } public int getVersion() { return this.version; } public int hashCode() { int var1 = 0; for(int var2 = 0; var2 < this.signedCert.length; ++var2) { var1 += this.signedCert[var2] * var2; } return var1; } public String toString() { if (this.subject != null && this.pubkey != null && this.notbefore != null && this.notafter != null && this.issuer != null && this.issuerSigAlg != null && this.serialnum != null) { String var1 = " X.509v" + (this.version + 1) + " certificate,\n"; var1 = var1 + " Subject is " + this.subject + "\n"; var1 = var1 + " Key: " + this.pubkey; var1 = var1 + " Validity <" + this.notbefore + "> until <" + this.notafter + ">\n"; var1 = var1 + " Issuer is " + this.issuer + "\n"; var1 = var1 + " Issuer signature used " + this.issuerSigAlg.toString() + "\n"; var1 = var1 + " Serial number = " + this.serialnum + "\n"; return "[\n" + var1 + "]"; } else { throw new NullPointerException("X.509 cert is incomplete"); } } public String toString(boolean var1) { return this.toString(); } private void parse(DerValue var1) throws IOException { DerValue[] var2 = new DerValue[]{var1.data.getDerValue(), var1.data.getDerValue(), var1.data.getDerValue()}; if (var1.data.available() != 0) { throw new CertParseError("signed overrun, bytes = " + var1.data.available()); } else if (var2[0].tag != 48) { throw new CertParseError("signed fields invalid"); } else { this.rawCert = var2[0].toByteArray(); this.issuerSigAlg = AlgorithmId.parse(var2[1]); this.signature = var2[2].getBitString(); if (var2[1].data.available() != 0) { throw new CertParseError("algid field overrun"); } else if (var2[2].data.available() != 0) { throw new CertParseError("signed fields overrun"); } else { DerInputStream var3 = var2[0].data; this.version = 0; DerValue var4 = var3.getDerValue(); if (var4.isConstructed() && var4.isContextSpecific()) { this.version = var4.data.getInteger().toInt(); if (var4.data.available() != 0) { throw new IOException("X.509 version, bad format"); } var4 = var3.getDerValue(); } this.serialnum = var4.getInteger(); var4 = var3.getDerValue(); AlgorithmId var5 = AlgorithmId.parse(var4); if (!var5.equals(this.issuerSigAlg)) { throw new CertParseError("CA Algorithm mismatch!"); } else { this.algid = var5; this.issuer = new X500Name(var3); var4 = var3.getDerValue(); if (var4.tag != 48) { throw new CertParseError("corrupt validity field"); } else { this.notbefore = var4.data.getUTCTime(); this.notafter = var4.data.getUTCTime(); if (var4.data.available() != 0) { throw new CertParseError("excess validity data"); } else { this.subject = new X500Name(var3); var4 = var3.getDerValue(); this.pubkey = X509Key.parse(var4); var3.available(); } } } } } } private byte[] DERencode() throws IOException { DerOutputStream var1 = new DerOutputStream(); this.encode(var1); return ((ByteArrayOutputStream)var1).toByteArray(); } private void encode(DerOutputStream var1) throws IOException { DerOutputStream var2 = new DerOutputStream(); var2.putInteger(this.serialnum); this.issuerSigAlg.emit(var2); this.issuer.emit(var2); DerOutputStream var3 = new DerOutputStream(); var3.putUTCTime(this.notbefore); var3.putUTCTime(this.notafter); var2.write((byte)48, var3); this.subject.emit(var2); this.pubkey.emit(var2); var1.write((byte)48, var2); } private byte[] sign(X500Signer var1, byte[] var2) throws IOException, SignatureException { DerOutputStream var3 = new DerOutputStream(); DerOutputStream var4 = new DerOutputStream(); ((OutputStream)var4).write(var2); var1.getAlgorithmId().emit(var4); var1.update(var2, 0, var2.length); this.signature = var1.sign(); var4.putBitString(this.signature); var3.write((byte)48, var4); return ((ByteArrayOutputStream)var3).toByteArray(); } private synchronized void writeObject(ObjectOutputStream var1) throws IOException { this.encode((OutputStream)var1); } private synchronized void readObject(ObjectInputStream var1) throws IOException { this.decode(var1); } }