/*

 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.

 *

 * This code is free software; you can redistribute it and/or modify it

 * under the terms of the GNU General Public License version 2 only, as

 * published by the Free Software Foundation.  Oracle designates this

 * particular file as subject to the "Classpath" exception as provided

 * by Oracle in the LICENSE file that accompanied this code.

 *

 * This code is distributed in the hope that it will be useful, but WITHOUT

 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or

 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License

 * version 2 for more details (a copy is included in the LICENSE file that

 * accompanied this code).

 *

 * You should have received a copy of the GNU General Public License version

 * 2 along with this work; if not, write to the Free Software Foundation,

 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.

 *

 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA

 * or visit www.oracle.com if you need additional information or have any

 * questions.

 */

package javax.security.cert;

import java.security.PublicKey;

import java.security.NoSuchAlgorithmException;

import java.security.NoSuchProviderException;

import java.security.InvalidKeyException;

import java.security.SignatureException;

/**

 * <p>Abstract class for managing a variety of identity certificates.

 * An identity certificate is a guarantee by a principal that

 * a public key is that of another principal.  (A principal represents

 * an entity such as an individual user, a group, or a corporation.)

 *<p>

 * This class is an abstraction for certificates that have different

 * formats but important common uses.  For example, different types of

 * certificates, such as X.509 and PGP, share general certificate

 * functionality (like encoding and verifying) and

 * some types of information (like a public key).

 * <p>

 * X.509, PGP, and SDSI certificates can all be implemented by

 * subclassing the Certificate class, even though they contain different

 * sets of information, and they store and retrieve the information in

 * different ways.

 *

 * <p><em>Note: The classes in the package {@code javax.security.cert}

 * exist for compatibility with earlier versions of the

 * Java Secure Sockets Extension (JSSE). New applications should instead

 * use the standard Java SE certificate classes located in

 * {@code java.security.cert}.</em></p>

 *

 * @since 1.4

 * @see X509Certificate

 * @deprecated Use the classes in {@code java.security.cert} instead.

 *

 * @author Hemma Prafullchandra

 */

public abstract class Certificate {

    /**

     * Compares this certificate for equality with the specified

     * object. If the {@code other} object is an

     * {@code instanceof} {@code Certificate}, then

     * its encoded form is retrieved and compared with the

     * encoded form of this certificate.

     *

     * @param other the object to test for equality with this certificate.

     * @return true if the encoded forms of the two certificates

     *         match, false otherwise.

     */

    public boolean equals(Object other) {

        if (this == other)

            return true;

        if (!(other instanceof Certificate))

            return false;

        try {

            byte[] thisCert = this.getEncoded();

            byte[] otherCert = ((Certificate)other).getEncoded();

            if (thisCert.length != otherCert.length)

                return false;

            for (int i = 0; i < thisCert.length; i++)

                 if (thisCert[i] != otherCert[i])

                     return false;

            return true;

        } catch (CertificateException e) {

            return false;

        }

    }

    /**

     * Returns a hashcode value for this certificate from its

     * encoded form.

     *

     * @return the hashcode value.

     */

    public int hashCode() {

        int     retval = 0;

        try {

            byte[] certData = this.getEncoded();

            for (int i = 1; i < certData.length; i++) {

                 retval += certData[i] * i;

            }

            return (retval);

        } catch (CertificateException e) {

            return (retval);

        }

    }

    /**

     * Returns the encoded form of this certificate. It is

     * assumed that each certificate type would have only a single

     * form of encoding; for example, X.509 certificates would

     * be encoded as ASN.1 DER.

     *

     * @return encoded form of this certificate

     * @exception CertificateEncodingException on internal certificate

     *            encoding failure

     */

    public abstract byte[] getEncoded() throws CertificateEncodingException;

    /**

     * Verifies that this certificate was signed using the

     * private key that corresponds to the specified public key.

     *

     * @param key the PublicKey used to carry out the verification.

     *

     * @exception NoSuchAlgorithmException on unsupported signature

     * algorithms.

     * @exception InvalidKeyException on incorrect key.

     * @exception NoSuchProviderException if there's no default provider.

     * @exception SignatureException on signature errors.

     * @exception CertificateException on encoding errors.

     */

    public abstract void verify(PublicKey key)

        throws CertificateException, NoSuchAlgorithmException,

        InvalidKeyException, NoSuchProviderException,

        SignatureException;

    /**

     * Verifies that this certificate was signed using the

     * private key that corresponds to the specified public key.

     * This method uses the signature verification engine

     * supplied by the specified provider.

     *

     * @param key the PublicKey used to carry out the verification.

     * @param sigProvider the name of the signature provider.

     * @exception NoSuchAlgorithmException on unsupported signature algorithms.

     * @exception InvalidKeyException on incorrect key.

     * @exception NoSuchProviderException on incorrect provider.

     * @exception SignatureException on signature errors.

     * @exception CertificateException on encoding errors.

     */

    public abstract void verify(PublicKey key, String sigProvider)

        throws CertificateException, NoSuchAlgorithmException,

        InvalidKeyException, NoSuchProviderException,

        SignatureException;

    /**

     * Returns a string representation of this certificate.

     *

     * @return a string representation of this certificate.

     */

    public abstract String toString();

    /**

     * Gets the public key from this certificate.

     *

     * @return the public key.

     */

    public abstract PublicKey getPublicKey();

}