jdk/src/share/classes/sun/security/x509/X509Cert.java
changeset 4422 ade55a65b0f2
parent 4421 fcbbd4d49581
parent 4408 80dcc8ac5696
child 4423 4061c66ba1af
equal deleted inserted replaced
4421:fcbbd4d49581 4422:ade55a65b0f2
     1 /*
       
     2  * Copyright 1997-2008 Sun Microsystems, Inc.  All Rights Reserved.
       
     3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
       
     4  *
       
     5  * This code is free software; you can redistribute it and/or modify it
       
     6  * under the terms of the GNU General Public License version 2 only, as
       
     7  * published by the Free Software Foundation.  Sun designates this
       
     8  * particular file as subject to the "Classpath" exception as provided
       
     9  * by Sun in the LICENSE file that accompanied this code.
       
    10  *
       
    11  * This code is distributed in the hope that it will be useful, but WITHOUT
       
    12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
       
    13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
       
    14  * version 2 for more details (a copy is included in the LICENSE file that
       
    15  * accompanied this code).
       
    16  *
       
    17  * You should have received a copy of the GNU General Public License version
       
    18  * 2 along with this work; if not, write to the Free Software Foundation,
       
    19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
       
    20  *
       
    21  * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
       
    22  * CA 95054 USA or visit www.sun.com if you need additional information or
       
    23  * have any questions.
       
    24  */
       
    25 
       
    26 package sun.security.x509;
       
    27 
       
    28 import java.io.IOException;
       
    29 import java.io.InputStream;
       
    30 import java.io.OutputStream;
       
    31 import java.io.ObjectInputStream;
       
    32 import java.io.ObjectOutputStream;
       
    33 import java.io.Serializable;
       
    34 import java.math.BigInteger;
       
    35 import java.security.*;
       
    36 import java.util.Date;
       
    37 import java.util.Enumeration;
       
    38 
       
    39 import sun.security.util.*;     // DER
       
    40 
       
    41 /**
       
    42  * @author David Brownell
       
    43  *
       
    44  * @see CertAndKeyGen
       
    45  * @deprecated  Use the new X509Certificate class.
       
    46  *              This class is only restored for backwards compatibility.
       
    47  */
       
    48 @Deprecated
       
    49 public class X509Cert implements Certificate, Serializable {
       
    50 
       
    51     static final long serialVersionUID = -52595524744692374L;
       
    52 
       
    53     /*
       
    54      * NOTE: All fields are marked transient, because we do not want them to
       
    55      * be included in the class description when we serialize an object of
       
    56      * this class. We override "writeObject" and "readObject" to use the
       
    57      * ASN.1 encoding of a certificate as the serialized form, instead of
       
    58      * calling the default routines which would operate on the field values.
       
    59      *
       
    60      * MAKE SURE TO MARK ANY FIELDS THAT ARE ADDED IN THE FUTURE AS TRANSIENT.
       
    61      */
       
    62 
       
    63     /* The algorithm id */
       
    64     transient protected AlgorithmId algid;
       
    65 
       
    66     /*
       
    67      * Certificate data, and its envelope
       
    68      */
       
    69     transient private byte rawCert [];
       
    70     transient private byte signature [];
       
    71     transient private byte signedCert [];
       
    72 
       
    73     /*
       
    74      * X509.v1 data (parsed)
       
    75      */
       
    76     transient private X500Name subject; // from subject
       
    77     transient private PublicKey pubkey;
       
    78 
       
    79     transient private Date notafter;    // from CA (constructor)
       
    80     transient private Date notbefore;
       
    81 
       
    82     transient private int version;      // from CA (signAndEncode)
       
    83     transient private BigInteger serialnum;
       
    84     transient private X500Name issuer;
       
    85     transient private AlgorithmId issuerSigAlg;
       
    86 
       
    87     /*
       
    88      * flag to indicate whether or not this certificate has already been parsed
       
    89      * (through a call to one of the constructors or the "decode" or
       
    90      * "readObject" methods). This is to ensure that certificates are
       
    91      * immutable.
       
    92      */
       
    93     transient private boolean parsed=false;
       
    94 
       
    95     /*
       
    96      * X509.v2 extensions
       
    97      */
       
    98 
       
    99     /*
       
   100      * X509.v3 extensions
       
   101      */
       
   102 
       
   103     /*
       
   104      * Other extensions ... Netscape, Verisign, SET, etc
       
   105      */
       
   106 
       
   107 
       
   108     /**
       
   109      * Construct a uninitialized X509 Cert on which <a href="#decode">
       
   110      * decode</a> must later be called (or which may be deserialized).
       
   111      */
       
   112     // XXX deprecated, delete this
       
   113     public X509Cert() { }
       
   114 
       
   115 
       
   116     /**
       
   117      * Unmarshals a certificate from its encoded form, parsing the
       
   118      * encoded bytes.  This form of constructor is used by agents which
       
   119      * need to examine and use certificate contents.  That is, this is
       
   120      * one of the more commonly used constructors.  Note that the buffer
       
   121      * must include only a certificate, and no "garbage" may be left at
       
   122      * the end.  If you need to ignore data at the end of a certificate,
       
   123      * use another constructor.
       
   124      *
       
   125      * @param cert the encoded bytes, with no terminatu (CONSUMED)
       
   126      * @exception IOException when the certificate is improperly encoded.
       
   127      */
       
   128     public X509Cert(byte cert []) throws IOException
       
   129     {
       
   130         DerValue in = new DerValue (cert);
       
   131         parse (in);
       
   132         if (in.data.available () != 0)
       
   133             throw new CertParseError ("garbage at end");
       
   134         signedCert = cert;
       
   135     }
       
   136 
       
   137 
       
   138     /**
       
   139      * Unmarshals a certificate from its encoded form, parsing the
       
   140      * encoded bytes.  This form of constructor is used by agents which
       
   141      * need to examine and use certificate contents.  That is, this is
       
   142      * one of the most commonly used constructors.
       
   143      *
       
   144      * @param buf the buffer holding the encoded bytes
       
   145      * @param offset the offset in the buffer where the bytes begin
       
   146      * @param len how many bytes of certificate exist
       
   147      *
       
   148      * @exception IOException when the certificate is improperly encoded.
       
   149      */
       
   150     public X509Cert(byte buf [], int offset, int len) throws IOException
       
   151     {
       
   152         DerValue in = new DerValue (buf, offset, len);
       
   153 
       
   154         parse (in);
       
   155         if (in.data.available () != 0)
       
   156             throw new CertParseError ("garbage at end");
       
   157         signedCert = new byte [len];
       
   158         System.arraycopy (buf, offset, signedCert, 0, len);
       
   159     }
       
   160 
       
   161 
       
   162     /**
       
   163      * Unmarshal a certificate from its encoded form, parsing a DER value.
       
   164      * This form of constructor is used by agents which need to examine
       
   165      * and use certificate contents.
       
   166      *
       
   167      * @param derVal the der value containing the encoded cert.
       
   168      * @exception IOException when the certificate is improperly encoded.
       
   169      */
       
   170     public X509Cert(DerValue derVal) throws IOException
       
   171     {
       
   172         parse (derVal);
       
   173         if (derVal.data.available () != 0)
       
   174             throw new CertParseError ("garbage at end");
       
   175         signedCert = derVal.toByteArray ();
       
   176     }
       
   177 
       
   178 
       
   179     /**
       
   180      * Partially constructs a certificate from descriptive parameters.
       
   181      * This constructor may be used by Certificate Authority (CA) code,
       
   182      * which later <a href="#signAndEncode">signs and encodes</a> the
       
   183      * certificate.  Also, self-signed certificates serve as CA certificates,
       
   184      * and are sometimes used as certificate requests.
       
   185      *
       
   186      * <P>Until the certificate has been signed and encoded, some of
       
   187      * the mandatory fields in the certificate will not be available
       
   188      * via accessor functions:  the serial number, issuer name and signing
       
   189      * algorithm, and of course the signed certificate.  The fields passed
       
   190      * to this constructor are available, and must be non-null.
       
   191      *
       
   192      * <P>Note that the public key being signed is generally independent of
       
   193      * the signature algorithm being used.  So for example Diffie-Hellman
       
   194      * keys (which do not support signatures) can be placed in X.509
       
   195      * certificates when some other signature algorithm (e.g. DSS/DSA,
       
   196      * or one of the RSA based algorithms) is used.
       
   197      *
       
   198      * @see CertAndKeyGen
       
   199      *
       
   200      * @param subjectName the X.500 distinguished name being certified
       
   201      * @param subjectPublicKey the public key being certified.  This
       
   202      *  must be an "X509Key" implementing the "PublicKey" interface.
       
   203      * @param notBefore the first time the certificate is valid
       
   204      * @param notAfter the last time the certificate is valid
       
   205      *
       
   206      * @exception CertException if the public key is inappropriate
       
   207      */
       
   208     public X509Cert(X500Name subjectName, X509Key subjectPublicKey,
       
   209                     Date notBefore, Date notAfter) throws CertException
       
   210     {
       
   211         subject = subjectName;
       
   212 
       
   213         if (!(subjectPublicKey instanceof PublicKey))
       
   214             throw new CertException (CertException.err_INVALID_PUBLIC_KEY,
       
   215                 "Doesn't implement PublicKey interface");
       
   216 
       
   217         // The X509 cert API requires X509 keys, else things break.
       
   218         pubkey = subjectPublicKey;
       
   219         notbefore = notBefore;
       
   220         notafter = notAfter;
       
   221         version = 0;
       
   222     }
       
   223 
       
   224 
       
   225     /**
       
   226      * Decode an X.509 certificate from an input stream.
       
   227      *
       
   228      * @param in an input stream holding at least one certificate
       
   229      * @exception IOException when the certificate is improperly encoded, or
       
   230      * if it has already been parsed.
       
   231      */
       
   232     public void decode(InputStream in) throws IOException
       
   233     {
       
   234         DerValue val = new DerValue(in);
       
   235         parse(val);
       
   236         signedCert = val.toByteArray();
       
   237     }
       
   238 
       
   239 
       
   240     /**
       
   241      * Appends the certificate to an output stream.
       
   242      *
       
   243      * @param out an input stream to which the certificate is appended.
       
   244      * @exception IOException when appending fails.
       
   245      */
       
   246     public void encode (OutputStream out) throws IOException
       
   247         { out.write (getSignedCert ()); }
       
   248 
       
   249 
       
   250     /**
       
   251      * Compares two certificates.  This is false if the
       
   252      * certificates are not both X.509 certs, otherwise it
       
   253      * compares them as binary data.
       
   254      *
       
   255      * @param other the object being compared with this one
       
   256      * @return true iff the certificates are equivalent
       
   257      */
       
   258     public boolean      equals (Object other)
       
   259     {
       
   260         if (other instanceof X509Cert)
       
   261             return equals ((X509Cert) other);
       
   262         else
       
   263             return false;
       
   264     }
       
   265 
       
   266 
       
   267     /**
       
   268      * Compares two certificates, returning false if any data
       
   269      * differs between the two.
       
   270      *
       
   271      * @param other the object being compared with this one
       
   272      * @return true iff the certificates are equivalent
       
   273      */
       
   274     public boolean      equals (X509Cert src)
       
   275     {
       
   276         if (this == src)
       
   277             return true;
       
   278         if (signedCert == null || src.signedCert == null)
       
   279             return false;
       
   280         if (signedCert.length != src.signedCert.length)
       
   281             return false;
       
   282         for (int i = 0; i < signedCert.length; i++)
       
   283             if (signedCert [i] != src.signedCert [i])
       
   284                 return false;
       
   285         return true;
       
   286     }
       
   287 
       
   288 
       
   289     /** Returns the "X.509" format identifier. */
       
   290     public String getFormat () // for Certificate
       
   291         { return "X.509"; }
       
   292 
       
   293 
       
   294     /** Returns <a href="#getIssuerName">getIssuerName</a> */
       
   295     public Principal getGuarantor () // for Certificate
       
   296         { return getIssuerName (); }
       
   297 
       
   298 
       
   299     /** Returns <a href="#getSubjectName">getSubjectName</a> */
       
   300     public Principal getPrincipal ()
       
   301         { return getSubjectName (); }
       
   302 
       
   303 
       
   304     /**
       
   305      * Throws an exception if the certificate is invalid because it is
       
   306      * now outside of the certificate's validity period, or because it
       
   307      * was not signed using the verification key provided.  Successfully
       
   308      * verifying a certificate does <em>not</em> indicate that one should
       
   309      * trust the entity which it represents.
       
   310      *
       
   311      * <P><em>Note that since this class represents only a single X.509
       
   312      * certificate, it cannot know anything about the certificate chain
       
   313      * which is used to provide the verification key and to establish trust.
       
   314      * Other code must manage and use those cert chains.
       
   315      *
       
   316      * <P>For now, you must walk the cert chain being used to verify any
       
   317      * given cert.  Start at the root, which is a self-signed certificate;
       
   318      * verify it using the key inside the certificate.  Then use that to
       
   319      * verify the next certificate in the chain, issued by that CA.  In
       
   320      * this manner, verify each certificate until you reach the particular
       
   321      * certificate you wish to verify.  You should not use a certificate
       
   322      * if any of the verification operations for its certificate chain
       
   323      * were unsuccessful.
       
   324      * </em>
       
   325      *
       
   326      * @param issuerPublicKey the public key of the issuing CA
       
   327      * @exception CertException when the certificate is not valid.
       
   328      */
       
   329     public void verify (PublicKey issuerPublicKey)
       
   330     throws CertException
       
   331     {
       
   332         Date    now = new Date ();
       
   333 
       
   334         if (now.before (notbefore))
       
   335             throw new CertException (CertException.verf_INVALID_NOTBEFORE);
       
   336         if (now.after (notafter))
       
   337             throw new CertException (CertException.verf_INVALID_EXPIRED);
       
   338         if (signedCert == null)
       
   339             throw new CertException (CertException.verf_INVALID_SIG,
       
   340                 "?? certificate is not signed yet ??");
       
   341 
       
   342         //
       
   343         // Verify the signature ...
       
   344         //
       
   345         String          algName = null;
       
   346 
       
   347         try {
       
   348             Signature   sigVerf = null;
       
   349 
       
   350             algName = issuerSigAlg.getName();
       
   351             sigVerf = Signature.getInstance(algName);
       
   352             sigVerf.initVerify (issuerPublicKey);
       
   353             sigVerf.update (rawCert, 0, rawCert.length);
       
   354 
       
   355             if (!sigVerf.verify (signature)) {
       
   356                 throw new CertException (CertException.verf_INVALID_SIG,
       
   357                     "Signature ... by <" + issuer + "> for <" + subject + ">");
       
   358             }
       
   359 
       
   360         // Gag -- too many catch clauses, let most through.
       
   361 
       
   362         } catch (NoSuchAlgorithmException e) {
       
   363             throw new CertException (CertException.verf_INVALID_SIG,
       
   364                 "Unsupported signature algorithm (" + algName + ")");
       
   365 
       
   366         } catch (InvalidKeyException e) {
       
   367             // e.printStackTrace();
       
   368             throw new CertException (CertException.err_INVALID_PUBLIC_KEY,
       
   369                 "Algorithm (" + algName + ") rejected public key");
       
   370 
       
   371         } catch (SignatureException e) {
       
   372             throw new CertException (CertException.verf_INVALID_SIG,
       
   373                 "Signature by <" + issuer + "> for <" + subject + ">");
       
   374         }
       
   375     }
       
   376 
       
   377 
       
   378     /**
       
   379      * Creates an X.509 certificate, and signs it using the issuer
       
   380      * passed (associating a signature algorithm and an X.500 name).
       
   381      * This operation is used to implement the certificate generation
       
   382      * functionality of a certificate authority.
       
   383      *
       
   384      * @see #getSignedCert
       
   385      * @see #getSigner
       
   386      * @see CertAndKeyGen
       
   387      *
       
   388      * @param serial the serial number of the certificate (non-null)
       
   389      * @param issuer the certificate issuer (CA) (non-null)
       
   390      * @return the signed certificate, as returned by getSignedCert
       
   391      *
       
   392      * @exception IOException if any of the data could not be encoded,
       
   393      *  or when any mandatory data was omitted
       
   394      * @exception SignatureException on signing failures
       
   395      */
       
   396     public byte []
       
   397     encodeAndSign (
       
   398         BigInteger      serial,
       
   399         X500Signer      issuer
       
   400     ) throws IOException, SignatureException
       
   401     {
       
   402         rawCert = null;
       
   403 
       
   404         /*
       
   405          * Get the remaining cert parameters, and make sure we have enough.
       
   406          *
       
   407          * We deduce version based on what attribute data are available
       
   408          * For now, we have no attributes, so we always deduce X.509v1 !
       
   409          */
       
   410         version = 0;
       
   411         serialnum = serial;
       
   412         this.issuer = issuer.getSigner ();
       
   413         issuerSigAlg = issuer.getAlgorithmId ();
       
   414 
       
   415         if (subject == null || pubkey == null
       
   416                 || notbefore == null || notafter == null)
       
   417             throw new IOException ("not enough cert parameters");
       
   418 
       
   419         /*
       
   420          * Encode the raw cert, create its signature and put it
       
   421          * into the envelope.
       
   422          */
       
   423         rawCert = DERencode ();
       
   424         signedCert = sign (issuer, rawCert);
       
   425         return signedCert;
       
   426     }
       
   427 
       
   428 
       
   429     /**
       
   430      * Returns an X500Signer that may be used to create signatures.  Those
       
   431      * signature may in turn be verified using this certificate (or a
       
   432      * copy of it).
       
   433      *
       
   434      * <P><em><b>NOTE:</b>  If the private key is by itself capable of
       
   435      * creating signatures, this fact may not be recognized at this time.
       
   436      * Specifically, the case of DSS/DSA keys which get their algorithm
       
   437      * parameters from higher in the certificate chain is not supportable
       
   438      * without using an X509CertChain API, and there is no current support
       
   439      * for other sources of algorithm parameters.</em>
       
   440      *
       
   441      * @param algorithm the signature algorithm to be used.  Note that a
       
   442      *  given public/private key pair may support several such algorithms.
       
   443      * @param privateKey the private key used to create the signature,
       
   444      *  which must correspond to the public key in this certificate
       
   445      * @return the Signer object
       
   446      *
       
   447      * @exception NoSuchAlgorithmException if the signature
       
   448      *  algorithm is not supported
       
   449      * @exception InvalidKeyException if either the key in the certificate,
       
   450      *  or the private key parameter, does not support the requested
       
   451      *  signature algorithm
       
   452      */
       
   453     public X500Signer   getSigner (AlgorithmId algorithmId,
       
   454                                    PrivateKey privateKey)
       
   455     throws NoSuchAlgorithmException, InvalidKeyException
       
   456     {
       
   457         String algorithm;
       
   458         Signature       sig;
       
   459 
       
   460         if (privateKey instanceof Key) {
       
   461             Key key = (Key)privateKey;
       
   462             algorithm = key.getAlgorithm();
       
   463         } else {
       
   464             throw new InvalidKeyException("private key not a key!");
       
   465         }
       
   466 
       
   467         sig = Signature.getInstance(algorithmId.getName());
       
   468 
       
   469         if (!pubkey.getAlgorithm ().equals (algorithm)) {
       
   470 
       
   471           throw new InvalidKeyException( "Private key algorithm " +
       
   472                                          algorithm +
       
   473                                          " incompatible with certificate " +
       
   474                                          pubkey.getAlgorithm());
       
   475         }
       
   476         sig.initSign (privateKey);
       
   477         return new X500Signer (sig, subject);
       
   478     }
       
   479 
       
   480 
       
   481     /**
       
   482      * Returns a signature object that may be used to verify signatures
       
   483      * created using a specified signature algorithm and the public key
       
   484      * contained in this certificate.
       
   485      *
       
   486      * <P><em><b>NOTE:</b>  If the public key in this certificate is not by
       
   487      * itself capable of verifying signatures, this may not be recognized
       
   488      * at this time.  Specifically, the case of DSS/DSA keys which get
       
   489      * their algorithm parameters from higher in the certificate chain
       
   490      * is not supportable without using an X509CertChain API, and there
       
   491      * is no current support for other sources of algorithm parameters.</em>
       
   492      *
       
   493      * @param algorithm the algorithm of the signature to be verified
       
   494      * @return the Signature object
       
   495      * @exception NoSuchAlgorithmException if the signature
       
   496      *  algorithm is not supported
       
   497      * @exception InvalidKeyException if the key in the certificate
       
   498      *  does not support the requested signature algorithm
       
   499      */
       
   500     public Signature getVerifier(String algorithm)
       
   501     throws NoSuchAlgorithmException, InvalidKeyException
       
   502     {
       
   503         String          algName;
       
   504         Signature       sig;
       
   505 
       
   506         sig = Signature.getInstance(algorithm);
       
   507         sig.initVerify (pubkey);
       
   508         return sig;
       
   509     }
       
   510 
       
   511 
       
   512 
       
   513     /**
       
   514      * Return the signed X.509 certificate as a byte array.
       
   515      * The bytes are in standard DER marshaled form.
       
   516      * Null is returned in the case of a partially constructed cert.
       
   517      */
       
   518     public byte []      getSignedCert ()
       
   519         { return signedCert.clone(); }
       
   520 
       
   521 
       
   522     /**
       
   523      * Returns the certificate's serial number.
       
   524      * Null is returned in the case of a partially constructed cert.
       
   525      */
       
   526     public BigInteger   getSerialNumber ()
       
   527         { return serialnum; }
       
   528 
       
   529 
       
   530     /**
       
   531      * Returns the subject's X.500 distinguished name.
       
   532      */
       
   533     public X500Name     getSubjectName ()
       
   534         { return subject; }
       
   535 
       
   536 
       
   537     /**
       
   538      * Returns the certificate issuer's X.500 distinguished name.
       
   539      * Null is returned in the case of a partially constructed cert.
       
   540      */
       
   541     public X500Name     getIssuerName ()
       
   542         { return issuer; }
       
   543 
       
   544 
       
   545     /**
       
   546      * Returns the algorithm used by the issuer to sign the certificate.
       
   547      * Null is returned in the case of a partially constructed cert.
       
   548      */
       
   549     public AlgorithmId  getIssuerAlgorithmId ()
       
   550         { return issuerSigAlg; }
       
   551 
       
   552 
       
   553     /**
       
   554      * Returns the first time the certificate is valid.
       
   555      */
       
   556     public Date getNotBefore ()
       
   557         { return new Date(notbefore.getTime()); }
       
   558 
       
   559 
       
   560     /**
       
   561      * Returns the last time the certificate is valid.
       
   562      */
       
   563     public Date getNotAfter ()
       
   564         { return new Date(notafter.getTime()); }
       
   565 
       
   566 
       
   567     /**
       
   568      * Returns the subject's public key.  Note that some public key
       
   569      * algorithms support an optional certificate generation policy
       
   570      * where the keys in the certificates are not in themselves sufficient
       
   571      * to perform a public key operation.  Those keys need to be augmented
       
   572      * by algorithm parameters, which the certificate generation policy
       
   573      * chose not to place in the certificate.
       
   574      *
       
   575      * <P>Two such public key algorithms are:  DSS/DSA, where algorithm
       
   576      * parameters could be acquired from a CA certificate in the chain
       
   577      * of issuers; and Diffie-Hellman, with a similar solution although
       
   578      * the CA then needs both a Diffie-Hellman certificate and a signature
       
   579      * capable certificate.
       
   580      */
       
   581     public PublicKey            getPublicKey ()
       
   582         { return pubkey; }
       
   583 
       
   584 
       
   585     /**
       
   586      * Returns the X.509 version number of this certificate, zero based.
       
   587      * That is, "2" indicates an X.509 version 3 (1993) certificate,
       
   588      * and "0" indicates X.509v1 (1988).
       
   589      * Zero is returned in the case of a partially constructed cert.
       
   590      */
       
   591     public int          getVersion ()
       
   592         { return version; }
       
   593 
       
   594 
       
   595     /**
       
   596      * Calculates a hash code value for the object.  Objects
       
   597      * which are equal will also have the same hashcode.
       
   598      */
       
   599     public int          hashCode ()
       
   600     {
       
   601         int     retval = 0;
       
   602 
       
   603         for (int i = 0; i < signedCert.length; i++)
       
   604             retval += signedCert [i] * i;
       
   605         return retval;
       
   606     }
       
   607 
       
   608 
       
   609     /**
       
   610      * Returns a printable representation of the certificate.  This does not
       
   611      * contain all the information available to distinguish this from any
       
   612      * other certificate.  The certificate must be fully constructed
       
   613      * before this function may be called; in particular, if you are
       
   614      * creating certificates you must call encodeAndSign() before calling
       
   615      * this function.
       
   616      */
       
   617     public String       toString ()
       
   618     {
       
   619         String          s;
       
   620 
       
   621         if (subject == null || pubkey == null
       
   622                 || notbefore == null || notafter == null
       
   623                 || issuer == null || issuerSigAlg == null
       
   624                 || serialnum == null)
       
   625             throw new NullPointerException ("X.509 cert is incomplete");
       
   626 
       
   627         s = "  X.509v" + (version + 1) + " certificate,\n";
       
   628         s += "  Subject is " + subject + "\n";
       
   629         s += "  Key:  " + pubkey;
       
   630         s += "  Validity <" + notbefore + "> until <" + notafter + ">\n";
       
   631         s += "  Issuer is " + issuer + "\n";
       
   632         s += "  Issuer signature used " + issuerSigAlg.toString () + "\n";
       
   633         s += "  Serial number = " + Debug.toHexString(serialnum) + "\n";
       
   634 
       
   635         // optional v2, v3 extras
       
   636 
       
   637         return "[\n" + s + "]";
       
   638     }
       
   639 
       
   640 
       
   641     /**
       
   642      * Returns a printable representation of the certificate.
       
   643      *
       
   644      * @param detailed true iff lots of detail is requested
       
   645      */
       
   646     public String       toString (boolean detailed)
       
   647         { return toString (); }
       
   648 
       
   649 
       
   650     /************************************************************/
       
   651 
       
   652     /*
       
   653      * Cert is a SIGNED ASN.1 macro, a three elment sequence:
       
   654      *
       
   655      *  - Data to be signed (ToBeSigned) -- the "raw" cert
       
   656      *  - Signature algorithm (SigAlgId)
       
   657      *  - The signature bits
       
   658      *
       
   659      * This routine unmarshals the certificate, saving the signature
       
   660      * parts away for later verification.
       
   661      */
       
   662     private void parse (DerValue val) throws IOException
       
   663     {
       
   664         if (parsed == true) {
       
   665             throw new IOException("Certificate already parsed");
       
   666         }
       
   667 
       
   668         DerValue seq [] = new DerValue [3];
       
   669 
       
   670         seq [0] = val.data.getDerValue ();
       
   671         seq [1] = val.data.getDerValue ();
       
   672         seq [2] = val.data.getDerValue ();
       
   673 
       
   674         if (val.data.available () != 0)
       
   675             throw new CertParseError ("signed overrun, bytes = "
       
   676                     + val.data.available ());
       
   677         if (seq [0].tag != DerValue.tag_Sequence)
       
   678             throw new CertParseError ("signed fields invalid");
       
   679 
       
   680         rawCert = seq [0].toByteArray ();       // XXX slow; fixme!
       
   681 
       
   682 
       
   683         issuerSigAlg = AlgorithmId.parse (seq [1]);
       
   684         signature = seq [2].getBitString ();
       
   685 
       
   686         if (seq [1].data.available () != 0) {
       
   687             // XXX why was this error check commented out?
       
   688             // It was originally part of the next check.
       
   689             throw new CertParseError ("algid field overrun");
       
   690         }
       
   691 
       
   692         if (seq [2].data.available () != 0)
       
   693             throw new CertParseError ("signed fields overrun");
       
   694 
       
   695         /*
       
   696          * Let's have fun parsing the cert itself.
       
   697          */
       
   698         DerInputStream  in;
       
   699         DerValue        tmp;
       
   700 
       
   701         in = seq [0].data;
       
   702 
       
   703         /*
       
   704          * Version -- this is optional (default zero). If it's there it's
       
   705          * the first field and is specially tagged.
       
   706          *
       
   707          * Both branches leave "tmp" holding a value for the serial
       
   708          * number that comes next.
       
   709          */
       
   710         version = 0;
       
   711         tmp = in.getDerValue ();
       
   712         if (tmp.isConstructed () && tmp.isContextSpecific ()) {
       
   713             version = tmp.data.getInteger();
       
   714             if (tmp.data.available () != 0)
       
   715                 throw new IOException ("X.509 version, bad format");
       
   716             tmp = in.getDerValue ();
       
   717         }
       
   718 
       
   719         /*
       
   720          * serial number ... an integer
       
   721          */
       
   722         serialnum = tmp.getBigInteger ();
       
   723 
       
   724         /*
       
   725          * algorithm type for CA's signature ... needs to match the
       
   726          * one on the envelope, and that's about it!  different IDs
       
   727          * may represent a signature attack.  In general we want to
       
   728          * inherit parameters.
       
   729          */
       
   730         tmp = in.getDerValue ();
       
   731         {
       
   732             AlgorithmId         algid;
       
   733 
       
   734 
       
   735             algid = AlgorithmId.parse(tmp);
       
   736 
       
   737             if (!algid.equals (issuerSigAlg))
       
   738                 throw new CertParseError ("CA Algorithm mismatch!");
       
   739 
       
   740             this.algid = algid;
       
   741         }
       
   742 
       
   743         /*
       
   744          * issuer name
       
   745          */
       
   746         issuer = new X500Name (in);
       
   747 
       
   748         /*
       
   749          * validity:  SEQUENCE { start date, end date }
       
   750          */
       
   751         tmp = in.getDerValue ();
       
   752         if (tmp.tag != DerValue.tag_Sequence)
       
   753             throw new CertParseError ("corrupt validity field");
       
   754 
       
   755         notbefore = tmp.data.getUTCTime ();
       
   756         notafter = tmp.data.getUTCTime ();
       
   757         if (tmp.data.available () != 0)
       
   758             throw new CertParseError ("excess validity data");
       
   759 
       
   760         /*
       
   761          * subject name and public key
       
   762          */
       
   763         subject = new X500Name (in);
       
   764 
       
   765         tmp = in.getDerValue ();
       
   766         pubkey = X509Key.parse (tmp);
       
   767 
       
   768         /*
       
   769          * XXX for v2 and later, a bunch of tagged options follow
       
   770          */
       
   771 
       
   772         if (in.available () != 0) {
       
   773             /*
       
   774              * Until we parse V2/V3 data ... ignore it.
       
   775              *
       
   776             // throw new CertParseError ("excess cert data");
       
   777             System.out.println (
       
   778                     "@end'o'cert, optional V2/V3 data unparsed:  "
       
   779                     + in.available ()
       
   780                     + " bytes"
       
   781                     );
       
   782             */
       
   783         }
       
   784 
       
   785         parsed = true;
       
   786     }
       
   787 
       
   788 
       
   789     /*
       
   790      * Encode only the parts that will later be signed.
       
   791      */
       
   792     private byte [] DERencode () throws IOException
       
   793     {
       
   794         DerOutputStream raw = new DerOutputStream ();
       
   795 
       
   796         encode (raw);
       
   797         return raw.toByteArray ();
       
   798     }
       
   799 
       
   800 
       
   801     /*
       
   802      * Marshal the contents of a "raw" certificate into a DER sequence.
       
   803      */
       
   804     private void encode (DerOutputStream out) throws IOException
       
   805     {
       
   806         DerOutputStream tmp = new DerOutputStream ();
       
   807 
       
   808         /*
       
   809          * encode serial number, issuer signing algorithm,
       
   810          * and issuer name into the data we'll return
       
   811          */
       
   812         tmp.putInteger (serialnum);
       
   813         issuerSigAlg.encode (tmp);
       
   814         issuer.encode (tmp);
       
   815 
       
   816         /*
       
   817          * Validity is a two element sequence ... encode the
       
   818          * elements, then wrap them into the data we'll return
       
   819          */
       
   820         {
       
   821             DerOutputStream     seq = new DerOutputStream ();
       
   822 
       
   823             seq.putUTCTime (notbefore);
       
   824             seq.putUTCTime (notafter);
       
   825             tmp.write (DerValue.tag_Sequence, seq);
       
   826         }
       
   827 
       
   828         /*
       
   829          * Encode subject (principal) and associated key
       
   830          */
       
   831         subject.encode (tmp);
       
   832         tmp.write(pubkey.getEncoded());
       
   833 
       
   834         /*
       
   835          * Wrap the data; encoding of the "raw" cert is now complete.
       
   836          */
       
   837         out.write (DerValue.tag_Sequence, tmp);
       
   838     }
       
   839 
       
   840 
       
   841     /*
       
   842      * Calculate the signature of the "raw" certificate,
       
   843      * and marshal the cert with the signature and a
       
   844      * description of the signing algorithm.
       
   845      */
       
   846     private byte [] sign (X500Signer issuer, byte data [])
       
   847     throws IOException, SignatureException
       
   848     {
       
   849         /*
       
   850          * Encode the to-be-signed data, then the algorithm used
       
   851          * to create the signature.
       
   852          */
       
   853         DerOutputStream out = new DerOutputStream ();
       
   854         DerOutputStream tmp = new DerOutputStream ();
       
   855 
       
   856         tmp.write (data);
       
   857         issuer.getAlgorithmId ().encode(tmp);
       
   858 
       
   859 
       
   860         /*
       
   861          * Create and encode the signature itself.
       
   862          */
       
   863         issuer.update (data, 0, data.length);
       
   864         signature = issuer.sign ();
       
   865         tmp.putBitString (signature);
       
   866 
       
   867         /*
       
   868          * Wrap the signed data in a SEQUENCE { data, algorithm, sig }
       
   869          */
       
   870         out.write (DerValue.tag_Sequence, tmp);
       
   871         return out.toByteArray ();
       
   872     }
       
   873 
       
   874 
       
   875     /**
       
   876      * Serialization write ... X.509 certificates serialize as
       
   877      * themselves, and they're parsed when they get read back.
       
   878      * (Actually they serialize as some type data from the
       
   879      * serialization subsystem, then the cert data.)
       
   880      */
       
   881     private void writeObject (java.io.ObjectOutputStream stream)
       
   882         throws IOException
       
   883         { encode(stream); }
       
   884 
       
   885     /**
       
   886      * Serialization read ... X.509 certificates serialize as
       
   887      * themselves, and they're parsed when they get read back.
       
   888      */
       
   889     private void readObject (ObjectInputStream stream)
       
   890         throws IOException
       
   891         { decode(stream); }
       
   892 }