OpenCores
URL https://opencores.org/ocsvn/openrisc/openrisc/trunk

Subversion Repositories openrisc

[/] [openrisc/] [trunk/] [gnu-dev/] [or1k-gcc/] [libjava/] [classpath/] [java/] [security/] [cert/] [X509CRL.java] - Blame information for rev 771

Details | Compare with Previous | View Log

Line No. Rev Author Line
1 771 jeremybenn
/* X509CRL.java --- X.509 Certificate Revocation List
2
   Copyright (C) 1999, 2004  Free Software Foundation, Inc.
3
 
4
This file is part of GNU Classpath.
5
 
6
GNU Classpath is free software; you can redistribute it and/or modify
7
it under the terms of the GNU General Public License as published by
8
the Free Software Foundation; either version 2, or (at your option)
9
any later version.
10
 
11
GNU Classpath is distributed in the hope that it will be useful, but
12
WITHOUT ANY WARRANTY; without even the implied warranty of
13
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
14
General Public License for more details.
15
 
16
You should have received a copy of the GNU General Public License
17
along with GNU Classpath; see the file COPYING.  If not, write to the
18
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
19
02110-1301 USA.
20
 
21
Linking this library statically or dynamically with other modules is
22
making a combined work based on this library.  Thus, the terms and
23
conditions of the GNU General Public License cover the whole
24
combination.
25
 
26
As a special exception, the copyright holders of this library give you
27
permission to link this library with independent modules to produce an
28
executable, regardless of the license terms of these independent
29
modules, and to copy and distribute the resulting executable under
30
terms of your choice, provided that you also meet, for each linked
31
independent module, the terms and conditions of the license of that
32
module.  An independent module is a module which is not derived from
33
or based on this library.  If you modify this library, you may extend
34
this exception to your version of the library, but you are not
35
obligated to do so.  If you do not wish to do so, delete this
36
exception statement from your version. */
37
 
38
 
39
package java.security.cert;
40
 
41
import java.math.BigInteger;
42
import java.security.InvalidKeyException;
43
import java.security.NoSuchAlgorithmException;
44
import java.security.NoSuchProviderException;
45
import java.security.Principal;
46
import java.security.PublicKey;
47
import java.security.SignatureException;
48
import java.util.Date;
49
import java.util.Set;
50
 
51
import javax.security.auth.x500.X500Principal;
52
 
53
/**
54
   The X509CRL class is the abstract class used to manage
55
   X.509 Certificate Revocation Lists. The CRL is a list of
56
   time stamped entries which indicate which lists have been
57
   revoked. The list is signed by a Certificate Authority (CA)
58
   and made publically available in a repository.
59
 
60
   Each revoked certificate in the CRL is identified by its
61
   certificate serial number. When a piece of code uses a
62
   certificate, the certificates validity is checked by
63
   validating its signature and determing that it is not
64
   only a recently acquired CRL. The recently aquired CRL
65
   is depends on the local policy in affect. The CA issues
66
   a new CRL periodically and entries are removed as the
67
   certificate expiration date is reached
68
 
69
 
70
   A description of the X.509 v2 CRL follows below from rfc2459.
71
 
72
   "The X.509 v2 CRL syntax is as follows.  For signature calculation,
73
   the data that is to be signed is ASN.1 DER encoded.  ASN.1 DER
74
   encoding is a tag, length, value encoding system for each element.
75
 
76
           CertificateList  ::=  SEQUENCE  {
77
                tbsCertList          TBSCertList,
78
                signatureAlgorithm   AlgorithmIdentifier,
79
                signatureValue       BIT STRING  }
80
 
81
           TBSCertList  ::=  SEQUENCE  {
82
                version                 Version OPTIONAL,
83
                                     -- if present, shall be v2
84
                signature               AlgorithmIdentifier,
85
                issuer                  Name,
86
                thisUpdate              Time,
87
                nextUpdate              Time OPTIONAL,
88
                revokedCertificates     SEQUENCE OF SEQUENCE  {
89
                     userCertificate         CertificateSerialNumber,
90
                     revocationDate          Time,
91
                     crlEntryExtensions      Extensions OPTIONAL
92
                                                   -- if present, shall be v2
93
                                          }  OPTIONAL,
94
                crlExtensions           [0]  EXPLICIT Extensions OPTIONAL
95
                                                   -- if present, shall be v2
96
                                          }"
97
 
98
        @author Mark Benvenuto
99
 
100
        @since 1.2
101
*/
102
public abstract class X509CRL extends CRL implements X509Extension
103
{
104
 
105
  /**
106
     Constructs a new X509CRL.
107
  */
108
  protected X509CRL()
109
  {
110
    super("X.509");
111
  }
112
 
113
  /**
114
     Compares this X509CRL to other. It checks if the
115
     object if instanceOf X509CRL and then checks if
116
     the encoded form matches.
117
 
118
     @param other An Object to test for equality
119
 
120
     @return true if equal, false otherwise
121
  */
122
  public boolean equals(Object other)
123
  {
124
    if( other instanceof X509CRL ) {
125
      try {
126
        X509CRL x = (X509CRL) other;
127
        if( getEncoded().length != x.getEncoded().length )
128
          return false;
129
 
130
        byte[] b1 = getEncoded();
131
        byte[] b2 = x.getEncoded();
132
 
133
        for( int i = 0; i < b1.length; i++ )
134
          if( b1[i] != b2[i] )
135
            return false;
136
 
137
      } catch( CRLException crle ) {
138
        return false;
139
      }
140
      return true;
141
    }
142
    return false;
143
  }
144
 
145
  /**
146
     Returns a hash code for this X509CRL in its encoded
147
     form.
148
 
149
     @return A hash code of this class
150
  */
151
  public int hashCode()
152
  {
153
    return super.hashCode();
154
  }
155
 
156
  /**
157
     Gets the DER ASN.1 encoded format for this X.509 CRL.
158
 
159
     @return byte array containg encoded form
160
 
161
     @throws CRLException if an error occurs
162
  */
163
  public abstract byte[] getEncoded() throws CRLException;
164
 
165
  /**
166
     Verifies that this CRL was properly signed with the
167
     PublicKey that corresponds to its private key.
168
 
169
     @param key PublicKey to verify with
170
 
171
     @throws CRLException encoding error
172
     @throws NoSuchAlgorithmException unsupported algorithm
173
     @throws InvalidKeyException incorrect key
174
     @throws NoSuchProviderException no provider
175
     @throws SignatureException signature error
176
  */
177
  public abstract void verify(PublicKey key)
178
    throws CRLException,
179
    NoSuchAlgorithmException,
180
    InvalidKeyException,
181
    NoSuchProviderException,
182
    SignatureException;
183
 
184
  /**
185
     Verifies that this CRL was properly signed with the
186
     PublicKey that corresponds to its private key and uses
187
     the signature engine provided by the provider.
188
 
189
     @param key PublicKey to verify with
190
     @param sigProvider Provider to use for signature algorithm
191
 
192
     @throws CRLException encoding error
193
     @throws NoSuchAlgorithmException unsupported algorithm
194
     @throws InvalidKeyException incorrect key
195
     @throws NoSuchProviderException incorrect provider
196
     @throws SignatureException signature error
197
  */
198
  public abstract void verify(PublicKey key,
199
                              String sigProvider)
200
    throws CRLException,
201
    NoSuchAlgorithmException,
202
    InvalidKeyException,
203
    NoSuchProviderException,
204
    SignatureException;
205
 
206
  /**
207
     Gets the version of this CRL.
208
 
209
     The ASN.1 encoding is:
210
 
211
     version                 Version OPTIONAL,
212
     -- if present, shall be v2
213
 
214
     Version  ::=  INTEGER  {  v1(0), v2(1), v3(2)  }
215
 
216
     Consult rfc2459 for more information.
217
 
218
     @return the version number, Ex: 1 or 2
219
  */
220
  public abstract int getVersion();
221
 
222
  /**
223
     Returns the issuer (issuer distinguished name) of the CRL.
224
     The issuer is the entity who signed and issued the
225
     Certificate Revocation List.
226
 
227
     The ASN.1 DER encoding is:
228
 
229
     issuer                  Name,
230
 
231
     Name ::= CHOICE {
232
     RDNSequence }
233
 
234
     RDNSequence ::= SEQUENCE OF RelativeDistinguishedName
235
 
236
     RelativeDistinguishedName ::=
237
     SET OF AttributeTypeAndValue
238
 
239
     AttributeTypeAndValue ::= SEQUENCE {
240
     type     AttributeType,
241
     value    AttributeValue }
242
 
243
     AttributeType ::= OBJECT IDENTIFIER
244
 
245
     AttributeValue ::= ANY DEFINED BY AttributeType
246
 
247
     DirectoryString ::= CHOICE {
248
     teletexString           TeletexString (SIZE (1..MAX)),
249
     printableString         PrintableString (SIZE (1..MAX)),
250
     universalString         UniversalString (SIZE (1..MAX)),
251
     utf8String              UTF8String (SIZE (1.. MAX)),
252
     bmpString               BMPString (SIZE (1..MAX)) }
253
 
254
     Consult rfc2459 for more information.
255
 
256
     @return the issuer in the Principal class
257
  */
258
  public abstract Principal getIssuerDN();
259
 
260
  /**
261
     Returns the thisUpdate date of the CRL.
262
 
263
     The ASN.1 DER encoding is:
264
 
265
     thisUpdate              Time,
266
 
267
     Time ::= CHOICE {
268
     utcTime        UTCTime,
269
     generalTime    GeneralizedTime }
270
 
271
     Consult rfc2459 for more information.
272
 
273
     @return the thisUpdate date
274
  */
275
  public abstract Date getThisUpdate();
276
 
277
  /*
278
    Gets the nextUpdate field
279
 
280
    The ASN.1 DER encoding is:
281
 
282
    nextUpdate              Time OPTIONAL,
283
 
284
    Time ::= CHOICE {
285
    utcTime        UTCTime,
286
    generalTime    GeneralizedTime }
287
 
288
    Consult rfc2459 for more information.
289
 
290
    @return the nextUpdate date
291
  */
292
  public abstract Date getNextUpdate();
293
 
294
  /**
295
     Gets the requeste dX509Entry for the specified
296
     certificate serial number.
297
 
298
     @return a X509CRLEntry representing the X.509 CRL entry
299
  */
300
  public abstract X509CRLEntry getRevokedCertificate(BigInteger serialNumber);
301
 
302
  /**
303
     Returns a Set of revoked certificates.
304
 
305
     @return a set of revoked certificates.
306
  */
307
  public abstract Set<? extends X509CRLEntry> getRevokedCertificates();
308
 
309
  /**
310
     Returns the DER ASN.1 encoded tbsCertList which is
311
     the basic information of the list and associated certificates
312
     in the encoded state. See top for more information.
313
 
314
     The ASN.1 DER encoding is:
315
 
316
     tbsCertList          TBSCertList,
317
 
318
     Consult rfc2459 for more information.
319
 
320
     @return byte array representing tbsCertList
321
  */
322
  public abstract byte[] getTBSCertList() throws CRLException;
323
 
324
 
325
  /**
326
     Returns the signature for the CRL.
327
 
328
     The ASN.1 DER encoding is:
329
 
330
     signatureValue       BIT STRING
331
 
332
     Consult rfc2459 for more information.
333
  */
334
  public abstract byte[] getSignature();
335
 
336
  /**
337
     Returns the signature algorithm used to sign the CRL.
338
     An examples is "SHA-1/DSA".
339
 
340
     The ASN.1 DER encoding is:
341
 
342
     signatureAlgorithm   AlgorithmIdentifier,
343
 
344
     AlgorithmIdentifier  ::=  SEQUENCE  {
345
     algorithm               OBJECT IDENTIFIER,
346
     parameters              ANY DEFINED BY algorithm OPTIONAL  }
347
 
348
     Consult rfc2459 for more information.
349
 
350
     The algorithm name is determined from the OID.
351
 
352
     @return a string with the signature algorithm name
353
  */
354
  public abstract String getSigAlgName();
355
 
356
  /**
357
     Returns the OID for the signature algorithm used.
358
     Example "1.2.840.10040.4.3" is return for SHA-1 with DSA.\
359
 
360
     The ASN.1 DER encoding for the example is:
361
 
362
     id-dsa-with-sha1 ID  ::=  {
363
     iso(1) member-body(2) us(840) x9-57 (10040)
364
     x9cm(4) 3 }
365
 
366
     Consult rfc2459 for more information.
367
 
368
     @return a string containing the OID.
369
  */
370
  public abstract String getSigAlgOID();
371
 
372
  /**
373
     Returns the AlgorithmParameters in the encoded form
374
     for the signature algorithm used.
375
 
376
     If access to the parameters is need, create an
377
     instance of AlgorithmParameters.
378
 
379
     @return byte array containing algorithm parameters, null
380
     if no parameters are present in CRL
381
  */
382
  public abstract byte[] getSigAlgParams();
383
 
384
  // 1.4 instance methods.
385
  // ------------------------------------------------------------------------
386
 
387
  /**
388
   * Returns the X.500 distinguished name of this CRL's issuer.
389
   *
390
   * @return The issuer's X.500 distinguished name.
391
   * @since JDK 1.4
392
   */
393
  public X500Principal getIssuerX500Principal()
394
  {
395
    throw new UnsupportedOperationException();
396
  }
397
}

powered by: WebSVN 2.1.0

© copyright 1999-2024 OpenCores.org, equivalent to Oliscience, all rights reserved. OpenCores®, registered trademark.