1adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project/* 2adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Licensed to the Apache Software Foundation (ASF) under one or more 3adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * contributor license agreements. See the NOTICE file distributed with 4adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * this work for additional information regarding copyright ownership. 5adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * The ASF licenses this file to You under the Apache License, Version 2.0 6adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * (the "License"); you may not use this file except in compliance with 7adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the License. You may obtain a copy of the License at 8adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * 9adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * http://www.apache.org/licenses/LICENSE-2.0 10adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * 11adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Unless required by applicable law or agreed to in writing, software 12adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * distributed under the License is distributed on an "AS IS" BASIS, 13adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * See the License for the specific language governing permissions and 15adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * limitations under the License. 16adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 17adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 18adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectpackage javax.security.cert; 19adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 20adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.io.ByteArrayInputStream; 21adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.io.InputStream; 22adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.lang.reflect.Constructor; 23adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.math.BigInteger; 24adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.InvalidKeyException; 25adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.NoSuchAlgorithmException; 26adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.NoSuchProviderException; 27adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.Principal; 28adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.PublicKey; 29adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.Security; 30adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.SignatureException; 31adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.cert.CertificateFactory; 32adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.util.Date; 33adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 34adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project/** 35adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Abstract base class for X.509 certificates. 36adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <p> 37adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * This represents a standard way for accessing the attributes of X.509 v1 38adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * certificates. 39adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <p> 40adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Note: This package is provided only for compatibility reasons. 41adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * It contains a simplified version of the java.security.cert package that was 42adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * previously used by JSSE (Java SSL package). All applications that do not have 43adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * to be compatible with older versions of JSSE (that is before Java SDK 1.5) 44adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * should only use java.security.cert. 45adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 46adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectpublic abstract class X509Certificate extends Certificate { 47adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 48adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private static Constructor constructor; 49adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project static { 50adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project try { 51ad41624e761bcf1af9c8008eb45187fc13983717Elliott Hughes String classname = Security.getProperty("cert.provider.x509v1"); 52adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project Class cl = Class.forName(classname); 53ad41624e761bcf1af9c8008eb45187fc13983717Elliott Hughes constructor = cl.getConstructor(new Class[] {InputStream.class}); 54adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } catch (Throwable e) { 55adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 56adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 57f33eae7e84eb6d3b0f4e86b59605bb3de73009f3Elliott Hughes 58adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 59adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Creates a new {@code X509Certificate}. 60adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 61adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public X509Certificate() { 62adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 63adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 64adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 65adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Creates a new {@code X509Certificate} and initializes it from the 66adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * specified input stream. 672f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 68adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param inStream 69adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * input stream containing data to initialize the certificate. 70adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return the certificate initialized from the specified input stream 71adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws CertificateException 72adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if the certificate cannot be created or initialized. 73adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 74adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public static final X509Certificate getInstance(InputStream inStream) 75adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throws CertificateException { 76adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (inStream == null) { 77897538a36c18f4db8f9f68ee566aec0bda842e9fElliott Hughes throw new CertificateException("inStream == null"); 78adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 79adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (constructor != null) { 80adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project try { 81f33eae7e84eb6d3b0f4e86b59605bb3de73009f3Elliott Hughes return (X509Certificate) 82adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project constructor.newInstance(new Object[] {inStream}); 83adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } catch (Throwable e) { 84adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throw new CertificateException(e.getMessage()); 85adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 86adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 87adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 88adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project final java.security.cert.X509Certificate cert; 89adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project try { 90f33eae7e84eb6d3b0f4e86b59605bb3de73009f3Elliott Hughes CertificateFactory cf = CertificateFactory.getInstance("X.509"); 91adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project cert = (java.security.cert.X509Certificate) 92adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project cf.generateCertificate(inStream); 93adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } catch (java.security.cert.CertificateException e) { 94adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throw new CertificateException(e.getMessage()); 95adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 96adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 97adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return new X509Certificate() { 98adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 99adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public byte[] getEncoded() throws CertificateEncodingException { 100adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project try { 101adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return cert.getEncoded(); 102adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } catch (java.security.cert.CertificateEncodingException e) { 103adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throw new CertificateEncodingException(e.getMessage()); 104adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 105adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 106adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 107adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public void verify(PublicKey key) throws CertificateException, 108adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project NoSuchAlgorithmException, InvalidKeyException, 109adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project NoSuchProviderException, SignatureException { 110adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project try { 111adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project cert.verify(key); 112adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } catch (java.security.cert.CertificateException e) { 113adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throw new CertificateException(e.getMessage()); 114adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 115adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 116adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 117adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public void verify(PublicKey key, String sigProvider) 118adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throws CertificateException, 119adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project NoSuchAlgorithmException, InvalidKeyException, 120adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project NoSuchProviderException, SignatureException { 121adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project try { 122adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project cert.verify(key, sigProvider); 123adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } catch (java.security.cert.CertificateException e) { 124adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throw new CertificateException(e.getMessage()); 125adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 126adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 127adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 128adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public String toString() { 129adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return cert.toString(); 130adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 131adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 132adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public PublicKey getPublicKey() { 133adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return cert.getPublicKey(); 134adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 135adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 136adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public void checkValidity() throws CertificateExpiredException, 137adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project CertificateNotYetValidException { 138adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project try { 139adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project cert.checkValidity(); 140adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } catch (java.security.cert.CertificateNotYetValidException e) { 141adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throw new CertificateNotYetValidException(e.getMessage()); 142adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } catch (java.security.cert.CertificateExpiredException e) { 143adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throw new CertificateExpiredException(e.getMessage()); 144adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 145adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 146adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 147f33eae7e84eb6d3b0f4e86b59605bb3de73009f3Elliott Hughes public void checkValidity(Date date) 148adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throws CertificateExpiredException, 149adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project CertificateNotYetValidException { 150adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project try { 151adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project cert.checkValidity(date); 152adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } catch (java.security.cert.CertificateNotYetValidException e) { 153adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throw new CertificateNotYetValidException(e.getMessage()); 154adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } catch (java.security.cert.CertificateExpiredException e) { 155adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throw new CertificateExpiredException(e.getMessage()); 156adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 157adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 158adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 159adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public int getVersion() { 160adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return 2; 161adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 162adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 163adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public BigInteger getSerialNumber() { 164adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return cert.getSerialNumber(); 165adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 166adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 167adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public Principal getIssuerDN() { 168adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return cert.getIssuerDN(); 169adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 170adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 171adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public Principal getSubjectDN() { 172adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return cert.getSubjectDN(); 173adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 174adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 175adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public Date getNotBefore() { 176adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return cert.getNotBefore(); 177adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 178adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 179adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public Date getNotAfter() { 180adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return cert.getNotAfter(); 181adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 182adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 183adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public String getSigAlgName() { 184adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return cert.getSigAlgName(); 185adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 186adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 187adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public String getSigAlgOID() { 188adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return cert.getSigAlgOID(); 189adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 190adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 191adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public byte[] getSigAlgParams() { 192adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return cert.getSigAlgParams(); 193adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 194adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project }; 195adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 196adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 197adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 198adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Creates a new {@code X509Certificate} and initializes it from the 199adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * specified byte array. 2002f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 201adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param certData 202adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * byte array containing data to initialize the certificate. 203adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return the certificate initialized from the specified byte array 204adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws CertificateException 205adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if the certificate cannot be created or initialized. 206adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 207adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public static final X509Certificate getInstance(byte[] certData) 208adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throws CertificateException { 209adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (certData == null) { 210897538a36c18f4db8f9f68ee566aec0bda842e9fElliott Hughes throw new CertificateException("certData == null"); 211adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 212adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project ByteArrayInputStream bais = new ByteArrayInputStream(certData); 213adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return getInstance(bais); 214adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 215adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 216adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 217adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Checks whether the certificate is currently valid. 218adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <p> 219adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * The validity defined in ASN.1: 2202f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 221adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <pre> 222adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * validity Validity 2232f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 2242f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * Validity ::= SEQUENCE { 2252f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * notBefore CertificateValidityDate, 226adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * notAfter CertificateValidityDate } 2272f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 2282f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * CertificateValidityDate ::= CHOICE { 2292f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * utcTime UTCTime, 230adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * generalTime GeneralizedTime } 231adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * </pre> 2322f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 233adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws CertificateExpiredException 234adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if the certificate has expired. 235adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws CertificateNotYetValidException 236adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if the certificate is not yet valid. 237adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 238adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract void checkValidity() 239adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throws CertificateExpiredException, CertificateNotYetValidException; 240adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 241adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 242adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 243adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Checks whether the certificate is valid at the specified date. 2442f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 245adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param date 246adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the date to check the validity against. 247adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws CertificateExpiredException 248adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if the certificate has expired. 249adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws CertificateNotYetValidException 250adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if the certificate is not yet valid. 251adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see #checkValidity() 252adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 253adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract void checkValidity(Date date) 254adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throws CertificateExpiredException, CertificateNotYetValidException; 255adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 256adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 257adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns the certificates {@code version} (version number). 258adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <p> 259adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * The version defined is ASN.1: 2602f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 261adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <pre> 262adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Version ::= INTEGER { v1(0), v2(1), v3(2) } 263adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * </pre> 2642f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 265adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return the version number. 266adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 267adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract int getVersion(); 268adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 269adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 270adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns the {@code serialNumber} of the certificate. 271adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <p> 272adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * The ASN.1 definition of {@code serialNumber}: 2732f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 274adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <pre> 275adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * CertificateSerialNumber ::= INTEGER 276adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * </pre> 2772f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 278adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return the serial number. 279adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 280adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract BigInteger getSerialNumber(); 281adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 282adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 283adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns the {@code issuer} (issuer distinguished name) as an 284adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * implementation specific {@code Principal} object. 285adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <p> 286adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * The ASN.1 definition of {@code issuer}: 2872f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 288adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <pre> 289adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * issuer Name 2902f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 291adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Name ::= CHOICE { 292adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * RDNSequence } 2932f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 294adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * RDNSequence ::= SEQUENCE OF RelativeDistinguishedName 2952f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 296adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * RelativeDistinguishedName ::= SET OF AttributeTypeAndValue 2972f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 298adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * AttributeTypeAndValue ::= SEQUENCE { 299adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * type AttributeType, 300adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * value AttributeValue } 3012f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 302adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * AttributeType ::= OBJECT IDENTIFIER 3032f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 304adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * AttributeValue ::= ANY DEFINED BY AttributeType 305adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * </pre> 3062f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 307adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return the {@code issuer} as an implementation specific {@code 308adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Principal}. 309adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 310adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract Principal getIssuerDN(); 311adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 312adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 313adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns the {@code subject} (subject distinguished name) as an 314adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * implementation specific {@code Principal} object. 315adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <p> 316adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * The ASN.1 definition of {@code subject}: 3172f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 318adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <pre> 319adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * subject Name 3202f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 321adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Name ::= CHOICE { 322adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * RDNSequence } 3232f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 324adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * RDNSequence ::= SEQUENCE OF RelativeDistinguishedName 3252f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 326adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * RelativeDistinguishedName ::= SET OF AttributeTypeAndValue 3272f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 328adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * AttributeTypeAndValue ::= SEQUENCE { 329adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * type AttributeType, 330adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * value AttributeValue } 3312f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 332adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * AttributeType ::= OBJECT IDENTIFIER 3332f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 334adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * AttributeValue ::= ANY DEFINED BY AttributeType 335adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * </pre> 3362f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 337adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return the {@code subject} (subject distinguished name). 338adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 339adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract Principal getSubjectDN(); 340adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 341adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 342adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns the {@code notBefore} date from the validity period of the 343adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * certificate. 3442f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 345adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return the start of the validity period. 346adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 347adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract Date getNotBefore(); 348adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 349adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 350adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns the {@code notAfter} date of the validity period of the 351adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * certificate. 3522f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 353adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return the end of the validity period. 354adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 355adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract Date getNotAfter(); 356adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 357adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 358adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns the name of the algorithm for the certificate signature. 3592f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 360adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return the signature algorithm name. 361adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 362adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract String getSigAlgName(); 363adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 364adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 365adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns the OID of the signature algorithm from the certificate. 3662f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 367adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return the OID of the signature algorithm. 368adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 369adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract String getSigAlgOID(); 370adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 371adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 372adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns the parameters of the signature algorithm in DER-encoded format. 3732f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 374adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return the parameters of the signature algorithm, or null if none are 375adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * used. 376adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 377adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract byte[] getSigAlgParams(); 378adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project} 379