X509Certificate.java revision f33eae7e84eb6d3b0f4e86b59605bb3de73009f3
1adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project/* 2adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Licensed to the Apache Software Foundation (ASF) under one or more 3adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * contributor license agreements. See the NOTICE file distributed with 4adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * this work for additional information regarding copyright ownership. 5adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * The ASF licenses this file to You under the Apache License, Version 2.0 6adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * (the "License"); you may not use this file except in compliance with 7adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the License. You may obtain a copy of the License at 8adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * 9adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * http://www.apache.org/licenses/LICENSE-2.0 10adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * 11adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Unless required by applicable law or agreed to in writing, software 12adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * distributed under the License is distributed on an "AS IS" BASIS, 13adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * See the License for the specific language governing permissions and 15adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * limitations under the License. 16adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 17adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 18adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectpackage javax.security.cert; 19adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 20adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.io.ByteArrayInputStream; 21adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.io.InputStream; 22adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.lang.reflect.Constructor; 23adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.math.BigInteger; 24adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.AccessController; 25adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.InvalidKeyException; 26adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.NoSuchAlgorithmException; 27adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.NoSuchProviderException; 28adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.Principal; 29adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.PublicKey; 30adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.Security; 31adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.SignatureException; 32adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.cert.CertificateFactory; 33adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.util.Date; 34adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport javax.security.cert.Certificate; 35adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport javax.security.cert.CertificateEncodingException; 36adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport javax.security.cert.CertificateException; 37adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport javax.security.cert.CertificateExpiredException; 38adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport javax.security.cert.CertificateNotYetValidException; 39adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 40adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport org.apache.harmony.security.internal.nls.Messages; 41adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 42adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project/** 43adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Abstract base class for X.509 certificates. 44adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <p> 45adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * This represents a standard way for accessing the attributes of X.509 v1 46adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * certificates. 47adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <p> 48adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Note: This package is provided only for compatibility reasons. 49adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * It contains a simplified version of the java.security.cert package that was 50adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * previously used by JSSE (Java SSL package). All applications that do not have 51adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * to be compatible with older versions of JSSE (that is before Java SDK 1.5) 52adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * should only use java.security.cert. 53adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 54adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectpublic abstract class X509Certificate extends Certificate { 55adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 56adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private static Constructor constructor; 57f33eae7e84eb6d3b0f4e86b59605bb3de73009f3Elliott Hughes 58adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project static { 59adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project try { 60adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project String classname = (String) AccessController.doPrivileged( 61adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project new java.security.PrivilegedAction() { 62adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public Object run() { 63f33eae7e84eb6d3b0f4e86b59605bb3de73009f3Elliott Hughes return Security.getProperty("cert.provider.x509v1"); 64adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 65adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 66adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project ); 67adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project Class cl = Class.forName(classname); 68adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project constructor = 69adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project cl.getConstructor(new Class[] {InputStream.class}); 70adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } catch (Throwable e) { 71adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 72adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 73f33eae7e84eb6d3b0f4e86b59605bb3de73009f3Elliott Hughes 74adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 75adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Creates a new {@code X509Certificate}. 76adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 77adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public X509Certificate() { 78adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project super(); 79adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 80adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 81adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 82adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Creates a new {@code X509Certificate} and initializes it from the 83adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * specified input stream. 842f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 85adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param inStream 86adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * input stream containing data to initialize the certificate. 87adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return the certificate initialized from the specified input stream 88adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws CertificateException 89adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if the certificate cannot be created or initialized. 90adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 91adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public static final X509Certificate getInstance(InputStream inStream) 92adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throws CertificateException { 93adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (inStream == null) { 94f33eae7e84eb6d3b0f4e86b59605bb3de73009f3Elliott Hughes throw new CertificateException(Messages.getString("security.87")); 95adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 96adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (constructor != null) { 97adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project try { 98f33eae7e84eb6d3b0f4e86b59605bb3de73009f3Elliott Hughes return (X509Certificate) 99adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project constructor.newInstance(new Object[] {inStream}); 100adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } catch (Throwable e) { 101adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throw new CertificateException(e.getMessage()); 102adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 103adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 104adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 105adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project final java.security.cert.X509Certificate cert; 106adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project try { 107f33eae7e84eb6d3b0f4e86b59605bb3de73009f3Elliott Hughes CertificateFactory cf = CertificateFactory.getInstance("X.509"); 108adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project cert = (java.security.cert.X509Certificate) 109adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project cf.generateCertificate(inStream); 110adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } catch (java.security.cert.CertificateException e) { 111adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throw new CertificateException(e.getMessage()); 112adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 113adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 114adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return new X509Certificate() { 115adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 116adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public byte[] getEncoded() throws CertificateEncodingException { 117adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project try { 118adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return cert.getEncoded(); 119adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } catch (java.security.cert.CertificateEncodingException e) { 120adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throw new CertificateEncodingException(e.getMessage()); 121adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 122adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 123adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 124adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public void verify(PublicKey key) throws CertificateException, 125adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project NoSuchAlgorithmException, InvalidKeyException, 126adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project NoSuchProviderException, SignatureException { 127adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project try { 128adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project cert.verify(key); 129adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } catch (java.security.cert.CertificateException e) { 130adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throw new CertificateException(e.getMessage()); 131adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 132adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 133adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 134adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public void verify(PublicKey key, String sigProvider) 135adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throws CertificateException, 136adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project NoSuchAlgorithmException, InvalidKeyException, 137adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project NoSuchProviderException, SignatureException { 138adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project try { 139adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project cert.verify(key, sigProvider); 140adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } catch (java.security.cert.CertificateException e) { 141adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throw new CertificateException(e.getMessage()); 142adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 143adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 144adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 145adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public String toString() { 146adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return cert.toString(); 147adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 148adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 149adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public PublicKey getPublicKey() { 150adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return cert.getPublicKey(); 151adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 152adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 153adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public void checkValidity() throws CertificateExpiredException, 154adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project CertificateNotYetValidException { 155adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project try { 156adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project cert.checkValidity(); 157adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } catch (java.security.cert.CertificateNotYetValidException e) { 158adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throw new CertificateNotYetValidException(e.getMessage()); 159adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } catch (java.security.cert.CertificateExpiredException e) { 160adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throw new CertificateExpiredException(e.getMessage()); 161adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 162adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 163adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 164f33eae7e84eb6d3b0f4e86b59605bb3de73009f3Elliott Hughes public void checkValidity(Date date) 165adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throws CertificateExpiredException, 166adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project CertificateNotYetValidException { 167adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project try { 168adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project cert.checkValidity(date); 169adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } catch (java.security.cert.CertificateNotYetValidException e) { 170adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throw new CertificateNotYetValidException(e.getMessage()); 171adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } catch (java.security.cert.CertificateExpiredException e) { 172adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throw new CertificateExpiredException(e.getMessage()); 173adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 174adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 175adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 176adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public int getVersion() { 177adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return 2; 178adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 179adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 180adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public BigInteger getSerialNumber() { 181adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return cert.getSerialNumber(); 182adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 183adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 184adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public Principal getIssuerDN() { 185adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return cert.getIssuerDN(); 186adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 187adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 188adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public Principal getSubjectDN() { 189adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return cert.getSubjectDN(); 190adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 191adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 192adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public Date getNotBefore() { 193adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return cert.getNotBefore(); 194adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 195adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 196adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public Date getNotAfter() { 197adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return cert.getNotAfter(); 198adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 199adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 200adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public String getSigAlgName() { 201adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return cert.getSigAlgName(); 202adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 203adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 204adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public String getSigAlgOID() { 205adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return cert.getSigAlgOID(); 206adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 207adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 208adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public byte[] getSigAlgParams() { 209adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return cert.getSigAlgParams(); 210adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 211adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project }; 212adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 213adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 214adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 215adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Creates a new {@code X509Certificate} and initializes it from the 216adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * specified byte array. 2172f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 218adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param certData 219adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * byte array containing data to initialize the certificate. 220adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return the certificate initialized from the specified byte array 221adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws CertificateException 222adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if the certificate cannot be created or initialized. 223adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 224adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public static final X509Certificate getInstance(byte[] certData) 225adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throws CertificateException { 226adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project if (certData == null) { 227f33eae7e84eb6d3b0f4e86b59605bb3de73009f3Elliott Hughes throw new CertificateException(Messages.getString("security.88")); 228adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 229adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project ByteArrayInputStream bais = new ByteArrayInputStream(certData); 230adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project return getInstance(bais); 231adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 232adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 233adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 234adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Checks whether the certificate is currently valid. 235adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <p> 236adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * The validity defined in ASN.1: 2372f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 238adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <pre> 239adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * validity Validity 2402f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 2412f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * Validity ::= SEQUENCE { 2422f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * notBefore CertificateValidityDate, 243adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * notAfter CertificateValidityDate } 2442f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 2452f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * CertificateValidityDate ::= CHOICE { 2462f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * utcTime UTCTime, 247adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * generalTime GeneralizedTime } 248adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * </pre> 2492f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 250adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws CertificateExpiredException 251adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if the certificate has expired. 252adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws CertificateNotYetValidException 253adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if the certificate is not yet valid. 254adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 255adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract void checkValidity() 256adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throws CertificateExpiredException, CertificateNotYetValidException; 257adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 258adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 259adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 260adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Checks whether the certificate is valid at the specified date. 2612f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 262adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @param date 263adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * the date to check the validity against. 264adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws CertificateExpiredException 265adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if the certificate has expired. 266adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @throws CertificateNotYetValidException 267adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * if the certificate is not yet valid. 268adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @see #checkValidity() 269adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 270adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract void checkValidity(Date date) 271adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project throws CertificateExpiredException, CertificateNotYetValidException; 272adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 273adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 274adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns the certificates {@code version} (version number). 275adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <p> 276adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * The version defined is ASN.1: 2772f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 278adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <pre> 279adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Version ::= INTEGER { v1(0), v2(1), v3(2) } 280adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * </pre> 2812f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 282adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return the version number. 283adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 284adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract int getVersion(); 285adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 286adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 287adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns the {@code serialNumber} of the certificate. 288adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <p> 289adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * The ASN.1 definition of {@code serialNumber}: 2902f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 291adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <pre> 292adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * CertificateSerialNumber ::= INTEGER 293adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * </pre> 2942f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 295adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return the serial number. 296adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 297adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract BigInteger getSerialNumber(); 298adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 299adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 300adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns the {@code issuer} (issuer distinguished name) as an 301adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * implementation specific {@code Principal} object. 302adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <p> 303adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * The ASN.1 definition of {@code issuer}: 3042f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 305adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <pre> 306adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * issuer Name 3072f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 308adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Name ::= CHOICE { 309adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * RDNSequence } 3102f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 311adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * RDNSequence ::= SEQUENCE OF RelativeDistinguishedName 3122f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 313adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * RelativeDistinguishedName ::= SET OF AttributeTypeAndValue 3142f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 315adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * AttributeTypeAndValue ::= SEQUENCE { 316adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * type AttributeType, 317adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * value AttributeValue } 3182f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 319adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * AttributeType ::= OBJECT IDENTIFIER 3202f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 321adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * AttributeValue ::= ANY DEFINED BY AttributeType 322adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * </pre> 3232f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 324adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return the {@code issuer} as an implementation specific {@code 325adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Principal}. 326adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 327adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract Principal getIssuerDN(); 328adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 329adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 330adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns the {@code subject} (subject distinguished name) as an 331adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * implementation specific {@code Principal} object. 332adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <p> 333adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * The ASN.1 definition of {@code subject}: 3342f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 335adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * <pre> 336adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * subject Name 3372f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 338adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Name ::= CHOICE { 339adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * RDNSequence } 3402f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 341adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * RDNSequence ::= SEQUENCE OF RelativeDistinguishedName 3422f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 343adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * RelativeDistinguishedName ::= SET OF AttributeTypeAndValue 3442f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 345adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * AttributeTypeAndValue ::= SEQUENCE { 346adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * type AttributeType, 347adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * value AttributeValue } 3482f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 349adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * AttributeType ::= OBJECT IDENTIFIER 3502f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 351adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * AttributeValue ::= ANY DEFINED BY AttributeType 352adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * </pre> 3532f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 354adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return the {@code subject} (subject distinguished name). 355adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 356adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract Principal getSubjectDN(); 357adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 358adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 359adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns the {@code notBefore} date from the validity period of the 360adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * certificate. 3612f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 362adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return the start of the validity period. 363adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 364adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract Date getNotBefore(); 365adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 366adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 367adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns the {@code notAfter} date of the validity period of the 368adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * certificate. 3692f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 370adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return the end of the validity period. 371adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 372adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract Date getNotAfter(); 373adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 374adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 375adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns the name of the algorithm for the certificate signature. 3762f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 377adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return the signature algorithm name. 378adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 379adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract String getSigAlgName(); 380adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 381adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 382adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns the OID of the signature algorithm from the certificate. 3832f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 384adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return the OID of the signature algorithm. 385adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 386adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract String getSigAlgOID(); 387adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 388adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project /** 389adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * Returns the parameters of the signature algorithm in DER-encoded format. 3902f9e468ed4985edfd5e351faf2089d91e561e41dElliott Hughes * 391adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * @return the parameters of the signature algorithm, or null if none are 392adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project * used. 393adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project */ 394adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public abstract byte[] getSigAlgParams(); 395adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project} 396adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 397