151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski/* 251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Copyright (c) 1996, 2006, Oracle and/or its affiliates. All rights reserved. 351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * This code is free software; you can redistribute it and/or modify it 651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * under the terms of the GNU General Public License version 2 only, as 751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * published by the Free Software Foundation. Oracle designates this 851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * particular file as subject to the "Classpath" exception as provided 951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * by Oracle in the LICENSE file that accompanied this code. 1051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 1151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * This code is distributed in the hope that it will be useful, but WITHOUT 1251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 1351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 1451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * version 2 for more details (a copy is included in the LICENSE file that 1551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * accompanied this code). 1651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 1751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * You should have received a copy of the GNU General Public License version 1851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 2 along with this work; if not, write to the Free Software Foundation, 1951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 2051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 2151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 2251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * or visit www.oracle.com if you need additional information or have any 2351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * questions. 2451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 2551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 2651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskipackage java.security; 2751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 2851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport java.io.*; 2951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 3051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski/** 3151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * This class is used to represent an Identity that can also digitally 3251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * sign data. 3351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 3451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <p>The management of a signer's private keys is an important and 3551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * sensitive issue that should be handled by subclasses as appropriate 3651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * to their intended use. 3751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 3851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @see Identity 3951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 4051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @author Benjamin Renaud 4151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 4251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @deprecated This class is no longer used. Its functionality has been 4351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * replaced by <code>java.security.KeyStore</code>, the 4451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <code>java.security.cert</code> package, and 4551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <code>java.security.Principal</code>. 4651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 4751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski@Deprecated 4851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskipublic abstract class Signer extends Identity { 4951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 5051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski private static final long serialVersionUID = -1763464102261361480L; 5151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 5251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 5351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * The signer's private key. 5451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 5551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @serial 5651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 5751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski private PrivateKey privateKey; 5851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 5951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 6051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Creates a signer. This constructor should only be used for 6151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * serialization. 6251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 6351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski protected Signer() { 6451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski super(); 6551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 6651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 6751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 6851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 6951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Creates a signer with the specified identity name. 7051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 7151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param name the identity name. 7251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 7351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public Signer(String name) { 7451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski super(name); 7551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 7651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 7751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 7851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Creates a signer with the specified identity name and scope. 7951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 8051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param name the identity name. 8151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 8251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param scope the scope of the identity. 8351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 8451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @exception KeyManagementException if there is already an identity 8551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * with the same name in the scope. 8651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 8751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public Signer(String name, IdentityScope scope) 8851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski throws KeyManagementException { 8951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski super(name, scope); 9051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 9151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 9251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 9351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Returns this signer's private key. 9451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 9551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <p>First, if there is a security manager, its <code>checkSecurityAccess</code> 9651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * method is called with <code>"getSignerPrivateKey"</code> 9751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * as its argument to see if it's ok to return the private key. 9851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 9951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @return this signer's private key, or null if the private key has 10051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * not yet been set. 10151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 10251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @exception SecurityException if a security manager exists and its 10351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <code>checkSecurityAccess</code> method doesn't allow 10451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * returning the private key. 10551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 10651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @see SecurityManager#checkSecurityAccess 10751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 10851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public PrivateKey getPrivateKey() { 10951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski check("getSignerPrivateKey"); 11051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return privateKey; 11151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 11251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 11351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 11451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Sets the key pair (public key and private key) for this signer. 11551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 11651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <p>First, if there is a security manager, its <code>checkSecurityAccess</code> 11751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * method is called with <code>"setSignerKeyPair"</code> 11851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * as its argument to see if it's ok to set the key pair. 11951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 12051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param pair an initialized key pair. 12151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 12251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @exception InvalidParameterException if the key pair is not 12351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * properly initialized. 12451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @exception KeyException if the key pair cannot be set for any 12551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * other reason. 12651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @exception SecurityException if a security manager exists and its 12751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <code>checkSecurityAccess</code> method doesn't allow 12851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * setting the key pair. 12951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 13051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @see SecurityManager#checkSecurityAccess 13151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 13251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public final void setKeyPair(KeyPair pair) 13351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski throws InvalidParameterException, KeyException { 13451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski check("setSignerKeyPair"); 13551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski final PublicKey pub = pair.getPublic(); 13651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski PrivateKey priv = pair.getPrivate(); 13751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 13851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (pub == null || priv == null) { 13951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski throw new InvalidParameterException(); 14051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 14151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski try { 14251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski AccessController.doPrivileged( 14351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski new PrivilegedExceptionAction<Void>() { 14451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public Void run() throws KeyManagementException { 14551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski setPublicKey(pub); 14651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return null; 14751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 14851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski }); 14951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } catch (PrivilegedActionException pae) { 15051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski throw (KeyManagementException) pae.getException(); 15151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 15251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski privateKey = priv; 15351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 15451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 15551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski String printKeys() { 15651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski String keys = ""; 15751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski PublicKey publicKey = getPublicKey(); 15851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (publicKey != null && privateKey != null) { 15951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski keys = "\tpublic and private keys initialized"; 16051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 16151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else { 16251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski keys = "\tno keys"; 16351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 16451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return keys; 16551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 16651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 16751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 16851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Returns a string of information about the signer. 16951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 17051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @return a string of information about the signer. 17151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 17251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public String toString() { 17351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return "[Signer]" + super.toString(); 17451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 17551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 17651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski private static void check(String directive) { 17751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski SecurityManager security = System.getSecurityManager(); 17851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (security != null) { 17951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski security.checkSecurityAccess(directive); 18051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 18151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 18251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 18351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski} 184