151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski/*
251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *
551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * This code is free software; you can redistribute it and/or modify it
651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * under the terms of the GNU General Public License version 2 only, as
751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * published by the Free Software Foundation.  Oracle designates this
851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * particular file as subject to the "Classpath" exception as provided
951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * by Oracle in the LICENSE file that accompanied this code.
1051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *
1151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * This code is distributed in the hope that it will be useful, but WITHOUT
1251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
1351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
1451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * version 2 for more details (a copy is included in the LICENSE file that
1551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * accompanied this code).
1651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *
1751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * You should have received a copy of the GNU General Public License version
1851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 2 along with this work; if not, write to the Free Software Foundation,
1951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
2051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *
2151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
2251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * or visit www.oracle.com if you need additional information or have any
2351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * questions.
2451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */
2551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
2651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskipackage java.security.cert;
2751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
2851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport java.io.ByteArrayInputStream;
2951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport java.io.NotSerializableException;
3051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport java.io.ObjectStreamException;
3151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport java.io.Serializable;
3251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport java.util.Iterator;
3351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport java.util.List;
3451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
3551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski/**
3651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * An immutable sequence of certificates (a certification path).
3751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <p>
3851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * This is an abstract class that defines the methods common to all
3951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <code>CertPath</code>s. Subclasses can handle different kinds of
4051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * certificates (X.509, PGP, etc.).
4151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <p>
4251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * All <code>CertPath</code> objects have a type, a list of
4351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <code>Certificate</code>s, and one or more supported encodings. Because the
4451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <code>CertPath</code> class is immutable, a <code>CertPath</code> cannot
4551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * change in any externally visible way after being constructed. This
4651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * stipulation applies to all public fields and methods of this class and any
4751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * added or overridden by subclasses.
4851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <p>
4951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * The type is a <code>String</code> that identifies the type of
5051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <code>Certificate</code>s in the certification path. For each
5151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * certificate <code>cert</code> in a certification path <code>certPath</code>,
5251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <code>cert.getType().equals(certPath.getType())</code> must be
5351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <code>true</code>.
5451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <p>
5551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * The list of <code>Certificate</code>s is an ordered <code>List</code> of
5651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * zero or more <code>Certificate</code>s. This <code>List</code> and all
5751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * of the <code>Certificate</code>s contained in it must be immutable.
5851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <p>
5951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Each <code>CertPath</code> object must support one or more encodings
6051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * so that the object can be translated into a byte array for storage or
6151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * transmission to other parties. Preferably, these encodings should be
6251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * well-documented standards (such as PKCS#7). One of the encodings supported
6351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * by a <code>CertPath</code> is considered the default encoding. This
6451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * encoding is used if no encoding is explicitly requested (for the
6551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * {@link #getEncoded() getEncoded()} method, for instance).
6651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <p>
6751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * All <code>CertPath</code> objects are also <code>Serializable</code>.
6851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <code>CertPath</code> objects are resolved into an alternate
6951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * {@link CertPathRep CertPathRep} object during serialization. This allows
7051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * a <code>CertPath</code> object to be serialized into an equivalent
7151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * representation regardless of its underlying implementation.
7251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <p>
7351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <code>CertPath</code> objects can be created with a
7451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <code>CertificateFactory</code> or they can be returned by other classes,
7551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * such as a <code>CertPathBuilder</code>.
7651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <p>
7751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * By convention, X.509 <code>CertPath</code>s (consisting of
7851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <code>X509Certificate</code>s), are ordered starting with the target
7951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * certificate and ending with a certificate issued by the trust anchor. That
8051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * is, the issuer of one certificate is the subject of the following one. The
8151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * certificate representing the {@link TrustAnchor TrustAnchor} should not be
8251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * included in the certification path. Unvalidated X.509 <code>CertPath</code>s
8351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * may not follow these conventions. PKIX <code>CertPathValidator</code>s will
8451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * detect any departure from these conventions that cause the certification
8551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * path to be invalid and throw a <code>CertPathValidatorException</code>.
8651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *
8751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <p> Every implementation of the Java platform is required to support the
8851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * following standard <code>CertPath</code> encodings:
8951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <ul>
9051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <li><tt>PKCS7</tt></li>
9151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <li><tt>PkiPath</tt></li>
9251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * </ul>
9351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * These encodings are described in the <a href=
94d2449bb576ad1e3a3877364e5e1ae28625f69e35Yi Kong * "{@docRoot}openjdk-redirect.html?v=8&path=/technotes/guides/security/StandardNames.html#CertPathEncodings">
9551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * CertPath Encodings section</a> of the
9651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Java Cryptography Architecture Standard Algorithm Name Documentation.
9751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Consult the release documentation for your implementation to see if any
9851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * other encodings are supported.
9951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <p>
10051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <b>Concurrent Access</b>
10151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <p>
10251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * All <code>CertPath</code> objects must be thread-safe. That is, multiple
10351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * threads may concurrently invoke the methods defined in this class on a
10451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * single <code>CertPath</code> object (or more than one) with no
10551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * ill effects. This is also true for the <code>List</code> returned by
10651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <code>CertPath.getCertificates</code>.
10751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <p>
10851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Requiring <code>CertPath</code> objects to be immutable and thread-safe
10951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * allows them to be passed around to various pieces of code without worrying
11051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * about coordinating access.  Providing this thread-safety is
11151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * generally not difficult, since the <code>CertPath</code> and
11251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <code>List</code> objects in question are immutable.
11351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *
11451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @see CertificateFactory
11551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @see CertPathBuilder
11651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *
11751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @author      Yassir Elley
11851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @since       1.4
11951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */
12051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskipublic abstract class CertPath implements Serializable {
12151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
12251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    private static final long serialVersionUID = 6068470306649138683L;
12351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
12451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    private String type;        // the type of certificates in this chain
12551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
12651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    /**
12751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * Creates a <code>CertPath</code> of the specified type.
12851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * <p>
12951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * This constructor is protected because most users should use a
13051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * <code>CertificateFactory</code> to create <code>CertPath</code>s.
13151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     *
13251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * @param type the standard name of the type of
13351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * <code>Certificate</code>s in this path
13451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     */
13551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    protected CertPath(String type) {
13651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        this.type = type;
13751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    }
13851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
13951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    /**
14051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * Returns the type of <code>Certificate</code>s in this certification
14151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * path. This is the same string that would be returned by
14251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * {@link java.security.cert.Certificate#getType() cert.getType()}
14351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * for all <code>Certificate</code>s in the certification path.
14451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     *
14551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * @return the type of <code>Certificate</code>s in this certification
14651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * path (never null)
14751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     */
14851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    public String getType() {
14951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        return type;
15051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    }
15151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
15251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    /**
15351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * Returns an iteration of the encodings supported by this certification
15451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * path, with the default encoding first. Attempts to modify the returned
15551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * <code>Iterator</code> via its <code>remove</code> method result in an
15651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * <code>UnsupportedOperationException</code>.
15751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     *
15851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * @return an <code>Iterator</code> over the names of the supported
15951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     *         encodings (as Strings)
16051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     */
16151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    public abstract Iterator<String> getEncodings();
16251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
16351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    /**
16451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * Compares this certification path for equality with the specified
16551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * object. Two <code>CertPath</code>s are equal if and only if their
16651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * types are equal and their certificate <code>List</code>s (and by
16751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * implication the <code>Certificate</code>s in those <code>List</code>s)
16851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * are equal. A <code>CertPath</code> is never equal to an object that is
16951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * not a <code>CertPath</code>.
17051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * <p>
17151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * This algorithm is implemented by this method. If it is overridden,
17251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * the behavior specified here must be maintained.
17351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     *
17451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * @param other the object to test for equality with this certification path
17551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * @return true if the specified object is equal to this certification path,
17651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * false otherwise
17751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     */
17851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    public boolean equals(Object other) {
17951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        if (this == other)
18051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski            return true;
18151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
18251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        if (! (other instanceof CertPath))
18351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski            return false;
18451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
18551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        CertPath otherCP = (CertPath) other;
18651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        if (! otherCP.getType().equals(type))
18751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski            return false;
18851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
18951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        List<? extends Certificate> thisCertList = this.getCertificates();
19051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        List<? extends Certificate> otherCertList = otherCP.getCertificates();
19151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        return(thisCertList.equals(otherCertList));
19251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    }
19351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
19451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    /**
19551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * Returns the hashcode for this certification path. The hash code of
19651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * a certification path is defined to be the result of the following
19751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * calculation:
19851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * <pre><code>
19951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     *  hashCode = path.getType().hashCode();
20051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     *  hashCode = 31*hashCode + path.getCertificates().hashCode();
20151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * </code></pre>
20251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * This ensures that <code>path1.equals(path2)</code> implies that
20351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * <code>path1.hashCode()==path2.hashCode()</code> for any two certification
20451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * paths, <code>path1</code> and <code>path2</code>, as required by the
20551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * general contract of <code>Object.hashCode</code>.
20651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     *
20751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * @return the hashcode value for this certification path
20851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     */
20951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    public int hashCode() {
21051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        int hashCode = type.hashCode();
21151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        hashCode = 31*hashCode + getCertificates().hashCode();
21251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        return hashCode;
21351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    }
21451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
21551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    /**
21651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * Returns a string representation of this certification path.
21751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * This calls the <code>toString</code> method on each of the
21851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * <code>Certificate</code>s in the path.
21951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     *
22051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * @return a string representation of this certification path
22151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     */
22251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    public String toString() {
22351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        StringBuffer sb = new StringBuffer();
22451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        Iterator<? extends Certificate> stringIterator =
22551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski                                        getCertificates().iterator();
22651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
22751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        sb.append("\n" + type + " Cert Path: length = "
22851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski            + getCertificates().size() + ".\n");
22951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        sb.append("[\n");
23051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        int i = 1;
23151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        while (stringIterator.hasNext()) {
23251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski            sb.append("=========================================="
23351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski                + "===============Certificate " + i + " start.\n");
23451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski            Certificate stringCert = stringIterator.next();
23551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski            sb.append(stringCert.toString());
23651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski            sb.append("\n========================================"
23751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski                + "=================Certificate " + i + " end.\n\n\n");
23851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski            i++;
23951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        }
24051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
24151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        sb.append("\n]");
24251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        return sb.toString();
24351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    }
24451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
24551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    /**
24651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * Returns the encoded form of this certification path, using the default
24751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * encoding.
24851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     *
24951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * @return the encoded bytes
25051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * @exception CertificateEncodingException if an encoding error occurs
25151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     */
25251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    public abstract byte[] getEncoded()
25351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        throws CertificateEncodingException;
25451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
25551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    /**
25651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * Returns the encoded form of this certification path, using the
25751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * specified encoding.
25851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     *
25951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * @param encoding the name of the encoding to use
26051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * @return the encoded bytes
26151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * @exception CertificateEncodingException if an encoding error occurs or
26251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     *   the encoding requested is not supported
26351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     */
26451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    public abstract byte[] getEncoded(String encoding)
26551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        throws CertificateEncodingException;
26651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
26751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    /**
26851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * Returns the list of certificates in this certification path.
26951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * The <code>List</code> returned must be immutable and thread-safe.
27051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     *
27151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * @return an immutable <code>List</code> of <code>Certificate</code>s
27251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     *         (may be empty, but not null)
27351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     */
27451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    public abstract List<? extends Certificate> getCertificates();
27551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
27651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    /**
27751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * Replaces the <code>CertPath</code> to be serialized with a
27851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * <code>CertPathRep</code> object.
27951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     *
28051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * @return the <code>CertPathRep</code> to be serialized
28151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     *
28251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * @throws ObjectStreamException if a <code>CertPathRep</code> object
28351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * representing this certification path could not be created
28451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     */
28551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    protected Object writeReplace() throws ObjectStreamException {
28651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        try {
28751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski            return new CertPathRep(type, getEncoded());
28851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        } catch (CertificateException ce) {
28951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski            NotSerializableException nse =
29051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski                new NotSerializableException
29151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski                    ("java.security.cert.CertPath: " + type);
29251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski            nse.initCause(ce);
29351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski            throw nse;
29451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        }
29551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    }
29651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
29751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    /**
29851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * Alternate <code>CertPath</code> class for serialization.
29951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * @since 1.4
30051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     */
30151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    protected static class CertPathRep implements Serializable {
30251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
30351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        private static final long serialVersionUID = 3015633072427920915L;
30451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
30551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        /** The Certificate type */
30651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        private String type;
30751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        /** The encoded form of the cert path */
30851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        private byte[] data;
30951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
31051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        /**
31151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski         * Creates a <code>CertPathRep</code> with the specified
31251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski         * type and encoded form of a certification path.
31351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski         *
31451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski         * @param type the standard name of a <code>CertPath</code> type
31551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski         * @param data the encoded form of the certification path
31651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski         */
31751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        protected CertPathRep(String type, byte[] data) {
31851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski            this.type = type;
31951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski            this.data = data;
32051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        }
32151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
32251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        /**
32351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski         * Returns a <code>CertPath</code> constructed from the type and data.
32451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski         *
32551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski         * @return the resolved <code>CertPath</code> object
32651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski         *
32751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski         * @throws ObjectStreamException if a <code>CertPath</code> could not
32851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski         * be constructed
32951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski         */
33051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        protected Object readResolve() throws ObjectStreamException {
33151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski            try {
33251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski                CertificateFactory cf = CertificateFactory.getInstance(type);
33351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski                return cf.generateCertPath(new ByteArrayInputStream(data));
33451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski            } catch (CertificateException ce) {
33551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski                NotSerializableException nse =
33651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski                    new NotSerializableException
33751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski                        ("java.security.cert.CertPath: " + type);
33851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski                nse.initCause(ce);
33951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski                throw nse;
34051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski            }
34151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        }
34251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    }
34351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski}
344