151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski/* 294c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved. 351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * This code is free software; you can redistribute it and/or modify it 651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * under the terms of the GNU General Public License version 2 only, as 751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * published by the Free Software Foundation. Oracle designates this 851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * particular file as subject to the "Classpath" exception as provided 951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * by Oracle in the LICENSE file that accompanied this code. 1051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 1151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * This code is distributed in the hope that it will be useful, but WITHOUT 1251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 1351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 1451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * version 2 for more details (a copy is included in the LICENSE file that 1551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * accompanied this code). 1651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 1751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * You should have received a copy of the GNU General Public License version 1851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 2 along with this work; if not, write to the Free Software Foundation, 1951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 2051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 2151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 2251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * or visit www.oracle.com if you need additional information or have any 2351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * questions. 2451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 2551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 2651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskipackage java.security.cert; 2751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 2851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport java.io.ByteArrayInputStream; 2951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport java.io.NotSerializableException; 3051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport java.io.ObjectStreamException; 3151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport java.io.Serializable; 3251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport java.util.Iterator; 3351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport java.util.List; 3451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 3551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski/** 3651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * An immutable sequence of certificates (a certification path). 3751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <p> 3851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * This is an abstract class that defines the methods common to all 3994c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * {@code CertPath}s. Subclasses can handle different kinds of 4051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * certificates (X.509, PGP, etc.). 4151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <p> 4294c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * All {@code CertPath} objects have a type, a list of 4394c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * {@code Certificate}s, and one or more supported encodings. Because the 4494c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * {@code CertPath} class is immutable, a {@code CertPath} cannot 4551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * change in any externally visible way after being constructed. This 4651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * stipulation applies to all public fields and methods of this class and any 4751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * added or overridden by subclasses. 4851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <p> 4994c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * The type is a {@code String} that identifies the type of 5094c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * {@code Certificate}s in the certification path. For each 5194c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * certificate {@code cert} in a certification path {@code certPath}, 5294c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * {@code cert.getType().equals(certPath.getType())} must be 5394c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * {@code true}. 5451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <p> 5594c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * The list of {@code Certificate}s is an ordered {@code List} of 5694c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * zero or more {@code Certificate}s. This {@code List} and all 5794c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * of the {@code Certificate}s contained in it must be immutable. 5851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <p> 5994c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * Each {@code CertPath} object must support one or more encodings 6051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * so that the object can be translated into a byte array for storage or 6151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * transmission to other parties. Preferably, these encodings should be 6251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * well-documented standards (such as PKCS#7). One of the encodings supported 6394c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * by a {@code CertPath} is considered the default encoding. This 6451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * encoding is used if no encoding is explicitly requested (for the 6551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * {@link #getEncoded() getEncoded()} method, for instance). 6651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <p> 6794c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * All {@code CertPath} objects are also {@code Serializable}. 6894c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * {@code CertPath} objects are resolved into an alternate 6951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * {@link CertPathRep CertPathRep} object during serialization. This allows 7094c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * a {@code CertPath} object to be serialized into an equivalent 7151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * representation regardless of its underlying implementation. 7251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <p> 7394c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * {@code CertPath} objects can be created with a 7494c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * {@code CertificateFactory} or they can be returned by other classes, 7594c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * such as a {@code CertPathBuilder}. 7651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <p> 7794c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * By convention, X.509 {@code CertPath}s (consisting of 7894c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * {@code X509Certificate}s), are ordered starting with the target 7951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * certificate and ending with a certificate issued by the trust anchor. That 8051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * is, the issuer of one certificate is the subject of the following one. The 8151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * certificate representing the {@link TrustAnchor TrustAnchor} should not be 8294c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * included in the certification path. Unvalidated X.509 {@code CertPath}s 8394c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * may not follow these conventions. PKIX {@code CertPathValidator}s will 8451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * detect any departure from these conventions that cause the certification 8594c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * path to be invalid and throw a {@code CertPathValidatorException}. 8651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 8751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <p> Every implementation of the Java platform is required to support the 8894c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * following standard {@code CertPath} encodings: 8951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <ul> 9094c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * <li>{@code PKCS7}</li> 9194c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * <li>{@code PkiPath}</li> 9251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * </ul> 9351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * These encodings are described in the <a href= 94309f9df28350e15445b9135e8b710fa2b34b5dc1Yi Kong * "{@docRoot}openjdk-redirect.html?v=8&path=/technotes/guides/security/StandardNames.html#CertPathEncodings"> 9551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * CertPath Encodings section</a> of the 9651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Java Cryptography Architecture Standard Algorithm Name Documentation. 9751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Consult the release documentation for your implementation to see if any 9851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * other encodings are supported. 9951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <p> 10051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <b>Concurrent Access</b> 10151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <p> 10294c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * All {@code CertPath} objects must be thread-safe. That is, multiple 10351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * threads may concurrently invoke the methods defined in this class on a 10494c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * single {@code CertPath} object (or more than one) with no 10594c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * ill effects. This is also true for the {@code List} returned by 10694c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * {@code CertPath.getCertificates}. 10751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <p> 10894c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * Requiring {@code CertPath} objects to be immutable and thread-safe 10951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * allows them to be passed around to various pieces of code without worrying 11051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * about coordinating access. Providing this thread-safety is 11194c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * generally not difficult, since the {@code CertPath} and 11294c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * {@code List} objects in question are immutable. 11351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 11451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @see CertificateFactory 11551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @see CertPathBuilder 11651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 11751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @author Yassir Elley 11851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @since 1.4 11951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 12051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskipublic abstract class CertPath implements Serializable { 12151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 12251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski private static final long serialVersionUID = 6068470306649138683L; 12351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 12451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski private String type; // the type of certificates in this chain 12551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 12651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 12794c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * Creates a {@code CertPath} of the specified type. 12851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <p> 12951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * This constructor is protected because most users should use a 13094c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * {@code CertificateFactory} to create {@code CertPath}s. 13151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 13251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param type the standard name of the type of 13394c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * {@code Certificate}s in this path 13451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 13551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski protected CertPath(String type) { 13651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.type = type; 13751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 13851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 13951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 14094c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * Returns the type of {@code Certificate}s in this certification 14151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * path. This is the same string that would be returned by 14251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * {@link java.security.cert.Certificate#getType() cert.getType()} 14394c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * for all {@code Certificate}s in the certification path. 14451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 14594c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * @return the type of {@code Certificate}s in this certification 14651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * path (never null) 14751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 14851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public String getType() { 14951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return type; 15051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 15151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 15251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 15351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Returns an iteration of the encodings supported by this certification 15451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * path, with the default encoding first. Attempts to modify the returned 15594c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * {@code Iterator} via its {@code remove} method result in an 15694c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * {@code UnsupportedOperationException}. 15751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 15894c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * @return an {@code Iterator} over the names of the supported 15951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * encodings (as Strings) 16051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 16151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public abstract Iterator<String> getEncodings(); 16251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 16351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 16451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Compares this certification path for equality with the specified 16594c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * object. Two {@code CertPath}s are equal if and only if their 16694c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * types are equal and their certificate {@code List}s (and by 16794c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * implication the {@code Certificate}s in those {@code List}s) 16894c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * are equal. A {@code CertPath} is never equal to an object that is 16994c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * not a {@code CertPath}. 17051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <p> 17151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * This algorithm is implemented by this method. If it is overridden, 17251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * the behavior specified here must be maintained. 17351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 17451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param other the object to test for equality with this certification path 17551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @return true if the specified object is equal to this certification path, 17651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * false otherwise 17751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 17851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public boolean equals(Object other) { 17951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (this == other) 18051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return true; 18151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 18251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (! (other instanceof CertPath)) 18351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return false; 18451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 18551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski CertPath otherCP = (CertPath) other; 18651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (! otherCP.getType().equals(type)) 18751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return false; 18851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 18951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski List<? extends Certificate> thisCertList = this.getCertificates(); 19051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski List<? extends Certificate> otherCertList = otherCP.getCertificates(); 19151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return(thisCertList.equals(otherCertList)); 19251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 19351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 19451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 19551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Returns the hashcode for this certification path. The hash code of 19651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * a certification path is defined to be the result of the following 19751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * calculation: 19894c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * <pre>{@code 19951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * hashCode = path.getType().hashCode(); 20051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * hashCode = 31*hashCode + path.getCertificates().hashCode(); 20194c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * }</pre> 20294c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * This ensures that {@code path1.equals(path2)} implies that 20394c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * {@code path1.hashCode()==path2.hashCode()} for any two certification 20494c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * paths, {@code path1} and {@code path2}, as required by the 20594c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * general contract of {@code Object.hashCode}. 20651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 20751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @return the hashcode value for this certification path 20851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 20951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public int hashCode() { 21051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski int hashCode = type.hashCode(); 21151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski hashCode = 31*hashCode + getCertificates().hashCode(); 21251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return hashCode; 21351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 21451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 21551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 21651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Returns a string representation of this certification path. 21794c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * This calls the {@code toString} method on each of the 21894c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * {@code Certificate}s in the path. 21951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 22051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @return a string representation of this certification path 22151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 22251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public String toString() { 22351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski StringBuffer sb = new StringBuffer(); 22451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski Iterator<? extends Certificate> stringIterator = 22551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski getCertificates().iterator(); 22651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 22751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski sb.append("\n" + type + " Cert Path: length = " 22851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski + getCertificates().size() + ".\n"); 22951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski sb.append("[\n"); 23051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski int i = 1; 23151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski while (stringIterator.hasNext()) { 23251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski sb.append("==========================================" 23351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski + "===============Certificate " + i + " start.\n"); 23451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski Certificate stringCert = stringIterator.next(); 23551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski sb.append(stringCert.toString()); 23651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski sb.append("\n========================================" 23751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski + "=================Certificate " + i + " end.\n\n\n"); 23851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski i++; 23951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 24051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 24151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski sb.append("\n]"); 24251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return sb.toString(); 24351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 24451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 24551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 24651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Returns the encoded form of this certification path, using the default 24751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * encoding. 24851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 24951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @return the encoded bytes 25051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @exception CertificateEncodingException if an encoding error occurs 25151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 25251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public abstract byte[] getEncoded() 25351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski throws CertificateEncodingException; 25451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 25551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 25651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Returns the encoded form of this certification path, using the 25751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * specified encoding. 25851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 25951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param encoding the name of the encoding to use 26051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @return the encoded bytes 26151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @exception CertificateEncodingException if an encoding error occurs or 26251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * the encoding requested is not supported 26351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 26451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public abstract byte[] getEncoded(String encoding) 26551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski throws CertificateEncodingException; 26651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 26751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 26851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Returns the list of certificates in this certification path. 26994c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * The {@code List} returned must be immutable and thread-safe. 27051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 27194c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * @return an immutable {@code List} of {@code Certificate}s 27251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * (may be empty, but not null) 27351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 27451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public abstract List<? extends Certificate> getCertificates(); 27551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 27651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 27794c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * Replaces the {@code CertPath} to be serialized with a 27894c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * {@code CertPathRep} object. 27951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 28094c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * @return the {@code CertPathRep} to be serialized 28151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 28294c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * @throws ObjectStreamException if a {@code CertPathRep} object 28351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * representing this certification path could not be created 28451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 28551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski protected Object writeReplace() throws ObjectStreamException { 28651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski try { 28751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return new CertPathRep(type, getEncoded()); 28851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } catch (CertificateException ce) { 28951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski NotSerializableException nse = 29051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski new NotSerializableException 29151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski ("java.security.cert.CertPath: " + type); 29251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski nse.initCause(ce); 29351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski throw nse; 29451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 29551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 29651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 29751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 29894c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * Alternate {@code CertPath} class for serialization. 29951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @since 1.4 30051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 30151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski protected static class CertPathRep implements Serializable { 30251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 30351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski private static final long serialVersionUID = 3015633072427920915L; 30451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 30551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** The Certificate type */ 30651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski private String type; 30751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** The encoded form of the cert path */ 30851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski private byte[] data; 30951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 31051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 31194c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * Creates a {@code CertPathRep} with the specified 31251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * type and encoded form of a certification path. 31351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 31494c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * @param type the standard name of a {@code CertPath} type 31551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param data the encoded form of the certification path 31651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 31751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski protected CertPathRep(String type, byte[] data) { 31851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.type = type; 31951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this.data = data; 32051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 32151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 32251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 32394c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * Returns a {@code CertPath} constructed from the type and data. 32451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 32594c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * @return the resolved {@code CertPath} object 32651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 32794c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * @throws ObjectStreamException if a {@code CertPath} could not 32851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * be constructed 32951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 33051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski protected Object readResolve() throws ObjectStreamException { 33151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski try { 33251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski CertificateFactory cf = CertificateFactory.getInstance(type); 33351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return cf.generateCertPath(new ByteArrayInputStream(data)); 33451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } catch (CertificateException ce) { 33551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski NotSerializableException nse = 33651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski new NotSerializableException 33751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski ("java.security.cert.CertPath: " + type); 33851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski nse.initCause(ce); 33951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski throw nse; 34051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 34151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 34251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 34351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski} 344