151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski/* 294c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. 351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * This code is free software; you can redistribute it and/or modify it 651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * under the terms of the GNU General Public License version 2 only, as 751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * published by the Free Software Foundation. Oracle designates this 851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * particular file as subject to the "Classpath" exception as provided 951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * by Oracle in the LICENSE file that accompanied this code. 1051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 1151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * This code is distributed in the hope that it will be useful, but WITHOUT 1251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 1351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 1451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * version 2 for more details (a copy is included in the LICENSE file that 1551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * accompanied this code). 1651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 1751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * You should have received a copy of the GNU General Public License version 1851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 2 along with this work; if not, write to the Free Software Foundation, 1951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 2051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 2151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 2251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * or visit www.oracle.com if you need additional information or have any 2351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * questions. 2451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 2551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 2651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskipackage java.security.cert; 2751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 2851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport java.math.BigInteger; 2951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport java.util.Date; 3051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport javax.security.auth.x500.X500Principal; 3151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 3251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport sun.security.x509.X509CRLEntryImpl; 3351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 3451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski/** 3551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <p>Abstract class for a revoked certificate in a CRL (Certificate 3651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Revocation List). 3751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 3851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * The ASN.1 definition for <em>revokedCertificates</em> is: 3951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <pre> 4051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * revokedCertificates SEQUENCE OF SEQUENCE { 4151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * userCertificate CertificateSerialNumber, 4251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * revocationDate ChoiceOfTime, 4351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * crlEntryExtensions Extensions OPTIONAL 4451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * -- if present, must be v2 4551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * } OPTIONAL 4694c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * 4751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * CertificateSerialNumber ::= INTEGER 4894c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * 4951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension 5094c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * 5151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Extension ::= SEQUENCE { 5251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * extnId OBJECT IDENTIFIER, 5351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * critical BOOLEAN DEFAULT FALSE, 5451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * extnValue OCTET STRING 5551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * -- contains a DER encoding of a value 5651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * -- of the type registered for use with 5751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * -- the extnId object identifier value 5851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * } 5951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * </pre> 6051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 6151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @see X509CRL 6251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @see X509Extension 6351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 6451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @author Hemma Prafullchandra 6551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 6651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 6751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskipublic abstract class X509CRLEntry implements X509Extension { 6851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 6951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 7051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Compares this CRL entry for equality with the given 7194c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * object. If the {@code other} object is an 7294c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * {@code instanceof} {@code X509CRLEntry}, then 7351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * its encoded form (the inner SEQUENCE) is retrieved and compared 7451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * with the encoded form of this CRL entry. 7551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 7651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param other the object to test for equality with this CRL entry. 7751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @return true iff the encoded forms of the two CRL entries 7851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * match, false otherwise. 7951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 8051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public boolean equals(Object other) { 8151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (this == other) 8251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return true; 8351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (!(other instanceof X509CRLEntry)) 8451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return false; 8551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski try { 8651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski byte[] thisCRLEntry = this.getEncoded(); 8751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski byte[] otherCRLEntry = ((X509CRLEntry)other).getEncoded(); 8851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 8951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (thisCRLEntry.length != otherCRLEntry.length) 9051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return false; 9151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski for (int i = 0; i < thisCRLEntry.length; i++) 9251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (thisCRLEntry[i] != otherCRLEntry[i]) 9351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return false; 9451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } catch (CRLException ce) { 9551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return false; 9651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 9751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return true; 9851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 9951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 10051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 10151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Returns a hashcode value for this CRL entry from its 10251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * encoded form. 10351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 10451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @return the hashcode value. 10551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 10651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public int hashCode() { 10751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski int retval = 0; 10851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski try { 10951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski byte[] entryData = this.getEncoded(); 11051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski for (int i = 1; i < entryData.length; i++) 11151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski retval += entryData[i] * i; 11251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 11351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } catch (CRLException ce) { 11451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return(retval); 11551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 11651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return(retval); 11751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 11851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 11951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 12051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Returns the ASN.1 DER-encoded form of this CRL Entry, 12151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * that is the inner SEQUENCE. 12251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 12351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @return the encoded form of this certificate 12451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @exception CRLException if an encoding error occurs. 12551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 12651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public abstract byte[] getEncoded() throws CRLException; 12751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 12851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 12951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Gets the serial number from this X509CRLEntry, 13051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * the <em>userCertificate</em>. 13151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 13251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @return the serial number. 13351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 13451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public abstract BigInteger getSerialNumber(); 13551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 13651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 13751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Get the issuer of the X509Certificate described by this entry. If 13851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * the certificate issuer is also the CRL issuer, this method returns 13951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * null. 14051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 14151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <p>This method is used with indirect CRLs. The default implementation 14251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * always returns null. Subclasses that wish to support indirect CRLs 14351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * should override it. 14451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 14551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @return the issuer of the X509Certificate described by this entry 14651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * or null if it is issued by the CRL issuer. 14751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 14851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @since 1.5 14951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 15051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public X500Principal getCertificateIssuer() { 15151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return null; 15251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 15351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 15451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 15551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Gets the revocation date from this X509CRLEntry, 15651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * the <em>revocationDate</em>. 15751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 15851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @return the revocation date. 15951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 16051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public abstract Date getRevocationDate(); 16151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 16251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 16351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Returns true if this CRL entry has extensions. 16451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 16551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @return true if this entry has extensions, false otherwise. 16651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 16751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public abstract boolean hasExtensions(); 16851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 16951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 17051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Returns a string representation of this CRL entry. 17151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 17251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @return a string representation of this CRL entry. 17351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 17451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public abstract String toString(); 17551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 17651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 17751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Returns the reason the certificate has been revoked, as specified 17851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * in the Reason Code extension of this CRL entry. 17951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 18051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @return the reason the certificate has been revoked, or 18194c24c5bb69f6dfec482f85f767ef0fc7dd98cbbSergio Giro * {@code null} if this CRL entry does not have 18251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * a Reason Code extension 18351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @since 1.7 18451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 18551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public CRLReason getRevocationReason() { 18651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (!hasExtensions()) { 18751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return null; 18851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 18951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return X509CRLEntryImpl.getRevocationReason(this); 19051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 19151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski} 192