src/share/classes/sun/security/x509/X509CertImpl.java

Print this page 







  24  */
  25 
  26 package sun.security.x509;
  27 
  28 import java.io.BufferedReader;
  29 import java.io.BufferedInputStream;
  30 import java.io.ByteArrayOutputStream;
  31 import java.io.IOException;
  32 import java.io.InputStream;
  33 import java.io.InputStreamReader;
  34 import java.io.OutputStream;
  35 import java.math.BigInteger;
  36 import java.security.*;
  37 import java.security.cert.*;
  38 import java.security.cert.Certificate;
  39 import java.util.*;
  40 
  41 import javax.security.auth.x500.X500Principal;
  42 
  43 import sun.misc.HexDumpEncoder;
  44 import sun.misc.BASE64Decoder;
  45 import sun.security.util.*;
  46 import sun.security.provider.X509Factory;
  47 
  48 /**
  49  * The X509CertImpl class represents an X.509 certificate. These certificates
  50  * are widely used to support authentication and other functionality in
  51  * Internet security systems.  Common applications include Privacy Enhanced
  52  * Mail (PEM), Transport Layer Security (SSL), code signing for trusted
  53  * software distribution, and Secure Electronic Transactions (SET).  There
  54  * is a commercial infrastructure ready to manage large scale deployments
  55  * of X.509 identity certificates.
  56  *
  57  * <P>These certificates are managed and vouched for by <em>Certificate
  58  * Authorities</em> (CAs).  CAs are services which create certificates by
  59  * placing data in the X.509 standard format and then digitally signing
  60  * that data.  Such signatures are quite difficult to forge.  CAs act as
  61  * trusted third parties, making introductions between agents who have no
  62  * direct knowledge of each other.  CA certificates are either signed by
  63  * themselves, or by some other CA such as a "root" CA.
  64  *


 246      * read input stream as HEX-encoded DER-encoded bytes
 247      *
 248      * @param in InputStream to read
 249      * @returns DerValue corresponding to decoded HEX-encoded bytes
 250      * @throws IOException if stream can not be interpreted as RFC1421
 251      *                     encoded bytes
 252      */
 253     private DerValue readRFC1421Cert(InputStream in) throws IOException {
 254         DerValue der = null;
 255         String line = null;
 256         BufferedReader certBufferedReader =
 257             new BufferedReader(new InputStreamReader(in, "ASCII"));
 258         try {
 259             line = certBufferedReader.readLine();
 260         } catch (IOException ioe1) {
 261             throw new IOException("Unable to read InputStream: " +
 262                                   ioe1.getMessage());
 263         }
 264         if (line.equals(X509Factory.BEGIN_CERT)) {
 265             /* stream appears to be hex-encoded bytes */
 266             BASE64Decoder         decoder   = new BASE64Decoder();
 267             ByteArrayOutputStream decstream = new ByteArrayOutputStream();
 268             try {
 269                 while ((line = certBufferedReader.readLine()) != null) {
 270                     if (line.equals(X509Factory.END_CERT)) {
 271                         der = new DerValue(decstream.toByteArray());
 272                         break;
 273                     } else {
 274                         decstream.write(decoder.decodeBuffer(line));
 275                     }
 276                 }
 277             } catch (IOException ioe2) {
 278                 throw new IOException("Unable to read InputStream: "
 279                                       + ioe2.getMessage());
 280             }
 281         } else {
 282             throw new IOException("InputStream is not RFC1421 hex-encoded " +
 283                                   "DER bytes");
 284         }
 285         return der;
 286     }
 287 
 288     /**
 289      * Construct an initialized X509 Certificate. The certificate is stored
 290      * in raw form and has to be signed to be useful.
 291      *
 292      * @params info the X509CertificateInfo which the Certificate is to be
 293      *              created from.
 294      */






  24  */
  25 
  26 package sun.security.x509;
  27 
  28 import java.io.BufferedReader;
  29 import java.io.BufferedInputStream;
  30 import java.io.ByteArrayOutputStream;
  31 import java.io.IOException;
  32 import java.io.InputStream;
  33 import java.io.InputStreamReader;
  34 import java.io.OutputStream;
  35 import java.math.BigInteger;
  36 import java.security.*;
  37 import java.security.cert.*;
  38 import java.security.cert.Certificate;
  39 import java.util.*;
  40 
  41 import javax.security.auth.x500.X500Principal;
  42 
  43 import sun.misc.HexDumpEncoder;
  44 import java.util.Base64;
  45 import sun.security.util.*;
  46 import sun.security.provider.X509Factory;
  47 
  48 /**
  49  * The X509CertImpl class represents an X.509 certificate. These certificates
  50  * are widely used to support authentication and other functionality in
  51  * Internet security systems.  Common applications include Privacy Enhanced
  52  * Mail (PEM), Transport Layer Security (SSL), code signing for trusted
  53  * software distribution, and Secure Electronic Transactions (SET).  There
  54  * is a commercial infrastructure ready to manage large scale deployments
  55  * of X.509 identity certificates.
  56  *
  57  * <P>These certificates are managed and vouched for by <em>Certificate
  58  * Authorities</em> (CAs).  CAs are services which create certificates by
  59  * placing data in the X.509 standard format and then digitally signing
  60  * that data.  Such signatures are quite difficult to forge.  CAs act as
  61  * trusted third parties, making introductions between agents who have no
  62  * direct knowledge of each other.  CA certificates are either signed by
  63  * themselves, or by some other CA such as a "root" CA.
  64  *


 246      * read input stream as HEX-encoded DER-encoded bytes
 247      *
 248      * @param in InputStream to read
 249      * @returns DerValue corresponding to decoded HEX-encoded bytes
 250      * @throws IOException if stream can not be interpreted as RFC1421
 251      *                     encoded bytes
 252      */
 253     private DerValue readRFC1421Cert(InputStream in) throws IOException {
 254         DerValue der = null;
 255         String line = null;
 256         BufferedReader certBufferedReader =
 257             new BufferedReader(new InputStreamReader(in, "ASCII"));
 258         try {
 259             line = certBufferedReader.readLine();
 260         } catch (IOException ioe1) {
 261             throw new IOException("Unable to read InputStream: " +
 262                                   ioe1.getMessage());
 263         }
 264         if (line.equals(X509Factory.BEGIN_CERT)) {
 265             /* stream appears to be hex-encoded bytes */

 266             ByteArrayOutputStream decstream = new ByteArrayOutputStream();
 267             try {
 268                 while ((line = certBufferedReader.readLine()) != null) {
 269                     if (line.equals(X509Factory.END_CERT)) {
 270                         der = new DerValue(decstream.toByteArray());
 271                         break;
 272                     } else {
 273                         decstream.write(Base64.getMimeDecoder().decode(line));
 274                     }
 275                 }
 276             } catch (IOException ioe2) {
 277                 throw new IOException("Unable to read InputStream: "
 278                                       + ioe2.getMessage());
 279             }
 280         } else {
 281             throw new IOException("InputStream is not RFC1421 hex-encoded " +
 282                                   "DER bytes");
 283         }
 284         return der;
 285     }
 286 
 287     /**
 288      * Construct an initialized X509 Certificate. The certificate is stored
 289      * in raw form and has to be signed to be useful.
 290      *
 291      * @params info the X509CertificateInfo which the Certificate is to be
 292      *              created from.
 293      */