24 */
25
26 package sun.security.x509;
27
28 import java.io.BufferedReader;
29 import java.io.BufferedInputStream;
30 import java.io.ByteArrayOutputStream;
31 import java.io.IOException;
32 import java.io.InputStream;
33 import java.io.InputStreamReader;
34 import java.io.OutputStream;
35 import java.math.BigInteger;
36 import java.security.*;
37 import java.security.cert.*;
38 import java.security.cert.Certificate;
39 import java.util.*;
40
41 import javax.security.auth.x500.X500Principal;
42
43 import sun.misc.HexDumpEncoder;
44 import sun.misc.BASE64Decoder;
45 import sun.security.util.*;
46 import sun.security.provider.X509Factory;
47
48 /**
49 * The X509CertImpl class represents an X.509 certificate. These certificates
50 * are widely used to support authentication and other functionality in
51 * Internet security systems. Common applications include Privacy Enhanced
52 * Mail (PEM), Transport Layer Security (SSL), code signing for trusted
53 * software distribution, and Secure Electronic Transactions (SET). There
54 * is a commercial infrastructure ready to manage large scale deployments
55 * of X.509 identity certificates.
56 *
57 * <P>These certificates are managed and vouched for by <em>Certificate
58 * Authorities</em> (CAs). CAs are services which create certificates by
59 * placing data in the X.509 standard format and then digitally signing
60 * that data. Such signatures are quite difficult to forge. CAs act as
61 * trusted third parties, making introductions between agents who have no
62 * direct knowledge of each other. CA certificates are either signed by
63 * themselves, or by some other CA such as a "root" CA.
64 *
246 * read input stream as HEX-encoded DER-encoded bytes
247 *
248 * @param in InputStream to read
249 * @returns DerValue corresponding to decoded HEX-encoded bytes
250 * @throws IOException if stream can not be interpreted as RFC1421
251 * encoded bytes
252 */
253 private DerValue readRFC1421Cert(InputStream in) throws IOException {
254 DerValue der = null;
255 String line = null;
256 BufferedReader certBufferedReader =
257 new BufferedReader(new InputStreamReader(in, "ASCII"));
258 try {
259 line = certBufferedReader.readLine();
260 } catch (IOException ioe1) {
261 throw new IOException("Unable to read InputStream: " +
262 ioe1.getMessage());
263 }
264 if (line.equals(X509Factory.BEGIN_CERT)) {
265 /* stream appears to be hex-encoded bytes */
266 BASE64Decoder decoder = new BASE64Decoder();
267 ByteArrayOutputStream decstream = new ByteArrayOutputStream();
268 try {
269 while ((line = certBufferedReader.readLine()) != null) {
270 if (line.equals(X509Factory.END_CERT)) {
271 der = new DerValue(decstream.toByteArray());
272 break;
273 } else {
274 decstream.write(decoder.decodeBuffer(line));
275 }
276 }
277 } catch (IOException ioe2) {
278 throw new IOException("Unable to read InputStream: "
279 + ioe2.getMessage());
280 }
281 } else {
282 throw new IOException("InputStream is not RFC1421 hex-encoded " +
283 "DER bytes");
284 }
285 return der;
286 }
287
288 /**
289 * Construct an initialized X509 Certificate. The certificate is stored
290 * in raw form and has to be signed to be useful.
291 *
292 * @params info the X509CertificateInfo which the Certificate is to be
293 * created from.
294 */
|
24 */
25
26 package sun.security.x509;
27
28 import java.io.BufferedReader;
29 import java.io.BufferedInputStream;
30 import java.io.ByteArrayOutputStream;
31 import java.io.IOException;
32 import java.io.InputStream;
33 import java.io.InputStreamReader;
34 import java.io.OutputStream;
35 import java.math.BigInteger;
36 import java.security.*;
37 import java.security.cert.*;
38 import java.security.cert.Certificate;
39 import java.util.*;
40
41 import javax.security.auth.x500.X500Principal;
42
43 import sun.misc.HexDumpEncoder;
44 import java.util.Base64;
45 import sun.security.util.*;
46 import sun.security.provider.X509Factory;
47
48 /**
49 * The X509CertImpl class represents an X.509 certificate. These certificates
50 * are widely used to support authentication and other functionality in
51 * Internet security systems. Common applications include Privacy Enhanced
52 * Mail (PEM), Transport Layer Security (SSL), code signing for trusted
53 * software distribution, and Secure Electronic Transactions (SET). There
54 * is a commercial infrastructure ready to manage large scale deployments
55 * of X.509 identity certificates.
56 *
57 * <P>These certificates are managed and vouched for by <em>Certificate
58 * Authorities</em> (CAs). CAs are services which create certificates by
59 * placing data in the X.509 standard format and then digitally signing
60 * that data. Such signatures are quite difficult to forge. CAs act as
61 * trusted third parties, making introductions between agents who have no
62 * direct knowledge of each other. CA certificates are either signed by
63 * themselves, or by some other CA such as a "root" CA.
64 *
246 * read input stream as HEX-encoded DER-encoded bytes
247 *
248 * @param in InputStream to read
249 * @returns DerValue corresponding to decoded HEX-encoded bytes
250 * @throws IOException if stream can not be interpreted as RFC1421
251 * encoded bytes
252 */
253 private DerValue readRFC1421Cert(InputStream in) throws IOException {
254 DerValue der = null;
255 String line = null;
256 BufferedReader certBufferedReader =
257 new BufferedReader(new InputStreamReader(in, "ASCII"));
258 try {
259 line = certBufferedReader.readLine();
260 } catch (IOException ioe1) {
261 throw new IOException("Unable to read InputStream: " +
262 ioe1.getMessage());
263 }
264 if (line.equals(X509Factory.BEGIN_CERT)) {
265 /* stream appears to be hex-encoded bytes */
266 ByteArrayOutputStream decstream = new ByteArrayOutputStream();
267 try {
268 while ((line = certBufferedReader.readLine()) != null) {
269 if (line.equals(X509Factory.END_CERT)) {
270 der = new DerValue(decstream.toByteArray());
271 break;
272 } else {
273 decstream.write(Base64.getMimeDecoder().decode(line));
274 }
275 }
276 } catch (IOException ioe2) {
277 throw new IOException("Unable to read InputStream: "
278 + ioe2.getMessage());
279 }
280 } else {
281 throw new IOException("InputStream is not RFC1421 hex-encoded " +
282 "DER bytes");
283 }
284 return der;
285 }
286
287 /**
288 * Construct an initialized X509 Certificate. The certificate is stored
289 * in raw form and has to be signed to be useful.
290 *
291 * @params info the X509CertificateInfo which the Certificate is to be
292 * created from.
293 */
|