1 /*
2 * Copyright (c) 1997, 2003, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26 package java.security.cert;
27
28 import java.math.BigInteger;
29 import java.util.Date;
30 import javax.security.auth.x500.X500Principal;
31
32 import sun.security.x509.X509CRLEntryImpl;
33
34 /**
35 * <p>Abstract class for a revoked certificate in a CRL (Certificate
36 * Revocation List).
37 *
38 * The ASN.1 definition for <em>revokedCertificates</em> is:
39 * <pre>
40 * revokedCertificates SEQUENCE OF SEQUENCE {
41 * userCertificate CertificateSerialNumber,
42 * revocationDate ChoiceOfTime,
43 * crlEntryExtensions Extensions OPTIONAL
44 * -- if present, must be v2
45 * } OPTIONAL
46 *<p>
47 * CertificateSerialNumber ::= INTEGER
48 *<p>
49 * Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension
50 *<p>
51 * Extension ::= SEQUENCE {
52 * extnId OBJECT IDENTIFIER,
53 * critical BOOLEAN DEFAULT FALSE,
54 * extnValue OCTET STRING
55 * -- contains a DER encoding of a value
56 * -- of the type registered for use with
57 * -- the extnId object identifier value
58 * }
59 * </pre>
60 *
61 * @see X509CRL
62 * @see X509Extension
63 *
64 * @author Hemma Prafullchandra
65 */
66
67 public abstract class X509CRLEntry implements X509Extension {
68
69 /**
70 * Compares this CRL entry for equality with the given
71 * object. If the <code>other</code> object is an
72 * <code>instanceof</code> <code>X509CRLEntry</code>, then
73 * its encoded form (the inner SEQUENCE) is retrieved and compared
74 * with the encoded form of this CRL entry.
75 *
76 * @param other the object to test for equality with this CRL entry.
77 * @return true iff the encoded forms of the two CRL entries
78 * match, false otherwise.
79 */
80 public boolean equals(Object other) {
81 if (this == other)
82 return true;
83 if (!(other instanceof X509CRLEntry))
84 return false;
85 try {
86 byte[] thisCRLEntry = this.getEncoded();
87 byte[] otherCRLEntry = ((X509CRLEntry)other).getEncoded();
88
89 if (thisCRLEntry.length != otherCRLEntry.length)
90 return false;
91 for (int i = 0; i < thisCRLEntry.length; i++)
92 if (thisCRLEntry[i] != otherCRLEntry[i])
93 return false;
94 } catch (CRLException ce) {
95 return false;
96 }
97 return true;
98 }
99
100 /**
101 * Returns a hashcode value for this CRL entry from its
102 * encoded form.
103 *
104 * @return the hashcode value.
105 */
106 public int hashCode() {
107 int retval = 0;
108 try {
109 byte[] entryData = this.getEncoded();
110 for (int i = 1; i < entryData.length; i++)
111 retval += entryData[i] * i;
112
113 } catch (CRLException ce) {
114 return(retval);
115 }
116 return(retval);
117 }
118
119 /**
120 * Returns the ASN.1 DER-encoded form of this CRL Entry,
121 * that is the inner SEQUENCE.
122 *
123 * @return the encoded form of this certificate
124 * @exception CRLException if an encoding error occurs.
125 */
126 public abstract byte[] getEncoded() throws CRLException;
127
128 /**
129 * Gets the serial number from this X509CRLEntry,
130 * the <em>userCertificate</em>.
131 *
132 * @return the serial number.
133 */
134 public abstract BigInteger getSerialNumber();
135
136 /**
137 * Get the issuer of the X509Certificate described by this entry. If
138 * the certificate issuer is also the CRL issuer, this method returns
139 * null.
140 *
141 * <p>This method is used with indirect CRLs. The default implementation
142 * always returns null. Subclasses that wish to support indirect CRLs
143 * should override it.
144 *
145 * @return the issuer of the X509Certificate described by this entry
146 * or null if it is issued by the CRL issuer.
147 *
148 * @since 1.5
149 */
150 public X500Principal getCertificateIssuer() {
151 return null;
152 }
153
154 /**
155 * Gets the revocation date from this X509CRLEntry,
156 * the <em>revocationDate</em>.
157 *
158 * @return the revocation date.
159 */
160 public abstract Date getRevocationDate();
161
162 /**
163 * Returns true if this CRL entry has extensions.
164 *
165 * @return true if this entry has extensions, false otherwise.
166 */
167 public abstract boolean hasExtensions();
168
169 /**
170 * Returns a string representation of this CRL entry.
171 *
172 * @return a string representation of this CRL entry.
173 */
174 public abstract String toString();
175
176 /**
177 * Returns the reason the certificate has been revoked, as specified
178 * in the Reason Code extension of this CRL entry.
179 *
180 * @return the reason the certificate has been revoked, or
181 * <code>null</code> if this CRL entry does not have
182 * a Reason Code extension
183 * @since 1.7
184 */
185 public CRLReason getRevocationReason() {
186 if (!hasExtensions()) {
187 return null;
188 }
189 return X509CRLEntryImpl.getRevocationReason(this);
190 }
191 }