1 /*
2 * Copyright (c) 1996, 2017, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26 package java.security;
27
28 import java.io.*;
29 import java.util.Date;
30
31 /**
32 * <p>This is an interface of abstract methods for managing a
33 * variety of identity certificates.
34 * An identity certificate is a guarantee by a principal that
35 * a public key is that of another principal. (A principal represents
36 * an entity such as an individual user, a group, or a corporation.)
37 *
38 * <p>In particular, this interface is intended to be a common
39 * abstraction for constructs that have different formats but
40 * important common uses. For example, different types of
41 * certificates, such as X.509 certificates and PGP certificates,
42 * share general certificate functionality (the need to encode and
43 * decode certificates) and some types of information, such as a
44 * public key, the principal whose key it is, and the guarantor
45 * guaranteeing that the public key is that of the specified
46 * principal. So an implementation of X.509 certificates and an
47 * implementation of PGP certificates can both utilize the Certificate
48 * interface, even though their formats and additional types and
49 * amounts of information stored are different.
50 *
51 * <p><b>Important</b>: This interface is useful for cataloging and
52 * grouping objects sharing certain common uses. It does not have any
53 * semantics of its own. In particular, a Certificate object does not
54 * make any statement as to the <i>validity</i> of the binding. It is
55 * the duty of the application implementing this interface to verify
56 * the certificate and satisfy itself of its validity.
57 *
58 * @author Benjamin Renaud
59 * @since 1.1
60 * @deprecated A new certificate handling package is created in the Java platform.
61 * This Certificate interface is entirely deprecated and
62 * is here to allow for a smooth transition to the new
63 * package.
64 * @see java.security.cert.Certificate
65 */
66 @Deprecated(since="1.2")
67 public interface Certificate {
68
69 /**
70 * Returns the guarantor of the certificate, that is, the principal
71 * guaranteeing that the public key associated with this certificate
72 * is that of the principal associated with this certificate. For X.509
73 * certificates, the guarantor will typically be a Certificate Authority
74 * (such as the United States Postal Service or Verisign, Inc.).
75 *
76 * @return the guarantor which guaranteed the principal-key
77 * binding.
78 */
79 public abstract Principal getGuarantor();
80
81 /**
82 * Returns the principal of the principal-key pair being guaranteed by
83 * the guarantor.
84 *
85 * @return the principal to which this certificate is bound.
86 */
87 public abstract Principal getPrincipal();
88
89 /**
90 * Returns the key of the principal-key pair being guaranteed by
91 * the guarantor.
92 *
93 * @return the public key that this certificate certifies belongs
94 * to a particular principal.
95 */
96 public abstract PublicKey getPublicKey();
97
98 /**
99 * Encodes the certificate to an output stream in a format that can
100 * be decoded by the {@code decode} method.
101 *
102 * @param stream the output stream to which to encode the
103 * certificate.
104 *
105 * @exception KeyException if the certificate is not
106 * properly initialized, or data is missing, etc.
107 *
108 * @exception IOException if a stream exception occurs while
109 * trying to output the encoded certificate to the output stream.
110 *
111 * @see #decode
112 * @see #getFormat
113 */
114 public abstract void encode(OutputStream stream)
115 throws KeyException, IOException;
116
117 /**
118 * Decodes a certificate from an input stream. The format should be
119 * that returned by {@code getFormat} and produced by
120 * {@code encode}.
121 *
122 * @param stream the input stream from which to fetch the data
123 * being decoded.
124 *
125 * @exception KeyException if the certificate is not properly initialized,
126 * or data is missing, etc.
127 *
128 * @exception IOException if an exception occurs while trying to input
129 * the encoded certificate from the input stream.
130 *
131 * @see #encode
132 * @see #getFormat
133 */
134 public abstract void decode(InputStream stream)
135 throws KeyException, IOException;
136
137
138 /**
139 * Returns the name of the coding format. This is used as a hint to find
140 * an appropriate parser. It could be "X.509", "PGP", etc. This is
141 * the format produced and understood by the {@code encode}
142 * and {@code decode} methods.
143 *
144 * @return the name of the coding format.
145 */
146 public abstract String getFormat();
147
148 /**
149 * Returns a string that represents the contents of the certificate.
150 *
151 * @param detailed whether or not to give detailed information
152 * about the certificate
153 *
154 * @return a string representing the contents of the certificate
155 */
156 public String toString(boolean detailed);
157 }