1 /* 2 * Copyright (c) 1996, 2017, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 package java.security; 27 28 import java.io.*; 29 30 /** 31 * This class is used to represent an Identity that can also digitally 32 * sign data. 33 * 34 * <p>The management of a signer's private keys is an important and 35 * sensitive issue that should be handled by subclasses as appropriate 36 * to their intended use. 37 * 38 * @see Identity 39 * 40 * @author Benjamin Renaud 41 * @since 1.1 42 * 43 * @deprecated This class is no longer used. Its functionality has been 44 * replaced by {@code java.security.KeyStore}, the 45 * {@code java.security.cert} package, and 46 * {@code java.security.Principal}. 47 */ 48 @Deprecated(since="1.2") 49 public abstract class Signer extends Identity { 50 51 private static final long serialVersionUID = -1763464102261361480L; 52 53 /** 54 * The signer's private key. 55 * 56 * @serial 57 */ 58 private PrivateKey privateKey; 59 60 /** 61 * Creates a signer. This constructor should only be used for 62 * serialization. 63 */ 64 protected Signer() { 65 super(); 66 } 67 68 69 /** 70 * Creates a signer with the specified identity name. 71 * 72 * @param name the identity name. 73 */ 74 public Signer(String name) { 75 super(name); 76 } 77 78 /** 79 * Creates a signer with the specified identity name and scope. 80 * 81 * @param name the identity name. 82 * 83 * @param scope the scope of the identity. 84 * 85 * @exception KeyManagementException if there is already an identity 86 * with the same name in the scope. 87 */ 88 public Signer(String name, IdentityScope scope) 89 throws KeyManagementException { 90 super(name, scope); 91 } 92 93 /** 94 * Returns this signer's private key. 95 * 96 * <p>First, if there is a security manager, its {@code checkSecurityAccess} 97 * method is called with {@code "getSignerPrivateKey"} 98 * as its argument to see if it's ok to return the private key. 99 * 100 * @return this signer's private key, or null if the private key has 101 * not yet been set. 102 * 103 * @exception SecurityException if a security manager exists and its 104 * {@code checkSecurityAccess} method doesn't allow 105 * returning the private key. 106 * 107 * @see SecurityManager#checkSecurityAccess 108 */ 109 public PrivateKey getPrivateKey() { 110 check("getSignerPrivateKey"); 111 return privateKey; 112 } 113 114 /** 115 * Sets the key pair (public key and private key) for this signer. 116 * 117 * <p>First, if there is a security manager, its {@code checkSecurityAccess} 118 * method is called with {@code "setSignerKeyPair"} 119 * as its argument to see if it's ok to set the key pair. 120 * 121 * @param pair an initialized key pair. 122 * 123 * @exception InvalidParameterException if the key pair is not 124 * properly initialized. 125 * @exception KeyException if the key pair cannot be set for any 126 * other reason. 127 * @exception SecurityException if a security manager exists and its 128 * {@code checkSecurityAccess} method doesn't allow 129 * setting the key pair. 130 * 131 * @see SecurityManager#checkSecurityAccess 132 */ 133 public final void setKeyPair(KeyPair pair) 134 throws InvalidParameterException, KeyException { 135 check("setSignerKeyPair"); 136 final PublicKey pub = pair.getPublic(); 137 PrivateKey priv = pair.getPrivate(); 138 139 if (pub == null || priv == null) { 140 throw new InvalidParameterException(); 141 } 142 try { 143 AccessController.doPrivileged( 144 new PrivilegedExceptionAction<>() { 145 public Void run() throws KeyManagementException { 146 setPublicKey(pub); 147 return null; 148 } 149 }); 150 } catch (PrivilegedActionException pae) { 151 throw (KeyManagementException) pae.getException(); 152 } 153 privateKey = priv; 154 } 155 156 String printKeys() { 157 String keys = ""; 158 PublicKey publicKey = getPublicKey(); 159 if (publicKey != null && privateKey != null) { 160 keys = "\tpublic and private keys initialized"; 161 162 } else { 163 keys = "\tno keys"; 164 } 165 return keys; 166 } 167 168 /** 169 * Returns a string of information about the signer. 170 * 171 * @return a string of information about the signer. 172 */ 173 public String toString() { 174 return "[Signer]" + super.toString(); 175 } 176 177 private static void check(String directive) { 178 SecurityManager security = System.getSecurityManager(); 179 if (security != null) { 180 security.checkSecurityAccess(directive); 181 } 182 } 183 184 }