1 /* 2 * Copyright (c) 1996, 2019, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 package java.security; 27 28 import java.io.*; 29 30 /** 31 * This class is used to represent an Identity that can also digitally 32 * sign data. 33 * 34 * <p>The management of a signer's private keys is an important and 35 * sensitive issue that should be handled by subclasses as appropriate 36 * to their intended use. 37 * 38 * @see Identity 39 * 40 * @author Benjamin Renaud 41 * @since 1.1 42 * 43 * @deprecated This class is deprecated and subject to removal in a future 44 * version of Java SE. It has been replaced by 45 * {@code java.security.KeyStore}, the {@code java.security.cert} package, 46 * and {@code java.security.Principal}. 47 */ 48 @Deprecated(since="1.2", forRemoval=true) 49 @SuppressWarnings("removal") 50 public abstract class Signer extends Identity { 51 52 @java.io.Serial 53 private static final long serialVersionUID = -1763464102261361480L; 54 55 /** 56 * The signer's private key. 57 * 58 * @serial 59 */ 60 private PrivateKey privateKey; 61 62 /** 63 * Creates a signer. This constructor should only be used for 64 * serialization. 65 */ 66 protected Signer() { 67 super(); 68 } 69 70 71 /** 72 * Creates a signer with the specified identity name. 73 * 74 * @param name the identity name. 75 */ 76 public Signer(String name) { 77 super(name); 78 } 79 80 /** 81 * Creates a signer with the specified identity name and scope. 82 * 83 * @param name the identity name. 84 * 85 * @param scope the scope of the identity. 86 * 87 * @throws KeyManagementException if there is already an identity 88 * with the same name in the scope. 89 */ 90 public Signer(String name, IdentityScope scope) 91 throws KeyManagementException { 92 super(name, scope); 93 } 94 95 /** 96 * Returns this signer's private key. 97 * 98 * <p>First, if there is a security manager, its {@code checkSecurityAccess} 99 * method is called with {@code "getSignerPrivateKey"} 100 * as its argument to see if it's ok to return the private key. 101 * 102 * @return this signer's private key, or null if the private key has 103 * not yet been set. 104 * 105 * @throws SecurityException if a security manager exists and its 106 * {@code checkSecurityAccess} method doesn't allow 107 * returning the private key. 108 * 109 * @see SecurityManager#checkSecurityAccess 110 */ 111 public PrivateKey getPrivateKey() { 112 check("getSignerPrivateKey"); 113 return privateKey; 114 } 115 116 /** 117 * Sets the key pair (public key and private key) for this signer. 118 * 119 * <p>First, if there is a security manager, its {@code checkSecurityAccess} 120 * method is called with {@code "setSignerKeyPair"} 121 * as its argument to see if it's ok to set the key pair. 122 * 123 * @param pair an initialized key pair. 124 * 125 * @throws InvalidParameterException if the key pair is not 126 * properly initialized. 127 * @throws KeyException if the key pair cannot be set for any 128 * other reason. 129 * @throws SecurityException if a security manager exists and its 130 * {@code checkSecurityAccess} method doesn't allow 131 * setting the key pair. 132 * 133 * @see SecurityManager#checkSecurityAccess 134 */ 135 public final void setKeyPair(KeyPair pair) 136 throws InvalidParameterException, KeyException { 137 check("setSignerKeyPair"); 138 final PublicKey pub = pair.getPublic(); 139 PrivateKey priv = pair.getPrivate(); 140 141 if (pub == null || priv == null) { 142 throw new InvalidParameterException(); 143 } 144 try { 145 AccessController.doPrivileged( 146 new PrivilegedExceptionAction<>() { 147 public Void run() throws KeyManagementException { 148 setPublicKey(pub); 149 return null; 150 } 151 }); 152 } catch (PrivilegedActionException pae) { 153 throw (KeyManagementException) pae.getException(); 154 } 155 privateKey = priv; 156 } 157 158 String printKeys() { 159 String keys = ""; 160 PublicKey publicKey = getPublicKey(); 161 if (publicKey != null && privateKey != null) { 162 keys = "\tpublic and private keys initialized"; 163 164 } else { 165 keys = "\tno keys"; 166 } 167 return keys; 168 } 169 170 /** 171 * Returns a string of information about the signer. 172 * 173 * @return a string of information about the signer. 174 */ 175 public String toString() { 176 return "[Signer]" + super.toString(); 177 } 178 179 private static void check(String directive) { 180 SecurityManager security = System.getSecurityManager(); 181 if (security != null) { 182 security.checkSecurityAccess(directive); 183 } 184 } 185 186 }