1 /* 2 * Copyright (c) 1996, 2017, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 package java.security; 27 28 import java.io.*; 29 30 /** 31 * This class is used to represent an Identity that can also digitally 32 * sign data. 33 * 34 * <p>The management of a signer's private keys is an important and 35 * sensitive issue that should be handled by subclasses as appropriate 36 * to their intended use. 37 * 38 * @see Identity 39 * 40 * @author Benjamin Renaud 41 * @since 1.1 42 * 43 * @deprecated This class is deprecated and subject to removal in a future 44 * version of Java SE. It has been replaced by 45 * {@code java.security.KeyStore}, the {@code java.security.cert} package, 46 * and {@code java.security.Principal}. 47 */ 48 @Deprecated(since="1.2", forRemoval=true) 49 @SuppressWarnings("removal") 50 public abstract class Signer extends Identity { 51 52 private static final long serialVersionUID = -1763464102261361480L; 53 54 /** 55 * The signer's private key. 56 * 57 * @serial 58 */ 59 private PrivateKey privateKey; 60 61 /** 62 * Creates a signer. This constructor should only be used for 63 * serialization. 64 */ Signer()65 protected Signer() { 66 super(); 67 } 68 69 70 /** 71 * Creates a signer with the specified identity name. 72 * 73 * @param name the identity name. 74 */ Signer(String name)75 public Signer(String name) { 76 super(name); 77 } 78 79 /** 80 * Creates a signer with the specified identity name and scope. 81 * 82 * @param name the identity name. 83 * 84 * @param scope the scope of the identity. 85 * 86 * @exception KeyManagementException if there is already an identity 87 * with the same name in the scope. 88 */ Signer(String name, IdentityScope scope)89 public Signer(String name, IdentityScope scope) 90 throws KeyManagementException { 91 super(name, scope); 92 } 93 94 /** 95 * Returns this signer's private key. 96 * 97 * <p>First, if there is a security manager, its {@code checkSecurityAccess} 98 * method is called with {@code "getSignerPrivateKey"} 99 * as its argument to see if it's ok to return the private key. 100 * 101 * @return this signer's private key, or null if the private key has 102 * not yet been set. 103 * 104 * @exception SecurityException if a security manager exists and its 105 * {@code checkSecurityAccess} method doesn't allow 106 * returning the private key. 107 * 108 * @see SecurityManager#checkSecurityAccess 109 */ getPrivateKey()110 public PrivateKey getPrivateKey() { 111 check("getSignerPrivateKey"); 112 return privateKey; 113 } 114 115 /** 116 * Sets the key pair (public key and private key) for this signer. 117 * 118 * <p>First, if there is a security manager, its {@code checkSecurityAccess} 119 * method is called with {@code "setSignerKeyPair"} 120 * as its argument to see if it's ok to set the key pair. 121 * 122 * @param pair an initialized key pair. 123 * 124 * @exception InvalidParameterException if the key pair is not 125 * properly initialized. 126 * @exception KeyException if the key pair cannot be set for any 127 * other reason. 128 * @exception SecurityException if a security manager exists and its 129 * {@code checkSecurityAccess} method doesn't allow 130 * setting the key pair. 131 * 132 * @see SecurityManager#checkSecurityAccess 133 */ setKeyPair(KeyPair pair)134 public final void setKeyPair(KeyPair pair) 135 throws InvalidParameterException, KeyException { 136 check("setSignerKeyPair"); 137 final PublicKey pub = pair.getPublic(); 138 PrivateKey priv = pair.getPrivate(); 139 140 if (pub == null || priv == null) { 141 throw new InvalidParameterException(); 142 } 143 try { 144 AccessController.doPrivileged( 145 new PrivilegedExceptionAction<Void>() { 146 public Void run() throws KeyManagementException { 147 setPublicKey(pub); 148 return null; 149 } 150 }); 151 } catch (PrivilegedActionException pae) { 152 throw (KeyManagementException) pae.getException(); 153 } 154 privateKey = priv; 155 } 156 printKeys()157 String printKeys() { 158 String keys = ""; 159 PublicKey publicKey = getPublicKey(); 160 if (publicKey != null && privateKey != null) { 161 keys = "\tpublic and private keys initialized"; 162 163 } else { 164 keys = "\tno keys"; 165 } 166 return keys; 167 } 168 169 /** 170 * Returns a string of information about the signer. 171 * 172 * @return a string of information about the signer. 173 */ toString()174 public String toString() { 175 return "[Signer]" + super.toString(); 176 } 177 check(String directive)178 private static void check(String directive) { 179 SecurityManager security = System.getSecurityManager(); 180 if (security != null) { 181 security.checkSecurityAccess(directive); 182 } 183 } 184 185 } 186