1 /* 2 * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 package java.security.cert; 27 28 import java.math.BigInteger; 29 import java.util.Date; 30 import javax.security.auth.x500.X500Principal; 31 32 import sun.security.x509.X509CRLEntryImpl; 33 34 /** 35 * <p>Abstract class for a revoked certificate in a CRL (Certificate 36 * Revocation List). 37 * 38 * The ASN.1 definition for <em>revokedCertificates</em> is: 39 * <pre> 40 * revokedCertificates SEQUENCE OF SEQUENCE { 41 * userCertificate CertificateSerialNumber, 42 * revocationDate ChoiceOfTime, 43 * crlEntryExtensions Extensions OPTIONAL 44 * -- if present, must be v2 45 * } OPTIONAL 46 * 47 * CertificateSerialNumber ::= INTEGER 48 * 49 * Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension 50 * 51 * Extension ::= SEQUENCE { 52 * extnId OBJECT IDENTIFIER, 53 * critical BOOLEAN DEFAULT FALSE, 54 * extnValue OCTET STRING 55 * -- contains a DER encoding of a value 56 * -- of the type registered for use with 57 * -- the extnId object identifier value 58 * } 59 * </pre> 60 * 61 * @see X509CRL 62 * @see X509Extension 63 * 64 * @author Hemma Prafullchandra 65 * @since 1.2 66 */ 67 68 public abstract class X509CRLEntry implements X509Extension { 69 70 /** 71 * Compares this CRL entry for equality with the given 72 * object. If the {@code other} object is an 73 * {@code instanceof} {@code X509CRLEntry}, then 74 * its encoded form (the inner SEQUENCE) is retrieved and compared 75 * with the encoded form of this CRL entry. 76 * 77 * @param other the object to test for equality with this CRL entry. 78 * @return true iff the encoded forms of the two CRL entries 79 * match, false otherwise. 80 */ equals(Object other)81 public boolean equals(Object other) { 82 if (this == other) 83 return true; 84 if (!(other instanceof X509CRLEntry)) 85 return false; 86 try { 87 byte[] thisCRLEntry = this.getEncoded(); 88 byte[] otherCRLEntry = ((X509CRLEntry)other).getEncoded(); 89 90 if (thisCRLEntry.length != otherCRLEntry.length) 91 return false; 92 for (int i = 0; i < thisCRLEntry.length; i++) 93 if (thisCRLEntry[i] != otherCRLEntry[i]) 94 return false; 95 } catch (CRLException ce) { 96 return false; 97 } 98 return true; 99 } 100 101 /** 102 * Returns a hashcode value for this CRL entry from its 103 * encoded form. 104 * 105 * @return the hashcode value. 106 */ hashCode()107 public int hashCode() { 108 int retval = 0; 109 try { 110 byte[] entryData = this.getEncoded(); 111 for (int i = 1; i < entryData.length; i++) 112 retval += entryData[i] * i; 113 114 } catch (CRLException ce) { 115 return(retval); 116 } 117 return(retval); 118 } 119 120 /** 121 * Returns the ASN.1 DER-encoded form of this CRL Entry, 122 * that is the inner SEQUENCE. 123 * 124 * @return the encoded form of this certificate 125 * @exception CRLException if an encoding error occurs. 126 */ getEncoded()127 public abstract byte[] getEncoded() throws CRLException; 128 129 /** 130 * Gets the serial number from this X509CRLEntry, 131 * the <em>userCertificate</em>. 132 * 133 * @return the serial number. 134 */ getSerialNumber()135 public abstract BigInteger getSerialNumber(); 136 137 /** 138 * Get the issuer of the X509Certificate described by this entry. If 139 * the certificate issuer is also the CRL issuer, this method returns 140 * null. 141 * 142 * <p>This method is used with indirect CRLs. The default implementation 143 * always returns null. Subclasses that wish to support indirect CRLs 144 * should override it. 145 * 146 * @return the issuer of the X509Certificate described by this entry 147 * or null if it is issued by the CRL issuer. 148 * 149 * @since 1.5 150 */ getCertificateIssuer()151 public X500Principal getCertificateIssuer() { 152 return null; 153 } 154 155 /** 156 * Gets the revocation date from this X509CRLEntry, 157 * the <em>revocationDate</em>. 158 * 159 * @return the revocation date. 160 */ getRevocationDate()161 public abstract Date getRevocationDate(); 162 163 /** 164 * Returns true if this CRL entry has extensions. 165 * 166 * @return true if this entry has extensions, false otherwise. 167 */ hasExtensions()168 public abstract boolean hasExtensions(); 169 170 /** 171 * Returns a string representation of this CRL entry. 172 * 173 * @return a string representation of this CRL entry. 174 */ toString()175 public abstract String toString(); 176 177 /** 178 * Returns the reason the certificate has been revoked, as specified 179 * in the Reason Code extension of this CRL entry. 180 * 181 * @return the reason the certificate has been revoked, or 182 * {@code null} if this CRL entry does not have 183 * a Reason Code extension 184 * @since 1.7 185 */ getRevocationReason()186 public CRLReason getRevocationReason() { 187 if (!hasExtensions()) { 188 return null; 189 } 190 return X509CRLEntryImpl.getRevocationReason(this); 191 } 192 } 193