1 package jsdsi;
2
3 import java.util.Iterator;
4
5 import jsdsi.sexp.SexpList;
6 import jsdsi.sexp.SexpParseException;
7 import jsdsi.sexp.SexpUtil;
8
9 /***
10 * A single SPKI/SDSI certificate.
11 *
12 * @see AuthCert
13 * @see NameCert
14 *
15 * @author Sameer Ajmani
16 * @author Sean Radford
17 * @version $Revision: 1.5.2.1 $ $Date: 2005/11/08 03:12:52 $
18 */
19 public abstract class Cert extends Obj implements Element {
20
21 private static final long serialVersionUID = 2128550525621089508L;
22
23 /***
24 * Issuer of this certificate.
25 */
26 private transient final Principal issuer;
27
28 /***
29 * Subject of this certificate.
30 */
31 private transient final Subject subject;
32
33 /***
34 * Validity of this certificate.
35 */
36 private transient final Validity validity;
37
38 /***
39 * A presentation hint for this certificate.
40 */
41 private transient final String display;
42
43 /***
44 * Comment of this certificate.
45 */
46 private transient final String comment;
47
48 /***
49 * Creates a new <code>Cert</code> using a given issuer, subject, validity,
50 * display string, and comment.
51 *
52 * @param i issuer of this <code>Cert</code>.
53 * @param s subject of this <code>Cert</code>.
54 * @param v validity of this <code>Cert</code>.
55 * @param d display-string of this <code>Cert</code>.
56 * @param c comment of this <code>Cert</code>.
57 */
58 public Cert(Principal i, Subject s, Validity v, String d, String c) {
59 assert(i != null) : "null issuer";
60 assert(s != null) : "null subject";
61 issuer = i;
62 subject = s;
63 validity = v; // may be null
64 display = d; // may be null
65 comment = c; // may be null
66 }
67
68 /***
69 * @return the issuer of this <code>Cert</code>.
70 */
71 public Principal getIssuer() {
72 return issuer;
73 }
74
75 /***
76 * @return the subject of this <code>Cert</code>.
77 */
78 public Subject getSubject() {
79 return subject;
80 }
81
82 /***
83 * @return the validity of this <code>Cert</code>.
84 */
85 public Validity getValidity() {
86 return validity;
87 }
88
89 /***
90 * @return the comment of this <code>Cert</code>.
91 */
92 public String getComment() {
93 return comment;
94 }
95
96 /***
97 * @return the display string of this <code>Cert</code>.
98 */
99 public String getDisplay() {
100 return display;
101 }
102
103 /***
104 * @see java.lang.Object#equals(Object)
105 */
106 public boolean equals(Object o) {
107 if (o instanceof Cert) {
108 Cert c = (Cert) o;
109 return issuer.equals(c.issuer)
110 && subject.equals(c.subject)
111 && Util.equals(validity, c.validity)
112 && Util.equals(display, c.display)
113 && Util.equals(comment, c.comment);
114 }
115 return false;
116 }
117
118 /***
119 * @return true iff this is at least as strong as c
120 */
121 public boolean implies(Cert c) {
122 return issuer.equals(c.issuer)
123 && subject.equals(c.subject)
124 && Validity.implies(validity, c.validity)
125 && Util.equals(display, c.display);
126 // ignore comment
127 }
128
129 /***
130 * @see java.lang.Object#hashCode()
131 */
132 public int hashCode() {
133 return issuer.hashCode()
134 ^ subject.hashCode()
135 ^ Util.hashCode(validity)
136 ^ Util.hashCode(display)
137 ^ Util.hashCode(comment);
138 }
139
140 /***
141 * Parses an <code>SexpList</code> that holds a <code>Cert</code>
142 * and return a new <code>Cert</code>.
143 *
144 * @param l the <code>SexpList</code> that holds a <code>Cert</code>.
145 * @return a new <code>Cert</code> stored in <code>l</code>.
146 * @throws SexpParseException
147 */
148 static Cert parseCert(SexpList l) throws SexpParseException {
149 Iterator cbody = SexpUtil.getBody(l);
150
151 SexpList displayOrIssuer =
152 SexpUtil.getNextList(cbody, "cert display or issuer");
153 String type = displayOrIssuer.getType();
154 String display = null;
155 Iterator ibody = null;
156 if (type.equals("display")) {
157 Iterator displaybody = SexpUtil.getBody(displayOrIssuer);
158 display = SexpUtil.getNextString(displaybody, "display body");
159 ibody = SexpUtil.getBody(SexpUtil.getNextList(cbody,
160 "issuer",
161 "cert issuer"));
162 } else {
163 ibody = SexpUtil.getBody(displayOrIssuer);
164 }
165
166 SexpList nameOrPrincipal = SexpUtil.getNextList(ibody, "issuer body");
167 SexpUtil.checkDone(ibody, "issuer");
168 type = nameOrPrincipal.getType();
169 Principal issuer = null;
170 String name = null;
171 if (type.equals("name")) {
172 Iterator nbody = SexpUtil.getBody(nameOrPrincipal);
173 issuer = Principal.parsePrincipal(
174 SexpUtil.getNextList(nbody, "name issuer"));
175 name = SexpUtil.getNextString(nbody, "name string");
176 SexpUtil.checkDone(nbody, "issuer-name");
177 } else {
178 // FIXME: defaulting to principal is confusing
179 issuer = Principal.parsePrincipal(nameOrPrincipal);
180 }
181
182 // (subject <subj-obj>)
183 Iterator sbody = SexpUtil.getBody(
184 SexpUtil.getNextList(cbody, "subject", "cert subject"));
185 Subject subject = Subject.Default.parseSubject(
186 SexpUtil.getNextList(sbody, "subject body"),
187 issuer);
188 SexpUtil.checkDone(sbody, "subject");
189
190 Tag tag = null;
191 boolean propagate = false;
192 if (name == null) {
193 // <deleg>? <tag>
194 SexpList propOrTag =
195 SexpUtil.getNextList(cbody, "cert propagate or tag");
196 type = propOrTag.getType();
197 if (type.equals("propagate")) {
198 propagate = true;
199 SexpUtil.check(propOrTag.size() == 1,
200 "extra fields in propagate");
201 propOrTag = SexpUtil.getNextList(cbody, "tag", "cert tag");
202 }
203 tag = Tag.parseTag(propOrTag);
204 }
205 // <valid>? <comment>?
206 Validity validity = null;
207 String comment = null;
208 if (cbody.hasNext()) {
209 SexpList validOrComment =
210 SexpUtil.getNextList(cbody, "cert valid or comment");
211 type = validOrComment.getType();
212 if (type.equals("valid")) {
213 validity = Validity.parseValidity(validOrComment);
214 if (cbody.hasNext()) {
215 validOrComment =
216 SexpUtil.getNextList(cbody, "comment", "cert comment");
217 type = "comment"; // FIXME: ugly!
218 }
219 }
220 if (type.equals("comment")) {
221 Iterator combody = SexpUtil.getBody(validOrComment);
222 comment = SexpUtil.getNextString(combody, "comment body");
223 SexpUtil.checkDone(combody, "comment");
224 }
225 }
226 SexpUtil.checkDone(cbody, "cert");
227 SexpUtil.check((name == null) != (tag == null), // sanity check
228 "internal error: either name or tag must not be null");
229 if (name == null) {
230 return new AuthCert(issuer,
231 subject,
232 validity,
233 display,
234 comment,
235 tag,
236 propagate);
237 } else {
238 return new NameCert(issuer,
239 subject,
240 validity,
241 display,
242 comment,
243 name);
244 }
245 }
246 }
This page was automatically generated by Maven