Menu
▾
▴
[Cryptix-commits] projects/openpgp/src/cryptix/pki ExtendedCertificate.java
|
From: <ed...@mx...> - 2003-02-03 14:56:01
|
edwin 03/02/03 10:04:00
Modified: openpgp CHANGELOG.TXT
openpgp/src/cryptix/openpgp PGPCertificate.java
openpgp/src/cryptix/openpgp/provider PGPCertificateImpl.java
PGPKeyBundleImpl.java
Added: openpgp/src/cryptix/pki ExtendedCertificate.java
Log:
- API change: added cryptix.pki.ExtendedCertificate, which adds a few
common methods for certificates. New additions are: the ability to
check if a certificate is self signed and the ability to verify the
cert with a keybundle.
Revision Changes Path
1.14 +6 -0 projects/openpgp/CHANGELOG.TXT
Index: CHANGELOG.TXT
===================================================================
RCS file: /home/cryptix-cvs/cvsroot/projects/openpgp/CHANGELOG.TXT,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -r1.13 -r1.14
--- CHANGELOG.TXT 31 Jan 2003 00:56:28 -0000 1.13
+++ CHANGELOG.TXT 3 Feb 2003 15:04:00 -0000 1.14
@@ -1,3 +1,9 @@
+???????? snapshot
+- API change: added cryptix.pki.ExtendedCertificate, which adds a few common
+ methods for certificates. New additions are: the ability to check if a
+ certificate is self signed and the ability to verify the cert with a
+ keybundle.
+
20030131 snapshot
- Added support for encryption with keys without subkeys (like legacy RSA keys).
- Fixed a bug with a PGPDataFormatException("Read tried past end of packet")
1.2 +4 -33 projects/openpgp/src/cryptix/openpgp/PGPCertificate.java
Index: PGPCertificate.java
===================================================================
RCS file: /home/cryptix-cvs/cvsroot/projects/openpgp/src/cryptix/openpgp/PGPCertificate.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- PGPCertificate.java 4 Aug 2001 04:18:23 -0000 1.1
+++ PGPCertificate.java 3 Feb 2003 15:04:00 -0000 1.2
@@ -1,6 +1,6 @@
-/* $Id: PGPCertificate.java,v 1.1 2001/08/04 04:18:23 edwin Exp $
+/* $Id: PGPCertificate.java,v 1.2 2003/02/03 15:04:00 edwin Exp $
*
- * Copyright (C) 1999-2001 The Cryptix Foundation Limited.
+ * Copyright (C) 1999-2003 The Cryptix Foundation Limited.
* All rights reserved.
*
* Use, modification, copying and distribution of this software is subject
@@ -12,11 +12,9 @@
package cryptix.openpgp;
+import cryptix.pki.ExtendedCertificate;
import cryptix.pki.KeyID;
-import java.security.cert.Certificate;
-import java.security.cert.CertificateExpiredException;
-import java.security.cert.CertificateNotYetValidException;
import java.security.cert.CertificateParsingException;
import java.util.Date;
@@ -28,9 +26,9 @@
*
* @author Edwin Woudt <ed...@cr...>
* @author Ingo Luetkebohle
- * @version $Revision: 1.1 $
+ * @version $Revision: 1.2 $
*/
-public abstract class PGPCertificate extends Certificate {
+public abstract class PGPCertificate extends ExtendedCertificate {
// Constructor
@@ -49,33 +47,6 @@
// Added abstract methods
// ..........................................................................
-
- /**
- * Returns the userID for which this certificate was issued.
- */
- public abstract PGPPrincipal getSubject();
-
-
- /**
- * Checks if this certificate is currently valid.
- *
- * <p>A certificate is valid if date is on or after the creation date and
- * before the expiration date (when available).</p>
- */
- public abstract void checkValidity()
- throws CertificateExpiredException, CertificateNotYetValidException,
- CertificateParsingException;
-
-
- /**
- * Checks if this certificate is valid on a given date.
- *
- * <p>A certificate is valid if date is on or after the creation date and
- * before the expiration date (when available).</p>
- */
- public abstract void checkValidity(Date date)
- throws CertificateExpiredException, CertificateNotYetValidException,
- CertificateParsingException;
/**
* Returns the creation date and time.
1.2 +56 -3 projects/openpgp/src/cryptix/openpgp/provider/PGPCertificateImpl.java
Index: PGPCertificateImpl.java
===================================================================
RCS file: /home/cryptix-cvs/cvsroot/projects/openpgp/src/cryptix/openpgp/provider/PGPCertificateImpl.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- PGPCertificateImpl.java 7 Aug 2001 05:14:59 -0000 1.1
+++ PGPCertificateImpl.java 3 Feb 2003 15:04:00 -0000 1.2
@@ -1,4 +1,4 @@
-/* $Id: PGPCertificateImpl.java,v 1.1 2001/08/07 05:14:59 edwin Exp $
+/* $Id: PGPCertificateImpl.java,v 1.2 2003/02/03 15:04:00 edwin Exp $
*
* Copyright (C) 1999-2001 The Cryptix Foundation Limited.
* All rights reserved.
@@ -37,7 +37,9 @@
import cryptix.openpgp.signature.PGPStringSP;
import cryptix.openpgp.signature.PGPTrustSP;
+import cryptix.pki.KeyBundle;
import cryptix.pki.KeyID;
+import cryptix.pki.KeyIDFactory;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
@@ -47,6 +49,7 @@
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
+import java.security.Principal;
import java.security.PublicKey;
import java.security.SignatureException;
@@ -65,7 +68,7 @@
* An OpenPGP Certificate.
*
* @author Edwin Woudt <ed...@cr...>
- * @version $Revision: 1.1 $
+ * @version $Revision: 1.2 $
*/
public class PGPCertificateImpl extends PGPCertificate {
@@ -119,6 +122,9 @@
private boolean hasCachedIssuerUserID;
private PGPPrincipal cachedIssuerUserID;
+ private boolean hasCachedPublicKeyID;
+ private KeyID cachedPublicKeyID;
+
// Constructor
// ..........................................................................
@@ -137,7 +143,8 @@
-// Methods from java.security.cert.ertificate
+// Methods from java.security.cert.Certificate
+// and cryptix.pki.ExtendedCertificate
// ..........................................................................
/**
@@ -305,6 +312,29 @@
}
+ /**
+ * Verifies that this certificate was signed using the specified keybundle.
+ */
+ public void verify(KeyBundle bundle)
+ throws CertificateException, NoSuchAlgorithmException,
+ InvalidKeyException, NoSuchProviderException, SignatureException
+ {
+ verify((PublicKey)bundle.getPublicKeys().next());
+ }
+
+
+ /**
+ * Returns whether the certificate is self signed
+ */
+ public boolean isSelfSigned()
+ throws CertificateException
+ {
+ if (getIssuerKeyID().match(getPublicKeyID()))
+ return true;
+ return false;
+ }
+
+
// Methods from cryptix.openpgp.PGPCertificate
// ..........................................................................
@@ -313,7 +343,7 @@
/**
* Returns the userID for which this certificate was issued.
*/
- public PGPPrincipal getSubject() {
+ public Principal getSubject() {
return subject;
}
@@ -740,6 +770,29 @@
}
+ /**
+ * Returns the keyID of the public key from this certificate.
+ */
+ public KeyID getPublicKeyID()
+ throws CertificateParsingException
+ {
+ try {
+
+ if (hasCachedPublicKeyID) return cachedPublicKeyID;
+
+ KeyIDFactory kf = KeyIDFactory.getInstance("OpenPGP");
+ cachedPublicKeyID = kf.generateKeyID(key);
+
+ hasCachedPublicKeyID = true;
+ return cachedPublicKeyID;
+
+ } catch (InvalidKeyException ike) {
+ throw new CertificateParsingException(""+ike);
+ } catch (NoSuchAlgorithmException nsae) {
+ throw new CertificateParsingException(""+nsae);
+ }
+ }
+
/** Helper method to cache the notation data */
private void cacheNotationData() {
cachedMachineReadableNotationData = new Properties();
1.2 +2 -2 projects/openpgp/src/cryptix/openpgp/provider/PGPKeyBundleImpl.java
Index: PGPKeyBundleImpl.java
===================================================================
RCS file: /home/cryptix-cvs/cvsroot/projects/openpgp/src/cryptix/openpgp/provider/PGPKeyBundleImpl.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- PGPKeyBundleImpl.java 7 Aug 2001 05:15:35 -0000 1.1
+++ PGPKeyBundleImpl.java 3 Feb 2003 15:04:00 -0000 1.2
@@ -1,4 +1,4 @@
-/* $Id: PGPKeyBundleImpl.java,v 1.1 2001/08/07 05:15:35 edwin Exp $
+/* $Id: PGPKeyBundleImpl.java,v 1.2 2003/02/03 15:04:00 edwin Exp $
*
* Copyright (C) 1999-2001 The Cryptix Foundation Limited.
* All rights reserved.
@@ -67,7 +67,7 @@
*
* @author Edwin Woudt <ed...@cr...>
* @author Ingo Luetkebohle
- * @version $Revision: 1.1 $
+ * @version $Revision: 1.2 $
*/
public class PGPKeyBundleImpl extends PGPKeyBundle {
@@ -406,7 +406,7 @@
return false;
}
- PGPPrincipal subject = ((PGPCertificate)cert).getSubject();
+ Principal subject = ((PGPCertificate)cert).getSubject();
Vector mapping = (Vector)principalsToCertificates.get(subject);
mapping.remove(cert);
certificates.remove(cert);
1.1 projects/openpgp/src/cryptix/pki/ExtendedCertificate.java
Index: ExtendedCertificate.java
===================================================================
/* $Id: ExtendedCertificate.java,v 1.1 2003/02/03 15:04:00 edwin Exp $
*
* Copyright (C) 1999-2003 The Cryptix Foundation Limited.
* All rights reserved.
*
* Use, modification, copying and distribution of this software is subject
* the terms and conditions of the Cryptix General Licence. You should have
* received a copy of the Cryptix General License along with this library;
* if not, you can download a copy from http://www.cryptix.org/ .
*/
package cryptix.pki;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Principal;
import java.security.SignatureException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.CertificateParsingException;
import java.util.Date;
/**
* Extensions for java.security.cert.Certificate, which are common to all
* certificates.
*/
public abstract class ExtendedCertificate extends Certificate
{
// Constructor
// ..........................................................................
/**
* Create a new Certificate object with the given type.
*/
protected ExtendedCertificate(String type)
{
super(type);
}
// Added abstract methods
// ..........................................................................
/**
* Returns the userID for which this certificate was issued.
*/
public abstract Principal getSubject();
/**
* Checks if this certificate is currently valid.
*
* <p>A certificate is valid if date is on or after the creation date and
* before the expiration date (when available).</p>
*/
public abstract void checkValidity()
throws CertificateExpiredException, CertificateNotYetValidException,
CertificateParsingException;
/**
* Checks if this certificate is valid on a given date.
*
* <p>A certificate is valid if date is on or after the creation date and
* before the expiration date (when available).</p>
*/
public abstract void checkValidity(Date date)
throws CertificateExpiredException, CertificateNotYetValidException,
CertificateParsingException;
/**
* Returns whether the certificate is self signed
*/
public abstract boolean isSelfSigned()
throws CertificateException;
/**
* Verifies that this certificate was signed using the specified keybundle.
*/
public abstract void verify(KeyBundle bundle)
throws CertificateException, NoSuchAlgorithmException,
InvalidKeyException, NoSuchProviderException, SignatureException;
}
|
