x500principal.java

Mobile 应用程序使用 Java Micro Edition (Java ME) 平台

/*
 * @(#)X500Principal.java	1.25 05/11/17
 *
 * Copyright 2006 Sun Microsystems, Inc. All rights reserved.
 * SUN PROPRIETARY/CONFIDENTIAL. Use is subject to license terms.
 */

package javax.security.auth.x500;

import java.io.*;
import java.security.Principal;
import java.util.Collections;
import java.util.Map;
import sun.security.x509.X500Name;
import sun.security.util.*;

/**
 * <p> This class represents an X.500 <code>Principal</code>.
 * <code>X500Principal</code>s are represented by distinguished names such as
 * "CN=Duke, OU=JavaSoft, O=Sun Microsystems, C=US".
 *
 * <p> This class can be instantiated by using a string representation
 * of the distinguished name, or by using the ASN.1 DER encoded byte
 * representation of the distinguished name.  The current specification
 * for the string representation of a distinguished name is defined in
 * <a href="http://www.ietf.org/rfc/rfc2253.txt">RFC 2253</a>.
 * This class, however, accepts string formats from both RFC 2253 and
 * <a href="http://www.ietf.org/rfc/rfc1779.txt">RFC 1779</a>,
 * and also recognizes attribute type keywords whose OIDs
 * (Object Identifiers) are defined in
 * <a href="http://www.ietf.org/rfc/rfc2459.txt">RFC 2459</a>.
 *
 * <p> The string representation for this <code>X500Principal</code>
 * can be obtained by calling the <code>getName</code> methods.
 *
 * <p> Note that the <code>getSubjectX500Principal</code> and
 * <code>getIssuerX500Principal</code> methods of
 * <code>X509Certificate</code> return X500Principals representing the
 * issuer and subject fields of the certificate.
 *
 * @version 1.25, 11/17/05
 * @see java.security.cert.X509Certificate
 * @since 1.4
 */
public final class X500Principal implements Principal, java.io.Serializable {

    private static final long serialVersionUID = -500463348111345721L;

    /**
     * RFC 1779 String format of Distinguished Names. 
     */
    public static final String RFC1779 = "RFC1779";
    /**
     * RFC 2253 String format of Distinguished Names. 
     */
    public static final String RFC2253 = "RFC2253";
    /**
     * Canonical String format of Distinguished Names.
     */
    public static final String CANONICAL = "CANONICAL";

    /**
     * The X500Name representing this principal.
     *
     * NOTE: this field is reflectively accessed from within X500Name.
     */
    private transient X500Name thisX500Name;

    /**
     * Creates an X500Principal by wrapping an X500Name.
     *
     * NOTE: The constructor is package private. It is intended to be accessed
     * using privileged reflection from classes in sun.security.*.
     * Currently referenced from sun.security.x509.X500Name.asX500Principal().
     */
    X500Principal(X500Name x500Name) {
        thisX500Name = x500Name;
    }

    /**
     * Creates an <code>X500Principal</code> from a string representation of
     * an X.500 distinguished name (ex: 
     * "CN=Duke, OU=JavaSoft, O=Sun Microsystems, C=US").
     * The distinguished name must be specified using the grammar defined in
     * RFC 1779 or RFC 2253 (either format is acceptable). 
     *
     * <p>This constructor recognizes the attribute type keywords
     * defined in RFC 1779 and RFC 2253
     * (and listed in {@link #getName(String format) getName(String format)}),
     * as well as the T, DNQ or DNQUALIFIER, SURNAME, GIVENNAME, INITIALS,
     * GENERATION, EMAILADDRESS, and SERIALNUMBER keywords whose OIDs are 
     * defined in RFC 2459 and its successor.
     * Any other attribute type must be specified as an OID.
     *
     * @param name an X.500 distinguished name in RFC 1779 or RFC 2253 format
     * @exception NullPointerException if the <code>name</code>
     *			is <code>null</code>
     * @exception IllegalArgumentException if the <code>name</code>
     *			is improperly specified
     */
    public X500Principal(String name) {
	this(name, (Map<String, String>) Collections.EMPTY_MAP);
    }

    /**
     * Creates an <code>X500Principal</code> from a string representation of
     * an X.500 distinguished name (ex:
     * "CN=Duke, OU=JavaSoft, O=Sun Microsystems, C=US").
     * The distinguished name must be specified using the grammar defined in
     * RFC 1779 or RFC 2253 (either format is acceptable).
     *
     * <p> This constructor recognizes the attribute type keywords specified
     * in {@link #X500Principal(String)} and also recognizes additional
     * keywords that have entries in the <code>keywordMap</code> parameter.
     * Keyword entries in the keywordMap take precedence over the default
     * keywords recognized by <code>X500Principal(String)</code>. Keywords
     * MUST be specified in all upper-case, otherwise they will be ignored.
     * Improperly specified keywords are ignored; however if a keyword in the
     * name maps to an improperly specified OID, an
     * <code>IllegalArgumentException</code> is thrown. It is permissible to
     * have 2 different keywords that map to the same OID.
     *
     * @param name an X.500 distinguished name in RFC 1779 or RFC 2253 format
     * @param keywordMap an attribute type keyword map, where each key is a
     *   keyword String that maps to a corresponding object identifier in String
     *   form (a sequence of nonnegative integers separated by periods). The map
     *   may be empty but never <code>null</code>.
     * @exception NullPointerException if <code>name</code> or
     *   <code>keywordMap</code> is <code>null</code>
     * @exception IllegalArgumentException if the <code>name</code> is
     *   improperly specified or a keyword in the <code>name</code> maps to an 
     *   OID that is not in the correct form
     * @since 1.6
     */
    public X500Principal(String name, Map<String, String> keywordMap) {
	if (name == null) {
	    throw new NullPointerException
		(sun.security.util.ResourcesMgr.getString
		("provided null name"));
	}
	if (keywordMap == null) {
	    throw new NullPointerException
		(sun.security.util.ResourcesMgr.getString
		("provided null keyword map"));
	}

	try {
	    thisX500Name = new X500Name(name, keywordMap);
	} catch (Exception e) {
	    IllegalArgumentException iae = new IllegalArgumentException
			("improperly specified input name: " + name);
	    iae.initCause(e);
	    throw iae;
	}
    }

    /**
     * Creates an <code>X500Principal</code> from a distinguished name in 
     * ASN.1 DER encoded form. The ASN.1 notation for this structure is as 
     * follows.
     * <pre><code>
     * Name ::= CHOICE {
     *   RDNSequence }
     *
     * RDNSequence ::= SEQUENCE OF RelativeDistinguishedName
     *
     * RelativeDistinguishedName ::=
     *   SET SIZE (1 .. MAX) OF AttributeTypeAndValue
     *
     * AttributeTypeAndValue ::= SEQUENCE {
     *   type     AttributeType,
     *   value    AttributeValue }
     *
     * AttributeType ::= OBJECT IDENTIFIER
     *
     * AttributeValue ::= ANY DEFINED BY AttributeType
     * ....
     * DirectoryString ::= CHOICE {
     *       teletexString           TeletexString (SIZE (1..MAX)),
     *       printableString         PrintableString (SIZE (1..MAX)),
     *       universalString         UniversalString (SIZE (1..MAX)),
     *       utf8String              UTF8String (SIZE (1.. MAX)),
     *       bmpString               BMPString (SIZE (1..MAX)) }
     * </code></pre>
     *
     * @param name a byte array containing the distinguished name in ASN.1 
     * DER encoded form
     * @throws IllegalArgumentException if an encoding error occurs
     *		(incorrect form for DN)
     */
    public X500Principal(byte[] name) {
	try {
	    thisX500Name = new X500Name(name);
	} catch (Exception e) {
	    IllegalArgumentException iae = new IllegalArgumentException
			("improperly specified input name");
	    iae.initCause(e);
	    throw iae;
	}
    }

    /**
     * Creates an <code>X500Principal</code> from an <code>InputStream</code>
     * containing the distinguished name in ASN.1 DER encoded form.
     * The ASN.1 notation for this structure is supplied in the
     * documentation for
     * {@link #X500Principal(byte[] name) X500Principal(byte[] name)}.
     *
     * <p> The read position of the input stream is positioned
     * to the next available byte after the encoded distinguished name.
     *
     * @param is an <code>InputStream</code> containing the distinguished
     *		name in ASN.1 DER encoded form
     *
     * @exception NullPointerException if the <code>InputStream</code>
     *		is <code>null</code>
     * @exception IllegalArgumentException if an encoding error occurs
     *		(incorrect form for DN)
     */
    public X500Principal(InputStream is) {
	if (is == null) {
	    throw new NullPointerException("provided null input stream");
	}

	try {
	    if (is.markSupported())
		is.mark(is.available() + 1);
	    DerValue der = new DerValue(is);
	    thisX500Name = new X500Name(der.data);
	} catch (Exception e) {
	    if (is.markSupported()) {
		try {
		    is.reset();
		} catch (IOException ioe) {
		    IllegalArgumentException iae = new IllegalArgumentException
			("improperly specified input stream " +
			("and unable to reset input stream"));
		    iae.initCause(e);
		    throw iae;
		}
	    }