3050N/A * Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved. 0N/A * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 0N/A * This code is free software; you can redistribute it and/or modify it 0N/A * under the terms of the GNU General Public License version 2 only, as 2362N/A * published by the Free Software Foundation. Oracle designates this 0N/A * particular file as subject to the "Classpath" exception as provided 2362N/A * by Oracle in the LICENSE file that accompanied this code. 0N/A * This code is distributed in the hope that it will be useful, but WITHOUT 0N/A * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 0N/A * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 0N/A * version 2 for more details (a copy is included in the LICENSE file that 0N/A * accompanied this code). 0N/A * You should have received a copy of the GNU General Public License version 0N/A * 2 along with this work; if not, write to the Free Software Foundation, 0N/A * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 2362N/A * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 2362N/A * or visit www.oracle.com if you need additional information or have any 0N/A * <p> This class represents an X.500 <code>Principal</code>. 0N/A * <code>X500Principal</code>s are represented by distinguished names such as 0N/A * "CN=Duke, OU=JavaSoft, O=Sun Microsystems, C=US". 0N/A * <p> This class can be instantiated by using a string representation 0N/A * of the distinguished name, or by using the ASN.1 DER encoded byte 0N/A * representation of the distinguished name. The current specification 0N/A * for the string representation of a distinguished name is defined in 0N/A * Directory Access Protocol (v3): UTF-8 String Representation of 0N/A * Distinguished Names</a>. This class, however, accepts string formats from 0N/A * A String Representation of Distinguished Names</a>, and also recognizes 0N/A * attribute type keywords whose OIDs (Object Identifiers) are defined in 0N/A * Public Key Infrastructure Certificate and CRL Profile</a>. 0N/A * <p> The string representation for this <code>X500Principal</code> 0N/A * can be obtained by calling the <code>getName</code> methods. 0N/A * <p> Note that the <code>getSubjectX500Principal</code> and 0N/A * <code>getIssuerX500Principal</code> methods of 0N/A * <code>X509Certificate</code> return X500Principals representing the 0N/A * issuer and subject fields of the certificate. 0N/A * @see java.security.cert.X509Certificate 0N/A * RFC 1779 String format of Distinguished Names. 0N/A * RFC 2253 String format of Distinguished Names. 0N/A * Canonical String format of Distinguished Names. 0N/A * The X500Name representing this principal. 0N/A * NOTE: this field is reflectively accessed from within X500Name. 0N/A * Creates an X500Principal by wrapping an X500Name. 0N/A * NOTE: The constructor is package private. It is intended to be accessed 0N/A * using privileged reflection from classes in sun.security.*. 0N/A * Currently referenced from sun.security.x509.X500Name.asX500Principal(). 0N/A * Creates an <code>X500Principal</code> from a string representation of 0N/A * an X.500 distinguished name (ex: 0N/A * "CN=Duke, OU=JavaSoft, O=Sun Microsystems, C=US"). 0N/A * The distinguished name must be specified using the grammar defined in 0N/A * RFC 1779 or RFC 2253 (either format is acceptable). 0N/A * <p>This constructor recognizes the attribute type keywords 0N/A * defined in RFC 1779 and RFC 2253 0N/A * (and listed in {@link #getName(String format) getName(String format)}), 0N/A * as well as the T, DNQ or DNQUALIFIER, SURNAME, GIVENNAME, INITIALS, 0N/A * GENERATION, EMAILADDRESS, and SERIALNUMBER keywords whose OIDs are 0N/A * defined in RFC 3280 and its successor. 0N/A * Any other attribute type must be specified as an OID. 0N/A * @param name an X.500 distinguished name in RFC 1779 or RFC 2253 format 0N/A * @exception NullPointerException if the <code>name</code> 0N/A * is <code>null</code> 0N/A * @exception IllegalArgumentException if the <code>name</code> 0N/A * is improperly specified 0N/A * Creates an <code>X500Principal</code> from a string representation of 0N/A * an X.500 distinguished name (ex: 0N/A * "CN=Duke, OU=JavaSoft, O=Sun Microsystems, C=US"). 0N/A * The distinguished name must be specified using the grammar defined in 0N/A * RFC 1779 or RFC 2253 (either format is acceptable). 0N/A * <p> This constructor recognizes the attribute type keywords specified 0N/A * in {@link #X500Principal(String)} and also recognizes additional 0N/A * keywords that have entries in the <code>keywordMap</code> parameter. 0N/A * Keyword entries in the keywordMap take precedence over the default 0N/A * keywords recognized by <code>X500Principal(String)</code>. Keywords 0N/A * MUST be specified in all upper-case, otherwise they will be ignored. 0N/A * Improperly specified keywords are ignored; however if a keyword in the 0N/A * name maps to an improperly specified OID, an 0N/A * <code>IllegalArgumentException</code> is thrown. It is permissible to 0N/A * have 2 different keywords that map to the same OID. 0N/A * @param name an X.500 distinguished name in RFC 1779 or RFC 2253 format 0N/A * @param keywordMap an attribute type keyword map, where each key is a 0N/A * keyword String that maps to a corresponding object identifier in String 0N/A * form (a sequence of nonnegative integers separated by periods). The map 0N/A * may be empty but never <code>null</code>. 0N/A * @exception NullPointerException if <code>name</code> or 0N/A * <code>keywordMap</code> is <code>null</code> 0N/A * @exception IllegalArgumentException if the <code>name</code> is 0N/A * improperly specified or a keyword in the <code>name</code> maps to an 0N/A * OID that is not in the correct form 3050N/A (
"provided.null.keyword.map"));
0N/A (
"improperly specified input name: " +
name);
0N/A * Creates an <code>X500Principal</code> from a distinguished name in 0N/A * ASN.1 DER encoded form. The ASN.1 notation for this structure is as 0N/A * RDNSequence ::= SEQUENCE OF RelativeDistinguishedName 0N/A * RelativeDistinguishedName ::= 0N/A * SET SIZE (1 .. MAX) OF AttributeTypeAndValue 0N/A * AttributeTypeAndValue ::= SEQUENCE { 0N/A * type AttributeType, 0N/A * value AttributeValue } 0N/A * AttributeType ::= OBJECT IDENTIFIER 0N/A * AttributeValue ::= ANY DEFINED BY AttributeType 0N/A * DirectoryString ::= CHOICE { 0N/A * teletexString TeletexString (SIZE (1..MAX)), 0N/A * printableString PrintableString (SIZE (1..MAX)), 0N/A * universalString UniversalString (SIZE (1..MAX)), 0N/A * utf8String UTF8String (SIZE (1.. MAX)), 0N/A * bmpString BMPString (SIZE (1..MAX)) } 0N/A * @param name a byte array containing the distinguished name in ASN.1 0N/A * @throws IllegalArgumentException if an encoding error occurs 0N/A * (incorrect form for DN) 0N/A (
"improperly specified input name");
0N/A * Creates an <code>X500Principal</code> from an <code>InputStream</code> 0N/A * containing the distinguished name in ASN.1 DER encoded form. 0N/A * The ASN.1 notation for this structure is supplied in the 0N/A * {@link #X500Principal(byte[] name) X500Principal(byte[] name)}. 0N/A * <p> The read position of the input stream is positioned 0N/A * to the next available byte after the encoded distinguished name. 0N/A * @param is an <code>InputStream</code> containing the distinguished 0N/A * name in ASN.1 DER encoded form 0N/A * @exception NullPointerException if the <code>InputStream</code> 0N/A * is <code>null</code> 0N/A * @exception IllegalArgumentException if an encoding error occurs 0N/A * (incorrect form for DN) 0N/A (
"improperly specified input stream " +
0N/A (
"and unable to reset input stream"));
0N/A (
"improperly specified input stream");
0N/A * Returns a string representation of the X.500 distinguished name using 0N/A * the format defined in RFC 2253. 0N/A * <p>This method is equivalent to calling 0N/A * <code>getName(X500Principal.RFC2253)</code>. 0N/A * @return the distinguished name of this <code>X500Principal</code> 0N/A * Returns a string representation of the X.500 distinguished name 0N/A * using the specified format. Valid values for the format are 0N/A * "RFC1779", "RFC2253", and "CANONICAL" (case insensitive). 0N/A * <p> If "RFC1779" is specified as the format, 0N/A * this method emits the attribute type keywords defined in 0N/A * RFC 1779 (CN, L, ST, O, OU, C, STREET). 0N/A * Any other attribute type is emitted as an OID. 0N/A * <p> If "RFC2253" is specified as the format, 0N/A * this method emits the attribute type keywords defined in 0N/A * RFC 2253 (CN, L, ST, O, OU, C, STREET, DC, UID). 0N/A * Any other attribute type is emitted as an OID. 0N/A * Under a strict reading, RFC 2253 only specifies a UTF-8 string 0N/A * representation. The String returned by this method is the 0N/A * Unicode string achieved by decoding this UTF-8 representation. 0N/A * <p> If "CANONICAL" is specified as the format, 0N/A * this method returns an RFC 2253 conformant string representation 0N/A * with the following additional canonicalizations: 0N/A * <li> Leading zeros are removed from attribute types 0N/A * that are encoded as dotted decimal OIDs 0N/A * <li> DirectoryString attribute values of type 0N/A * PrintableString and UTF8String are not 0N/A * output in hexadecimal format 0N/A * <li> DirectoryString attribute values of types 0N/A * other than PrintableString and UTF8String 0N/A * are output in hexadecimal format 0N/A * <li> Leading and trailing white space characters 0N/A * are removed from non-hexadecimal attribute values 0N/A * (unless the value consists entirely of white space characters) 0N/A * <li> Internal substrings of one or more white space characters are 0N/A * converted to a single space in non-hexadecimal 0N/A * <li> Relative Distinguished Names containing more than one 0N/A * Attribute Value Assertion (AVA) are output in the 0N/A * following order: an alphabetical ordering of AVAs 0N/A * containing standard keywords, followed by a numeric 0N/A * ordering of AVAs containing OID keywords. 0N/A * <li> The only characters in attribute values that are escaped are 0N/A * those which section 2.4 of RFC 2253 states must be escaped 0N/A * (they are escaped using a preceding backslash character) 0N/A * <li> The entire name is converted to upper case 0N/A * using <code>String.toUpperCase(Locale.US)</code> 0N/A * <li> The entire name is converted to lower case 0N/A * using <code>String.toLowerCase(Locale.US)</code> 0N/A * <li> The name is finally normalized using normalization form KD, 0N/A * as described in the Unicode Standard and UAX #15 0N/A * <p> Additional standard formats may be introduced in the future. 0N/A * @param format the format to use 0N/A * @return a string representation of this <code>X500Principal</code> 0N/A * using the specified format 0N/A * @throws IllegalArgumentException if the specified format is invalid 0N/A * Returns a string representation of the X.500 distinguished name 0N/A * using the specified format. Valid values for the format are 0N/A * "RFC1779" and "RFC2253" (case insensitive). "CANONICAL" is not 0N/A * permitted and an <code>IllegalArgumentException</code> will be thrown. 0N/A * <p>This method returns Strings in the format as specified in 0N/A * {@link #getName(String)} and also emits additional attribute type 0N/A * keywords for OIDs that have entries in the <code>oidMap</code> 0N/A * parameter. OID entries in the oidMap take precedence over the default 0N/A * OIDs recognized by <code>getName(String)</code>. 0N/A * Improperly specified OIDs are ignored; however if an OID 0N/A * in the name maps to an improperly specified keyword, an 0N/A * <code>IllegalArgumentException</code> is thrown. 0N/A * <p> Additional standard formats may be introduced in the future. 0N/A * <p> Warning: additional attribute type keywords may not be recognized 0N/A * by other implementations; therefore do not use this method if 0N/A * you are unsure if these keywords will be recognized by other 0N/A * @param format the format to use 0N/A * @param oidMap an OID map, where each key is an object identifier in 0N/A * String form (a sequence of nonnegative integers separated by periods) 0N/A * that maps to a corresponding attribute type keyword String. 0N/A * The map may be empty but never <code>null</code>. 0N/A * @return a string representation of this <code>X500Principal</code> 0N/A * using the specified format 0N/A * @throws IllegalArgumentException if the specified format is invalid, 0N/A * null, or an OID in the name maps to an improperly specified keyword 0N/A * @throws NullPointerException if <code>oidMap</code> is <code>null</code> 3050N/A (
"provided.null.OID.map"));
0N/A * Returns the distinguished name in ASN.1 DER encoded form. The ASN.1 0N/A * notation for this structure is supplied in the documentation for 0N/A * {@link #X500Principal(byte[] name) X500Principal(byte[] name)}. 0N/A * <p>Note that the byte array returned is cloned to protect against 0N/A * subsequent modifications. 0N/A * @return a byte array containing the distinguished name in ASN.1 DER 0N/A * Return a user-friendly string representation of this 0N/A * <code>X500Principal</code>. 0N/A * @return a string representation of this <code>X500Principal</code> 0N/A * Compares the specified <code>Object</code> with this 0N/A * <code>X500Principal</code> for equality. 0N/A * <p> Specifically, this method returns <code>true</code> if 0N/A * the <code>Object</code> <i>o</i> is an <code>X500Principal</code> 0N/A * and if the respective canonical string representations 0N/A * (obtained via the <code>getName(X500Principal.CANONICAL)</code> method) 0N/A * of this object and <i>o</i> are equal. 0N/A * <p> This implementation is compliant with the requirements of RFC 3280. 0N/A * @param o Object to be compared for equality with this 0N/A * <code>X500Principal</code> 0N/A * @return <code>true</code> if the specified <code>Object</code> is equal 0N/A * to this <code>X500Principal</code>, <code>false</code> otherwise 0N/A * Return a hash code for this <code>X500Principal</code>. 0N/A * <p> The hash code is calculated via: 0N/A * <code>getName(X500Principal.CANONICAL).hashCode()</code> 0N/A * @return a hash code for this <code>X500Principal</code> 0N/A * Save the X500Principal object to a stream. 0N/A * @serialData this <code>X500Principal</code> is serialized 0N/A * by writing out its DER-encoded form 0N/A * (the value of <code>getEncoded</code> is serialized). 0N/A * Reads this object from a stream (i.e., deserializes it). 0N/A // re-create thisX500Name