Package org.bouncycastle.tsp

Class TimeStampTokenGenerator

  • public class TimeStampTokenGenerator
extends java.lang.Object
    Currently the class supports ESSCertID by if a digest calculator based on SHA1 is passed in, otherwise it uses ESSCertIDv2. In the event you need to pass both types, you will need to override the SignedAttributeGenerator for the SignerInfoGeneratorBuilder you are using. For the default for ESSCertIDv2 the code will look something like the following: 
     final ESSCertID essCertid = new ESSCertID(certHashSha1, issuerSerial);
 final ESSCertIDv2 essCertidV2 = new ESSCertIDv2(certHashSha256, issuerSerial);

 signerInfoGenBuilder.setSignedAttributeGenerator(new CMSAttributeTableGenerator()
 {
     public AttributeTable getAttributes(Map parameters)
         throws CMSAttributeTableGenerationException
     {
         CMSAttributeTableGenerator attrGen = new DefaultSignedAttributeTableGenerator();

         AttributeTable table = attrGen.getAttributes(parameters);

         table = table.add(PKCSObjectIdentifiers.id_aa_signingCertificate, new SigningCertificate(essCertid));
         table = table.add(PKCSObjectIdentifiers.id_aa_signingCertificateV2, new SigningCertificateV2(essCertidV2));

         return table;
     }
 });

    • Field Summary

      Fields 
      Modifier and Type Field Description
      static int R_HUNDREDTHS_OF_SECONDS
      Create time-stamps with a resolution of 1 hundredth of a second.
      static int R_MICROSECONDS
      Deprecated.
      use R_HUNDREDTHS_OF_SECONDS - this field will be deleted!!
      static int R_MILLISECONDS
      Create time-stamps with a resolution of 1 millisecond.
      static int R_SECONDS
      Create time-stamps with a resolution of 1 second (the default).
      static int R_TENTHS_OF_SECONDS
      Create time-stamps with a resolution of 1 tenth of a second.

    • Constructor Summary

      Constructors 
      Constructor Description
      TimeStampTokenGenerator​(SignerInfoGenerator signerInfoGen, DigestCalculator digestCalculator, org.bouncycastle.asn1.ASN1ObjectIdentifier tsaPolicy)
      Basic Constructor - set up a calculator based on signerInfoGen with a ESSCertID calculated from the signer's associated certificate using the sha1DigestCalculator.
      TimeStampTokenGenerator​(SignerInfoGenerator signerInfoGen, DigestCalculator digestCalculator, org.bouncycastle.asn1.ASN1ObjectIdentifier tsaPolicy, boolean isIssuerSerialIncluded)
      Basic Constructor - set up a calculator based on signerInfoGen with a ESSCertID calculated from the signer's associated certificate using the sha1DigestCalculator.

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      void addAttributeCertificates​(org.bouncycastle.util.Store attrStore)  
      void addCertificates​(org.bouncycastle.util.Store certStore)
      Add the store of X509 Certificates to the generator.
      void addCRLs​(org.bouncycastle.util.Store crlStore)  
      void addOtherRevocationInfo​(org.bouncycastle.asn1.ASN1ObjectIdentifier otherRevocationInfoFormat, org.bouncycastle.util.Store otherRevocationInfos)
      Add a Store of otherRevocationData to the CRL set to be included with the generated TimeStampToken.
      TimeStampToken generate​(TimeStampRequest request, java.math.BigInteger serialNumber, java.util.Date genTime)
      Generate a TimeStampToken for the passed in request and serialNumber marking it with the passed in genTime.
      TimeStampToken generate​(TimeStampRequest request, java.math.BigInteger serialNumber, java.util.Date genTime, org.bouncycastle.asn1.x509.Extensions additionalExtensions)
      Generate a TimeStampToken for the passed in request and serialNumber marking it with the passed in genTime.
      void setAccuracyMicros​(int accuracyMicros)  
      void setAccuracyMillis​(int accuracyMillis)  
      void setAccuracySeconds​(int accuracySeconds)  
      void setLocale​(java.util.Locale locale)
      Set a Locale for time creation - you may need to use this if the default locale doesn't use a Gregorian calender so that the GeneralizedTime produced is compatible with other ASN.1 implementations.
      void setOrdering​(boolean ordering)  
      void setResolution​(int resolution)
      Set the resolution of the time stamp - R_SECONDS (the default), R_TENTH_OF_SECONDS, R_MICROSECONDS, R_MILLISECONDS
      void setTSA​(org.bouncycastle.asn1.x509.GeneralName tsa)  

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Field Detail

      • R_SECONDS

        public static final int R_SECONDS
        Create time-stamps with a resolution of 1 second (the default).
        See Also:
        Constant Field Values

      • R_TENTHS_OF_SECONDS

        public static final int R_TENTHS_OF_SECONDS
        Create time-stamps with a resolution of 1 tenth of a second.
        See Also:
        Constant Field Values

      • R_HUNDREDTHS_OF_SECONDS

        public static final int R_HUNDREDTHS_OF_SECONDS
        Create time-stamps with a resolution of 1 hundredth of a second.
        See Also:
        Constant Field Values

      • R_MICROSECONDS

        public static final int R_MICROSECONDS
        Deprecated.
        use R_HUNDREDTHS_OF_SECONDS - this field will be deleted!!
        See Also:
        Constant Field Values

      • R_MILLISECONDS

        public static final int R_MILLISECONDS
        Create time-stamps with a resolution of 1 millisecond.
        See Also:
        Constant Field Values

    • Constructor Detail

      • TimeStampTokenGenerator

        public TimeStampTokenGenerator​(SignerInfoGenerator signerInfoGen,
                               DigestCalculator digestCalculator,
                               org.bouncycastle.asn1.ASN1ObjectIdentifier tsaPolicy)
                        throws java.lang.IllegalArgumentException,
                               TSPException
        Basic Constructor - set up a calculator based on signerInfoGen with a ESSCertID calculated from the signer's associated certificate using the sha1DigestCalculator. If alternate values are required for id-aa-signingCertificate they should be added to the signerInfoGen object before it is passed in, otherwise a standard digest based value will be added.
        Parameters:
        signerInfoGen - the generator for the signer we are using.
        digestCalculator - calculator for to use for digest of certificate.
        tsaPolicy - tasPolicy to send.
        Throws:
        java.lang.IllegalArgumentException - if calculator is not SHA-1 or there is no associated certificate for the signer,
        TSPException - if the signer certificate cannot be processed.

      • TimeStampTokenGenerator

        public TimeStampTokenGenerator​(SignerInfoGenerator signerInfoGen,
                               DigestCalculator digestCalculator,
                               org.bouncycastle.asn1.ASN1ObjectIdentifier tsaPolicy,
                               boolean isIssuerSerialIncluded)
                        throws java.lang.IllegalArgumentException,
                               TSPException
        Basic Constructor - set up a calculator based on signerInfoGen with a ESSCertID calculated from the signer's associated certificate using the sha1DigestCalculator. If alternate values are required for id-aa-signingCertificate they should be added to the signerInfoGen object before it is passed in, otherwise a standard digest based value will be added.
        Parameters:
        signerInfoGen - the generator for the signer we are using.
        digestCalculator - calculator for to use for digest of certificate.
        tsaPolicy - tasPolicy to send.
        isIssuerSerialIncluded - should issuerSerial be included in the ESSCertIDs, true if yes, by default false.
        Throws:
        java.lang.IllegalArgumentException - if calculator is not SHA-1 or there is no associated certificate for the signer,
        TSPException - if the signer certificate cannot be processed.

    • Method Detail

      • addCertificates

        public void addCertificates​(org.bouncycastle.util.Store certStore)
        Add the store of X509 Certificates to the generator.
        Parameters:
        certStore - a Store containing X509CertificateHolder objects

      • addCRLs

        public void addCRLs​(org.bouncycastle.util.Store crlStore)
        Parameters:
        crlStore - a Store containing X509CRLHolder objects.

      • addAttributeCertificates

        public void addAttributeCertificates​(org.bouncycastle.util.Store attrStore)
        Parameters:
        attrStore - a Store containing X509AttributeCertificate objects.

      • addOtherRevocationInfo

        public void addOtherRevocationInfo​(org.bouncycastle.asn1.ASN1ObjectIdentifier otherRevocationInfoFormat,
                                   org.bouncycastle.util.Store otherRevocationInfos)
        Add a Store of otherRevocationData to the CRL set to be included with the generated TimeStampToken.
        Parameters:
        otherRevocationInfoFormat - the OID specifying the format of the otherRevocationInfo data.
        otherRevocationInfos - a Store of otherRevocationInfo data to add.

      • setResolution

        public void setResolution​(int resolution)
        Set the resolution of the time stamp - R_SECONDS (the default), R_TENTH_OF_SECONDS, R_MICROSECONDS, R_MILLISECONDS
        Parameters:
        resolution - resolution of timestamps to be produced.

      • setLocale

        public void setLocale​(java.util.Locale locale)
        Set a Locale for time creation - you may need to use this if the default locale doesn't use a Gregorian calender so that the GeneralizedTime produced is compatible with other ASN.1 implementations.
        Parameters:
        locale - a locale to use for converting system time into a GeneralizedTime.

      • setAccuracySeconds

        public void setAccuracySeconds​(int accuracySeconds)

      • setAccuracyMillis

        public void setAccuracyMillis​(int accuracyMillis)

      • setAccuracyMicros

        public void setAccuracyMicros​(int accuracyMicros)

      • setOrdering

        public void setOrdering​(boolean ordering)

      • setTSA

        public void setTSA​(org.bouncycastle.asn1.x509.GeneralName tsa)

      • generate

        public TimeStampToken generate​(TimeStampRequest request,
                               java.math.BigInteger serialNumber,
                               java.util.Date genTime)
                        throws TSPException
        Generate a TimeStampToken for the passed in request and serialNumber marking it with the passed in genTime.
        Parameters:
        request - the originating request.
        serialNumber - serial number for the TimeStampToken
        genTime - token generation time.
        Returns:
        a TimeStampToken
        Throws:
        TSPException

      • generate

        public TimeStampToken generate​(TimeStampRequest request,
                               java.math.BigInteger serialNumber,
                               java.util.Date genTime,
                               org.bouncycastle.asn1.x509.Extensions additionalExtensions)
                        throws TSPException
        Generate a TimeStampToken for the passed in request and serialNumber marking it with the passed in genTime.
        Parameters:
        request - the originating request.
        serialNumber - serial number for the TimeStampToken
        genTime - token generation time.
        additionalExtensions - extra extensions to be added to the response token.
        Returns:
        a TimeStampToken
        Throws:
        TSPException