/*
* Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package sun.security.timestamp;
import java.io.IOException;
import java.math.BigInteger;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.X509Extension;
import sun.security.util.DerValue;
import sun.security.util.DerOutputStream;
import sun.security.util.ObjectIdentifier;
import sun.security.x509.AlgorithmId;
This class provides a timestamp request, as defined in
RFC 3161.
The TimeStampReq ASN.1 type has the following definition:
TimeStampReq ::= SEQUENCE {
version INTEGER { v1(1) },
messageImprint MessageImprint
-- a hash algorithm OID and the hash value of the data to be
-- time-stamped.
reqPolicy TSAPolicyId OPTIONAL,
nonce INTEGER OPTIONAL,
certReq BOOLEAN DEFAULT FALSE,
extensions [0] IMPLICIT Extensions OPTIONAL }
MessageImprint ::= SEQUENCE {
hashAlgorithm AlgorithmIdentifier,
hashedMessage OCTET STRING }
TSAPolicyId ::= OBJECT IDENTIFIER
Author: Vincent Ryan See Also: Since: 1.5
/**
* This class provides a timestamp request, as defined in
* <a href="http://www.ietf.org/rfc/rfc3161.txt">RFC 3161</a>.
*
* The TimeStampReq ASN.1 type has the following definition:
* <pre>
*
* TimeStampReq ::= SEQUENCE {
* version INTEGER { v1(1) },
* messageImprint MessageImprint
* -- a hash algorithm OID and the hash value of the data to be
* -- time-stamped.
* reqPolicy TSAPolicyId OPTIONAL,
* nonce INTEGER OPTIONAL,
* certReq BOOLEAN DEFAULT FALSE,
* extensions [0] IMPLICIT Extensions OPTIONAL }
*
* MessageImprint ::= SEQUENCE {
* hashAlgorithm AlgorithmIdentifier,
* hashedMessage OCTET STRING }
*
* TSAPolicyId ::= OBJECT IDENTIFIER
*
* </pre>
*
* @since 1.5
* @author Vincent Ryan
* @see Timestamper
*/
public class TSRequest {
private int version = 1;
private AlgorithmId hashAlgorithmId = null;
private byte[] hashValue;
private String policyId = null;
private BigInteger nonce = null;
private boolean returnCertificate = false;
private X509Extension[] extensions = null;
Constructs a timestamp request for the supplied data.
Params: - toBeTimeStamped – The data to be timestamped.
- messageDigest – The MessageDigest of the hash algorithm to use.
Throws: - NoSuchAlgorithmException – if the hash algorithm is not supported
/**
* Constructs a timestamp request for the supplied data.
*
* @param toBeTimeStamped The data to be timestamped.
* @param messageDigest The MessageDigest of the hash algorithm to use.
* @throws NoSuchAlgorithmException if the hash algorithm is not supported
*/
public TSRequest(String tSAPolicyID, byte[] toBeTimeStamped, MessageDigest messageDigest)
throws NoSuchAlgorithmException {
this.policyId = tSAPolicyID;
this.hashAlgorithmId = AlgorithmId.get(messageDigest.getAlgorithm());
this.hashValue = messageDigest.digest(toBeTimeStamped);
}
public byte[] getHashedMessage() {
return hashValue.clone();
}
Sets the Time-Stamp Protocol version.
Params: - version – The TSP version.
/**
* Sets the Time-Stamp Protocol version.
*
* @param version The TSP version.
*/
public void setVersion(int version) {
this.version = version;
}
Sets an object identifier for the Time-Stamp Protocol policy.
Params: - policyId – The policy object identifier.
/**
* Sets an object identifier for the Time-Stamp Protocol policy.
*
* @param policyId The policy object identifier.
*/
public void setPolicyId(String policyId) {
this.policyId = policyId;
}
Sets a nonce.
A nonce is a single-use random number.
Params: - nonce – The nonce value.
/**
* Sets a nonce.
* A nonce is a single-use random number.
*
* @param nonce The nonce value.
*/
public void setNonce(BigInteger nonce) {
this.nonce = nonce;
}
Request that the TSA include its signing certificate in the response.
Params: - returnCertificate – True if the TSA should return its signing
certificate. By default it is not returned.
/**
* Request that the TSA include its signing certificate in the response.
*
* @param returnCertificate True if the TSA should return its signing
* certificate. By default it is not returned.
*/
public void requestCertificate(boolean returnCertificate) {
this.returnCertificate = returnCertificate;
}
Sets the Time-Stamp Protocol extensions.
Params: - extensions – The protocol extensions.
/**
* Sets the Time-Stamp Protocol extensions.
*
* @param extensions The protocol extensions.
*/
public void setExtensions(X509Extension[] extensions) {
this.extensions = extensions;
}
public byte[] encode() throws IOException {
DerOutputStream request = new DerOutputStream();
// encode version
request.putInteger(version);
// encode messageImprint
DerOutputStream messageImprint = new DerOutputStream();
hashAlgorithmId.encode(messageImprint);
messageImprint.putOctetString(hashValue);
request.write(DerValue.tag_Sequence, messageImprint);
// encode optional elements
if (policyId != null) {
request.putOID(new ObjectIdentifier(policyId));
}
if (nonce != null) {
request.putInteger(nonce);
}
if (returnCertificate) {
request.putBoolean(true);
}
DerOutputStream out = new DerOutputStream();
out.write(DerValue.tag_Sequence, request);
return out.toByteArray();
}
}