Package eu.europa.esig.dss.spi.x509.tsp

Class KeyEntityTSPSource

java.lang.Object
eu.europa.esig.dss.spi.x509.tsp.KeyEntityTSPSource
All Implemented Interfaces:
TSPSource, Serializable
Direct Known Subclasses:
PKITSPSource
public class KeyEntityTSPSource extends Object implements TSPSource
TSPSource implementation allowing to configure issuance of a time-stamp using a local KeyStore
See Also:

  • Field Details

    • productionTime

      protected Date productionTime
      The static production date of the timestamp

  • Constructor Details

    • KeyEntityTSPSource

      protected KeyEntityTSPSource()
      Default constructor instantiating empty configuration of the KeyEntityTSPSource

    • KeyEntityTSPSource

      public KeyEntityTSPSource(byte[] ksContent, String ksType, char[] ksPassword, String alias, char[] keyEntryPassword)
      Constructor instantiating the key store content and key entry data
      Parameters:
      ksContent - byte array representing the key store content
      ksType - String representing the type of the key store
      ksPassword - char array representing a password from the key store
      alias - String alias of the key entry to be used for timestamp signing
      keyEntryPassword - char array representing a password from the key entry

    • KeyEntityTSPSource

      public KeyEntityTSPSource(String ksPath, String ksType, char[] ksPassword, String alias, char[] keyEntryPassword) throws IOException
      Constructor instantiating the key store path location and key entry data
      Parameters:
      ksPath - String representing the path to the key store
      ksType - String representing the type of the key store
      ksPassword - char array representing a password from the key store
      alias - String alias of the key entry to be used for timestamp signing
      keyEntryPassword - char array representing a password from the key entry
      Throws:
      IOException - if not able to load the key store file

    • KeyEntityTSPSource

      public KeyEntityTSPSource(File ksFile, String ksType, char[] ksPassword, String alias, char[] keyEntryPassword) throws IOException
      Constructor instantiating the key store File and key entry data
      Parameters:
      ksFile - File key store file
      ksType - String representing the type of the key store
      ksPassword - char array representing a password from the key store
      alias - String alias of the key entry to be used for timestamp signing
      keyEntryPassword - char array representing a password from the key entry
      Throws:
      IOException - if not able to load the key store file

    • KeyEntityTSPSource

      public KeyEntityTSPSource(InputStream ksIs, String ksType, char[] ksPassword, String alias, char[] keyEntryPassword)
      Constructor instantiating the key store InputStream and key entry data
      Parameters:
      ksIs - InputStream representing the key store content
      ksType - String representing the type of the key store
      ksPassword - char array representing a password from the key store
      alias - String alias of the key entry to be used for timestamp signing
      keyEntryPassword - char array representing a password from the key entry

    • KeyEntityTSPSource

      public KeyEntityTSPSource(KeyStore keyStore, String alias, char[] keyEntryPassword)
      Constructor instantiating the key store and key entry data
      Parameters:
      keyStore - KeyStore
      alias - String alias of the key entry to be used for timestamp signing
      keyEntryPassword - char array representing a password from the key entry

    • KeyEntityTSPSource

      public KeyEntityTSPSource(PrivateKey privateKey, CertificateToken certificateToken, List<CertificateToken> certificateChain)
      Constructor to instantiate KeyEntityTSPSource with the given PrivateKey and the corresponding certificateToken and certificateChain
      Parameters:
      privateKey - PrivateKey representing a key t be used to sing the time-stamp token
      certificateToken - CertificateToken representing a time-stamp issuer certificate associated with the privateKey
      certificateChain - a list of CertificateTokens representing a certificate chain for certificateToken to be added within the time-stamp

    • KeyEntityTSPSource

      public KeyEntityTSPSource(PrivateKey privateKey, X509Certificate certificate, List<X509Certificate> certificateChain)
      Constructor to instantiate KeyEntityTSPSource with the given PrivateKey and the corresponding certificate and certificateChain
      Parameters:
      privateKey - PrivateKey representing a key t be used to sing the time-stamp token
      certificate - X509Certificate representing a time-stamp issuer certificate associated with the privateKey
      certificateChain - a list of X509Certificates representing a certificate chain for certificateToken to be added within the time-stamp

  • Method Details

    • setPrivateKey

      public void setPrivateKey(PrivateKey privateKey)
      Sets the private key used to sign the time-stamp token
      Parameters:
      privateKey - PrivateKey

    • setCertificate

      public void setCertificate(X509Certificate certificate)
      Sets a time-stamp issuer certificate
      Parameters:
      certificate - X509Certificate

    • setCertificateChain

      public void setCertificateChain(List<X509Certificate> certificateChain)
      Sets a certificate chain to be embedded within the time-stamp token
      Parameters:
      certificateChain - a list of CertificateTokens

    • setTsaPolicy

      public void setTsaPolicy(String tsaPolicy)
      Sets the TSA policy NOTE: The property is mandatory for TimeStampToken generation.
      Parameters:
      tsaPolicy - String

    • setAcceptedDigestAlgorithms

      public void setAcceptedDigestAlgorithms(Collection<DigestAlgorithm> digestAlgorithms)
      Sets a collection of digest algorithms to be accepted within timestamp request Default: SHA-224, SHA-256, SHA-384, SHA-512
      Parameters:
      digestAlgorithms - a collection of DigestAlgorithms

    • getProductionTime

      protected Date getProductionTime()
      Gets the production time of the time-stamp
      Returns:
      Date

    • setProductionTime

      public void setProductionTime(Date productionTime)
      Sets a production time of the timestamp. NOTE: if not defined, the current time will be used.
      Parameters:
      productionTime - Date

    • setDigestAlgorithm

      public void setDigestAlgorithm(DigestAlgorithm digestAlgorithm)
      Sets the digest algorithm of the signature of the generated time-stamp token Default: DigestAlgorithm.SHA256
      Parameters:
      digestAlgorithm - DigestAlgorithm

    • setEncryptionAlgorithm

      public void setEncryptionAlgorithm(EncryptionAlgorithm encryptionAlgorithm)
      Sets the encryption algorithm to be used on time-stamp's signature generation. NOTE: the encryptionAlgorithm, when defined, shall be compatible with the encryption algorithm used by the target key!
      Parameters:
      encryptionAlgorithm - EncryptionAlgorithm

    • getTimeStampResponse

      public TimestampBinary getTimeStampResponse(DigestAlgorithm digestAlgorithm, byte[] digest)
      Description copied from interface: TSPSource
      Gets a TimeStampResponse relevant to the provided digest
      Specified by:
      getTimeStampResponse in interface TSPSource
      Parameters:
      digestAlgorithm - the used digest algorithm
      digest - the computed digest to be timestamped
      Returns:
      TimestampBinary binary of a signed timestamp token

    • createRequest

      protected org.bouncycastle.tsp.TimeStampRequest createRequest(DigestAlgorithm digestAlgorithm, byte[] digest)
      Creates a request for a time-stamp token generation
      Parameters:
      digestAlgorithm - DigestAlgorithm to be used to compute hash to be time-stamped
      digest - byte array representing hash to be time-stamped
      Returns:
      TimeStampRequest

    • getSignatureAlgorithm

      protected SignatureAlgorithm getSignatureAlgorithm()
      Returns the target signature algorithm to be used to time-stamp generation
      Returns:
      String signature algorithm name

    • generateResponse

      protected org.bouncycastle.tsp.TimeStampResponse generateResponse(org.bouncycastle.tsp.TimeStampRequest request, DigestAlgorithm digestAlgorithm) throws org.bouncycastle.tsp.TSPException
      This method generates a timestamp response
      Parameters:
      request - TimeStampRequest
      digestAlgorithm - DigestAlgorithm used to generate the time-stamp
      Returns:
      TimeStampResponse
      Throws:
      org.bouncycastle.tsp.TSPException - if an error occurs during the timestamp response generation

    • initResponseGenerator

      protected org.bouncycastle.tsp.TimeStampResponseGenerator initResponseGenerator(DigestAlgorithm digestAlgorithm, Date getTime)
      This method initializes the TimeStampResponseGenerator
      Parameters:
      digestAlgorithm - DigestAlgorithm used to generate the message-imprint
      getTime - Date production time of the time-stamp
      Returns:
      TimeStampResponseGenerator

    • getSignedAttributeGenerator

      protected org.bouncycastle.cms.CMSAttributeTableGenerator getSignedAttributeGenerator(Date getTime)
      Returns generator for signed attributes of a time-stamp
      Parameters:
      getTime - Date production time of the time-stamp
      Returns:
      CMSAttributeTableGenerator

    • buildResponse

      protected org.bouncycastle.tsp.TimeStampResponse buildResponse(org.bouncycastle.tsp.TimeStampResponseGenerator responseGenerator, org.bouncycastle.tsp.TimeStampRequest request, BigInteger timeStampSerialNumber, Date productionTime) throws org.bouncycastle.tsp.TSPException
      Generates a time-stamp response
      Parameters:
      responseGenerator - TimeStampResponseGenerator
      request - TimeStampRequest
      timeStampSerialNumber - BigInteger
      productionTime - Date representing a time-stamp's generation time
      Returns:
      TimeStampResponse
      Throws:
      org.bouncycastle.tsp.TSPException - if an error occurs on time-stamp generation

    • getTimeStampSerialNumber

      protected BigInteger getTimeStampSerialNumber()
      Generates a serial number of the produced timestamp token
      Returns:
      BigInteger serial number

    • getTimestampBinary

      protected TimestampBinary getTimestampBinary(org.bouncycastle.tsp.TimeStampResponse response) throws IOException
      Returns time-stamp binary from the obtained response
      Parameters:
      response - TimeStampResponse
      Returns:
      TimestampBinary
      Throws:
      IOException - if en error occurs on time-stamp binaries extraction