Overview  Package   Class  Tree  Deprecated  Index  Help 
Bouncy Castle Cryptography 1.51
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.bouncycastle.tsp
Class TimeStampTokenGenerator

java.lang.Object
  extended by org.bouncycastle.tsp.TimeStampTokenGenerator

public class TimeStampTokenGenerator
extends java.lang.Object

Currently the class supports ESSCertID by if a digest calculator based on SHA1 is passed in, otherwise it uses ESSCertIDv2. In the event you need to pass both types, you will need to override the SignedAttributeGenerator for the SignerInfoGeneratorBuilder you are using. For the default for ESSCertIDv2 the code will look something like the following: 

 final ESSCertID essCertid = new ESSCertID(certHashSha1, issuerSerial);
 final ESSCertIDv2 essCertidV2 = new ESSCertIDv2(certHashSha256, issuerSerial);

 signerInfoGenBuilder.setSignedAttributeGenerator(new CMSAttributeTableGenerator()
 {
     public AttributeTable getAttributes(Map parameters)
         throws CMSAttributeTableGenerationException
     {
         CMSAttributeTableGenerator attrGen = new DefaultSignedAttributeTableGenerator();

         AttributeTable table = attrGen.getAttributes(parameters);

         table = table.add(PKCSObjectIdentifiers.id_aa_signingCertificate, new SigningCertificate(essCertid));
         table = table.add(PKCSObjectIdentifiers.id_aa_signingCertificateV2, new SigningCertificateV2(essCertidV2));

         return table;
     }
 });

Constructor Summary
TimeStampTokenGenerator(SignerInfoGenerator signerInfoGen, org.bouncycastle.operator.DigestCalculator digestCalculator, org.bouncycastle.asn1.ASN1ObjectIdentifier tsaPolicy)
          Basic Constructor - set up a calculator based on signerInfoGen with a ESSCertID calculated from the signer's associated certificate using the sha1DigestCalculator.
TimeStampTokenGenerator(SignerInfoGenerator signerInfoGen, org.bouncycastle.operator.DigestCalculator digestCalculator, org.bouncycastle.asn1.ASN1ObjectIdentifier tsaPolicy, boolean isIssuerSerialIncluded)
          Basic Constructor - set up a calculator based on signerInfoGen with a ESSCertID calculated from the signer's associated certificate using the sha1DigestCalculator.
 
Method Summary
 void addAttributeCertificates(org.bouncycastle.util.Store attrStore)
           
 void addCertificates(org.bouncycastle.util.Store certStore)
          Add the store of X509 Certificates to the generator.
 void addCRLs(org.bouncycastle.util.Store crlStore)
           
 void addOtherRevocationInfo(org.bouncycastle.asn1.ASN1ObjectIdentifier otherRevocationInfoFormat, org.bouncycastle.util.Store otherRevocationInfos)
          Add a Store of otherRevocationData to the CRL set to be included with the generated TimeStampToken.
 TimeStampToken generate(TimeStampRequest request, java.math.BigInteger serialNumber, java.util.Date genTime)
          Generate a TimeStampToken for the passed in request and serialNumber marking it with the passed in genTime.
 void setAccuracyMicros(int accuracyMicros)
           
 void setAccuracyMillis(int accuracyMillis)
           
 void setAccuracySeconds(int accuracySeconds)
           
 void setOrdering(boolean ordering)
           
 void setTSA(org.bouncycastle.asn1.x509.GeneralName tsa)
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

TimeStampTokenGenerator

public TimeStampTokenGenerator(SignerInfoGenerator signerInfoGen,
                               org.bouncycastle.operator.DigestCalculator digestCalculator,
                               org.bouncycastle.asn1.ASN1ObjectIdentifier tsaPolicy)
                        throws java.lang.IllegalArgumentException,
                               TSPException
Basic Constructor - set up a calculator based on signerInfoGen with a ESSCertID calculated from the signer's associated certificate using the sha1DigestCalculator. If alternate values are required for id-aa-signingCertificate they should be added to the signerInfoGen object before it is passed in, otherwise a standard digest based value will be added.

Parameters:
signerInfoGen - the generator for the signer we are using.
digestCalculator - calculator for to use for digest of certificate.
tsaPolicy - tasPolicy to send.
Throws:
java.lang.IllegalArgumentException - if calculator is not SHA-1 or there is no associated certificate for the signer,
TSPException - if the signer certificate cannot be processed.

TimeStampTokenGenerator

public TimeStampTokenGenerator(SignerInfoGenerator signerInfoGen,
                               org.bouncycastle.operator.DigestCalculator digestCalculator,
                               org.bouncycastle.asn1.ASN1ObjectIdentifier tsaPolicy,
                               boolean isIssuerSerialIncluded)
                        throws java.lang.IllegalArgumentException,
                               TSPException
Basic Constructor - set up a calculator based on signerInfoGen with a ESSCertID calculated from the signer's associated certificate using the sha1DigestCalculator. If alternate values are required for id-aa-signingCertificate they should be added to the signerInfoGen object before it is passed in, otherwise a standard digest based value will be added.

Parameters:
signerInfoGen - the generator for the signer we are using.
digestCalculator - calculator for to use for digest of certificate.
tsaPolicy - tasPolicy to send.
isIssuerSerialIncluded - should issuerSerial be included in the ESSCertIDs, true if yes, by default false.
Throws:
java.lang.IllegalArgumentException - if calculator is not SHA-1 or there is no associated certificate for the signer,
TSPException - if the signer certificate cannot be processed.
Method Detail

addCertificates

public void addCertificates(org.bouncycastle.util.Store certStore)
Add the store of X509 Certificates to the generator.

Parameters:
certStore - a Store containing X509CertificateHolder objects

addCRLs

public void addCRLs(org.bouncycastle.util.Store crlStore)
Parameters:
crlStore - a Store containing X509CRLHolder objects.

addAttributeCertificates

public void addAttributeCertificates(org.bouncycastle.util.Store attrStore)
Parameters:
attrStore - a Store containing X509AttributeCertificate objects.

addOtherRevocationInfo

public void addOtherRevocationInfo(org.bouncycastle.asn1.ASN1ObjectIdentifier otherRevocationInfoFormat,
                                   org.bouncycastle.util.Store otherRevocationInfos)
Add a Store of otherRevocationData to the CRL set to be included with the generated TimeStampToken.

Parameters:
otherRevocationInfoFormat - the OID specifying the format of the otherRevocationInfo data.
otherRevocationInfos - a Store of otherRevocationInfo data to add.

setAccuracySeconds

public void setAccuracySeconds(int accuracySeconds)

setAccuracyMillis

public void setAccuracyMillis(int accuracyMillis)

setAccuracyMicros

public void setAccuracyMicros(int accuracyMicros)

setOrdering

public void setOrdering(boolean ordering)

setTSA

public void setTSA(org.bouncycastle.asn1.x509.GeneralName tsa)

generate

public TimeStampToken generate(TimeStampRequest request,
                               java.math.BigInteger serialNumber,
                               java.util.Date genTime)
                        throws TSPException
Generate a TimeStampToken for the passed in request and serialNumber marking it with the passed in genTime.

Parameters:
request - the originating request.
serialNumber - serial number for the TimeStampToken
genTime - token generation time.
Returns:
a TimeStampToken
Throws:
TSPException
Overview  Package   Class  Tree  Deprecated  Index  Help 
Bouncy Castle Cryptography 1.51
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD