Module jpms_dss_spi
Package eu.europa.esig.dss.spi.x509.tsp

Class KeyEntityTSPSource

java.lang.Object
eu.europa.esig.dss.spi.x509.tsp.KeyEntityTSPSource
All Implemented Interfaces:
TSPSource, Serializable
public class KeyEntityTSPSource extends Object implements TSPSource
TSPSource implementation allowing to configure issuance of a time-stamp using a local KeyStore
See Also:

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    protected Date
    productionTime
    The static production date of the timestamp

  • Constructor Summary

    Constructors
    Modifier
    Constructor
    Description
    protected
    KeyEntityTSPSource()
    Default constructor instantiating empty configuration of the KeyEntityTSPSource
     
    KeyEntityTSPSource(byte[] ksContent, String ksType, char[] ksPassword, String alias, char[] keyEntryPassword)
    Constructor instantiating the key store content and key entry data
     
    KeyEntityTSPSource(File ksFile, String ksType, char[] ksPassword, String alias, char[] keyEntryPassword)
    Constructor instantiating the key store File and key entry data
     
    KeyEntityTSPSource(InputStream ksIs, String ksType, char[] ksPassword, String alias, char[] keyEntryPassword)
    Constructor instantiating the key store InputStream and key entry data
     
    KeyEntityTSPSource(String ksPath, String ksType, char[] ksPassword, String alias, char[] keyEntryPassword)
    Constructor instantiating the key store path location and key entry data
     
    KeyEntityTSPSource(KeyStore keyStore, String alias, char[] keyEntryPassword)
    Constructor instantiating the key store and key entry data
     
    KeyEntityTSPSource(PrivateKey privateKey, eu.europa.esig.dss.model.x509.CertificateToken certificateToken, List<eu.europa.esig.dss.model.x509.CertificateToken> certificateChain)
    Constructor to instantiate KeyEntityTSPSource with the given PrivateKey and the corresponding certificateToken and certificateChain
     
    KeyEntityTSPSource(PrivateKey privateKey, X509Certificate certificate, List<X509Certificate> certificateChain)
    Constructor to instantiate KeyEntityTSPSource with the given PrivateKey and the corresponding certificate and certificateChain

  • Method Summary

    Modifier and Type
    Method
    Description
    protected org.bouncycastle.tsp.TimeStampResponse
    buildResponse(org.bouncycastle.tsp.TimeStampResponseGenerator responseGenerator, org.bouncycastle.tsp.TimeStampRequest request, BigInteger timeStampSerialNumber, Date productionTime)
    Generates a time-stamp response
    protected org.bouncycastle.tsp.TimeStampRequest
    createRequest(eu.europa.esig.dss.enumerations.DigestAlgorithm digestAlgorithm, byte[] digest)
    Creates a request for a time-stamp token generation
    protected org.bouncycastle.tsp.TimeStampResponse
    generateResponse(org.bouncycastle.tsp.TimeStampRequest request, eu.europa.esig.dss.enumerations.DigestAlgorithm digestAlgorithm)
    This method generates a timestamp response
    protected Date
    getProductionTime()
    Gets the production time of the time-stamp
    protected eu.europa.esig.dss.enumerations.SignatureAlgorithm
    getSignatureAlgorithm()
    Returns the target signature algorithm to be used to time-stamp generation
    protected org.bouncycastle.cms.CMSAttributeTableGenerator
    getSignedAttributeGenerator(Date getTime)
    Returns generator for signed attributes of a time-stamp
    protected eu.europa.esig.dss.model.TimestampBinary
    getTimestampBinary(org.bouncycastle.tsp.TimeStampResponse response)
    Returns time-stamp binary from the obtained response
    eu.europa.esig.dss.model.TimestampBinary
    getTimeStampResponse(eu.europa.esig.dss.enumerations.DigestAlgorithm digestAlgorithm, byte[] digest)
    Gets a TimeStampResponse relevant to the provided digest
    protected BigInteger
    getTimeStampSerialNumber()
    Generates a serial number of the produced timestamp token
    protected org.bouncycastle.tsp.TimeStampResponseGenerator
    initResponseGenerator(eu.europa.esig.dss.enumerations.DigestAlgorithm digestAlgorithm, Date getTime)
    This method initializes the TimeStampResponseGenerator
    void
    setAcceptedDigestAlgorithms(Collection<eu.europa.esig.dss.enumerations.DigestAlgorithm> digestAlgorithms)
    Sets a collection of digest algorithms to be accepted within timestamp request Default: SHA-224, SHA-256, SHA-384, SHA-512
    void
    setCertificate(X509Certificate certificate)
    Sets a time-stamp issuer certificate
    void
    setCertificateChain(List<X509Certificate> certificateChain)
    Sets a certificate chain to be embedded within the time-stamp token
    void
    setDigestAlgorithm(eu.europa.esig.dss.enumerations.DigestAlgorithm digestAlgorithm)
    Sets the digest algorithm of the signature of the generated time-stamp token Default: DigestAlgorithm.SHA256
    void
    setEncryptionAlgorithm(eu.europa.esig.dss.enumerations.EncryptionAlgorithm encryptionAlgorithm)
    Sets the encryption algorithm to be used on time-stamp's signature generation.
    void
    setMaskGenerationFunction(eu.europa.esig.dss.enumerations.MaskGenerationFunction maskGenerationFunction)
    Sets the mask generation function to be applied on a time-stamp signing.
    void
    setPrivateKey(PrivateKey privateKey)
    Sets the private key used to sign the time-stamp token
    void
    setProductionTime(Date productionTime)
    Sets a production time of the timestamp.
    void
    setTsaPolicy(String tsaPolicy)
    Sets the TSA policy NOTE: The property is mandatory for TimeStampToken generation.

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Field Details

    • productionTime

      protected Date productionTime
      The static production date of the timestamp

  • Constructor Details

    • KeyEntityTSPSource

      protected KeyEntityTSPSource()
      Default constructor instantiating empty configuration of the KeyEntityTSPSource

    • KeyEntityTSPSource

      public KeyEntityTSPSource(byte[] ksContent, String ksType, char[] ksPassword, String alias, char[] keyEntryPassword)
      Constructor instantiating the key store content and key entry data
      Parameters:
      ksContent - byte array representing the key store content
      ksType - String representing the type of the key store
      ksPassword - char array representing a password from the key store
      alias - String alias of the key entry to be used for timestamp signing
      keyEntryPassword - char array representing a password from the key entry

    • KeyEntityTSPSource

      public KeyEntityTSPSource(String ksPath, String ksType, char[] ksPassword, String alias, char[] keyEntryPassword) throws IOException
      Constructor instantiating the key store path location and key entry data
      Parameters:
      ksPath - String representing the path to the key store
      ksType - String representing the type of the key store
      ksPassword - char array representing a password from the key store
      alias - String alias of the key entry to be used for timestamp signing
      keyEntryPassword - char array representing a password from the key entry
      Throws:
      IOException - if not able to load the key store file

    • KeyEntityTSPSource

      public KeyEntityTSPSource(File ksFile, String ksType, char[] ksPassword, String alias, char[] keyEntryPassword) throws IOException
      Constructor instantiating the key store File and key entry data
      Parameters:
      ksFile - File key store file
      ksType - String representing the type of the key store
      ksPassword - char array representing a password from the key store
      alias - String alias of the key entry to be used for timestamp signing
      keyEntryPassword - char array representing a password from the key entry
      Throws:
      IOException - if not able to load the key store file

    • KeyEntityTSPSource

      public KeyEntityTSPSource(InputStream ksIs, String ksType, char[] ksPassword, String alias, char[] keyEntryPassword)
      Constructor instantiating the key store InputStream and key entry data
      Parameters:
      ksIs - InputStream representing the key store content
      ksType - String representing the type of the key store
      ksPassword - char array representing a password from the key store
      alias - String alias of the key entry to be used for timestamp signing
      keyEntryPassword - char array representing a password from the key entry

    • KeyEntityTSPSource

      public KeyEntityTSPSource(KeyStore keyStore, String alias, char[] keyEntryPassword)
      Constructor instantiating the key store and key entry data
      Parameters:
      keyStore - KeyStore
      alias - String alias of the key entry to be used for timestamp signing
      keyEntryPassword - char array representing a password from the key entry

    • KeyEntityTSPSource

      public KeyEntityTSPSource(PrivateKey privateKey, eu.europa.esig.dss.model.x509.CertificateToken certificateToken, List<eu.europa.esig.dss.model.x509.CertificateToken> certificateChain)
      Constructor to instantiate KeyEntityTSPSource with the given PrivateKey and the corresponding certificateToken and certificateChain
      Parameters:
      privateKey - PrivateKey representing a key t be used to sing the time-stamp token
      certificateToken - CertificateToken representing a time-stamp issuer certificate associated with the privateKey
      certificateChain - a list of CertificateTokens representing a certificate chain for certificateToken to be added within the time-stamp

    • KeyEntityTSPSource

      public KeyEntityTSPSource(PrivateKey privateKey, X509Certificate certificate, List<X509Certificate> certificateChain)
      Constructor to instantiate KeyEntityTSPSource with the given PrivateKey and the corresponding certificate and certificateChain
      Parameters:
      privateKey - PrivateKey representing a key t be used to sing the time-stamp token
      certificate - X509Certificate representing a time-stamp issuer certificate associated with the privateKey
      certificateChain - a list of X509Certificates representing a certificate chain for certificateToken to be added within the time-stamp

  • Method Details

    • setPrivateKey

      public void setPrivateKey(PrivateKey privateKey)
      Sets the private key used to sign the time-stamp token
      Parameters:
      privateKey - PrivateKey

    • setCertificate

      public void setCertificate(X509Certificate certificate)
      Sets a time-stamp issuer certificate
      Parameters:
      certificate - X509Certificate

    • setCertificateChain

      public void setCertificateChain(List<X509Certificate> certificateChain)
      Sets a certificate chain to be embedded within the time-stamp token
      Parameters:
      certificateChain - a list of CertificateTokens

    • setTsaPolicy

      public void setTsaPolicy(String tsaPolicy)
      Sets the TSA policy NOTE: The property is mandatory for TimeStampToken generation.
      Parameters:
      tsaPolicy - String

    • setAcceptedDigestAlgorithms

      public void setAcceptedDigestAlgorithms(Collection<eu.europa.esig.dss.enumerations.DigestAlgorithm> digestAlgorithms)
      Sets a collection of digest algorithms to be accepted within timestamp request Default: SHA-224, SHA-256, SHA-384, SHA-512
      Parameters:
      digestAlgorithms - a collection of DigestAlgorithms

    • getProductionTime

      protected Date getProductionTime()
      Gets the production time of the time-stamp
      Returns:
      Date

    • setProductionTime

      public void setProductionTime(Date productionTime)
      Sets a production time of the timestamp. NOTE: if not defined, the current time will be used.
      Parameters:
      productionTime - Date

    • setDigestAlgorithm

      public void setDigestAlgorithm(eu.europa.esig.dss.enumerations.DigestAlgorithm digestAlgorithm)
      Sets the digest algorithm of the signature of the generated time-stamp token Default: DigestAlgorithm.SHA256
      Parameters:
      digestAlgorithm - DigestAlgorithm

    • setEncryptionAlgorithm

      public void setEncryptionAlgorithm(eu.europa.esig.dss.enumerations.EncryptionAlgorithm encryptionAlgorithm)
      Sets the encryption algorithm to be used on time-stamp's signature generation. NOTE: the encryptionAlgorithm, when defined, shall be compatible with the encryption algorithm used by the target key!
      Parameters:
      encryptionAlgorithm - EncryptionAlgorithm

    • setMaskGenerationFunction

      public void setMaskGenerationFunction(eu.europa.esig.dss.enumerations.MaskGenerationFunction maskGenerationFunction)
      Sets the mask generation function to be applied on a time-stamp signing. NOTE: the mask generation function should be compatible with the given encryption algorithm!
      Parameters:
      maskGenerationFunction - MaskGenerationFunction

    • getTimeStampResponse

      public eu.europa.esig.dss.model.TimestampBinary getTimeStampResponse(eu.europa.esig.dss.enumerations.DigestAlgorithm digestAlgorithm, byte[] digest)
      Description copied from interface: TSPSource
      Gets a TimeStampResponse relevant to the provided digest
      Specified by:
      getTimeStampResponse in interface TSPSource
      Parameters:
      digestAlgorithm - the used digest algorithm
      digest - the computed digest to be timestamped
      Returns:
      TimestampBinary binary of a signed timestamp token

    • createRequest

      protected org.bouncycastle.tsp.TimeStampRequest createRequest(eu.europa.esig.dss.enumerations.DigestAlgorithm digestAlgorithm, byte[] digest)
      Creates a request for a time-stamp token generation
      Parameters:
      digestAlgorithm - DigestAlgorithm to be used to compute hash to be time-stamped
      digest - byte array representing hash to be time-stamped
      Returns:
      TimeStampRequest

    • getSignatureAlgorithm

      protected eu.europa.esig.dss.enumerations.SignatureAlgorithm getSignatureAlgorithm()
      Returns the target signature algorithm to be used to time-stamp generation
      Returns:
      String signature algorithm name

    • generateResponse

      protected org.bouncycastle.tsp.TimeStampResponse generateResponse(org.bouncycastle.tsp.TimeStampRequest request, eu.europa.esig.dss.enumerations.DigestAlgorithm digestAlgorithm) throws org.bouncycastle.tsp.TSPException
      This method generates a timestamp response
      Parameters:
      request - TimeStampRequest
      digestAlgorithm - DigestAlgorithm used to generate the time-stamp
      Returns:
      TimeStampResponse
      Throws:
      org.bouncycastle.tsp.TSPException - if an error occurs during the timestamp response generation

    • initResponseGenerator

      protected org.bouncycastle.tsp.TimeStampResponseGenerator initResponseGenerator(eu.europa.esig.dss.enumerations.DigestAlgorithm digestAlgorithm, Date getTime)
      This method initializes the TimeStampResponseGenerator
      Parameters:
      digestAlgorithm - DigestAlgorithm used to generate the message-imprint
      getTime - Date production time of the time-stamp
      Returns:
      TimeStampResponseGenerator

    • getSignedAttributeGenerator

      protected org.bouncycastle.cms.CMSAttributeTableGenerator getSignedAttributeGenerator(Date getTime)
      Returns generator for signed attributes of a time-stamp
      Parameters:
      getTime - Date production time of the time-stamp
      Returns:
      CMSAttributeTableGenerator

    • buildResponse

      protected org.bouncycastle.tsp.TimeStampResponse buildResponse(org.bouncycastle.tsp.TimeStampResponseGenerator responseGenerator, org.bouncycastle.tsp.TimeStampRequest request, BigInteger timeStampSerialNumber, Date productionTime) throws org.bouncycastle.tsp.TSPException
      Generates a time-stamp response
      Parameters:
      responseGenerator - TimeStampResponseGenerator
      request - TimeStampRequest
      timeStampSerialNumber - BigInteger
      productionTime - Date representing a time-stamp's generation time
      Returns:
      TimeStampResponse
      Throws:
      org.bouncycastle.tsp.TSPException - if an error occurs on time-stamp generation

    • getTimeStampSerialNumber

      protected BigInteger getTimeStampSerialNumber()
      Generates a serial number of the produced timestamp token
      Returns:
      BigInteger serial number

    • getTimestampBinary

      protected eu.europa.esig.dss.model.TimestampBinary getTimestampBinary(org.bouncycastle.tsp.TimeStampResponse response) throws IOException
      Returns time-stamp binary from the obtained response
      Parameters:
      response - TimeStampResponse
      Returns:
      TimestampBinary
      Throws:
      IOException - if en error occurs on time-stamp binaries extraction