Class TSAClientBouncyCastle

java.lang.Object
com.itextpdf.signatures.TSAClientBouncyCastle
All Implemented Interfaces:
ITSAClient

public class TSAClientBouncyCastle extends Object implements ITSAClient
Time Stamp Authority Client interface implementation using Bouncy Castle org.bouncycastle.tsp package.

Created by Aiken Sam, 2006-11-15, refactored by Martin Brunecky, 07/15/2007 for ease of subclassing.

  • Field Details

    • DEFAULTHASHALGORITHM

      public static final String DEFAULTHASHALGORITHM
      The default value for the hash algorithm
      See Also:
    • DEFAULTTOKENSIZE

      public static final int DEFAULTTOKENSIZE
      The default value for the hash algorithm
      See Also:
    • tsaURL

      protected String tsaURL
      URL of the Time Stamp Authority
    • tsaUsername

      protected String tsaUsername
      TSA Username
    • tsaPassword

      protected String tsaPassword
      TSA password
    • tsaInfo

      protected ITSAInfoBouncyCastle tsaInfo
      An interface that allows you to inspect the timestamp info.
    • tokenSizeEstimate

      protected int tokenSizeEstimate
      Estimate of the received time stamp token
    • digestAlgorithm

      protected String digestAlgorithm
      Hash algorithm
  • Constructor Details

    • TSAClientBouncyCastle

      public TSAClientBouncyCastle (String url)
      Creates an instance of a TSAClient that will use BouncyCastle.
      Parameters:
      url - String - Time Stamp Authority URL (i.e. "http://tsatest1.digistamp.com/TSA")
    • TSAClientBouncyCastle

      public TSAClientBouncyCastle (String url, String username, String password)
      Creates an instance of a TSAClient that will use BouncyCastle.
      Parameters:
      url - String - Time Stamp Authority URL (i.e. "http://tsatest1.digistamp.com/TSA")
      username - String - user(account) name
      password - String - password
    • TSAClientBouncyCastle

      public TSAClientBouncyCastle (String url, String username, String password, int tokSzEstimate, String digestAlgorithm)
      Constructor. Note the token size estimate is updated by each call, as the token size is not likely to change (as long as we call the same TSA using the same imprint length).
      Parameters:
      url - Time Stamp Authority URL (i.e. "http://tsatest1.digistamp.com/TSA")
      username - user(account) name, optional
      password - password, optional if used in combination with username, the credentials will be used in basic authentication. Use only in combination with a https url to ensure encryption
      tokSzEstimate - estimated size of received time stamp token (DER encoded)
      digestAlgorithm - is a hash algorithm
  • Method Details

    • setTSAInfo

      public void setTSAInfo (ITSAInfoBouncyCastle tsaInfo)
      Parameters:
      tsaInfo - the tsaInfo to set
    • getTokenSizeEstimate

      public int getTokenSizeEstimate()
      Get the token size estimate. Returned value reflects the result of the last succesfull call, padded
      Specified by:
      getTokenSizeEstimate in interface ITSAClient
      Returns:
      an estimate of the token size
    • getTSAReqPolicy

      public String getTSAReqPolicy()
      Gets the TSA request policy that will be used when retrieving timestamp token.
      Returns:
      policy id, or null if not set
    • setTSAReqPolicy

      public void setTSAReqPolicy (String tsaReqPolicy)
      Sets the TSA request policy that will be used when retrieving timestamp token.
      Parameters:
      tsaReqPolicy - policy id
    • getMessageDigest

      public MessageDigest getMessageDigest() throws GeneralSecurityException
      Gets the MessageDigest to digest the data imprint
      Specified by:
      getMessageDigest in interface ITSAClient
      Returns:
      the digest algorithm name
      Throws:
      GeneralSecurityException - if digestAlgorithm doesn't match any known hash algorithm
    • getTimeStampToken

      public byte[] getTimeStampToken (byte[] imprint) throws IOException, org.bouncycastle.tsp.TSPException
      Get RFC 3161 timeStampToken. Method may return null indicating that timestamp should be skipped.
      Specified by:
      getTimeStampToken in interface ITSAClient
      Parameters:
      imprint - data imprint to be time-stamped
      Returns:
      encoded, TSA signed data of the timeStampToken
      Throws:
      IOException - if I/O error occurs
      org.bouncycastle.tsp.TSPException - if the TSA response is malformed
    • getTSAResponse

      protected byte[] getTSAResponse (byte[] requestBytes) throws IOException
      Get timestamp token - communications layer
      Parameters:
      requestBytes - is a byte representation of TSA request
      Returns:
      - byte[] - TSA response, raw bytes (RFC 3161 encoded)
      Throws:
      IOException - if I/O issue occurs