iaik.pdf.cmscades

Class TimeStampTokenUtil

java.lang.Object

iaik.pdf.cmscades.TimeStampTokenUtil

public class TimeStampTokenUtil
extends java.lang.Object

Provides methods to create and verify time stamps.

Field Summary

Fields

Modifier and Type	Field and Description
static java.lang.String	DEFAULTDIGESTALGORITHM

Constructor Summary

Constructors

Constructor and Description
TimeStampTokenUtil()

Method Summary

Modifier and Type	Method and Description
static byte[]	getDigestValue(byte[] dataToBeTimestamped) Calculates the digest value for the given data using the default digest algorithm SHA-256.
static byte[]	getDigestValue(byte[] dataToBeTimestamped, java.lang.String digestAlgorithm) Calculates the digest value for the given data using the specified digest algorithm.
static byte[]	getDigestValue(java.io.InputStream dataToBeTimestamped) Calculates the digest value for the given data using the default digest algorithm SHA-256.
static byte[]	getDigestValue(java.io.InputStream dataToBeTimestamped, java.lang.String digestAlgorithm) Calculates the digest value for the given data using the specified digest algorithm.
static iaik.tsp.TimeStampToken	getTimeStampToken(byte[] imprint, java.lang.String tsaUrl) Sends a timestamp request to the given TSA and returns the timestamp token if successful.
static iaik.tsp.TimeStampToken	getTimeStampToken(byte[] imprint, java.lang.String digestAlgorithm, java.lang.String tsaUrl, java.lang.String username, java.lang.String password) Sends a timestamp request to the given TSA and returns the timestamp token if successful.
static iaik.tsp.TimeStampToken	getTimeStampTokenWithHashing(byte[] dataToBeTimestamped, java.lang.String tsaUrl) Hashes the given data, sends a timestamp request for the resulting imprint to the given TSA and returns the timestamp token if successful.
static iaik.tsp.TimeStampToken	getTimeStampTokenWithHashing(byte[] dataToBeTimestamped, java.lang.String digestAlgorithm, java.lang.String tsaUrl, java.lang.String username, java.lang.String password) Hashes the given data, sends a timestamp request for the resulting imprint to the given TSA and returns the timestamp token if successful.
static iaik.tsp.TimeStampToken	getTimeStampTokenWithHashing(java.io.InputStream dataToBeTimestamped, java.lang.String tsaUrl) Hashes the given data, sends a timestamp request for the resulting imprint to the given TSA and returns the timestamp token if successful.
static iaik.tsp.TimeStampToken	getTimeStampTokenWithHashing(java.io.InputStream dataToBeTimestamped, java.lang.String digestAlgorithm, java.lang.String tsaUrl, java.lang.String username, java.lang.String password) Hashes the given data, sends a timestamp request for the resulting imprint to the given TSA and returns the timestamp token if successful.
static java.lang.String	getTsaUrl(iaik.x509.X509Certificate certificate) Extract URL to time stamp authority to be used for creating a time stamp for the signature time.
static void	verifyTimestamp(iaik.tsp.TimeStampToken token, iaik.x509.X509Certificate tsa_cert, byte[] data) Verifies the given timestamp token.
static void	verifyTimestamp(iaik.tsp.TimeStampToken token, iaik.x509.X509Certificate tsa_cert, java.io.InputStream data) Verifies the given timestamp token.
static void	verifyTimestampNoHashing(iaik.tsp.TimeStampToken token, iaik.x509.X509Certificate tsa_cert, byte[] hashedData) Verifies the given timestamp token.

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

DEFAULTDIGESTALGORITHM

public static final java.lang.String DEFAULTDIGESTALGORITHM

See Also:

Constant Field Values

Constructor Detail

TimeStampTokenUtil

public TimeStampTokenUtil()

Method Detail

getTimeStampToken

public static iaik.tsp.TimeStampToken getTimeStampToken(byte[] imprint,
                                                        java.lang.String tsaUrl)
                                                 throws CmsCadesException,
                                                        iaik.tsp.TspVerificationException

Sends a timestamp request to the given TSA and returns the timestamp token if successful. Assumes that imprint has been calculated using default hash algorithm SHA-256.

Parameters:

imprint - the data imprint (already hashed) to be timestamped

tsaUrl - the URL to the timestamp authority to send the request to

Returns:

the timestamp token

Throws:

CmsCadesException - if the timestamp request can't be sent or the response is not valid

iaik.tsp.TspVerificationException - if signature of timestamp token is invalid or an parsing error occurs

getTimeStampToken

public static iaik.tsp.TimeStampToken getTimeStampToken(byte[] imprint,
                                                        java.lang.String digestAlgorithm,
                                                        java.lang.String tsaUrl,
                                                        java.lang.String username,
                                                        java.lang.String password)
                                                 throws CmsCadesException,
                                                        iaik.tsp.TspVerificationException

Sends a timestamp request to the given TSA and returns the timestamp token if successful.

Parameters:

imprint - the data imprint (already hashed) to be timestamped

digestAlgorithm - the digest algorithm that has been used to create the given imprint

tsaUrl - the URL to the timestamp authority to send the request to

username - username for authentication at the timestamp authority

password - password for authentication at the timestamp authority

Returns:

the timestamp token

Throws:

CmsCadesException - if the timestamp request can't be sent or the response is not valid

iaik.tsp.TspVerificationException - if signature of timestamp token is invalid or an parsing error occurs

getTimeStampTokenWithHashing

public static iaik.tsp.TimeStampToken getTimeStampTokenWithHashing(byte[] dataToBeTimestamped,
                                                                   java.lang.String digestAlgorithm,
                                                                   java.lang.String tsaUrl,
                                                                   java.lang.String username,
                                                                   java.lang.String password)
                                                            throws CmsCadesException,
                                                                   iaik.tsp.TspVerificationException,
                                                                   java.security.NoSuchAlgorithmException

Hashes the given data, sends a timestamp request for the resulting imprint to the given TSA and returns the timestamp token if successful.

Parameters:

dataToBeTimestamped - data to be hashed and timestamped

digestAlgorithm - the digest algorithm that has been used to create the given imprint

tsaUrl - the URL to the timestamp authority to send the request to

username - username for authentication at the timestamp authority

password - password for authentication at the timestamp authority

Returns:

the timestamp token

Throws:

CmsCadesException - if the timestamp request can't be sent or the response is not valid

iaik.tsp.TspVerificationException - if signature of timestamp token is invalid or an parsing error occurs

java.security.NoSuchAlgorithmException - if the given digest algorithm is unknown

getTimeStampTokenWithHashing

public static iaik.tsp.TimeStampToken getTimeStampTokenWithHashing(byte[] dataToBeTimestamped,
                                                                   java.lang.String tsaUrl)
                                                            throws CmsCadesException,
                                                                   iaik.tsp.TspVerificationException,
                                                                   java.security.NoSuchAlgorithmException

Hashes the given data, sends a timestamp request for the resulting imprint to the given TSA and returns the timestamp token if successful.

Parameters:

dataToBeTimestamped - data to be hashed and timestamped

tsaUrl - the URL to the timestamp authority to send the request to

Returns:

the timestamp token

Throws:

CmsCadesException - if the timestamp request can't be sent or the response is not valid

iaik.tsp.TspVerificationException - if signature of timestamp token is invalid or an parsing error occurs

java.security.NoSuchAlgorithmException - if the given digest algorithm is unknown

getTimeStampTokenWithHashing

public static iaik.tsp.TimeStampToken getTimeStampTokenWithHashing(java.io.InputStream dataToBeTimestamped,
                                                                   java.lang.String digestAlgorithm,
                                                                   java.lang.String tsaUrl,
                                                                   java.lang.String username,
                                                                   java.lang.String password)
                                                            throws CmsCadesException,
                                                                   iaik.tsp.TspVerificationException,
                                                                   java.security.NoSuchAlgorithmException,
                                                                   java.io.IOException

Hashes the given data, sends a timestamp request for the resulting imprint to the given TSA and returns the timestamp token if successful.

Parameters:

dataToBeTimestamped - data to be hashed and timestamped

digestAlgorithm - the digest algorithm that has been used to create the given imprint

tsaUrl - the URL to the timestamp authority to send the request to

username - username for authentication at the timestamp authority

password - password for authentication at the timestamp authority

Returns:

the timestamp token

Throws:

CmsCadesException - if the timestamp request can't be sent or the response is not valid

iaik.tsp.TspVerificationException - if signature of timestamp token is invalid or an parsing error occurs

java.security.NoSuchAlgorithmException - if the given digest algorithm is unknown

java.io.IOException - if the data can't be read

getTimeStampTokenWithHashing

public static iaik.tsp.TimeStampToken getTimeStampTokenWithHashing(java.io.InputStream dataToBeTimestamped,
                                                                   java.lang.String tsaUrl)
                                                            throws CmsCadesException,
                                                                   iaik.tsp.TspVerificationException,
                                                                   java.security.NoSuchAlgorithmException,
                                                                   java.io.IOException

Hashes the given data, sends a timestamp request for the resulting imprint to the given TSA and returns the timestamp token if successful.

Parameters:

dataToBeTimestamped - data to be hashed and timestamped

tsaUrl - the URL to the timestamp authority to send the request to

Returns:

the timestamp token

Throws:

CmsCadesException - if the timestamp request can't be sent or the response is not valid

iaik.tsp.TspVerificationException - if signature of timestamp token is invalid or an parsing error occurs

java.security.NoSuchAlgorithmException - if the given digest algorithm is unknown

java.io.IOException - if the data can't be read

getDigestValue

public static byte[] getDigestValue(byte[] dataToBeTimestamped)
                             throws java.security.NoSuchAlgorithmException

Calculates the digest value for the given data using the default digest algorithm SHA-256.

Parameters:

dataToBeTimestamped - data to be digested for the timestamp

Returns:

digest of the given data

Throws:

java.security.NoSuchAlgorithmException - if the default digest algorithm is not available

getDigestValue

public static byte[] getDigestValue(byte[] dataToBeTimestamped,
                                    java.lang.String digestAlgorithm)
                             throws java.security.NoSuchAlgorithmException

Calculates the digest value for the given data using the specified digest algorithm.

Parameters:

dataToBeTimestamped - data to be digested for the timestamp

digestAlgorithm - the digest algorithm, that shall be used

Returns:

digest of the given data

Throws:

java.security.NoSuchAlgorithmException - if the given digest algorithm is unknown

getDigestValue

public static byte[] getDigestValue(java.io.InputStream dataToBeTimestamped)
                             throws java.security.NoSuchAlgorithmException,
                                    java.io.IOException

Calculates the digest value for the given data using the default digest algorithm SHA-256.

Parameters:

dataToBeTimestamped - data to be digested for the timestamp

Returns:

digest of the given data

Throws:

java.security.NoSuchAlgorithmException - if the default digest algorithm is not available

java.io.IOException - if an I/O error occurs

getDigestValue

public static byte[] getDigestValue(java.io.InputStream dataToBeTimestamped,
                                    java.lang.String digestAlgorithm)
                             throws java.security.NoSuchAlgorithmException,
                                    java.io.IOException

Calculates the digest value for the given data using the specified digest algorithm.

Parameters:

dataToBeTimestamped - data to be digested for the timestamp

digestAlgorithm - the digest algorithm, that shall be used

Returns:

digest of the given data

Throws:

java.security.NoSuchAlgorithmException - if the given digest algorithm is unknown

java.io.IOException - if an I/O error occurs

verifyTimestamp

public static void verifyTimestamp(iaik.tsp.TimeStampToken token,
                                   iaik.x509.X509Certificate tsa_cert,
                                   byte[] data)
                            throws CmsCadesException,
                                   iaik.tsp.TspVerificationException

Verifies the given timestamp token. Verifies the signature value and whether the message imprint corresponds with the digest of the given data. No certificate path validation is done. To verify the signature value the given TSA certificate is used. If the given TSA certificate is null and this timestamp contains the corresponding TSA certificate, the included TSA certificate is used.

Parameters:

token - the timestamp token to be verified

tsa_cert - certificate of the time stamp authority to verify the signature value

data - data, claimed to be timestamped

Throws:

CmsCadesException - if timestamped data has been changed or tsa certificate is missing

iaik.tsp.TspVerificationException - if signature of timestamp token is invalid or an parsing error occurs

verifyTimestamp

public static void verifyTimestamp(iaik.tsp.TimeStampToken token,
                                   iaik.x509.X509Certificate tsa_cert,
                                   java.io.InputStream data)
                            throws CmsCadesException,
                                   iaik.tsp.TspVerificationException,
                                   java.io.IOException

Verifies the given timestamp token. Verifies the signature value and whether the message imprint corresponds with the digest of the given data. No certificate path validation is done. To verify the signature value the given TSA certificate is used. If the given TSA certificate is null and this timestamp contains the corresponding TSA certificate, the included TSA certificate is used.

Parameters:

token - the timestamp token to be verified

tsa_cert - certificate of the time stamp authority to verify the signature value

data - data, claimed to be timestamped

Throws:

CmsCadesException - if timestamped data has been changed or tsa certificate is missing

iaik.tsp.TspVerificationException - if signature of timestamp token is invalid or an parsing error occurs

java.io.IOException - if data stream can't be read

verifyTimestampNoHashing

public static void verifyTimestampNoHashing(iaik.tsp.TimeStampToken token,
                                            iaik.x509.X509Certificate tsa_cert,
                                            byte[] hashedData)
                                     throws CmsCadesException,
                                            iaik.tsp.TspVerificationException

Verifies the given timestamp token. Verifies the signature value and whether the message imprint corresponds with the given expected imprint. No certificate path validation is done. To verify the signature value the given TSA certificate is used. If the given TSA certificate is null and this timestamp contains the corresponding TSA certificate, the included TSA certificate is used.

Parameters:

token - the timestamp token to be verified

tsa_cert - certificate of the time stamp authority to verify the signature value

hashedData - imprint (hash) of the data, claimed to be timestamped

Throws:

CmsCadesException - if timestamped data has been changed or tsa certificate is missing

iaik.tsp.TspVerificationException - if signature of timestamp token is invalid or an parsing error occurs

getTsaUrl

public static java.lang.String getTsaUrl(iaik.x509.X509Certificate certificate)
                                  throws java.security.GeneralSecurityException

Extract URL to time stamp authority to be used for creating a time stamp for the signature time.

Parameters:

certificate - certificate to extract the URL from

Returns:

URL to the time stamp authority if included in certificate or null

Throws:

java.security.GeneralSecurityException - if the URL can't be extracted