Examples with PKIStatus - org.bouncycastle.asn1.cmp.PKIStatus

Example 11 with PKIStatus

use of org.bouncycastle.asn1.cmp.PKIStatus in project keystore-explorer by kaikramer.

the class TimeStampingClient method getTimeStampToken.

/**
 * Get RFC 3161 timeStampToken.
 *
 * @param tsaUrl Location of TSA
 * @param data The data to be time-stamped
 * @param hashAlg The algorithm used for generating a hash value of the data to be time-stamped
 * @return encoded, TSA signed data of the timeStampToken
 * @throws IOException
 */
public static byte[] getTimeStampToken(String tsaUrl, byte[] data, DigestType hashAlg) throws IOException {
    TimeStampResponse response = null;
    try {
        // calculate hash value
        MessageDigest digest = MessageDigest.getInstance(hashAlg.jce());
        byte[] hashValue = digest.digest(data);
        // Setup the time stamp request
        TimeStampRequestGenerator tsqGenerator = new TimeStampRequestGenerator();
        tsqGenerator.setCertReq(true);
        BigInteger nonce = BigInteger.valueOf(System.currentTimeMillis());
        TimeStampRequest request = tsqGenerator.generate(new ASN1ObjectIdentifier(hashAlg.oid()), hashValue, nonce);
        byte[] requestBytes = request.getEncoded();
        // send http request
        byte[] respBytes = queryServer(tsaUrl, requestBytes);
        // process response
        response = new TimeStampResponse(respBytes);
        // validate communication level attributes (RFC 3161 PKIStatus)
        response.validate(request);
        PKIFailureInfo failure = response.getFailInfo();
        int value = failure == null ? 0 : failure.intValue();
        if (value != 0) {
            throw new IOException("Server returned error code: " + String.valueOf(value));
        }
    } catch (NoSuchAlgorithmException e) {
        throw new IOException(e);
    } catch (TSPException e) {
        throw new IOException(e);
    }
    // extract the time stamp token
    TimeStampToken tsToken = response.getTimeStampToken();
    if (tsToken == null) {
        throw new IOException("TSA returned no time stamp token: " + response.getStatusString());
    }
    return tsToken.getEncoded();
}

Also used : IOException(java.io.IOException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) TimeStampRequest(org.bouncycastle.tsp.TimeStampRequest) PKIFailureInfo(org.bouncycastle.asn1.cmp.PKIFailureInfo) TimeStampResponse(org.bouncycastle.tsp.TimeStampResponse) BigInteger(java.math.BigInteger) TimeStampRequestGenerator(org.bouncycastle.tsp.TimeStampRequestGenerator) TSPException(org.bouncycastle.tsp.TSPException) MessageDigest(java.security.MessageDigest) TimeStampToken(org.bouncycastle.tsp.TimeStampToken) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)

Aggregations

PKIStatusInfo (org.bouncycastle.asn1.cmp.PKIStatusInfo)6 ErrorMsgContent (org.bouncycastle.asn1.cmp.ErrorMsgContent)5 PKIBody (org.bouncycastle.asn1.cmp.PKIBody)5 PKIFailureInfo (org.bouncycastle.asn1.cmp.PKIFailureInfo)5 IOException (java.io.IOException)4 InvalidKeyException (java.security.InvalidKeyException)3 X509Certificate (java.security.cert.X509Certificate)3 ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)3 ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)3 PKIFreeText (org.bouncycastle.asn1.cmp.PKIFreeText)3 CMPException (org.bouncycastle.cert.cmp.CMPException)3 OperatorCreationException (org.bouncycastle.operator.OperatorCreationException)3 BigInteger (java.math.BigInteger)2 Date (java.util.Date)2 DERPrintableString (org.bouncycastle.asn1.DERPrintableString)2 DERUTF8String (org.bouncycastle.asn1.DERUTF8String)2 CMPCertificate (org.bouncycastle.asn1.cmp.CMPCertificate)2 CertRepMessage (org.bouncycastle.asn1.cmp.CertRepMessage)2 CertResponse (org.bouncycastle.asn1.cmp.CertResponse)2 AttributeTable (org.bouncycastle.asn1.cms.AttributeTable)2