TSAClientBouncyCastle.java

/*

 * $Id: TSAClientBouncyCastle.java 4065 2009-09-16 23:09:11Z psoares33 $

 *

 * Copyright 2009 Martin Brunecky, Aiken Sam

 *

 * The contents of this file are subject to the Mozilla Public License Version 1.1

 * (the "License"); you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at http://www.mozilla.org/MPL/

 *

 * Software distributed under the License is distributed on an "AS IS" basis,

 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License

 * for the specific language governing rights and limitations under the License.

 *

 * The Original Code is 'iText, a free JAVA-PDF library'.

 *

 * The Initial Developer of the Original Code is Bruno Lowagie. Portions created by

 * the Initial Developer are Copyright (C) 1999-2005 by Bruno Lowagie.

 * All Rights Reserved.

 * Co-Developer of the code is Paulo Soares. Portions created by the Co-Developer

 * are Copyright (C) 2009 by Martin Brunecky. All Rights Reserved.

 *

 * Contributor(s): all the names of the contributors are added in the source code

 * where applicable.

 *

 * Alternatively, the contents of this file may be used under the terms of the

 * LGPL license (the "GNU LIBRARY GENERAL PUBLIC LICENSE"), in which case the

 * provisions of LGPL are applicable instead of those above.  If you wish to

 * allow use of your version of this file only under the terms of the LGPL

 * License and not to allow others to use your version of this file under

 * the MPL, indicate your decision by deleting the provisions above and

 * replace them with the notice and other provisions required by the LGPL.

 * If you do not delete the provisions above, a recipient may use your version

 * of this file under either the MPL or the GNU LIBRARY GENERAL PUBLIC LICENSE.

 *

 * This library is free software; you can redistribute it and/or modify it

 * under the terms of the MPL as stated above or under the terms of the GNU

 * Library General Public License as published by the Free Software Foundation;

 * either version 2 of the License, or any later version.

 *

 * This library is distributed in the hope that it will be useful, but WITHOUT

 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS

 * FOR A PARTICULAR PURPOSE. See the GNU Library general Public License for more

 * details.

 *

 * If you didn't download this code from the following link, you should check if

 * you aren't using an obsolete version:

 * http://www.lowagie.com/iText/

 */

package com.lowagie.text.pdf;

import java.io.ByteArrayOutputStream;

import java.io.InputStream;

import java.io.OutputStream;

import java.math.BigInteger;

import java.net.URL;

import java.net.URLConnection;

import java.util.Base64;

import org.bouncycastle.asn1.cmp.PKIFailureInfo;

import org.bouncycastle.asn1.x509.X509ObjectIdentifiers;

import org.bouncycastle.tsp.TimeStampRequest;

import org.bouncycastle.tsp.TimeStampRequestGenerator;

import org.bouncycastle.tsp.TimeStampResponse;

import org.bouncycastle.tsp.TimeStampToken;

import org.bouncycastle.tsp.TimeStampTokenInfo;

import com.lowagie.text.error_messages.MessageLocalization;

/**

 * Time Stamp Authority Client interface implementation using Bouncy Castle

 * org.bouncycastle.tsp package.

 * <p>

 * Created by Aiken Sam, 2006-11-15, refactored by Martin Brunecky, 07/15/2007

 * for ease of subclassing.

 * </p>

 * 

 * @since 2.1.6

 */

public class TSAClientBouncyCastle implements TSAClient {

  /** URL of the Time Stamp Authority */

  protected String tsaURL;

  /** TSA Username */

  protected String tsaUsername;

  /** TSA password */

  protected String tsaPassword;

  /** Estimate of the received time stamp token */

  protected int tokSzEstimate;

  /**

   * Creates an instance of a TSAClient that will use BouncyCastle.

   * 

   * @param url

   *          String - Time Stamp Authority URL (i.e.

   *          "http://tsatest1.digistamp.com/TSA")

   */

  public TSAClientBouncyCastle(String url) {

  /**

   * Creates an instance of a TSAClient that will use BouncyCastle.

   * 

   * @param url

   *          String - Time Stamp Authority URL (i.e.

   *          "http://tsatest1.digistamp.com/TSA")

   * @param username

   *          String - user(account) name

   * @param password

   *          String - password

   */

  public TSAClientBouncyCastle(String url, String username, String password) {

  /**

   * Constructor. Note the token size estimate is updated by each call, as the

   * token size is not likely to change (as long as we call the same TSA using

   * the same imprint length).

   * 

   * @param url

   *          String - Time Stamp Authority URL (i.e.

   *          "http://tsatest1.digistamp.com/TSA")

   * @param username

   *          String - user(account) name

   * @param password

   *          String - password

   * @param tokSzEstimate

   *          int - estimated size of received time stamp token (DER encoded)

   */

  public TSAClientBouncyCastle(String url, String username, String password,

  /**

   * Get the token size estimate. Returned value reflects the result of the last

   * succesfull call, padded

   * 

   * @return an estimate of the token size

   */

  @Override

  public int getTokenSizeEstimate() {

  }

  /**

   * Get RFC 3161 timeStampToken. Method may return null indicating that

   * timestamp should be skipped.

   * 

   * @param caller

   *          PdfPKCS7 - calling PdfPKCS7 instance (in case caller needs it)

   * @param imprint

   *          byte[] - data imprint to be time-stamped

   * @return byte[] - encoded, TSA signed data of the timeStampToken

   * @throws Exception

   *           - TSA request failed

   * @see com.lowagie.text.pdf.TSAClient#getTimeStampToken(com.lowagie.text.pdf.PdfPKCS7,

   *      byte[])

   */

  @Override

  public byte[] getTimeStampToken(PdfPKCS7 caller, byte[] imprint)

      throws Exception {

  }

  /**

   * Get timestamp token - Bouncy Castle request encoding / decoding layer

   */

  protected byte[] getTimeStampToken(byte[] imprint) throws Exception {

    try {

      // Setup the time stamp request

      // tsqGenerator.setReqPolicy("1.3.6.1.4.1.601.10.3.1");

      // Call the communications layer

      // Handle the TSA response

      // validate communication level attributes (RFC 3161 PKIStatus)

        // @todo: Translate value of 15 error codes defined by

        // PKIFailureInfo to string

      }

      // @todo: validate the time stap certificate chain (if we want

      // assure we do not sign using an invalid timestamp).

      // extract just the time stamp token (removes communication status

      // info)

            "tsa.1.failed.to.return.time.stamp.token.2", tsaURL,

      }

                                                            // details

      // Update our token size estimate for the next call (padded to be

      // safe)

          "failed.to.get.tsa.response.from.1", tsaURL), t);

    }

  }

  /**

   * Get timestamp token - communications layer

   * 

   * @return - byte[] - TSA response, raw bytes (RFC 3161 encoded)

   */

  protected byte[] getTSAResponse(byte[] requestBytes) throws Exception {

    // Setup the TSA connection

    URLConnection tsaConnection;

        "application/timestamp-query");

    // tsaConnection.setRequestProperty("Content-Transfer-Encoding",

    // "base64");

    }

    // Get TSA response as a byte array

    }

    }

  }

}

Mutations