Beispiel #1
0
  /**
   * return a Boolean from a tagged object.
   *
   * @param obj the tagged object holding the object we want
   * @param explicit true if the object is meant to be explicitly tagged false otherwise.
   * @exception IllegalArgumentException if the tagged object cannot be converted.
   */
  public static ASN1Boolean getInstance(ASN1TaggedObject obj, boolean explicit) {
    ASN1Primitive o = obj.getObject();

    if (explicit || o instanceof ASN1Boolean) {
      return getInstance(o);
    } else {
      return ASN1Boolean.fromOctetString(((ASN1OctetString) o).getOctets());
    }
  }
  /**
   * Generate a TimeStampToken for the passed in request and serialNumber marking it with the passed
   * in genTime.
   *
   * @param request the originating request.
   * @param serialNumber serial number for the TimeStampToken
   * @param genTime token generation time.
   * @param additionalExtensions extra extensions to be added to the response token.
   * @return a TimeStampToken
   * @throws TSPException
   */
  public TimeStampToken generate(
      TimeStampRequest request,
      BigInteger serialNumber,
      Date genTime,
      Extensions additionalExtensions)
      throws TSPException {
    ASN1ObjectIdentifier digestAlgOID = request.getMessageImprintAlgOID();

    AlgorithmIdentifier algID = new AlgorithmIdentifier(digestAlgOID, DERNull.INSTANCE);
    MessageImprint messageImprint = new MessageImprint(algID, request.getMessageImprintDigest());

    Accuracy accuracy = null;
    if (accuracySeconds > 0 || accuracyMillis > 0 || accuracyMicros > 0) {
      ASN1Integer seconds = null;
      if (accuracySeconds > 0) {
        seconds = new ASN1Integer(accuracySeconds);
      }

      ASN1Integer millis = null;
      if (accuracyMillis > 0) {
        millis = new ASN1Integer(accuracyMillis);
      }

      ASN1Integer micros = null;
      if (accuracyMicros > 0) {
        micros = new ASN1Integer(accuracyMicros);
      }

      accuracy = new Accuracy(seconds, millis, micros);
    }

    ASN1Boolean derOrdering = null;
    if (ordering) {
      derOrdering = ASN1Boolean.getInstance(ordering);
    }

    ASN1Integer nonce = null;
    if (request.getNonce() != null) {
      nonce = new ASN1Integer(request.getNonce());
    }

    ASN1ObjectIdentifier tsaPolicy = tsaPolicyOID;
    if (request.getReqPolicy() != null) {
      tsaPolicy = request.getReqPolicy();
    }

    Extensions respExtensions = request.getExtensions();
    if (additionalExtensions != null) {
      ExtensionsGenerator extGen = new ExtensionsGenerator();

      if (respExtensions != null) {
        for (Enumeration en = respExtensions.oids(); en.hasMoreElements(); ) {
          extGen.addExtension(
              respExtensions.getExtension(ASN1ObjectIdentifier.getInstance(en.nextElement())));
        }
      }
      for (Enumeration en = additionalExtensions.oids(); en.hasMoreElements(); ) {
        extGen.addExtension(
            additionalExtensions.getExtension(ASN1ObjectIdentifier.getInstance(en.nextElement())));
      }

      respExtensions = extGen.generate();
    }

    TSTInfo tstInfo =
        new TSTInfo(
            tsaPolicy,
            messageImprint,
            new ASN1Integer(serialNumber),
            new ASN1GeneralizedTime(genTime),
            accuracy,
            derOrdering,
            nonce,
            tsa,
            respExtensions);

    try {
      CMSSignedDataGenerator signedDataGenerator = new CMSSignedDataGenerator();

      if (request.getCertReq()) {
        // TODO: do we need to check certs non-empty?
        signedDataGenerator.addCertificates(new CollectionStore(certs));
        signedDataGenerator.addAttributeCertificates(new CollectionStore(attrCerts));
      }

      signedDataGenerator.addCRLs(new CollectionStore(crls));

      if (!otherRevoc.isEmpty()) {
        for (Iterator it = otherRevoc.keySet().iterator(); it.hasNext(); ) {
          ASN1ObjectIdentifier format = (ASN1ObjectIdentifier) it.next();

          signedDataGenerator.addOtherRevocationInfo(
              format, new CollectionStore((Collection) otherRevoc.get(format)));
        }
      }

      signedDataGenerator.addSignerInfoGenerator(signerInfoGen);

      byte[] derEncodedTSTInfo = tstInfo.getEncoded(ASN1Encoding.DER);

      CMSSignedData signedData =
          signedDataGenerator.generate(
              new CMSProcessableByteArray(PKCSObjectIdentifiers.id_ct_TSTInfo, derEncodedTSTInfo),
              true);

      return new TimeStampToken(signedData);
    } catch (CMSException cmsEx) {
      throw new TSPException("Error generating time-stamp token", cmsEx);
    } catch (IOException e) {
      throw new TSPException("Exception encoding info", e);
    }
  }