1/*
2 * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.  Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26package sun.security.timestamp;
27
28import java.io.IOException;
29import java.math.BigInteger;
30import java.security.MessageDigest;
31import java.security.NoSuchAlgorithmException;
32import java.security.cert.X509Extension;
33import sun.security.util.DerValue;
34import sun.security.util.DerOutputStream;
35import sun.security.util.ObjectIdentifier;
36import sun.security.x509.AlgorithmId;
37
38/**
39 * This class provides a timestamp request, as defined in
40 * <a href="http://www.ietf.org/rfc/rfc3161.txt">RFC 3161</a>.
41 *
42 * The TimeStampReq ASN.1 type has the following definition:
43 * <pre>
44 *
45 *     TimeStampReq ::= SEQUENCE {
46 *         version           INTEGER { v1(1) },
47 *         messageImprint    MessageImprint
48 *           -- a hash algorithm OID and the hash value of the data to be
49 *           -- time-stamped.
50 *         reqPolicy         TSAPolicyId    OPTIONAL,
51 *         nonce             INTEGER        OPTIONAL,
52 *         certReq           BOOLEAN        DEFAULT FALSE,
53 *         extensions        [0] IMPLICIT Extensions OPTIONAL }
54 *
55 *     MessageImprint ::= SEQUENCE {
56 *         hashAlgorithm     AlgorithmIdentifier,
57 *         hashedMessage     OCTET STRING }
58 *
59 *     TSAPolicyId ::= OBJECT IDENTIFIER
60 *
61 * </pre>
62 *
63 * @since 1.5
64 * @author Vincent Ryan
65 * @see Timestamper
66 */
67
68public class TSRequest {
69
70    private int version = 1;
71
72    private AlgorithmId hashAlgorithmId = null;
73
74    private byte[] hashValue;
75
76    private String policyId = null;
77
78    private BigInteger nonce = null;
79
80    private boolean returnCertificate = false;
81
82    private X509Extension[] extensions = null;
83
84    /**
85     * Constructs a timestamp request for the supplied data.
86     *
87     * @param toBeTimeStamped  The data to be timestamped.
88     * @param messageDigest The MessageDigest of the hash algorithm to use.
89     * @throws NoSuchAlgorithmException if the hash algorithm is not supported
90     */
91    public TSRequest(String tSAPolicyID, byte[] toBeTimeStamped, MessageDigest messageDigest)
92        throws NoSuchAlgorithmException {
93
94        this.policyId = tSAPolicyID;
95        this.hashAlgorithmId = AlgorithmId.get(messageDigest.getAlgorithm());
96        this.hashValue = messageDigest.digest(toBeTimeStamped);
97    }
98
99    public byte[] getHashedMessage() {
100        return hashValue.clone();
101    }
102
103    /**
104     * Sets the Time-Stamp Protocol version.
105     *
106     * @param version The TSP version.
107     */
108    public void setVersion(int version) {
109        this.version = version;
110    }
111
112    /**
113     * Sets an object identifier for the Time-Stamp Protocol policy.
114     *
115     * @param policyId The policy object identifier.
116     */
117    public void setPolicyId(String policyId) {
118        this.policyId = policyId;
119    }
120
121    /**
122     * Sets a nonce.
123     * A nonce is a single-use random number.
124     *
125     * @param nonce The nonce value.
126     */
127    public void setNonce(BigInteger nonce) {
128        this.nonce = nonce;
129    }
130
131    /**
132     * Request that the TSA include its signing certificate in the response.
133     *
134     * @param returnCertificate True if the TSA should return its signing
135     *                          certificate. By default it is not returned.
136     */
137    public void requestCertificate(boolean returnCertificate) {
138        this.returnCertificate = returnCertificate;
139    }
140
141    /**
142     * Sets the Time-Stamp Protocol extensions.
143     *
144     * @param extensions The protocol extensions.
145     */
146    public void setExtensions(X509Extension[] extensions) {
147        this.extensions = extensions;
148    }
149
150    public byte[] encode() throws IOException {
151
152        DerOutputStream request = new DerOutputStream();
153
154        // encode version
155        request.putInteger(version);
156
157        // encode messageImprint
158        DerOutputStream messageImprint = new DerOutputStream();
159        hashAlgorithmId.encode(messageImprint);
160        messageImprint.putOctetString(hashValue);
161        request.write(DerValue.tag_Sequence, messageImprint);
162
163        // encode optional elements
164
165        if (policyId != null) {
166            request.putOID(new ObjectIdentifier(policyId));
167        }
168        if (nonce != null) {
169            request.putInteger(nonce);
170        }
171        if (returnCertificate) {
172            request.putBoolean(true);
173        }
174
175        DerOutputStream out = new DerOutputStream();
176        out.write(DerValue.tag_Sequence, request);
177        return out.toByteArray();
178    }
179}
180