151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski/*
251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved.
351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *
551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * This code is free software; you can redistribute it and/or modify it
651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * under the terms of the GNU General Public License version 2 only, as
751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * published by the Free Software Foundation.  Oracle designates this
851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * particular file as subject to the "Classpath" exception as provided
951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * by Oracle in the LICENSE file that accompanied this code.
1051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *
1151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * This code is distributed in the hope that it will be useful, but WITHOUT
1251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
1351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
1451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * version 2 for more details (a copy is included in the LICENSE file that
1551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * accompanied this code).
1651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *
1751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * You should have received a copy of the GNU General Public License version
1851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 2 along with this work; if not, write to the Free Software Foundation,
1951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
2051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *
2151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
2251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * or visit www.oracle.com if you need additional information or have any
2351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * questions.
2451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */
2551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
2651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskipackage sun.security.timestamp;
2751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
2851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport java.io.IOException;
2951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport java.math.BigInteger;
3051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport java.util.Date;
3151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport sun.security.util.DerValue;
3251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport sun.security.util.ObjectIdentifier;
3351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport sun.security.x509.AlgorithmId;
3451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
3551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski/**
3651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * This class provides the timestamp token info resulting from a successful
3751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * timestamp request, as defined in
3851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <a href="http://www.ietf.org/rfc/rfc3161.txt">RFC 3161</a>.
3951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *
4051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * The timestampTokenInfo ASN.1 type has the following definition:
4151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <pre>
4251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *
4351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *     TSTInfo ::= SEQUENCE {
4451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *         version                INTEGER  { v1(1) },
4551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *         policy                 TSAPolicyId,
4651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *         messageImprint         MessageImprint,
4751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *           -- MUST have the same value as the similar field in
4851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *           -- TimeStampReq
4951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *         serialNumber           INTEGER,
5051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *          -- Time-Stamping users MUST be ready to accommodate integers
5151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *          -- up to 160 bits.
5251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *         genTime                GeneralizedTime,
5351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *         accuracy               Accuracy                 OPTIONAL,
5451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *         ordering               BOOLEAN             DEFAULT FALSE,
5551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *         nonce                  INTEGER                  OPTIONAL,
5651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *           -- MUST be present if the similar field was present
5751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *           -- in TimeStampReq.  In that case it MUST have the same value.
5851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *         tsa                    [0] GeneralName          OPTIONAL,
5951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *         extensions             [1] IMPLICIT Extensions  OPTIONAL }
6051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *
6151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *     Accuracy ::= SEQUENCE {
6251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *         seconds        INTEGER           OPTIONAL,
6351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *         millis     [0] INTEGER  (1..999) OPTIONAL,
6451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *         micros     [1] INTEGER  (1..999) OPTIONAL  }
6551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *
6651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * </pre>
6751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski *
6851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @since 1.5
6951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @see Timestamper
7051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @author Vincent Ryan
7151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */
7251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
7351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskipublic class TimestampToken {
7451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
7551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    private int version;
7651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    private ObjectIdentifier policy;
7751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    private BigInteger serialNumber;
7851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    private AlgorithmId hashAlgorithm;
7951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    private byte[] hashedMessage;
8051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    private Date genTime;
8151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    private BigInteger nonce;
8251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
8351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    /**
8451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * Constructs an object to store a timestamp token.
8551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     *
8651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * @param status A buffer containing the ASN.1 BER encoding of the
8751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     *               TSTInfo element defined in RFC 3161.
8851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     */
8951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    public TimestampToken(byte[] timestampTokenInfo) throws IOException {
9051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        if (timestampTokenInfo == null) {
9151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski            throw new IOException("No timestamp token info");
9251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        }
9351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        parse(timestampTokenInfo);
9451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    }
9551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
9651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    /**
9751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * Extract the date and time from the timestamp token.
9851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     *
9951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * @return The date and time when the timestamp was generated.
10051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     */
10151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    public Date getDate() {
10251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        return genTime;
10351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    }
10451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
10551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    public AlgorithmId getHashAlgorithm() {
10651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        return hashAlgorithm;
10751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    }
10851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
10951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    // should only be used internally, otherwise return a clone
11051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    public byte[] getHashedMessage() {
11151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        return hashedMessage;
11251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    }
11351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
11451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    public BigInteger getNonce() {
11551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        return nonce;
11651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    }
11751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
1189b8f26e4f8a286534c57147252bc800e7caa1549Sergio Giro    public String getPolicyID() {
1199b8f26e4f8a286534c57147252bc800e7caa1549Sergio Giro        return policy.toString();
1209b8f26e4f8a286534c57147252bc800e7caa1549Sergio Giro    }
1219b8f26e4f8a286534c57147252bc800e7caa1549Sergio Giro
12251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    public BigInteger getSerialNumber() {
12351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        return serialNumber;
12451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    }
12551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
12651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    /*
12751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * Parses the timestamp token info.
12851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     *
12951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * @param timestampTokenInfo A buffer containing an ASN.1 BER encoded
13051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     *                           TSTInfo.
13151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     * @throws IOException The exception is thrown if a problem is encountered
13251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     *         while parsing.
13351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski     */
13451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    private void parse(byte[] timestampTokenInfo) throws IOException {
13551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
13651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        DerValue tstInfo = new DerValue(timestampTokenInfo);
13751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        if (tstInfo.tag != DerValue.tag_Sequence) {
13851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski            throw new IOException("Bad encoding for timestamp token info");
13951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        }
14051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        // Parse version
14151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        version = tstInfo.data.getInteger();
14251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
14351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        // Parse policy
14451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        policy = tstInfo.data.getOID();
14551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
14651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        // Parse messageImprint
14751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        DerValue messageImprint = tstInfo.data.getDerValue();
14851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        hashAlgorithm = AlgorithmId.parse(messageImprint.data.getDerValue());
14951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        hashedMessage = messageImprint.data.getOctetString();
15051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
15151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        // Parse serialNumber
15251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        serialNumber = tstInfo.data.getBigInteger();
15351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
15451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        // Parse genTime
15551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        genTime = tstInfo.data.getGeneralizedTime();
15651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
15751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        // Parse optional elements, if present
15851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        while (tstInfo.data.available() > 0) {
15951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski            DerValue d = tstInfo.data.getDerValue();
16051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski            if (d.tag == DerValue.tag_Integer) {    // must be the nonce
16151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski                nonce = d.getBigInteger();
16251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski                break;
16351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski            }
16451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski
16551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski            // Additional fields:
16651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski            // Parse accuracy
16751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski            // Parse ordering
16851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski            // Parse tsa
16951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski            // Parse extensions
17051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski        }
17151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski    }
17251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski}
173