Overview  Package   Class  Tree  Deprecated  Index  Help 
IAIK TSP
version 2.32
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

demo.tsp.config
Class TspServerConfiguration

java.lang.Object
  extended by demo.tsp.config.TspServerConfiguration

public class TspServerConfiguration
extends java.lang.Object

This demo class provides the configuration of a TspServer.

The server configuration is read from file ServerConfiguration.properties that has to reside somewhere in the classpath.
The following configuration settings may be specified:

  1. SERVERPORT: the port the server shall listen for TSP requests (default: 318)
  2. MAX_TIME_OUT: the socket timeout (default: 60000)
  3. OIDSTRING: the TSA policy oid
  4. SET_ACCURACY: whether the Accuracy field in the TimeStampResp should be set or not (default)
  5. ACCURACY_SECONDS: the accuracy seconds value (only meaningful if the Accuracy field shall be set)
  6. ACCURACY_MILLIS: the accuracy millis value (only meaningful if the Accuracy field shall be set)
  7. ACCURACY_MICROS: the accuracy micros value (only meaningful if the Accuracy field shall be set)
  8. HASH_ALGORITHM: the hash algorithm to be used
  9. SIGNATURE_ALGORITHM: the signature algorithm to be used; if not specified the signature algorithm is calculated from the hash algorithm and the key algorithm
  10. ADD_SHA1_CERTID: whether to also include SHA-1 ESSCertID if ESSCertIDv2 is used

The following configuration settings may be used to specify the file (either by url or name) from which to read the TSA key/certificate from a PKCS#12 or (more generally) Java KeyStore file:
  1. PKCS12URL: the PKCS#12 file url from which to read TSA key/cert
  2. PKCS12FILE: the PKCS#12 file name from which to read TSA key/cert (maybe used to specify the TSA key/cert by file name instead of specifying it by url)
  3. PKCS12PWD: the password for the PKCS#12 file
  4. KS_URL: the KeyStore file url from which to read TSA key/cert (maybe used to specify the TSA key/cert by KeyStore file url instead of specifying it by PKCS#12 file url)
  5. KS_FILE: the KeyStore file name from which to read TSA key/cert (maybe used to specify the TSA key/cert by KeyStore file name instead of specifying it by KeyStore file url)
  6. KS_PWD: the password for the KeyStore file
  7. KS_TYPE: the KeyStore type, default "PKCS12"
  8. KS_PROVIDER: the KeyStore provider
  9. KS_ALIAS: the KeyStore alias, name of the key
The PKCS12URL or PKCS12FILE options may be used when the TSA key/cert shall be read from a PKCS#12 file. e.g.: 
 PKCS12URL=timeStampCert.p12
 PKCS12PWD=topSecret
or 
 PKCS12FILE=D:/TSA/key/timeStampCert.p12
 PKCS12PWD=topSecret
The KS_URL and KS_FILE options also can be used to read TSA key/cert from a PKCS#12 file but also allow to use alternative Java KeyStore formats (e.g. "IAIKKeyStore", "JKS", "IAIKKeyStore", "PKCS11KeyStore",... .

For instance: 

 KS_FILE=D:/TSA/key/timeStampCert.p12
 KS_PWD=topSecret
 KS_ALIAS=demo-tsa
 KS_TYPE=PKCS12
 KS_PROVIDER=IAIK
or (for accessing a HSM key by using the IAIK PKCS11Provider) 
 KS_FILE=eTPkcs11.dll
 KS_PWD=112233
 KS_ALIAS=demo-tsa
 KS_TYPE=PKCS11KeyStore
If KS_ALIAS is not specified the KeyStore is searched for a key/certificate that is appropriate to be used for TimeStamp signing (contains a critical ExtendedKeyUsagae extension with key purpose id timeStamping as required by RFC 3161). If the certificate contains a KeyUsage extension this method also checks if the KeyUsage extension makes the certificate eligible for signing, i.e. if the digitalSignature or nonRepudiation key usage bits are set.

Field Summary
static java.lang.String ConfigurationURL
          Default Configuration URL.
protected static org.apache.commons.logging.Log log
          The logger for this class.
 
Constructor Summary
TspServerConfiguration()
          Default constructor
 
Method Summary
 Accuracy getAccuracy()
          Returns the Accuracy.
 boolean getAddSha1CertID()
          Returns whether to also include SHA-1 ESSCertID if ESSCertIDv2 is used with another hash algorithm.
 AlgorithmID getHashAlgorithm()
          Returns the hash algorithm to be used for signing.
 int getMaxTimeOut()
          Returns the time out of the socket.
 ObjectID getObjectID()
          Returns the ObjectID.
 java.security.PrivateKey getPrivateKey()
          Returns the PrivateKey.
 int getServerPort()
          Returns the port.
 AlgorithmID getSignatureAlgorithm()
          Returns the signature algorithm to be used for signing.
 X509Certificate[] getTSACertChain()
          Returns the certificate chain of the TSA containing the TSA cert at index 0.
 void loadConfiguration(java.lang.String url)
          Loads the configuration from the specified URL.
 boolean setAccuracy()
          Returns whether the Accuracy in the TimeStampResp should be set or not.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

ConfigurationURL

public static final java.lang.String ConfigurationURL
Default Configuration URL.

See Also:
Constant Field Values

log

protected static org.apache.commons.logging.Log log
The logger for this class.

Constructor Detail

TspServerConfiguration

public TspServerConfiguration()
Default constructor

Method Detail

loadConfiguration

public void loadConfiguration(java.lang.String url)
                       throws java.io.IOException,
                              TspServerConfigurationException
Loads the configuration from the specified URL.

Parameters:
url - The URL of the property file. If this parameter is null the default location (ServerConfiguration.properties) will be used.
Throws:
java.io.IOException - Thrown if the specified property is not in the classpath.
TspServerConfigurationException - Thrown if the PKCS#12 file could not be found or decrypted.

getPrivateKey

public java.security.PrivateKey getPrivateKey()
Returns the PrivateKey.

Returns:
The PrivateKey.

getObjectID

public ObjectID getObjectID()
Returns the ObjectID.

Returns:
The ObjectID.

getTSACertChain

public X509Certificate[] getTSACertChain()
Returns the certificate chain of the TSA containing the TSA cert at index 0.

Returns:
The certificate chain of the TSA containing the TSA cert at index 0.

getServerPort

public int getServerPort()
Returns the port.

Returns:
The port.

setAccuracy

public boolean setAccuracy()
Returns whether the Accuracy in the TimeStampResp should be set or not.

Returns:
True if the Accuracy should be set otherwise false.

getAccuracy

public Accuracy getAccuracy()
Returns the Accuracy.

Returns:
The Accuracy.

getHashAlgorithm

public AlgorithmID getHashAlgorithm()
Returns the hash algorithm to be used for signing.

Returns:
The hash AlgorithmID.

getSignatureAlgorithm

public AlgorithmID getSignatureAlgorithm()
Returns the signature algorithm to be used for signing.

Returns:
The signature AlgorithmID. Maybe null (in this case the signature algorithm is calculated from the hash algorithm and the key algorithm).

getAddSha1CertID

public boolean getAddSha1CertID()
Returns whether to also include SHA-1 ESSCertID if ESSCertIDv2 is used with another hash algorithm.

Returns:
true to add SHA-2 ESSCertID if ESSCertIDv2 is used with another hash algorithm, false to not add SHA-1 ESSCertID

getMaxTimeOut

public int getMaxTimeOut()
Returns the time out of the socket.

Returns:
The time out.
Overview  Package   Class  Tree  Deprecated  Index  Help 
This Javadoc may contain text parts from text parts from IETF Internet Standard specifications (see copyright note).
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
IAIK TSP, © 2002 IAIK, © 2003 - 2014 Stiftung SIC