| java.lang.Object | ||
| ↳ | com.sun.jarsigner.ContentSigner | |
| ↳ | sun.security.tools.TimestampedSigner | |
Class Overview
This class implements a content signing service. It generates a timestamped signature for a given content according to RFC 3161. The signature along with a trusted timestamp and the signer's certificate are all packaged into a standard PKCS #7 Signed Data message.
Summary
| Public Constructors | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
Instantiates a content signer that supports timestamped signatures.
| |||||||||||
| Public Methods | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
Generates a PKCS #7 signed data message that includes a signature
timestamp.
| |||||||||||
Examine the certificate for a Subject Information Access extension
(RFC 3280).
| |||||||||||
|
[Expand]
Inherited Methods | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
From class
com.sun.jarsigner.ContentSigner
| |||||||||||
|
From class
java.lang.Object
| |||||||||||
Public Constructors
public TimestampedSigner ()
Instantiates a content signer that supports timestamped signatures.
Public Methods
public byte[] generateSignedData (ContentSignerParameters parameters, boolean omitContent, boolean applyTimestamp)
Generates a PKCS #7 signed data message that includes a signature timestamp. This method is used when a signature has already been generated. The signature, a signature timestamp, the signer's certificate chain, and optionally the content that was signed, are packaged into a PKCS #7 signed data message.
Parameters
| parameters | The non-null input parameters. |
|---|---|
| omitContent | true if the content should be omitted from the signed data message. Otherwise the content is included. |
| applyTimestamp | true if the signature should be timestamped. Otherwise timestamping is not performed. |
Returns
- A PKCS #7 signed data message including a signature timestamp.
Throws
| NoSuchAlgorithmException | The exception is thrown if the signature algorithm is unrecognised. |
|---|---|
| CertificateException | The exception is thrown if an error occurs while processing the signer's certificate or the TSA's certificate. |
| IOException | The exception is thrown if an error occurs while generating the signature timestamp or while generating the signed data message. |
| NullPointerException | The exception is thrown if parameters is null. |
public static String getTimestampingUrl (X509Certificate tsaCertificate)
Examine the certificate for a Subject Information Access extension (RFC 3280). The extension's accessMethod field should contain the object identifier defined for timestamping: 1.3.6.1.5.5.7.48.3 and its accessLocation field should contain an HTTP URL.
Parameters
| tsaCertificate | An X.509 certificate for the TSA. |
|---|
Returns
- An HTTP URL or null if none was found.