modified ERSGeneration to produce EvidenceRecords in order of data entry (leaves still sorted).

Author: dghgit

pkix/src/main/java/org/bouncycastle/tsp/ers/ERSArchiveTimeStamp.java

@@ -99,7 +99,7 @@ public AlgorithmIdentifier getDigestAlgorithmIdentifier()
     public void validatePresent(ERSData data, Date atDate)
         throws ERSException
     {
-        validatePresent(data instanceof ERSDataGroup, data.getHash(digCalc), atDate);
+        validatePresent(data instanceof ERSDataGroup, data.getHash(digCalc, previousChainsDigest), atDate);
     }
 
     public boolean isContaining(ERSData data, Date atDate)
@@ -130,11 +130,6 @@ public void validatePresent(boolean isDataGroup, byte[] hash, Date atDate)
             throw new ArchiveTimeStampValidationException("timestamp generation time is in the future");
         }
 
-        if (previousChainsDigest != null)
-        {
-            hash = ERSUtil.concatPreviousHashes(digCalc, previousChainsDigest, hash);
-        }
-
         checkContainsHashValue(isDataGroup, hash, digCalc);
 
         PartialHashtree[] partialTree = archiveTimeStamp.getReducedHashTree();

pkix/src/main/java/org/bouncycastle/tsp/ers/ERSArchiveTimeStampGenerator.java

@@ -5,7 +5,6 @@
 import java.math.BigInteger;
 import java.util.ArrayList;
 import java.util.HashSet;
-import java.util.Iterator;
 import java.util.List;
 import java.util.Set;
 
@@ -62,7 +61,7 @@ void addPreviousChains(ArchiveTimeStampSequence archiveTimeStampSequence)
     public TimeStampRequest generateTimeStampRequest(TimeStampRequestGenerator tspReqGenerator)
         throws TSPException, IOException
     {
-        PartialHashtree[] reducedHashTree = getPartialHashtrees();
+        IndexedPartialHashtree[] reducedHashTree = getPartialHashtrees();
 
         byte[] rootHash = rootNodeCalculator.computeRootHash(digCalc, reducedHashTree);
 
@@ -72,7 +71,7 @@ public TimeStampRequest generateTimeStampRequest(TimeStampRequestGenerator tspRe
     public TimeStampRequest generateTimeStampRequest(TimeStampRequestGenerator tspReqGenerator, BigInteger nonce)
         throws TSPException, IOException
     {
-        PartialHashtree[] reducedHashTree = getPartialHashtrees();
+        IndexedPartialHashtree[] reducedHashTree = getPartialHashtrees();
 
         byte[] rootHash = rootNodeCalculator.computeRootHash(digCalc, reducedHashTree);
 
@@ -82,7 +81,7 @@ public TimeStampRequest generateTimeStampRequest(TimeStampRequestGenerator tspRe
     public ERSArchiveTimeStamp generateArchiveTimeStamp(TimeStampResponse tspResponse)
         throws TSPException, ERSException
     {
-        PartialHashtree[] reducedHashTree = getPartialHashtrees();
+        IndexedPartialHashtree[] reducedHashTree = getPartialHashtrees();
         if (reducedHashTree.length != 1)
         {
             throw new ERSException("multiple reduced hash trees found");
@@ -123,7 +122,7 @@ public ERSArchiveTimeStamp generateArchiveTimeStamp(TimeStampResponse tspRespons
     public List<ERSArchiveTimeStamp> generateArchiveTimeStamps(TimeStampResponse tspResponse)
         throws TSPException, ERSException
     {
-        PartialHashtree[] reducedHashTree = getPartialHashtrees();
+        IndexedPartialHashtree[] reducedHashTree = getPartialHashtrees();
 
         byte[] rootHash = rootNodeCalculator.computeRootHash(digCalc, reducedHashTree);
 
@@ -154,22 +153,30 @@ public List<ERSArchiveTimeStamp> generateArchiveTimeStamps(TimeStampResponse tsp
         }
         else
         {
+            ERSArchiveTimeStamp[] archiveTimeStamps = new ERSArchiveTimeStamp[reducedHashTree.length];
+
             // we compute the final hash tree by left first traversal.
             for (int i = 0; i != reducedHashTree.length; i++)
             {
                 PartialHashtree[] path = rootNodeCalculator.computePathToRoot(digCalc, reducedHashTree[i], i);
 
-                atss.add(new ERSArchiveTimeStamp(new ArchiveTimeStamp(digCalc.getAlgorithmIdentifier(), path, timeStamp), digCalc));
+                archiveTimeStamps[reducedHashTree[i].order] = new ERSArchiveTimeStamp(new ArchiveTimeStamp(digCalc.getAlgorithmIdentifier(), path, timeStamp), digCalc);
+            }
+
+            // fix the ordering
+            for (int i = 0; i != reducedHashTree.length; i++)
+            {
+                atss.add(archiveTimeStamps[i]);
             }
         }
 
         return atss;
     }
 
-    private PartialHashtree[] getPartialHashtrees()
+    private IndexedPartialHashtree[] getPartialHashtrees()
     {
-        List<byte[]> hashes = ERSUtil.buildHashList(digCalc, dataObjects, previousChainHash);
-        PartialHashtree[] trees = new PartialHashtree[hashes.size()];
+        List<IndexedHash> hashes = ERSUtil.buildIndexedHashList(digCalc, dataObjects, previousChainHash);
+        IndexedPartialHashtree[] trees = new IndexedPartialHashtree[hashes.size()];
 
         Set<ERSDataGroup> dataGroupSet = new HashSet<ERSDataGroup>();
         for (int i = 0; i != dataObjects.size(); i++)
@@ -183,53 +190,40 @@ private PartialHashtree[] getPartialHashtrees()
         // replace groups
         for (int i = 0; i != hashes.size(); i++)
         {
-            byte[] hash = (byte[])hashes.get(i);
-            ERSDataGroup found = null;
+            byte[] hash = hashes.get(i).digest;
+            ERSData d = dataObjects.get(hashes.get(i).order);
 
-            for (Iterator it = dataGroupSet.iterator(); it.hasNext(); )
-            {
-                ERSDataGroup data = (ERSDataGroup)it.next();
-
-                byte[] dHash = data.getHash(digCalc);
-                if (Arrays.areEqual(dHash, hash))
-                {
-                    List<byte[]> dHashes = data.getHashes(digCalc);
-                    trees[i] = new PartialHashtree((byte[][])dHashes.toArray(new byte[dHashes.size()][]));
-                    found = data;
-                    break;
-                }
-            }
-            if (found == null)
+            if (d instanceof ERSDataGroup)
             {
-                trees[i] = new PartialHashtree(hash);
+                ERSDataGroup data = (ERSDataGroup)d;
+
+                List<byte[]> dHashes = data.getHashes(digCalc, previousChainHash);
+                trees[i] = new IndexedPartialHashtree(hashes.get(i).order, (byte[][])dHashes.toArray(new byte[dHashes.size()][]));
             }
             else
             {
-                dataGroupSet.remove(found);
+                trees[i] = new IndexedPartialHashtree(hashes.get(i).order, hash);
             }
         }
 
         return trees;
     }
 
-    byte[] concatenate(PartialHashtree partialHashtree)
+    private class IndexedPartialHashtree
+        extends PartialHashtree
     {
-        try
-        {
-            byte[][] values = partialHashtree.getValues();
-            OutputStream dOut = digCalc.getOutputStream();
+        final int order;
 
-            for (int i = 0; i != values.length; i++)
-            {
-                dOut.write(values[i]);
-            }
-            dOut.close();
-
-            return digCalc.getDigest();
+        private IndexedPartialHashtree(int order, byte[] partial)
+        {
+            super(partial);
+            this.order = order;
         }
-        catch (IOException e)
+
+        private IndexedPartialHashtree(int order, byte[][] partial)
         {
-            throw new IllegalStateException(e.getMessage());
+            super(partial);
+            this.order = order;
         }
     }
 }

pkix/src/main/java/org/bouncycastle/tsp/ers/ERSByteData.java

@@ -15,8 +15,15 @@ public ERSByteData(byte[] content)
         this.content = content;
     }
 
-    protected byte[] calculateHash(DigestCalculator digestCalculator)
+    protected byte[] calculateHash(DigestCalculator digestCalculator, byte[] previousChainHash)
     {
-        return ERSUtil.calculateDigest(digestCalculator, content);
+        byte[] hash = ERSUtil.calculateDigest(digestCalculator, content);
+
+        if (previousChainHash != null)
+        {
+            return ERSUtil.concatPreviousHashes(digestCalculator, previousChainHash, hash);
+        }
+
+        return hash;
     }
 }

pkix/src/main/java/org/bouncycastle/tsp/ers/ERSCachingData.java

@@ -5,35 +5,68 @@
 
 import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
 import org.bouncycastle.operator.DigestCalculator;
+import org.bouncycastle.util.Arrays;
 
 /**
  * An ERSData object that caches hash calculations.
  */
 public abstract class ERSCachingData
     implements ERSData
 {
-    private Map<AlgorithmIdentifier, byte[]> preCalcs = new HashMap<AlgorithmIdentifier, byte[]>();
+    private Map<CacheIndex, byte[]> preCalcs = new HashMap<CacheIndex, byte[]>();
 
     /**
      * Generates a hash for the whole DataGroup.
      *
      * @param digestCalculator the {@link DigestCalculator} to use for computing the hash
      * @return a hash that is representative of the whole DataGroup
      */
-    public byte[] getHash(DigestCalculator digestCalculator)
+    public byte[] getHash(DigestCalculator digestCalculator, byte[] previousChainHash)
     {
-        AlgorithmIdentifier digAlgID = digestCalculator.getAlgorithmIdentifier();
+        CacheIndex digAlgID = new CacheIndex(digestCalculator.getAlgorithmIdentifier(), previousChainHash);
         if (preCalcs.containsKey(digAlgID))
         {
             return (byte[])preCalcs.get(digAlgID);
         }
 
-        byte[] hash = calculateHash(digestCalculator);
+        byte[] hash = calculateHash(digestCalculator, previousChainHash);
 
         preCalcs.put(digAlgID, hash);
 
         return hash;
     }
 
-    protected abstract byte[] calculateHash(DigestCalculator digestCalculator);
+    protected abstract byte[] calculateHash(DigestCalculator digestCalculator, byte[] previousChainHash);
+
+    private class CacheIndex
+    {
+        final AlgorithmIdentifier algId;
+        final byte[] chainHash;
+
+        private CacheIndex(AlgorithmIdentifier algId, byte[] chainHash)
+        {
+            this.algId = algId;
+            this.chainHash = chainHash;
+        }
+
+        public boolean equals(Object o)
+        {
+            if (this == o)
+            {
+                return true;
+            }
+            if (!(o instanceof CacheIndex))
+            {
+                return false;
+            }
+            CacheIndex that = (CacheIndex)o;
+            return algId.equals(that.algId) && Arrays.areEqual(chainHash, that.chainHash);
+        }
+
+        public int hashCode()
+        {
+            int result = algId.hashCode();
+            return 31 * result + Arrays.hashCode(chainHash);
+        }
+    }
 }

pkix/src/main/java/org/bouncycastle/tsp/ers/ERSData.java

@@ -11,7 +11,8 @@ public interface ERSData
      * Return the calculated hash for the Data
      *
      * @param digestCalculator  digest calculator to use.
+     * @param previousChainHash hash from an earlier chain if it needs to be included.
      * @return calculated hash.
      */
-    byte[] getHash(DigestCalculator digestCalculator);
+    byte[] getHash(DigestCalculator digestCalculator, byte[] previousChainHash);
 }

pkix/src/main/java/org/bouncycastle/tsp/ers/ERSDataGroup.java

@@ -53,15 +53,36 @@ public ERSDataGroup(ERSData dataObject)
     }
 
     /**
-     * Generates hashes for all the data objects included in the data group.
+     * Generates hashes for all the data objects included in the data group with a previous chain hash.
      *
      * @param digestCalculator the {@link DigestCalculator} to use for computing the hashes
      * @return the set of hashes, in ascending order
      */
     public List<byte[]> getHashes(
-        final DigestCalculator digestCalculator)
+        final DigestCalculator digestCalculator,
+        final byte[] previousChainHash)
     {
-        return ERSUtil.buildHashList(digestCalculator, dataObjects);
+        return ERSUtil.buildHashList(digestCalculator, dataObjects, previousChainHash);
+    }
+
+    /**
+     * Return the calculated hash for the Data
+     *
+     * @param digestCalculator  digest calculator to use.
+     * @param previousChainHash hash from an earlier chain if it needs to be included.
+     * @return calculated hash.
+     */
+    public byte[] getHash(DigestCalculator digestCalculator, byte[] previousChainHash)
+    {
+        List<byte[]> hashes = getHashes(digestCalculator, previousChainHash);
+        if (hashes.size() > 1)
+        {
+            return ERSUtil.calculateDigest(digestCalculator, hashes.iterator());
+        }
+        else
+        {
+            return hashes.get(0);
+        }
     }
 
     /**
@@ -70,13 +91,18 @@ public List<byte[]> getHashes(
      * @param digestCalculator the {@link DigestCalculator} to use for computing the hash
      * @return a hash that is representative of the whole DataGroup
      */
-    protected byte[] calculateHash(DigestCalculator digestCalculator)
+    protected byte[] calculateHash(DigestCalculator digestCalculator, byte[] previousChainHash)
     {
-        List<byte[]> hashes = getHashes(digestCalculator);
+        List<byte[]> hashes = getHashes(digestCalculator, previousChainHash);
 
         if (hashes.size() > 1)
         {
-            return ERSUtil.calculateDigest(digestCalculator, hashes.iterator());
+            List<byte[]> dHashes = new ArrayList<byte[]>(hashes.size());
+            for (int i = 0; i != dHashes.size(); i++)
+            {
+                dHashes.add(hashes.get(i));
+            }
+            return ERSUtil.calculateDigest(digestCalculator, dHashes.iterator());
         }
         else
         {

pkix/src/main/java/org/bouncycastle/tsp/ers/ERSEvidenceRecordStore.java

@@ -92,7 +92,7 @@ public Collection<ERSEvidenceRecord> getMatches(Selector<ERSEvidenceRecord> sele
     {
         if (selector instanceof ERSEvidenceRecordSelector)
         {
-            HashNode node = new HashNode(((ERSEvidenceRecordSelector)selector).getData().getHash(digCalc));
+            HashNode node = new HashNode(((ERSEvidenceRecordSelector)selector).getData().getHash(digCalc, null));
             List<ERSEvidenceRecord> records = (List<ERSEvidenceRecord>)recordMap.get(node);
 
             if (records != null)

pkix/src/main/java/org/bouncycastle/tsp/ers/ERSFileData.java

@@ -34,14 +34,19 @@ public ERSFileData(File content)
         this.content = content;
     }
 
-    protected byte[] calculateHash(DigestCalculator digestCalculator)
+    protected byte[] calculateHash(DigestCalculator digestCalculator, byte[] previousChainHash)
     {
         try
         {
             InputStream contentStream = new FileInputStream(content);
             byte[] hash = ERSUtil.calculateDigest(digestCalculator, contentStream);
             contentStream.close();
 
+            if (previousChainHash != null)
+            {
+                return ERSUtil.concatPreviousHashes(digestCalculator, previousChainHash, hash);
+            }
+
             return hash;
         }
         catch (IOException e)

pkix/src/main/java/org/bouncycastle/tsp/ers/ERSInputStreamData.java

@@ -29,10 +29,16 @@ public ERSInputStreamData(InputStream content)
     {
         this.content = content;
     }
-
-    protected byte[] calculateHash(DigestCalculator digestCalculator)
+    
+    protected byte[] calculateHash(DigestCalculator digestCalculator, byte[] previousChainHash)
     {
-        // TODO: this method may get called twice if the digest calculator changes...
-        return ERSUtil.calculateDigest(digestCalculator, content);
+        byte[] hash = ERSUtil.calculateDigest(digestCalculator, content);
+
+        if (previousChainHash != null)
+        {
+            return ERSUtil.concatPreviousHashes(digestCalculator, previousChainHash, hash);
+        }
+
+        return hash;
     }
 }