List of usage examples for org.bouncycastle.tsp TimeStampToken getTimeStampInfo
public TimeStampTokenInfo getTimeStampInfo()
From source file:xades4j.providers.impl.DefaultTimeStampTokenProvider.java
License:Open Source License
@Override public final TimeStampTokenRes getTimeStampToken(byte[] tsDigestInput, String digestAlgUri) throws TimeStampTokenGenerationException { try {/*w ww . ja v a2 s. co m*/ MessageDigest md = messageDigestProvider.getEngine(digestAlgUri); byte[] digest = md.digest(tsDigestInput); TimeStampRequest tsRequest = this.tsRequestGenerator.generate(identifierForDigest(digestAlgUri), digest, BigInteger.valueOf(System.currentTimeMillis())); InputStream responseStream = getResponse(tsRequest.getEncoded()); TimeStampResponse tsResponse = new TimeStampResponse(responseStream); if (tsResponse.getStatus() != PKIStatus.GRANTED && tsResponse.getStatus() != PKIStatus.GRANTED_WITH_MODS) { throw new TimeStampTokenGenerationException( "Time stamp token not granted. " + tsResponse.getStatusString()); } tsResponse.validate(tsRequest); TimeStampToken tsToken = tsResponse.getTimeStampToken(); return new TimeStampTokenRes(tsToken.getEncoded(), tsToken.getTimeStampInfo().getGenTime()); } catch (UnsupportedAlgorithmException ex) { throw new TimeStampTokenGenerationException("Digest algorithm not supported", ex); } catch (TSPException ex) { throw new TimeStampTokenGenerationException("Invalid time stamp response", ex); } catch (IOException ex) { throw new TimeStampTokenGenerationException("Encoding error", ex); } }
From source file:xades4j.providers.impl.DefaultTimeStampVerificationProvider.java
License:Open Source License
@Override public Date verifyToken(byte[] timeStampToken, byte[] tsDigestInput) throws TimeStampTokenVerificationException { TimeStampToken tsToken; try {/*from ww w .j a v a 2 s .co m*/ ASN1InputStream asn1is = new ASN1InputStream(timeStampToken); ContentInfo tsContentInfo = ContentInfo.getInstance(asn1is.readObject()); asn1is.close(); tsToken = new TimeStampToken(tsContentInfo); } catch (IOException ex) { throw new TimeStampTokenStructureException("Error parsing encoded token", ex); } catch (TSPException ex) { throw new TimeStampTokenStructureException("Invalid token", ex); } X509Certificate tsaCert = null; try { /* Validate the TSA certificate */ LinkedList<X509Certificate> certs = new LinkedList<X509Certificate>(); for (Object certHolder : tsToken.getCertificates().getMatches(new AllCertificatesSelector())) { certs.add(this.x509CertificateConverter.getCertificate((X509CertificateHolder) certHolder)); } ValidationData vData = this.certificateValidationProvider.validate( x509CertSelectorConverter.getCertSelector(tsToken.getSID()), tsToken.getTimeStampInfo().getGenTime(), certs); tsaCert = vData.getCerts().get(0); } catch (CertificateException ex) { throw new TimeStampTokenVerificationException(ex.getMessage(), ex); } catch (XAdES4jException ex) { throw new TimeStampTokenTSACertException("cannot validate TSA certificate", ex); } try { tsToken.validate(this.signerInfoVerifierBuilder.build(tsaCert)); } catch (TSPValidationException ex) { throw new TimeStampTokenSignatureException("Invalid token signature or certificate", ex); } catch (Exception ex) { throw new TimeStampTokenVerificationException("Error when verifying the token signature", ex); } org.bouncycastle.tsp.TimeStampTokenInfo tsTokenInfo = tsToken.getTimeStampInfo(); try { String digestAlgUri = uriForDigest(tsTokenInfo.getMessageImprintAlgOID()); MessageDigest md = messageDigestProvider.getEngine(digestAlgUri); if (!Arrays.equals(md.digest(tsDigestInput), tsTokenInfo.getMessageImprintDigest())) { throw new TimeStampTokenDigestException(); } } catch (UnsupportedAlgorithmException ex) { throw new TimeStampTokenVerificationException("The token's digest algorithm is not supported", ex); } return tsTokenInfo.getGenTime(); }