List of usage examples for org.bouncycastle.tsp TimeStampToken validate
public void validate(SignerInformationVerifier sigVerifier) throws TSPException, TSPValidationException
From source file:org.votingsystem.web.ejb.TimeStampBean.java
License:Open Source License
public void validateToken(TimeStampToken tsToken) throws ExceptionVS, TSPException { if (tsToken == null) throw new ExceptionVS("documentWithoutTimeStampErrorMsg"); if (timeStampSignerInfoVerifier == null) throw new ExceptionVS("TimeStamp service not initialized"); X509CertificateHolder certHolder = timeStampSignerInfoVerifier.getAssociatedCertificate(); tsToken.validate(timeStampSignerInfoVerifier); }
From source file:org.votingsystem.web.ejb.TimeStampBean.java
License:Open Source License
public SMIMEMessage timeStampSMIME(SMIMEMessage smimeMessage) throws Exception { ResponseVS responseVS = HttpHelper.getInstance().sendData(smimeMessage.getTimeStampRequest().getEncoded(), ContentTypeVS.TIMESTAMP_QUERY, timeStampServiceURL); if (ResponseVS.SC_OK == responseVS.getStatusCode()) { byte[] bytesToken = responseVS.getMessageBytes(); TimeStampToken timeStampToken = new TimeStampToken(new CMSSignedData(bytesToken)); SignerInformationVerifier timeStampSignerInfoVerifier = new JcaSimpleSignerInfoVerifierBuilder() .build(x509TimeStampServerCert); timeStampToken.validate(timeStampSignerInfoVerifier); smimeMessage.setTimeStampToken(timeStampToken); return smimeMessage; } else//from w w w. ja v a 2 s . c o m throw new ExceptionVS(responseVS.getMessage()); }
From source file:xades4j.providers.impl.DefaultTimeStampVerificationProvider.java
License:Open Source License
@Override public Date verifyToken(byte[] timeStampToken, byte[] tsDigestInput) throws TimeStampTokenVerificationException { TimeStampToken tsToken; try {//from ww w. j a va 2 s . c o m ASN1InputStream asn1is = new ASN1InputStream(timeStampToken); ContentInfo tsContentInfo = ContentInfo.getInstance(asn1is.readObject()); asn1is.close(); tsToken = new TimeStampToken(tsContentInfo); } catch (IOException ex) { throw new TimeStampTokenStructureException("Error parsing encoded token", ex); } catch (TSPException ex) { throw new TimeStampTokenStructureException("Invalid token", ex); } X509Certificate tsaCert = null; try { /* Validate the TSA certificate */ LinkedList<X509Certificate> certs = new LinkedList<X509Certificate>(); for (Object certHolder : tsToken.getCertificates().getMatches(new AllCertificatesSelector())) { certs.add(this.x509CertificateConverter.getCertificate((X509CertificateHolder) certHolder)); } ValidationData vData = this.certificateValidationProvider.validate( x509CertSelectorConverter.getCertSelector(tsToken.getSID()), tsToken.getTimeStampInfo().getGenTime(), certs); tsaCert = vData.getCerts().get(0); } catch (CertificateException ex) { throw new TimeStampTokenVerificationException(ex.getMessage(), ex); } catch (XAdES4jException ex) { throw new TimeStampTokenTSACertException("cannot validate TSA certificate", ex); } try { tsToken.validate(this.signerInfoVerifierBuilder.build(tsaCert)); } catch (TSPValidationException ex) { throw new TimeStampTokenSignatureException("Invalid token signature or certificate", ex); } catch (Exception ex) { throw new TimeStampTokenVerificationException("Error when verifying the token signature", ex); } org.bouncycastle.tsp.TimeStampTokenInfo tsTokenInfo = tsToken.getTimeStampInfo(); try { String digestAlgUri = uriForDigest(tsTokenInfo.getMessageImprintAlgOID()); MessageDigest md = messageDigestProvider.getEngine(digestAlgUri); if (!Arrays.equals(md.digest(tsDigestInput), tsTokenInfo.getMessageImprintDigest())) { throw new TimeStampTokenDigestException(); } } catch (UnsupportedAlgorithmException ex) { throw new TimeStampTokenVerificationException("The token's digest algorithm is not supported", ex); } return tsTokenInfo.getGenTime(); }