List of usage examples for org.bouncycastle.tsp TimeStampRequestGenerator generate
public TimeStampRequest generate(ASN1ObjectIdentifier digestAlgorithm, byte[] digest)
From source file:br.gov.jfrj.siga.cd.TimeStamper.java
License:Open Source License
public static TimeStampToken gerarCarimboTempo(byte[] assinatura) throws URISyntaxException, IOException, TSPException, NoSuchAlgorithmException { TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator(); reqGen.setCertReq(true);/*from w w w. j a va2 s . c o m*/ log.info("Criando requisio para recuperar carimbo"); MessageDigest md = MessageDigest.getInstance("SHA"); md.update(assinatura); assinatura = md.digest(); TimeStampRequest request = reqGen.generate(TSPAlgorithms.SHA1, assinatura); log.info("Enviando requisio para " + SERVIDOR_CARIMBO); TimeStampResponse response = sendRequest(request, SERVIDOR_CARIMBO); response.validate(request); TimeStampToken respToken = response.getTimeStampToken(); byte[] token = respToken.getEncoded(); if (token == null) { throw new TSPException("Nenhum token retornado"); } log.info("Recebidos " + token.length + " bytes do carimbador"); return respToken; }
From source file:br.gov.jfrj.siga.cd.TimeStamper.java
License:Open Source License
private static TimeStampToken getTimeStampToken(byte[] content) throws Exception { TimeStampToken tsToken;/* w w w . j a v a2 s .com*/ boolean fSTF = true; if (!fSTF) { TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator(); reqGen.setCertReq(true); MessageDigest md = MessageDigest.getInstance("SHA1"); md.update(content); byte[] assinatura = md.digest(); TimeStampRequest request = reqGen.generate(TSPAlgorithms.SHA1, assinatura); // TimeStampRequestGenerator reqGen = new // TimeStampRequestGenerator(); // // // request TSA to return certificate // reqGen.setCertReq(true); // // // Dummy request for sha1 // // Sha256 "2.16.840.1.101.3.4.2.1", // // TimeStampRequest request = reqGen.generate(TSPAlgorithms.SHA1, // MessageDigest.getInstance("SHA").digest(content)); byte[] reqData = request.getEncoded(); URL url; URLConnection urlConn; DataOutputStream printout; DataInputStream input; Properties systemProperties = System.getProperties(); systemProperties.setProperty("http.proxyHost", SigaCdProperties.getProxyHost()); systemProperties.setProperty("http.proxyPort", SigaCdProperties.getProxyPort()); // URL of CGI-Bin script. //url = new URL("http://www.edelweb.fr/cgi-bin/service-tsp"); url = new URL(SigaCdProperties.getTSPUrl()); // url = new URL("http://www.cryptopro.ru/tsp/tsp.srf"); // url = new URL("http://ns.szikszi.hu:8080/tsa"); // url = new URL("http://time.certum.pl/"); // URL connection channel. urlConn = url.openConnection(); // Let the run-time system (RTS) know that we want input. urlConn.setDoInput(true); // Let the RTS know that we want to do output. urlConn.setDoOutput(true); // No caching, we want the real thing. urlConn.setUseCaches(false); // Specify the content type. urlConn.setRequestProperty("Content-Type", "application/timestamp-query"); urlConn.setRequestProperty("Content-Length", String.valueOf(reqData.length)); // Send POST output. printout = new DataOutputStream(urlConn.getOutputStream()); printout.write(reqData); printout.flush(); printout.close(); // Get response data. input = new DataInputStream(urlConn.getInputStream()); // byte[] ba = streamToByteArray(input); TimeStampResponse response = new TimeStampResponse(input); input.close(); tsToken = response.getTimeStampToken(); } else { tsToken = gerarCarimboTempo(content); } SignerId signer_id = tsToken.getSID(); BigInteger cert_serial_number = signer_id.getSerialNumber(); System.out.println("Signer ID serial " + signer_id.getSerialNumber()); System.out.println("Signer ID issuer " + signer_id.getIssuer().toString()); Store cs = tsToken.getCertificates(); Collection certs = cs.getMatches(null); Iterator iter = certs.iterator(); X509Certificate certificate = null; while (iter.hasNext()) { X509Certificate cert = (X509Certificate) iter.next(); if (cert_serial_number != null) { if (cert.getSerialNumber().equals(cert_serial_number)) { System.out.println("using certificate with serial: " + cert.getSerialNumber()); System.out.println( "using certificate with base 64: " + Base64.encode(cert.getEncoded()) + "\n\n"); certificate = cert; } } else { if (certificate == null) { certificate = cert; } } System.out.println("Certificate subject dn " + cert.getSubjectDN()); System.out.println("Certificate serial " + cert.getSerialNumber()); } // Nato: validao do carimbo de tempo est desabilitada porque existe // um problema no certificado do STF if (!fSTF) tsToken.validate(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(certificate)); System.out.println("TS info " + tsToken.getTimeStampInfo().getGenTime()); System.out.println("TS info " + tsToken.getTimeStampInfo()); System.out.println("TS info " + tsToken.getTimeStampInfo().getAccuracy()); System.out.println("TS info " + tsToken.getTimeStampInfo().getNonce()); return tsToken; }
From source file:controller.Controller.java
private void getap() throws IOException, ParserConfigurationException, SAXException, TSPException { String xmlFilePath = "sign.xml"; DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); DocumentBuilder docBuilder = factory.newDocumentBuilder(); Document document = docBuilder.parse(new File(xmlFilePath)); Node signatureValueElement = document.getElementsByTagName("ds:SignatureValue").item(0); String out = signatureValueElement.getChildNodes().item(0).getNodeValue(); byte[] signatureValue = out.getBytes(); TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator(); reqGen.setCertReq(true);/*from w w w.j a va2 s .c o m*/ TimeStampRequest tsReq = reqGen.generate(TSPAlgorithms.SHA1, signatureValue); byte[] tsData = tsReq.getEncoded(); String base64data = Base64.toBase64String(tsData); TS ts = new TS(); TSSoap soap = ts.getTSSoap(); String timestamp = soap.getTimestamp(base64data); if (timestamp == null) throw new WebServiceException("Webov sluba nedostupn"); byte[] responseB64 = timestamp.getBytes(); TimeStampResponse tsRes = new TimeStampResponse(Base64.decode(responseB64)); String decodedTimestamp = Base64.toBase64String(tsRes.getTimeStampToken().getEncoded()); System.out.println(decodedTimestamp); }
From source file:ee.ria.xroad.proxy.messagelog.AbstractTimestampRequest.java
License:Open Source License
private TimeStampRequest createTimestampRequest(byte[] data) throws Exception { TimeStampRequestGenerator reqgen = new TimeStampRequestGenerator(); String tsaHashAlg = MessageLogProperties.getHashAlg(); log.trace("Creating time-stamp request (algorithm: {})", tsaHashAlg); byte[] digest = calculateDigest(tsaHashAlg, data); ASN1ObjectIdentifier algorithm = getAlgorithmIdentifier(tsaHashAlg).getAlgorithm(); return reqgen.generate(algorithm, digest); }
From source file:es.mityc.firmaJava.ts.TSCliente.java
License:LGPL
/** * Este mtodo genera el Sello de Tiempo//from ww w .j a v a2 s. c o m * @param binarioaSellar fichero binario que se va a sellar * @return TimeStampToken en formato binario * @throws TSClienteError */ public byte[] generarSelloTiempo(byte[] binarioaSellar) throws TSClienteError { if (binarioaSellar == null) { log.error(MENSAJE_NO_DATOS_SELLO_TIEMPO); throw new TSClienteError(I18n.getResource(LIBRERIA_TSA_ERROR_1)); } else { log.info(MENSAJE_GENERANDO_SELLO_TIEMPO); TimeStampRequestGenerator generadorPeticion = new TimeStampRequestGenerator(); TimeStampRequest peticion = null; TimeStampResponse respuesta = null; try { MessageDigest resumen = MessageDigest.getInstance(algoritmoHash); resumen.update(binarioaSellar); peticion = generadorPeticion.generate(TSPAlgoritmos.getOID(algoritmoHash), resumen.digest()); log.info(MENSAJE_PETICION_TSA_GENERADA); } catch (Exception e) { log.error(MENSAJE_ERROR_PETICION_TSA); throw new TSClienteError(I18n.getResource(LIBRERIA_TSA_ERROR_10)); } cliente.getParams().setParameter(HttpClientParams.SO_TIMEOUT, INT5000); // Comprueba si hay configurado un proxy String servidorProxy = System.getProperty("http.proxyHost"); if (servidorProxy != null && !servidorProxy.trim().equals(CADENA_VACIA)) { int puertoProxy = 80; try { puertoProxy = Integer.parseInt(System.getProperty("http.proxyPort")); } catch (NumberFormatException ex) { } cliente.getHostConfiguration().setProxy(servidorProxy, puertoProxy); Credentials defaultcreds = new AuthenticatorProxyCredentials(servidorProxy, CADENA_VACIA); cliente.getState().setProxyCredentials(AuthScope.ANY, defaultcreds); } PostMethod metodo = new PostMethod(servidorTSA); metodo.addRequestHeader(CONTENT_TYPE, APPLICATION_TIMESTAMP_QUERY); ByteArrayInputStream datos = null; try { datos = new ByteArrayInputStream(peticion.getEncoded()); } catch (IOException e) { log.error(MENSAJE_ERROR_PETICION + e.getMessage()); throw new TSClienteError( I18n.getResource(LIBRERIA_TSA_ERROR_11) + DOS_PUNTOS_ESPACIO + e.getMessage()); } InputStreamRequestEntity rq = new InputStreamRequestEntity(datos); metodo.setRequestEntity(rq); metodo.getParams().setParameter(HttpMethodParams.RETRY_HANDLER, new DefaultHttpMethodRetryHandler(3, false)); byte[] cuerpoRespuesta = null; try { int estadoCodigo = cliente.executeMethod(metodo); log.info(MENSAJE_PETICION_TSA_ENVIADA); if (estadoCodigo != HttpStatus.SC_OK) { log.error(MENSAJE_FALLO_EJECUCION_METODO + metodo.getStatusLine()); throw new TSClienteError( I18n.getResource(LIBRERIA_TSA_ERROR_12) + DOS_PUNTOS_ESPACIO + metodo.getStatusLine()); } cuerpoRespuesta = metodo.getResponseBody(); log.info(MENSAJE_RESPUESTA_TSA_OBTENIDA); try { respuesta = new TimeStampResponse(cuerpoRespuesta); try { respuesta.validate(peticion); log.info(MENSAJE_RESPUESTA_TSA_VALIDADA_OK); // Para solucionar bug en libreria bouncycastle //return respuesta.getTimeStampToken().getEncoded(); //AppPerfect: Falso positivo ASN1InputStream is = new ASN1InputStream(cuerpoRespuesta); ASN1Sequence seq = ASN1Sequence.getInstance(is.readObject()); DEREncodable enc = seq.getObjectAt(1); if (enc == null) return null; return enc.getDERObject().getEncoded(); //Fin Para solucionar bug en libreria bouncycastle } catch (TSPException e) { log.error(MENSAJE_RESPUESTA_NO_VALIDA + e.getMessage()); throw new TSClienteError( I18n.getResource(LIBRERIA_TSA_ERROR_9) + DOS_PUNTOS_ESPACIO + e.getMessage()); } } catch (TSPException e) { log.error(MENSAJE_RESPUESTA_MAL_FORMADA + e.getMessage()); throw new TSClienteError( I18n.getResource(LIBRERIA_TSA_ERROR_8) + DOS_PUNTOS_ESPACIO + e.getMessage()); } catch (IOException e) { log.error(MENSAJE_SECUENCIA_BYTES_MAL_CODIFICADA + e.getMessage()); throw new TSClienteError( I18n.getResource(LIBRERIA_TSA_ERROR_7) + DOS_PUNTOS_ESPACIO + e.getMessage()); } } catch (HttpException e) { log.error(MENSAJE_VIOLACION_PROTOCOLO_HTTP + e.getMessage()); throw new TSClienteError( I18n.getResource(LIBRERIA_TSA_ERROR_6) + DOS_PUNTOS_ESPACIO + e.getMessage()); } catch (IOException e) { String mensajeError = I18n.getResource(LIBRERIA_TSA_ERROR_4) + DOS_PUNTOS_ESPACIO + servidorTSA; log.error(MENSAJE_ERROR_CONEXION_SERVIDOR_OCSP + e.getMessage()); throw new TSClienteError(mensajeError); } finally { // Termina la conexin metodo.releaseConnection(); } } }
From source file:eu.europa.esig.dss.client.tsp.OnlineTSPSource.java
License:Open Source License
@Override public TimeStampToken getTimeStampResponse(final DigestAlgorithm digestAlgorithm, final byte[] digest) throws DSSException { try {//from ww w . j av a2 s . c o m if (logger.isTraceEnabled()) { logger.trace("Timestamp digest algorithm: " + digestAlgorithm.getName()); logger.trace("Timestamp digest value : " + Hex.encodeHexString(digest)); } // Setup the time stamp request final TimeStampRequestGenerator tsqGenerator = new TimeStampRequestGenerator(); tsqGenerator.setCertReq(true); if (policyOid != null) { tsqGenerator.setReqPolicy(policyOid); } ASN1ObjectIdentifier asn1ObjectIdentifier = new ASN1ObjectIdentifier(digestAlgorithm.getOid()); TimeStampRequest timeStampRequest = null; if (nonceSource == null) { timeStampRequest = tsqGenerator.generate(asn1ObjectIdentifier, digest); } else { timeStampRequest = tsqGenerator.generate(asn1ObjectIdentifier, digest, nonceSource.getNonce()); } final byte[] requestBytes = timeStampRequest.getEncoded(); // Call the communications layer if (dataLoader == null) { dataLoader = new NativeHTTPDataLoader(); } byte[] respBytes = dataLoader.post(tspServer, requestBytes); // Handle the TSA response final TimeStampResponse timeStampResponse = new TimeStampResponse(respBytes); // Validates nonce, policy id, ... if present timeStampResponse.validate(timeStampRequest); String statusString = timeStampResponse.getStatusString(); if (statusString != null) { logger.info("Status: " + statusString); } final TimeStampToken timeStampToken = timeStampResponse.getTimeStampToken(); if (timeStampToken != null) { logger.info("TSP SID : SN " + timeStampToken.getSID().getSerialNumber() + ", Issuer " + timeStampToken.getSID().getIssuer()); } return timeStampToken; } catch (TSPException e) { throw new DSSException("Invalid TSP response", e); } catch (IOException e) { throw new DSSException(e); } }
From source file:net.jsign.timestamp.RFC3161Timestamper.java
License:Apache License
protected CMSSignedData timestamp(DigestAlgorithm algo, byte[] encryptedDigest) throws IOException, TimestampingException { TimeStampRequestGenerator reqgen = new TimeStampRequestGenerator(); reqgen.setCertReq(true);/*from ww w . ja v a2s.com*/ TimeStampRequest req = reqgen.generate(algo.oid, algo.getMessageDigest().digest(encryptedDigest)); byte request[] = req.getEncoded(); HttpURLConnection conn = (HttpURLConnection) tsaurl.openConnection(); conn.setConnectTimeout(10000); conn.setReadTimeout(10000); conn.setDoOutput(true); conn.setDoInput(true); conn.setUseCaches(false); conn.setRequestMethod("POST"); conn.setRequestProperty("Content-type", "application/timestamp-query"); conn.setRequestProperty("Content-length", String.valueOf(request.length)); conn.setRequestProperty("Accept", "application/timestamp-query"); conn.setRequestProperty("User-Agent", "Transport"); conn.getOutputStream().write(request); conn.getOutputStream().flush(); if (conn.getResponseCode() >= 400) { throw new IOException("Unable to complete the timestamping due to HTTP error: " + conn.getResponseCode() + " - " + conn.getResponseMessage()); } try { TimeStampResp resp = TimeStampResp.getInstance(new ASN1InputStream(conn.getInputStream()).readObject()); TimeStampResponse response = new TimeStampResponse(resp); response.validate(req); if (response.getStatus() != 0) { throw new IOException("Unable to complete the timestamping due to an invalid response (" + response.getStatusString() + ")"); } return response.getTimeStampToken().toCMSSignedData(); } catch (Exception e) { throw new TimestampingException("Unable to complete the timestamping", e); } }
From source file:org.currency.cms.CMSGenerator.java
License:Open Source License
public TimeStampRequest getTimeStampRequest(byte[] signatureContent) throws NoSuchAlgorithmException { TimeStampRequestGenerator reqgen = new TimeStampRequestGenerator(); return reqgen.generate(digAlgId.getAlgorithm().getId(), getContentDigest(signatureContent)); }
From source file:org.votingsystem.services.impl.TimeStampServiceImpl.java
License:Open Source License
public byte[] getTimeStampRequest(byte[] digest) throws IOException { log.info("getTimeStampRequest"); TimeStampRequestGenerator reqgen = new TimeStampRequestGenerator(); //reqgen.setReqPolicy(m_sPolicyOID); TimeStampRequest timeStampRequest = reqgen.generate(TSPAlgorithms.SHA256, digest); return timeStampRequest.getEncoded(); }
From source file:test.unit.be.fedict.eid.dss.spi.utils.PkiTestUtils.java
License:Open Source License
public static TimeStampToken createTimeStampToken(byte[] data, PrivateKey privateKey, List<X509Certificate> certificateChain) throws Exception { MessageDigest md;//from w w w . j a va 2s.c o m try { md = MessageDigest.getInstance(TSPAlgorithms.SHA1.toString()); } catch (NoSuchAlgorithmException e) { throw new RuntimeException(e); } byte[] digest = md.digest(data); CollectionCertStoreParameters collectionCertStoreParameters = new CollectionCertStoreParameters( certificateChain); CertStore certStore = CertStore.getInstance("Collection", collectionCertStoreParameters); TimeStampRequestGenerator requestGen = new TimeStampRequestGenerator(); requestGen.setCertReq(true); // TimeStampRequest request = requestGen.generate(TSPAlgorithms.SHA1, // data, BigInteger.valueOf(100)); TimeStampRequest request = requestGen.generate(TSPAlgorithms.SHA1, digest); TimeStampTokenGenerator tstGen = new TimeStampTokenGenerator(privateKey, certificateChain.get(0), TSPAlgorithms.SHA1, "1.2"); tstGen.setCertificatesAndCRLs(certStore); return tstGen.generate(request, BigInteger.ONE, new Date(), "BC"); }