List of usage examples for org.bouncycastle.tsp TimeStampResponse getStatusString
public String getStatusString()
From source file:org.signserver.module.tsa.TimeStampSignerTest.java
License:Open Source License
private void assertTimeNotAvailable(int worker) throws Exception { final int reqid = random.nextInt(); final TimeStampRequestGenerator timeStampRequestGenerator = new TimeStampRequestGenerator(); final TimeStampRequest timeStampRequest = timeStampRequestGenerator.generate(TSPAlgorithms.SHA1, new byte[20], BigInteger.valueOf(114)); final byte[] requestBytes = timeStampRequest.getEncoded(); final GenericSignRequest signRequest = new GenericSignRequest(reqid, requestBytes); final GenericSignResponse res = (GenericSignResponse) workerSession.process(worker, signRequest, new RequestContext()); assertTrue(reqid == res.getRequestID()); final TimeStampResponse timeStampResponse = new TimeStampResponse((byte[]) res.getProcessedData()); timeStampResponse.validate(timeStampRequest); LOG.info("Response: " + timeStampResponse.getStatusString()); assertEquals("Token not granted", PKIStatus.REJECTION, timeStampResponse.getStatus()); assertEquals("PKIFailureInfo.timeNotAvailable", new PKIFailureInfo(PKIFailureInfo.timeNotAvailable), timeStampResponse.getFailInfo()); assertNull("No timestamp token", timeStampResponse.getTimeStampToken()); }
From source file:org.signserver.module.tsa.TimeStampSignerTest.java
License:Open Source License
/** * Test that the default behavior is to include the status string in the TSA response. * @throws Exception/*www . j a v a2s.co m*/ */ @Test public void test25StatusStringIncluded() throws Exception { // Test signing final TimeStampResponse response = assertSuccessfulTimestamp(WORKER1, true); assertEquals("Operation Okay", response.getStatusString()); }
From source file:org.signserver.module.tsa.TimeStampSignerTest.java
License:Open Source License
/** * Test that setting the INCLUDESTATUSSTRING property to false results in no status string * in the TSA response./*from w w w.j av a2 s .co m*/ * @throws Exception */ @Test public void test26StatusStringExcluded() throws Exception { workerSession.setWorkerProperty(WORKER1, TimeStampSigner.INCLUDESTATUSSTRING, "FALSE"); workerSession.reloadConfiguration(WORKER1); final TimeStampResponse response = assertSuccessfulTimestamp(WORKER1, true); assertNull(response.getStatusString()); }
From source file:org.signserver.module.tsa.TimeStampSignerTest.java
License:Open Source License
/** * Test that the default behavior on rejection is to include a status string. * @throws Exception/*from w ww. j av a2 s. co m*/ */ @Test public void test27StatusStringIncludedFailure() throws Exception { // WORKER2 has ACCEPTEDPOLICIES=1.2.3 // Create an request with another policy (1.2.3.5 != 1.2.3) final TimeStampRequest timeStampRequest = new TimeStampRequest( Base64.decode(REQUEST_WITH_POLICY1235.getBytes())); final byte[] requestBytes = timeStampRequest.getEncoded(); final GenericSignRequest signRequest = new GenericSignRequest(13, requestBytes); final GenericSignResponse res = (GenericSignResponse) workerSession.process(WORKER2, signRequest, new RequestContext()); final TimeStampResponse timeStampResponse = new TimeStampResponse((byte[]) res.getProcessedData()); assertNotNull(timeStampResponse.getStatusString()); }
From source file:org.signserver.module.tsa.TimeStampSignerTest.java
License:Open Source License
/** * Test that setting the INCLUDESTATUSSTRING property to false results in no status string * on rejection./*w ww. j a v a 2 s .com*/ * @throws Exception */ @Test public void test28StatusStringExcludedFailure() throws Exception { workerSession.setWorkerProperty(WORKER2, TimeStampSigner.INCLUDESTATUSSTRING, "FALSE"); workerSession.reloadConfiguration(WORKER2); // WORKER2 has ACCEPTEDPOLICIES=1.2.3 // Create an request with another policy (1.2.3.5 != 1.2.3) final TimeStampRequest timeStampRequest = new TimeStampRequest( Base64.decode(REQUEST_WITH_POLICY1235.getBytes())); final byte[] requestBytes = timeStampRequest.getEncoded(); final GenericSignRequest signRequest = new GenericSignRequest(13, requestBytes); final GenericSignResponse res = (GenericSignResponse) workerSession.process(WORKER2, signRequest, new RequestContext()); final TimeStampResponse timeStampResponse = new TimeStampResponse((byte[]) res.getProcessedData()); assertNull(timeStampResponse.getStatusString()); }
From source file:org.signserver.server.tsa.InternalTimeStampTokenFetcher.java
License:Open Source License
public TimeStampToken fetchToken(byte[] imprint, ASN1ObjectIdentifier digestOID) throws IllegalRequestException, CryptoTokenOfflineException, SignServerException, TSPException, IOException { int workerId; try {/* ww w.j a v a 2 s.com*/ workerId = Integer.parseInt(workerNameOrId); } catch (NumberFormatException ex) { if (LOG.isDebugEnabled()) { LOG.debug("Not a workerId, maybe workerName: " + workerNameOrId); } workerId = session.getWorkerId(workerNameOrId); } // Setup the time stamp request TimeStampRequestGenerator tsqGenerator = new TimeStampRequestGenerator(); tsqGenerator.setCertReq(true); BigInteger nonce = BigInteger.valueOf(System.currentTimeMillis()); TimeStampRequest request = tsqGenerator.generate(digestOID, imprint, nonce); byte[] requestBytes = request.getEncoded(); final RequestContext context = new RequestContext(); if (username != null && password != null) { context.put(RequestContext.CLIENT_CREDENTIAL, new UsernamePasswordClientCredential(username, password)); } final ProcessResponse resp = session.process(workerId, new GenericSignRequest(hashCode(), requestBytes), context); if (resp instanceof GenericSignResponse) { final byte[] respBytes = ((GenericSignResponse) resp).getProcessedData(); TimeStampResponse response = new TimeStampResponse(respBytes); TimeStampToken tsToken = response.getTimeStampToken(); if (tsToken == null) { throw new SignServerException("TSA '" + workerNameOrId + "' failed to return time stamp token: " + response.getStatusString()); } if (response.getStatus() != PKIStatus.GRANTED && response.getStatus() != PKIStatus.GRANTED_WITH_MODS) { throw new SignServerException("Time stamp token not granted: " + response.getStatusString()); } response.validate(request); return tsToken; } else { throw new SignServerException("Unknown response"); } }
From source file:org.signserver.test.performance.impl.TimeStamp.java
License:Open Source License
/** * Issue a time stamp request.// w w w. ja v a 2s . c om * * @return Run time (in ms). * @throws TSPException * @throws IOException * @throws FailedException */ private long tsaRequest() throws TSPException, IOException, FailedException { final TimeStampRequestGenerator timeStampRequestGenerator = new TimeStampRequestGenerator(); final int nonce = random.nextInt(); byte[] digest = new byte[20]; final TimeStampRequest timeStampRequest = timeStampRequestGenerator.generate(TSPAlgorithms.SHA1, digest, BigInteger.valueOf(nonce)); final byte[] requestBytes = timeStampRequest.getEncoded(); URL url; URLConnection urlConn; DataOutputStream printout; DataInputStream input; url = new URL(tsaUrl); // Take start time final long startMillis = System.currentTimeMillis(); final long startTime = System.nanoTime(); if (LOG.isDebugEnabled()) { LOG.debug("Sending request at: " + startMillis); } urlConn = url.openConnection(); urlConn.setDoInput(true); urlConn.setDoOutput(true); urlConn.setUseCaches(false); urlConn.setRequestProperty("Content-Type", "application/timestamp-query"); // Send POST output. printout = new DataOutputStream(urlConn.getOutputStream()); printout.write(requestBytes); printout.flush(); printout.close(); // Get response data. input = new DataInputStream(urlConn.getInputStream()); byte[] ba = null; final ByteArrayOutputStream baos = new ByteArrayOutputStream(); do { if (ba != null) { baos.write(ba); } ba = new byte[input.available()]; } while (input.read(ba) != -1); // Take stop time final long estimatedTime = System.nanoTime() - startTime; final long timeInMillis = TimeUnit.NANOSECONDS.toMillis(estimatedTime); if (LOG.isDebugEnabled()) { LOG.debug("Got reply after " + timeInMillis + " ms"); } final byte[] replyBytes = baos.toByteArray(); final TimeStampResponse timeStampResponse = new TimeStampResponse(replyBytes); timeStampResponse.validate(timeStampRequest); LOG.debug("TimeStampResponse validated"); // TODO: Maybe in the future we would like to make the below failure // check configurable or count the failure but without failing the test if (timeStampResponse.getStatus() != PKIStatus.GRANTED && timeStampResponse.getStatus() != PKIStatus.GRANTED_WITH_MODS) { throw new FailedException("Token was not granted. Status was: " + timeStampResponse.getStatus() + " (" + timeStampResponse.getStatusString() + ")"); } else { LOG.debug("TimeStampResponse granted"); } return timeInMillis; }
From source file:xades4j.providers.impl.DefaultTimeStampTokenProvider.java
License:Open Source License
@Override public final TimeStampTokenRes getTimeStampToken(byte[] tsDigestInput, String digestAlgUri) throws TimeStampTokenGenerationException { try {//from w w w .j av a 2 s. c o m MessageDigest md = messageDigestProvider.getEngine(digestAlgUri); byte[] digest = md.digest(tsDigestInput); TimeStampRequest tsRequest = this.tsRequestGenerator.generate(identifierForDigest(digestAlgUri), digest, BigInteger.valueOf(System.currentTimeMillis())); InputStream responseStream = getResponse(tsRequest.getEncoded()); TimeStampResponse tsResponse = new TimeStampResponse(responseStream); if (tsResponse.getStatus() != PKIStatus.GRANTED && tsResponse.getStatus() != PKIStatus.GRANTED_WITH_MODS) { throw new TimeStampTokenGenerationException( "Time stamp token not granted. " + tsResponse.getStatusString()); } tsResponse.validate(tsRequest); TimeStampToken tsToken = tsResponse.getTimeStampToken(); return new TimeStampTokenRes(tsToken.getEncoded(), tsToken.getTimeStampInfo().getGenTime()); } catch (UnsupportedAlgorithmException ex) { throw new TimeStampTokenGenerationException("Digest algorithm not supported", ex); } catch (TSPException ex) { throw new TimeStampTokenGenerationException("Invalid time stamp response", ex); } catch (IOException ex) { throw new TimeStampTokenGenerationException("Encoding error", ex); } }