List of usage examples for org.bouncycastle.tsp TSPException TSPException
public TSPException(String message, Throwable e)
From source file:de.rub.dez6a3.jpdfsigner.TimeStampToken.java
License:Open Source License
public TimeStampToken(CMSSignedData signedData) throws TSPException, IOException { this.tsToken = signedData; if (!this.tsToken.getSignedContentTypeOID().equals(PKCSObjectIdentifiers.id_ct_TSTInfo.getId())) { throw new TSPValidationException("ContentInfo object not for a time stamp."); }//w w w .j a v a 2 s .c o m Collection signers = tsToken.getSignerInfos().getSigners(); if (signers.size() != 1) { throw new IllegalArgumentException("Time-stamp token signed by " + signers.size() + " signers, but it must contain just the TSA signature."); } tsaSignerInfo = (SignerInformation) signers.iterator().next(); try { CMSProcessable content = tsToken.getSignedContent(); ByteArrayOutputStream bOut = new ByteArrayOutputStream(); content.write(bOut); ASN1InputStream aIn = new ASN1InputStream(new ByteArrayInputStream(bOut.toByteArray())); this.tstInfo = new TimeStampTokenInfo(TSTInfo.getInstance(aIn.readObject())); Attribute attr = tsaSignerInfo.getSignedAttributes() .get(PKCSObjectIdentifiers.id_aa_signingCertificate); if (attr == null) { throw new TSPValidationException("no signing certificate attribute found, time stamp invalid."); } SigningCertificate signCert = SigningCertificate.getInstance(attr.getAttrValues().getObjectAt(0)); this.certID = ESSCertID.getInstance(signCert.getCerts()[0]); } catch (CMSException e) { throw new TSPException(e.getMessage(), e.getUnderlyingException()); } }
From source file:de.rub.dez6a3.jpdfsigner.TimeStampToken.java
License:Open Source License
/** * Validate the time stamp token.//w w w. j a v a 2s .c o m * <p> * To be valid the token must be signed by the passed in certificate and * the certificate must be the one refered to by the SigningCertificate * attribute included in the hashed attributes of the token. The * certifcate must also have the ExtendedKeyUsageExtension with only * KeyPurposeId.id_kp_timeStamping and have been valid at the time the * timestamp was created. * </p> * <p> * A successful call to validate means all the above are true. * </p> */ public void validate(X509Certificate cert, String provider) throws TSPException, TSPValidationException, CertificateExpiredException, CertificateNotYetValidException, NoSuchProviderException { try { if (!MessageDigest.isEqual(certID.getCertHash(), MessageDigest.getInstance("SHA-1").digest(cert.getEncoded()))) { throw new TSPValidationException("certificate hash does not match certID hash."); } if (certID.getIssuerSerial() != null) { if (!certID.getIssuerSerial().getSerial().getValue().equals(cert.getSerialNumber())) { throw new TSPValidationException( "certificate serial number does not match certID for signature."); } GeneralName[] names = certID.getIssuerSerial().getIssuer().getNames(); X509Principal principal = PrincipalUtil.getIssuerX509Principal(cert); boolean found = false; for (int i = 0; i != names.length; i++) { if (names[i].getTagNo() == 4 && new X509Principal(X509Name.getInstance(names[i].getName())).equals(principal)) { found = true; break; } } if (!found) { throw new TSPValidationException("certificate name does not match certID for signature. "); } } TSPUtil.validateCertificate(cert); cert.checkValidity(tstInfo.getGenTime()); if (!tsaSignerInfo.verify(cert, provider)) { throw new TSPValidationException("signature not created by certificate."); } } catch (CMSException e) { if (e.getUnderlyingException() != null) { throw new TSPException(e.getMessage(), e.getUnderlyingException()); } else { throw new TSPException("CMS exception: " + e, e); } } catch (NoSuchAlgorithmException e) { throw new TSPException("cannot find algorithm: " + e, e); } catch (CertificateEncodingException e) { throw new TSPException("problem processing certificate: " + e, e); } }
From source file:org.linagora.linshare.core.service.impl.TimeStampingServiceImpl.java
License:Open Source License
private byte[] computeDigest(InputStream is) throws TSPException { byte[] result = null; MessageDigest dig;//from w w w. j av a2s. c om try { dig = MessageDigest.getInstance("SHA-1"); byte[] bytes = new byte[2048]; int numBytes; while ((numBytes = is.read(bytes)) != -1) { dig.update(bytes, 0, numBytes); } result = dig.digest(); } catch (NoSuchAlgorithmException e) { throw new TSPException(e.getMessage(), e); } catch (IOException e) { throw new TSPException(e.getMessage(), e); } return result; }
From source file:org.votingsystem.signature.util.TimeStampResponseGenerator.java
License:Open Source License
/** @deprecated */ public TimeStampResponse generate(TimeStampRequest request, BigInteger serialNumber, Date genTime, String provider) throws NoSuchAlgorithmException, NoSuchProviderException, TSPException { TimeStampResp resp;/*from w w w . jav a2 s . c om*/ PKIStatusInfo pkiStatusInfo; try { if (genTime == null) { throw new TSPValidationException("The time source is not available.", 512); } request.validate(this.acceptedAlgorithms, this.acceptedPolicies, this.acceptedExtensions, provider); this.status = 0; this.addStatusString("Operation OK"); PKIStatusInfo e = this.getPKIStatusInfo(); pkiStatusInfo = null; ContentInfo pkiStatusInfo1; try { ByteArrayInputStream ioEx = new ByteArrayInputStream(this.tokenGenerator .generate(request, serialNumber, genTime, provider).toCMSSignedData().getEncoded()); ASN1InputStream aIn = new ASN1InputStream(ioEx); pkiStatusInfo1 = ContentInfo.getInstance(aIn.readObject()); } catch (IOException var11) { throw new TSPException("Timestamp token received cannot be converted to ContentInfo", var11); } resp = new TimeStampResp(e, pkiStatusInfo1); } catch (TSPValidationException var12) { this.status = 2; this.setFailInfoField(var12.getFailureCode()); this.addStatusString(var12.getMessage()); pkiStatusInfo = this.getPKIStatusInfo(); resp = new TimeStampResp(pkiStatusInfo, (ContentInfo) null); } try { return new TimeStampResponse(resp); } catch (IOException var10) { throw new TSPException("created badly formatted response!"); } }
From source file:org.votingsystem.signature.util.TimeStampResponseGenerator.java
License:Open Source License
public TimeStampResponse generate(TimeStampRequest request, BigInteger serialNumber, Date genTime) throws TSPException { this.statusStrings = new ASN1EncodableVector(); TimeStampResp resp;//from w w w .ja va2 s .c o m PKIStatusInfo pkiStatusInfo; try { if (genTime == null) { throw new TSPValidationException("The time source is not available.", 512); } request.validate(this.acceptedAlgorithms, this.acceptedPolicies, this.acceptedExtensions); this.status = 0; this.addStatusString("Operation Okay"); PKIStatusInfo e = this.getPKIStatusInfo(); pkiStatusInfo = null; ContentInfo pkiStatusInfo1; try { ByteArrayInputStream ioEx = new ByteArrayInputStream(this.tokenGenerator .generate(request, serialNumber, genTime).toCMSSignedData().getEncoded()); ASN1InputStream aIn = new ASN1InputStream(ioEx); pkiStatusInfo1 = ContentInfo.getInstance(aIn.readObject()); } catch (IOException var10) { throw new TSPException("Timestamp token received cannot be converted to ContentInfo", var10); } resp = new TimeStampResp(e, pkiStatusInfo1); } catch (TSPValidationException var11) { this.status = 2; this.setFailInfoField(var11.getFailureCode()); this.addStatusString(var11.getMessage()); pkiStatusInfo = this.getPKIStatusInfo(); resp = new TimeStampResp(pkiStatusInfo, (ContentInfo) null); } try { return new TimeStampResponse(resp); } catch (IOException var9) { throw new TSPException("created badly formatted response!"); } }