Search in sources :

Example 1 with MessageImprint

use of com.github.zhenwei.pkix.util.asn1.tsp.MessageImprint in project itext2 by albfernandez.

the class PdfPKCS7 method verifyTimestampImprint.

/**
 * Checks if the timestamp refers to this document.
 * @throws java.security.NoSuchAlgorithmException on error
 * @return true if it checks false otherwise
 * @since	2.1.6
 */
public boolean verifyTimestampImprint() throws NoSuchAlgorithmException {
    if (timeStampToken == null)
        return false;
    MessageImprint imprint = timeStampToken.getTimeStampInfo().toASN1Structure().getMessageImprint();
    TimeStampTokenInfo info = timeStampToken.getTimeStampInfo();
    String algOID = info.getMessageImprintAlgOID().getId();
    byte[] md = MessageDigest.getInstance(getStandardJavaName(getDigest(algOID))).digest(digest);
    byte[] imphashed = imprint.getHashedMessage();
    boolean res = Arrays.equals(md, imphashed);
    return res;
}
Also used : MessageImprint(org.bouncycastle.asn1.tsp.MessageImprint) TimeStampTokenInfo(org.bouncycastle.tsp.TimeStampTokenInfo) ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) DEROctetString(org.bouncycastle.asn1.DEROctetString) ASN1String(org.bouncycastle.asn1.ASN1String)

Example 2 with MessageImprint

use of com.github.zhenwei.pkix.util.asn1.tsp.MessageImprint in project LinLong-Java by zhenwei1108.

the class TSPUtil method getSignatureTimestamps.

/**
 * Fetches the signature time-stamp attributes from a SignerInformation object. Checks that the
 * MessageImprint for each time-stamp matches the signature field. (see RFC 3161 Appendix A).
 *
 * @param signerInfo      a SignerInformation to search for time-stamps
 * @param digCalcProvider provider for digest calculators
 * @return a collection of TimeStampToken objects
 * @throws TSPValidationException
 */
public static Collection getSignatureTimestamps(SignerInformation signerInfo, DigestCalculatorProvider digCalcProvider) throws TSPValidationException {
    List timestamps = new ArrayList();
    AttributeTable unsignedAttrs = signerInfo.getUnsignedAttributes();
    if (unsignedAttrs != null) {
        ASN1EncodableVector allTSAttrs = unsignedAttrs.getAll(PKCSObjectIdentifiers.id_aa_signatureTimeStampToken);
        for (int i = 0; i < allTSAttrs.size(); ++i) {
            Attribute tsAttr = (Attribute) allTSAttrs.get(i);
            ASN1Set tsAttrValues = tsAttr.getAttrValues();
            for (int j = 0; j < tsAttrValues.size(); ++j) {
                try {
                    ContentInfo contentInfo = ContentInfo.getInstance(tsAttrValues.getObjectAt(j));
                    TimeStampToken timeStampToken = new TimeStampToken(contentInfo);
                    TimeStampTokenInfo tstInfo = timeStampToken.getTimeStampInfo();
                    DigestCalculator digCalc = digCalcProvider.get(tstInfo.getHashAlgorithm());
                    OutputStream dOut = digCalc.getOutputStream();
                    dOut.write(signerInfo.getSignature());
                    dOut.close();
                    byte[] expectedDigest = digCalc.getDigest();
                    if (!Arrays.constantTimeAreEqual(expectedDigest, tstInfo.getMessageImprintDigest())) {
                        throw new TSPValidationException("Incorrect digest in message imprint");
                    }
                    timestamps.add(timeStampToken);
                } catch (OperatorCreationException e) {
                    throw new TSPValidationException("Unknown hash algorithm specified in timestamp");
                } catch (Exception e) {
                    throw new TSPValidationException("Timestamp could not be parsed");
                }
            }
        }
    }
    return timestamps;
}
Also used : Attribute(com.github.zhenwei.pkix.util.asn1.cms.Attribute) OutputStream(java.io.OutputStream) ArrayList(java.util.ArrayList) AttributeTable(com.github.zhenwei.pkix.util.asn1.cms.AttributeTable) DigestCalculator(com.github.zhenwei.pkix.operator.DigestCalculator) OperatorCreationException(com.github.zhenwei.pkix.operator.OperatorCreationException) IOException(java.io.IOException) ASN1Set(com.github.zhenwei.core.asn1.ASN1Set) ContentInfo(com.github.zhenwei.pkix.util.asn1.cms.ContentInfo) ASN1EncodableVector(com.github.zhenwei.core.asn1.ASN1EncodableVector) ArrayList(java.util.ArrayList) List(java.util.List) OperatorCreationException(com.github.zhenwei.pkix.operator.OperatorCreationException)

Example 3 with MessageImprint

use of com.github.zhenwei.pkix.util.asn1.tsp.MessageImprint in project LinLong-Java by zhenwei1108.

the class TimeStampRequestGenerator method generate.

/**
 * @deprecated use method taking ANS1ObjectIdentifier
 */
public TimeStampRequest generate(String digestAlgorithmOID, byte[] digest, BigInteger nonce) {
    if (digestAlgorithmOID == null) {
        throw new IllegalArgumentException("No digest algorithm specified");
    }
    ASN1ObjectIdentifier digestAlgOID = new ASN1ObjectIdentifier(digestAlgorithmOID);
    AlgorithmIdentifier algID = dgstAlgFinder.find(digestAlgOID);
    MessageImprint messageImprint = new MessageImprint(algID, digest);
    Extensions ext = null;
    if (!extGenerator.isEmpty()) {
        ext = extGenerator.generate();
    }
    if (nonce != null) {
        return new TimeStampRequest(new TimeStampReq(messageImprint, reqPolicy, new ASN1Integer(nonce), certReq, ext));
    } else {
        return new TimeStampRequest(new TimeStampReq(messageImprint, reqPolicy, null, certReq, ext));
    }
}
Also used : TimeStampReq(com.github.zhenwei.pkix.util.asn1.tsp.TimeStampReq) MessageImprint(com.github.zhenwei.pkix.util.asn1.tsp.MessageImprint) ASN1Integer(com.github.zhenwei.core.asn1.ASN1Integer) Extensions(com.github.zhenwei.core.asn1.x509.Extensions) ASN1ObjectIdentifier(com.github.zhenwei.core.asn1.ASN1ObjectIdentifier) AlgorithmIdentifier(com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier)

Example 4 with MessageImprint

use of com.github.zhenwei.pkix.util.asn1.tsp.MessageImprint in project OpenPDF by LibrePDF.

the class PdfPKCS7 method verifyTimestampImprint.

/**
 * Checks if the timestamp refers to this document.
 *
 * @return true if it checks false otherwise
 * @throws java.security.NoSuchAlgorithmException on error
 * @since 2.1.6
 */
public boolean verifyTimestampImprint() throws NoSuchAlgorithmException {
    if (timeStampToken == null)
        return false;
    MessageImprint imprint = timeStampToken.getTimeStampInfo().toASN1Structure().getMessageImprint();
    TimeStampTokenInfo info = timeStampToken.getTimeStampInfo();
    String algOID = info.getMessageImprintAlgOID().getId();
    byte[] md = MessageDigest.getInstance(getStandardJavaName(getDigest(algOID))).digest(digest);
    byte[] imphashed = imprint.getHashedMessage();
    return Arrays.equals(md, imphashed);
}
Also used : MessageImprint(org.bouncycastle.asn1.tsp.MessageImprint) TimeStampTokenInfo(org.bouncycastle.tsp.TimeStampTokenInfo) ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) DEROctetString(org.bouncycastle.asn1.DEROctetString) ASN1String(org.bouncycastle.asn1.ASN1String)

Example 5 with MessageImprint

use of com.github.zhenwei.pkix.util.asn1.tsp.MessageImprint in project LinLong-Java by zhenwei1108.

the class TimeStampRequestGenerator method generate.

public TimeStampRequest generate(AlgorithmIdentifier digestAlgorithmID, byte[] digest, BigInteger nonce) {
    if (digestAlgorithmID == null) {
        throw new IllegalArgumentException("digest algorithm not specified");
    }
    MessageImprint messageImprint = new MessageImprint(digestAlgorithmID, digest);
    Extensions ext = null;
    if (!extGenerator.isEmpty()) {
        ext = extGenerator.generate();
    }
    if (nonce != null) {
        return new TimeStampRequest(new TimeStampReq(messageImprint, reqPolicy, new ASN1Integer(nonce), certReq, ext));
    } else {
        return new TimeStampRequest(new TimeStampReq(messageImprint, reqPolicy, null, certReq, ext));
    }
}
Also used : TimeStampReq(com.github.zhenwei.pkix.util.asn1.tsp.TimeStampReq) MessageImprint(com.github.zhenwei.pkix.util.asn1.tsp.MessageImprint) ASN1Integer(com.github.zhenwei.core.asn1.ASN1Integer) Extensions(com.github.zhenwei.core.asn1.x509.Extensions)

Aggregations

ASN1Integer (com.github.zhenwei.core.asn1.ASN1Integer)3 Extensions (com.github.zhenwei.core.asn1.x509.Extensions)3 MessageImprint (com.github.zhenwei.pkix.util.asn1.tsp.MessageImprint)3 ASN1ObjectIdentifier (com.github.zhenwei.core.asn1.ASN1ObjectIdentifier)2 AlgorithmIdentifier (com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier)2 TimeStampReq (com.github.zhenwei.pkix.util.asn1.tsp.TimeStampReq)2 IOException (java.io.IOException)2 ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)2 ASN1String (org.bouncycastle.asn1.ASN1String)2 DEROctetString (org.bouncycastle.asn1.DEROctetString)2 MessageImprint (org.bouncycastle.asn1.tsp.MessageImprint)2 TimeStampTokenInfo (org.bouncycastle.tsp.TimeStampTokenInfo)2 ASN1Boolean (com.github.zhenwei.core.asn1.ASN1Boolean)1 ASN1EncodableVector (com.github.zhenwei.core.asn1.ASN1EncodableVector)1 ASN1GeneralizedTime (com.github.zhenwei.core.asn1.ASN1GeneralizedTime)1 ASN1Set (com.github.zhenwei.core.asn1.ASN1Set)1 ExtensionsGenerator (com.github.zhenwei.core.asn1.x509.ExtensionsGenerator)1 CollectionStore (com.github.zhenwei.core.util.CollectionStore)1 CMSException (com.github.zhenwei.pkix.cms.CMSException)1 CMSProcessableByteArray (com.github.zhenwei.pkix.cms.CMSProcessableByteArray)1