use of org.bouncycastle.tsp.TimeStampToken in project pdfbox by apache.
the class CertInformationCollector method addTimestampCerts.
/**
* Processes an embedded signed timestamp, that has been placed into a signature. The
* certificates and its chain(s) will be processed the same way as the signature itself.
*
* @param signerInformation of the signature, to get unsigned attributes from it.
* @throws IOException
* @throws CertificateProccessingException
*/
private void addTimestampCerts(SignerInformation signerInformation) throws IOException, CertificateProccessingException {
AttributeTable unsignedAttributes = signerInformation.getUnsignedAttributes();
if (unsignedAttributes == null) {
return;
}
Attribute tsAttribute = signerInformation.getUnsignedAttributes().get(PKCSObjectIdentifiers.id_aa_signatureTimeStampToken);
if (tsAttribute.getAttrValues() instanceof DERSet) {
DERSet tsSet = (DERSet) tsAttribute.getAttrValues();
tsSet.getEncoded("DER");
DERSequence tsSeq = (DERSequence) tsSet.getObjectAt(0);
try {
TimeStampToken tsToken = new TimeStampToken(new CMSSignedData(tsSeq.getEncoded("DER")));
rootCertInfo.tsaCerts = new CertSignatureInformation();
@SuppressWarnings("unchecked") Store<X509CertificateHolder> certificatesStore = tsToken.getCertificates();
processSignerStore(certificatesStore, tsToken.toCMSSignedData(), rootCertInfo.tsaCerts);
} catch (TSPException | CMSException e) {
throw new IOException("Error parsing timestamp token", e);
}
}
}
Aggregations