Example 1 with TimeStampTokenVerificationException
use of xades4j.providers.TimeStampTokenVerificationException in project xades4j by luisgoncalves.
the class DefaultTimeStampVerificationProvider method verifyToken.
@Override
public Date verifyToken(byte[] timeStampToken, byte[] tsDigestInput) throws TimeStampTokenVerificationException {
TimeStampToken tsToken;
try {
ASN1InputStream asn1is = new ASN1InputStream(timeStampToken);
ContentInfo tsContentInfo = ContentInfo.getInstance(asn1is.readObject());
asn1is.close();
tsToken = new TimeStampToken(tsContentInfo);
} catch (IOException ex) {
throw new TimeStampTokenStructureException("Error parsing encoded token", ex);
} catch (TSPException ex) {
throw new TimeStampTokenStructureException("Invalid token", ex);
}
X509Certificate tsaCert = null;
try {
/* Validate the TSA certificate */
LinkedList<X509Certificate> certs = new LinkedList<X509Certificate>();
for (Object certHolder : tsToken.getCertificates().getMatches(new AllCertificatesSelector())) {
certs.add(this.x509CertificateConverter.getCertificate((X509CertificateHolder) certHolder));
}
ValidationData vData = this.certificateValidationProvider.validate(x509CertSelectorConverter.getCertSelector(tsToken.getSID()), tsToken.getTimeStampInfo().getGenTime(), certs);
tsaCert = vData.getCerts().get(0);
} catch (CertificateException ex) {
throw new TimeStampTokenVerificationException(ex.getMessage(), ex);
} catch (XAdES4jException ex) {
throw new TimeStampTokenTSACertException("cannot validate TSA certificate", ex);
}
try {
tsToken.validate(this.signerInfoVerifierBuilder.build(tsaCert));
} catch (TSPValidationException ex) {
throw new TimeStampTokenSignatureException("Invalid token signature or certificate", ex);
} catch (Exception ex) {
throw new TimeStampTokenVerificationException("Error when verifying the token signature", ex);
}
org.bouncycastle.tsp.TimeStampTokenInfo tsTokenInfo = tsToken.getTimeStampInfo();
try {
String digestAlgUri = uriForDigest(tsTokenInfo.getMessageImprintAlgOID());
MessageDigest md = messageDigestProvider.getEngine(digestAlgUri);
if (!Arrays.equals(md.digest(tsDigestInput), tsTokenInfo.getMessageImprintDigest())) {
throw new TimeStampTokenDigestException();
}
} catch (UnsupportedAlgorithmException ex) {
throw new TimeStampTokenVerificationException("The token's digest algorithm is not supported", ex);
}
return tsTokenInfo.getGenTime();
}
Also used :
CertificateException(java.security.cert.CertificateException)
TimeStampTokenVerificationException(xades4j.providers.TimeStampTokenVerificationException)
TimeStampTokenSignatureException(xades4j.providers.TimeStampTokenSignatureException)
ContentInfo(org.bouncycastle.asn1.cms.ContentInfo)
XAdES4jException(xades4j.XAdES4jException)
TimeStampTokenDigestException(xades4j.providers.TimeStampTokenDigestException)
MessageDigest(java.security.MessageDigest)
ASN1InputStream(org.bouncycastle.asn1.ASN1InputStream)
TimeStampTokenStructureException(xades4j.providers.TimeStampTokenStructureException)
TSPValidationException(org.bouncycastle.tsp.TSPValidationException)
TimeStampTokenTSACertException(xades4j.providers.TimeStampTokenTSACertException)
IOException(java.io.IOException)
X509Certificate(java.security.cert.X509Certificate)
LinkedList(java.util.LinkedList)
TSPValidationException(org.bouncycastle.tsp.TSPValidationException)
XAdES4jException(xades4j.XAdES4jException)
TimeStampTokenTSACertException(xades4j.providers.TimeStampTokenTSACertException)
TimeStampTokenStructureException(xades4j.providers.TimeStampTokenStructureException)
TSPException(org.bouncycastle.tsp.TSPException)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
UnsupportedAlgorithmException(xades4j.UnsupportedAlgorithmException)
TimeStampTokenDigestException(xades4j.providers.TimeStampTokenDigestException)
TimeStampTokenVerificationException(xades4j.providers.TimeStampTokenVerificationException)
TimeStampTokenSignatureException(xades4j.providers.TimeStampTokenSignatureException)
ValidationData(xades4j.providers.ValidationData)
X509CertificateHolder(org.bouncycastle.cert.X509CertificateHolder)
UnsupportedAlgorithmException(xades4j.UnsupportedAlgorithmException)
TSPException(org.bouncycastle.tsp.TSPException)
TimeStampToken(org.bouncycastle.tsp.TimeStampToken)
Example 2 with TimeStampTokenVerificationException
use of xades4j.providers.TimeStampTokenVerificationException in project xades4j by luisgoncalves.
the class TimeStampVerifierBase method verify.
@Override
public final QualifyingProperty verify(TData propData, QualifyingPropertyVerificationContext ctx) throws InvalidPropertyException {
try {
TimeStampDigestInput digestInput = this.tsInputFactory.newTimeStampDigestInput(propData.getCanonicalizationAlgorithm());
QualifyingProperty prop = addPropSpecificTimeStampInputAndCreateProperty(propData, digestInput, ctx);
byte[] data = digestInput.getBytes();
/**
* Verify the time-stamp tokens on a time-stamp property data object. All
* the tokens are verified, but the returned time-stamp is from the last token.
*/
List<byte[]> tokens = propData.getTimeStampTokens();
Date ts = null;
for (byte[] tkn : tokens) {
ts = this.tsVerifier.verifyToken(tkn, data);
}
// By convention all timestamp property types have a setTime(Date) method
Method setTimeMethod = prop.getClass().getMethod("setTime", Date.class);
setTimeMethod.invoke(prop, ts);
return prop;
} catch (UnsupportedAlgorithmException ex) {
throw getEx(ex, this.propName);
} catch (CannotAddDataToDigestInputException ex) {
throw new TimeStampDigestInputException(this.propName, ex);
} catch (TimeStampTokenVerificationException ex) {
throw getEx(ex, this.propName);
} catch (Exception ex) {
// Exceptions related to setTimeMethod.invoke(...)
throw getEx(ex, this.propName);
}
}
Also used :
CannotAddDataToDigestInputException(xades4j.utils.CannotAddDataToDigestInputException)
TimeStampDigestInput(xades4j.utils.TimeStampDigestInput)
UnsupportedAlgorithmException(xades4j.UnsupportedAlgorithmException)
QualifyingProperty(xades4j.properties.QualifyingProperty)
Method(java.lang.reflect.Method)
TimeStampTokenVerificationException(xades4j.providers.TimeStampTokenVerificationException)
Date(java.util.Date)
CannotAddDataToDigestInputException(xades4j.utils.CannotAddDataToDigestInputException)
TimeStampTokenStructureException(xades4j.providers.TimeStampTokenStructureException)
UnsupportedAlgorithmException(xades4j.UnsupportedAlgorithmException)
TimeStampTokenDigestException(xades4j.providers.TimeStampTokenDigestException)
TimeStampTokenVerificationException(xades4j.providers.TimeStampTokenVerificationException)
TimeStampTokenSignatureException(xades4j.providers.TimeStampTokenSignatureException)
Aggregations
UnsupportedAlgorithmException (xades4j.UnsupportedAlgorithmException)2
TimeStampTokenDigestException (xades4j.providers.TimeStampTokenDigestException)2
TimeStampTokenSignatureException (xades4j.providers.TimeStampTokenSignatureException)2
TimeStampTokenStructureException (xades4j.providers.TimeStampTokenStructureException)2
TimeStampTokenVerificationException (xades4j.providers.TimeStampTokenVerificationException)2
IOException (java.io.IOException)1
Method (java.lang.reflect.Method)1
MessageDigest (java.security.MessageDigest)1
CertificateException (java.security.cert.CertificateException)1
X509Certificate (java.security.cert.X509Certificate)1
Date (java.util.Date)1
LinkedList (java.util.LinkedList)1
ASN1InputStream (org.bouncycastle.asn1.ASN1InputStream)1
ContentInfo (org.bouncycastle.asn1.cms.ContentInfo)1
X509CertificateHolder (org.bouncycastle.cert.X509CertificateHolder)1
TSPException (org.bouncycastle.tsp.TSPException)1
TSPValidationException (org.bouncycastle.tsp.TSPValidationException)1
TimeStampToken (org.bouncycastle.tsp.TimeStampToken)1
XAdES4jException (xades4j.XAdES4jException)1
QualifyingProperty (xades4j.properties.QualifyingProperty)1
