Exemplo n.º 1
0
  @Override
  public boolean isSignedBy(final CertificateToken issuerToken) {

    if (this.issuerToken != null) {

      return this.issuerToken.equals(issuerToken);
    }
    final TimestampValidation timestampValidation = validateTimestampToken(timeStamp, issuerToken);
    final TimestampValidity timestampValidity = timestampValidation.getValidity();
    signatureInvalidityReason = timestampValidity.name();
    signatureValid = timestampValidation.isValid();
    if (signatureValid) {

      this.issuerToken = issuerToken;

      issuerX500Principal = issuerToken.getSubjectX500Principal();
      final String algorithm = issuerToken.getPublicKey().getAlgorithm();
      final EncryptionAlgorithm encryptionAlgorithm = EncryptionAlgorithm.forName(algorithm);
      final AlgorithmIdentifier hashAlgorithm = timeStamp.getTimeStampInfo().getHashAlgorithm();
      final DigestAlgorithm digestAlgorithm =
          DigestAlgorithm.forOID(hashAlgorithm.getAlgorithm().getId());
      signatureAlgorithm = SignatureAlgorithm.getAlgorithm(encryptionAlgorithm, digestAlgorithm);
    }
    return signatureValid;
  }
Exemplo n.º 2
0
 private TimestampReference createCertificateTimestampReference(CertificateToken certificate) {
   final byte[] certificateDigest =
       DSSUtils.digest(DigestAlgorithm.SHA1, certificate.getEncoded());
   final TimestampReference reference =
       new TimestampReference(
           DigestAlgorithm.SHA1.name(), Base64.encodeBase64String(certificateDigest));
   return reference;
 }
Exemplo n.º 3
0
  /**
   * Constructor with an indication of the timestamp type. The default constructor for {@code
   * TimestampToken}.
   *
   * @param timeStamp {@code TimeStampToken}
   * @param type {@code TimestampType}
   * @param certPool {@code CertificatePool} which is used to identify the signing certificate of
   *     the timestamp
   */
  public TimestampToken(
      final TimeStampToken timeStamp, final TimestampType type, final CertificatePool certPool) {

    this.timeStamp = timeStamp;
    this.timeStampType = type;
    this.extraInfo = new TokenValidationExtraInfo();
    wrappedSource = new CAdESCertificateSource(timeStamp, certPool);
    final Collection<CertificateToken> certs = wrappedSource.getCertificates();
    for (final CertificateToken certificateToken : certs) {

      final byte[] encoded = certificateToken.getEncoded();
      final Certificate certificate = Certificate.getInstance(encoded);
      final X509CertificateHolder x509CertificateHolder = new X509CertificateHolder(certificate);
      if (timeStamp.getSID().match(x509CertificateHolder)) {

        boolean valid = isSignedBy(certificateToken);
        if (valid) {
          break;
        }
      }
    }
  }
Exemplo n.º 4
0
  private TimestampValidation validateTimestampToken(
      final TimeStampToken timeStampToken, final CertificateToken issuerToken) {

    TimestampValidity timestampValidity;
    try {

      final JcaSimpleSignerInfoVerifierBuilder verifierBuilder =
          new JcaSimpleSignerInfoVerifierBuilder();
      final X509Certificate x509Certificate = issuerToken.getCertificate();
      final SignerInformationVerifier verifier = verifierBuilder.build(x509Certificate);
      timeStampToken.validate(verifier);
      timestampValidity = TimestampValidity.VALID;
    } catch (IllegalArgumentException e) {
      if (logger.isDebugEnabled()) {
        logger.debug("No signing certificate for timestamp token: ", e);
      } else {
        logger.info("No signing certificate for timestamp token: ", e.getMessage());
      }
      timestampValidity = TimestampValidity.NO_SIGNING_CERTIFICATE;
    } catch (TSPValidationException e) {
      if (logger.isDebugEnabled()) {
        logger.debug("No valid signature for timestamp token: ", e);
      } else {
        logger.info("No valid signature for timestamp token: " + e.getMessage());
      }
      timestampValidity = TimestampValidity.NOT_VALID_SIGNATURE;
    } catch (TSPException e) {
      if (logger.isDebugEnabled()) {
        logger.debug("No valid structure for timestamp token: ", e);
      } else {
        logger.info("No valid structure for timestamp token: " + e.getMessage());
      }
      timestampValidity = TimestampValidity.NOT_VALID_STRUCTURE;
    } catch (OperatorCreationException e) {
      if (logger.isDebugEnabled()) {
        logger.debug("No valid structure for timestamp token: ", e);
      } else {
        logger.info("No valid structure for timestamp token: " + e.getMessage());
      }
      timestampValidity = TimestampValidity.NOT_VALID_STRUCTURE;
    }
    final TimestampValidation timestampValidation = new TimestampValidation(timestampValidity);
    return timestampValidation;
  }