diff options
Diffstat (limited to 'libraries/spongycastle/pkix/src/main/java/org/spongycastle/tsp/TimeStampResponse.java')
| -rw-r--r-- | libraries/spongycastle/pkix/src/main/java/org/spongycastle/tsp/TimeStampResponse.java | 189 |
1 files changed, 0 insertions, 189 deletions
diff --git a/libraries/spongycastle/pkix/src/main/java/org/spongycastle/tsp/TimeStampResponse.java b/libraries/spongycastle/pkix/src/main/java/org/spongycastle/tsp/TimeStampResponse.java deleted file mode 100644 index cc327f45a..000000000 --- a/libraries/spongycastle/pkix/src/main/java/org/spongycastle/tsp/TimeStampResponse.java +++ /dev/null @@ -1,189 +0,0 @@ -package org.spongycastle.tsp; - -import java.io.ByteArrayInputStream; -import java.io.IOException; -import java.io.InputStream; - -import org.spongycastle.asn1.ASN1InputStream; -import org.spongycastle.asn1.cmp.PKIFailureInfo; -import org.spongycastle.asn1.cmp.PKIFreeText; -import org.spongycastle.asn1.cmp.PKIStatus; -import org.spongycastle.asn1.cms.Attribute; -import org.spongycastle.asn1.pkcs.PKCSObjectIdentifiers; -import org.spongycastle.asn1.tsp.TimeStampResp; -import org.spongycastle.util.Arrays; - -/** - * Base class for an RFC 3161 Time Stamp Response object. - */ -public class TimeStampResponse -{ - TimeStampResp resp; - TimeStampToken timeStampToken; - - public TimeStampResponse(TimeStampResp resp) - throws TSPException, IOException - { - this.resp = resp; - - if (resp.getTimeStampToken() != null) - { - timeStampToken = new TimeStampToken(resp.getTimeStampToken()); - } - } - - /** - * Create a TimeStampResponse from a byte array containing an ASN.1 encoding. - * - * @param resp the byte array containing the encoded response. - * @throws TSPException if the response is malformed. - * @throws IOException if the byte array doesn't represent an ASN.1 encoding. - */ - public TimeStampResponse(byte[] resp) - throws TSPException, IOException - { - this(new ByteArrayInputStream(resp)); - } - - /** - * Create a TimeStampResponse from an input stream containing an ASN.1 encoding. - * - * @param in the input stream containing the encoded response. - * @throws TSPException if the response is malformed. - * @throws IOException if the stream doesn't represent an ASN.1 encoding. - */ - public TimeStampResponse(InputStream in) - throws TSPException, IOException - { - this(readTimeStampResp(in)); - } - - private static TimeStampResp readTimeStampResp( - InputStream in) - throws IOException, TSPException - { - try - { - return TimeStampResp.getInstance(new ASN1InputStream(in).readObject()); - } - catch (IllegalArgumentException e) - { - throw new TSPException("malformed timestamp response: " + e, e); - } - catch (ClassCastException e) - { - throw new TSPException("malformed timestamp response: " + e, e); - } - } - - public int getStatus() - { - return resp.getStatus().getStatus().intValue(); - } - - public String getStatusString() - { - if (resp.getStatus().getStatusString() != null) - { - StringBuffer statusStringBuf = new StringBuffer(); - PKIFreeText text = resp.getStatus().getStatusString(); - for (int i = 0; i != text.size(); i++) - { - statusStringBuf.append(text.getStringAt(i).getString()); - } - return statusStringBuf.toString(); - } - else - { - return null; - } - } - - public PKIFailureInfo getFailInfo() - { - if (resp.getStatus().getFailInfo() != null) - { - return new PKIFailureInfo(resp.getStatus().getFailInfo()); - } - - return null; - } - - public TimeStampToken getTimeStampToken() - { - return timeStampToken; - } - - /** - * Check this response against to see if it a well formed response for - * the passed in request. Validation will include checking the time stamp - * token if the response status is GRANTED or GRANTED_WITH_MODS. - * - * @param request the request to be checked against - * @throws TSPException if the request can not match this response. - */ - public void validate( - TimeStampRequest request) - throws TSPException - { - TimeStampToken tok = this.getTimeStampToken(); - - if (tok != null) - { - TimeStampTokenInfo tstInfo = tok.getTimeStampInfo(); - - if (request.getNonce() != null && !request.getNonce().equals(tstInfo.getNonce())) - { - throw new TSPValidationException("response contains wrong nonce value."); - } - - if (this.getStatus() != PKIStatus.GRANTED && this.getStatus() != PKIStatus.GRANTED_WITH_MODS) - { - throw new TSPValidationException("time stamp token found in failed request."); - } - - if (!Arrays.constantTimeAreEqual(request.getMessageImprintDigest(), tstInfo.getMessageImprintDigest())) - { - throw new TSPValidationException("response for different message imprint digest."); - } - - if (!tstInfo.getMessageImprintAlgOID().equals(request.getMessageImprintAlgOID())) - { - throw new TSPValidationException("response for different message imprint algorithm."); - } - - Attribute scV1 = tok.getSignedAttributes().get(PKCSObjectIdentifiers.id_aa_signingCertificate); - Attribute scV2 = tok.getSignedAttributes().get(PKCSObjectIdentifiers.id_aa_signingCertificateV2); - - if (scV1 == null && scV2 == null) - { - throw new TSPValidationException("no signing certificate attribute present."); - } - - if (scV1 != null && scV2 != null) - { - /* - * RFC 5035 5.4. If both attributes exist in a single message, - * they are independently evaluated. - */ - } - - if (request.getReqPolicy() != null && !request.getReqPolicy().equals(tstInfo.getPolicy())) - { - throw new TSPValidationException("TSA policy wrong for request."); - } - } - else if (this.getStatus() == PKIStatus.GRANTED || this.getStatus() == PKIStatus.GRANTED_WITH_MODS) - { - throw new TSPValidationException("no time stamp token found and one expected."); - } - } - - /** - * return the ASN.1 encoded representation of this object. - */ - public byte[] getEncoded() throws IOException - { - return resp.getEncoded(); - } -}
\ No newline at end of file |