private boolean isSignatureValid(TimeStampToken timeStampToken) { try { JcaSimpleSignerInfoVerifierBuilder sigVerifierBuilder = new JcaSimpleSignerInfoVerifierBuilder(); Collection certCollection = timeStampToken.getCertificates().getMatches(timeStampToken.getSID()); Iterator certIt = certCollection.iterator(); X509CertificateHolder cert = (X509CertificateHolder) certIt.next(); Certificate x509Cert = CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(cert.getEncoded())); SignerInformationVerifier signerInfoVerifier = sigVerifierBuilder.setProvider(BouncyCastleProvider.PROVIDER_NAME).build(x509Cert.getPublicKey()); return timeStampToken.isSignatureValid(signerInfoVerifier); } catch (Exception e) { throw new MalformedDocumentException(e); } }
/** * Verifies a time stamp against a KeyStore. * @param ts the time stamp * @param keystore the <CODE>KeyStore</CODE> * @param provider the provider or <CODE>null</CODE> to use the BouncyCastle provider * @return <CODE>true</CODE> is a certificate was found */ public static boolean verifyTimestampCertificates(TimeStampToken ts, KeyStore keystore, String provider) { if (provider == null) provider = "BC"; try { for (Enumeration<String> aliases = keystore.aliases(); aliases.hasMoreElements();) { try { String alias = aliases.nextElement(); if (!keystore.isCertificateEntry(alias)) continue; X509Certificate certStoreX509 = (X509Certificate)keystore.getCertificate(alias); ts.isSignatureValid(new JcaSimpleSignerInfoVerifierBuilder().setProvider(provider).build(certStoreX509)); return true; } catch (Exception ex) { } } } catch (Exception e) { } return false; }
private boolean isSignatureValid(TimeStampToken token) { try { X509CertificateHolder holder = (X509CertificateHolder) token.getCertificates().getMatches(token.getSID()) .iterator().next(); return token.isSignatureValid( new JcaSimpleSignerInfoVerifierBuilder().setProvider(BouncyCastleProvider.PROVIDER_NAME).build( DSSUtils.loadCertificate(holder.getEncoded()).getCertificate().getPublicKey())); } catch (Exception e) { throw new DigiDoc4JException(e); } }