PKCS7DateParser


1   /*******************************************************************************
2    * Copyright (c) 2006, 2007 IBM Corporation and others. All rights reserved.
3    * This program and the accompanying materials are made available under the
4    * terms of the Eclipse Public License v1.0 which accompanies this distribution,
5    * and is available at http://www.eclipse.org/legal/epl-v10.html
6    * 
7    * Contributors: IBM Corporation - initial API and implementation
8    ******************************************************************************/
9   package org.eclipse.osgi.internal.verifier;
10  
11  import java.io.IOException  ;
12  import java.security.*;
13  import java.security.cert.CertificateException  ;
14  import java.util.*;
15  import org.eclipse.osgi.framework.log.FrameworkLogEntry;
16  
17  public class PKCS7DateParser {
18  
19      static Date parseDate(PKCS7Processor pkcs7Processor) throws IOException   {
20          return hasTimeStamp(pkcs7Processor);
21      }
22  
23      private static Date hasTimeStamp(PKCS7Processor pkcs7) throws IOException   {
24          Map unsignedAttrs = pkcs7.getUnsignedAttrs();
25          if (unsignedAttrs != null) {
26              // get the timestamp constrcut
27              byte[] timeStampConstruct = retrieveTimeStampConstruct(unsignedAttrs);
28  
29              // there is a timestamp in the signer info
30              if (timeStampConstruct != null) {
31  
32                  try {
33                      PKCS7Processor timestampProcess = new PKCS7Processor(timeStampConstruct, 0, timeStampConstruct.length);
34                      timestampProcess.validateCerts();
35                      pkcs7.setTSACertificates(timestampProcess.getCertificates());
36                      return timestampProcess.getSigningTime();
37                  } catch (CertificateException   e) {
38                      SignedBundleHook.log(e.getMessage(), FrameworkLogEntry.ERROR, e);
39                      throw new IOException  (JarVerifierMessages.PKCS7_Parse_Signing_Time);
40                  } catch (NoSuchAlgorithmException e) {
41                      SignedBundleHook.log(e.getMessage(), FrameworkLogEntry.ERROR, e);
42                      throw new SecurityException  (JarVerifierMessages.No_Such_Algorithm_Excep);
43                  } catch (InvalidKeyException e) {
44                      throw new IOException  ("InvalidKeyException occurs when verifying the certs from tsa certificates: " + e.getMessage()); //$NON-NLS-1$
45                  } catch (SignatureException e) {
46                      throw new IOException  (JarVerifierMessages.Signature_Not_Verify);
47                  }
48  
49              }
50          }
51          return null;
52      }
53  
54      private static byte[] retrieveTimeStampConstruct(Map unsignedAttrs) {
55          Set objIDs = unsignedAttrs.keySet();
56          Iterator iter = objIDs.iterator();
57          while (iter.hasNext()) {
58              int[] objID = (int[]) iter.next();
59              if (Arrays.equals(JarVerifierConstant.TIMESTAMP_OID, objID)) {
60                  return (byte[]) unsignedAttrs.get(objID);
61              }
62          }
63          return null;
64      }
65  }
66
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags