be.ehealth.technicalconnector.validator.impl

Class TimeStampValidatorImpl

java.lang.Object

be.ehealth.technicalconnector.validator.impl.TimeStampValidatorImpl

All Implemented Interfaces:

ConfigurableImplementation, TimeStampValidator

public class TimeStampValidatorImpl
extends Object
implements TimeStampValidator, ConfigurableImplementation

Implements TimeStampValidator by retrieving the configured keystore and validating the timestamp signature against all available aliases.

Field Summary

Fields inherited from interface be.ehealth.technicalconnector.validator.TimeStampValidator

ALIASLIST, KEYSTORE

Constructor Summary

Constructors

Constructor and Description
TimeStampValidatorImpl()

Method Summary

Modifier and Type	Method and Description
void	initialize(Map<String,Object> parameterMap) initializes the implementation with additional parameters.
void	validateTimeStampToken(byte[] bs, org.bouncycastle.tsp.TimeStampToken tsToken) Validates a TimeStampToken against a specific byte array, checking: The message imprint digest matches bs Exactly one signing certificate attribute (V1 or V2) is present The token signature is valid against a trusted TSA certificate
void	validateTimeStampToken(org.bouncycastle.tsp.TimeStampToken tsToken) Validates the token signature against all TSA certificates in the configured keystore.

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

TimeStampValidatorImpl

public TimeStampValidatorImpl()

Method Detail

initialize

public void initialize(Map<String,Object> parameterMap)
                throws TechnicalConnectorException

Description copied from interface: ConfigurableImplementation

initializes the implementation with additional parameters.

Specified by:

initialize in interface ConfigurableImplementation

Parameters:

parameterMap - Map with for each propertyString ,the input parameter as Object.

Throws:

TechnicalConnectorException - if the parameterMap is not correct.

validateTimeStampToken

public void validateTimeStampToken(byte[] bs,
                                   org.bouncycastle.tsp.TimeStampToken tsToken)
                            throws InvalidTimeStampException,
                                   TechnicalConnectorException

Validates a TimeStampToken against a specific byte array, checking:

1. The message imprint digest matches bs
2. Exactly one signing certificate attribute (V1 or V2) is present
3. The token signature is valid against a trusted TSA certificate

Specified by:

validateTimeStampToken in interface TimeStampValidator

Parameters:

bs - the original bytes that were timestamped

tsToken - the timestamp token to validate

Throws:

InvalidTimeStampException - if any validation check fails

TechnicalConnectorException - if a non-validation technical error occurs

validateTimeStampToken

public void validateTimeStampToken(org.bouncycastle.tsp.TimeStampToken tsToken)
                            throws InvalidTimeStampException,
                                   TechnicalConnectorException

Validates the token signature against all TSA certificates in the configured keystore.

Specified by:

validateTimeStampToken in interface TimeStampValidator

Parameters:

tsToken - the timestamp token to validate

Throws:

InvalidTimeStampException - if no trusted certificate validates the token

TechnicalConnectorException - if a non-validation technical error occurs