java-时间戳响应不正确-BouncyCastle
作者:互联网
试图通过使用BouncyCastle请求时间戳(RFC 3161)并连接到http://timestamping.edelweb.fr/service/tsp.我确实从服务器返回了TimestampResponse,但似乎没有实际日期.
这是代码:
public static void main(String[] args) {
String ocspUrl = "http://timestamping.edelweb.fr/service/tsp";
byte[] digest = "hello".getBytes();
OutputStream out = null;
try {
TimeStampRequestGenerator reqgen = new TimeStampRequestGenerator();
TimeStampRequest req = reqgen.generate(TSPAlgorithms.SHA1, digest);
byte request[] = req.getEncoded();
URL url = new URL(ocspUrl);
HttpURLConnection con = (HttpURLConnection) url.openConnection();
con.setDoOutput(true);
con.setDoInput(true);
con.setRequestMethod("POST");
con.setRequestProperty("Content-type", "application/timestamp-query");
con.setRequestProperty("Content-length", String.valueOf(request.length));
out = con.getOutputStream();
out.write(request);
out.flush();
if (con.getResponseCode() != HttpURLConnection.HTTP_OK) {
throw new IOException("Received HTTP error: " + con.getResponseCode() + " - " + con.getResponseMessage());
}
InputStream in = con.getInputStream();
TimeStampResp resp = TimeStampResp.getInstance(new ASN1InputStream(in).readObject());
TimeStampResponse response = new TimeStampResponse(resp);
response.validate(req);
System.out.println(response.getTimeStampToken().getTimeStampInfo().getGenTime());
} catch (IOException e) {
e.printStackTrace();
} catch (Exception e) {
e.printStackTrace();
}
}
这是问题:
有没有人使用Bouncycastle的库作为时间戳,并且碰巧知道不同的状态码及其含义?或只是一般而言,为什么这似乎行不通.
我希望看到日期的这一行只会引发NullPointer:
System.out.println(response.getTimeStampToken().getTimeStampInfo().getGenTime());
有人知道免费的其他符合RFC 3161的时间戳服务器吗?
如果您想运行该代码,则需要可以从here下载的bouncycastle jar.您将需要:provider,mail,tsp.
谢谢
解决方法:
在分析与Wireshark的通信时,此示例为我提供了“错误消息摘要”错误.
对我有用的摘要代码是:
MessageDigest messageDigest = MessageDigest.getInstance("SHA-1");
messageDigest.update("messageImprint".getBytes());
byte[] digest = messageDigest.digest();
标签:security,bouncycastle,trusted-timestamp,rfc3161,java 来源: https://codeday.me/bug/20191107/2003792.html