pdfbox-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From til...@apache.org
Subject svn commit: r1845732 - /pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/SigUtils.java
Date Sun, 04 Nov 2018 12:59:30 GMT
Author: tilman
Date: Sun Nov  4 12:59:29 2018
New Revision: 1845732

URL: http://svn.apache.org/viewvc?rev=1845732&view=rev
Log:
PDFBOX-3017: add method

Modified:
    pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/SigUtils.java

Modified: pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/SigUtils.java
URL: http://svn.apache.org/viewvc/pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/SigUtils.java?rev=1845732&r1=1845731&r2=1845732&view=diff
==============================================================================
--- pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/SigUtils.java
(original)
+++ pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/SigUtils.java
Sun Nov  4 12:59:29 2018
@@ -170,4 +170,22 @@ public class SigUtils
                     "nor 'Adobe Authentic Documents Trust'");
         }
     }
+
+    /**
+     * Log if the certificate is not valid for timestamping.
+     *
+     * @param x509Certificate 
+     * @throws java.security.cert.CertificateParsingException 
+     */
+    public static void checkTimeStampCertificateUsage(X509Certificate x509Certificate)
+            throws CertificateParsingException
+    {
+        List<String> extendedKeyUsage = x509Certificate.getExtendedKeyUsage();
+        // https://tools.ietf.org/html/rfc5280#section-4.2.1.12
+        if (extendedKeyUsage != null &&
+            !extendedKeyUsage.contains(KeyPurposeId.id_kp_timeStamping.toString()))
+        {
+            LOG.error("Certificate extended key usage does not include timeStamping");
+        }
+    }
 }



Mime
View raw message