Intermediate CA certificates in the time-stamp token not included in the TSA certificate verification

[GoogleCodeExporter]

What steps will reproduce the problem?
1. Use the DefaultTimeStampVerificationProvider to verify a time-stamp token 
containing a TSA certificate issued by an intermidiate CA certificate not 
available to the validation provider but in the time-stamp token itself.

What is the expected output? What do you see instead?
The validation should succeed as all certificates are available. However, the 
validation fails.

What version of the product are you using?
1.3.0

The attached patch solves the issue by including all the certificates from the 
time-stamp token in the validation.

This issue is also tracked in the downstreams project SignServer:
https://jira.primekey.se/browse/DSS-700

Original issue reported on code.google.com by markuski...@gmail.com on 15 Jan 2014 at 8:28

Attachments:

• dss-700-defaulttimestampverificationprovider-all-certificates.patch

[GoogleCodeExporter]

Original comment by luis.fgoncalv on 20 Jan 2014 at 5:36

• Changed state: Accepted

[GoogleCodeExporter]

Applied in r252. Just removed a few other lines. Thanks for this!

Original comment by luis.fgoncalv on 24 Jan 2014 at 9:45

[GoogleCodeExporter]

Original comment by luis.fgoncalv on 24 Jan 2014 at 9:47

• Changed state: Fixed