sigstore
diff --git a/‎sigstore-java/src/main/java/dev/sigstore/timestamp/client/HashAlgorithm.java
Lines changed: 10 additions & 0 deletions b/‎sigstore-java/src/main/java/dev/sigstore/timestamp/client/HashAlgorithm.java
Lines changed: 10 additions & 0 deletions
diff --git a/‎sigstore-java/src/main/java/dev/sigstore/timestamp/client/TimestampVerifier.java
Lines changed: 47 additions & 9 deletions b/‎sigstore-java/src/main/java/dev/sigstore/timestamp/client/TimestampVerifier.java
Lines changed: 47 additions & 9 deletions
diff --git a/‎sigstore-java/src/main/java/dev/sigstore/timestamp/client/UnsupportedHashAlgorithmException.java
Lines changed: 22 additions & 0 deletions b/‎sigstore-java/src/main/java/dev/sigstore/timestamp/client/UnsupportedHashAlgorithmException.java
Lines changed: 22 additions & 0 deletions
diff --git a/‎sigstore-java/src/test/java/dev/sigstore/timestamp/client/TimestampVerifierTest.java
Lines changed: 40 additions & 28 deletions b/‎sigstore-java/src/test/java/dev/sigstore/timestamp/client/TimestampVerifierTest.java
Lines changed: 40 additions & 28 deletions
diff --git a/‎sigstore-java/src/test/resources/dev/sigstore/samples/timestamp-response/valid/sigstage_tsa_response_with_embedded_certs.tsr
1.22 KB b/‎sigstore-java/src/test/resources/dev/sigstore/samples/timestamp-response/valid/sigstage_tsa_response_with_embedded_certs.tsr
1.22 KB
diff --git a/‎sigstore-java/src/test/resources/dev/sigstore/samples/timestamp-response/valid/sigstage_tsa_response_without_embedded_certs.tsr
714 Bytes b/‎sigstore-java/src/test/resources/dev/sigstore/samples/timestamp-response/valid/sigstage_tsa_response_without_embedded_certs.tsr
714 Bytes
diff --git a/‎sigstore-java/src/test/resources/dev/sigstore/trustroot/staging_trusted_root.json
Lines changed: 20 additions & 0 deletions b/‎sigstore-java/src/test/resources/dev/sigstore/trustroot/staging_trusted_root.json
Lines changed: 20 additions & 0 deletions
@@ -39,4 +39,14 @@ public String getAlgorithmName() {
   public ASN1ObjectIdentifier getOid() {
     return oid;
   }
+
+  public static HashAlgorithm from(ASN1ObjectIdentifier oid)
+      throws UnsupportedHashAlgorithmException {
+    for (HashAlgorithm value : values()) {
+      if (value.getOid().equals(oid)) {
+        return value;
+      }
+    }
+    throw new UnsupportedHashAlgorithmException(oid.getId());
+  }
 }
@@ -15,6 +15,7 @@
  */
 package dev.sigstore.timestamp.client;
 
+import com.google.common.hash.Hashing;
 import dev.sigstore.encryption.certificates.Certificates;
 import dev.sigstore.trustroot.CertificateAuthority;
 import dev.sigstore.trustroot.SigstoreTrustedRoot;
@@ -32,6 +33,7 @@
 import java.security.cert.X509Certificate;
 import java.security.spec.InvalidKeySpecException;
 import java.util.ArrayList;
+import java.util.Arrays;
 import java.util.Collections;
 import java.util.Date;
 import java.util.LinkedHashMap;
@@ -83,10 +85,12 @@ private TimestampVerifier(List<CertificateAuthority> tsas) {
    *
    * @param tsResp The timestamp response object containing the raw bytes of the RFC 3161
    *     TimeStampResponse.
+   * @param artifact The artifact that was timestamped.
    * @throws TimestampVerificationException if any verification step fails (e.g., no token,
    *     certificate path validation failure, signature validation failure).
    */
-  public void verify(TimestampResponse tsResp) throws TimestampVerificationException {
+  public void verify(TimestampResponse tsResp, byte[] artifact)
+      throws TimestampVerificationException {
     // Parse the timestamp response
     TimeStampResponse bcTsResp;
     try {
@@ -133,16 +137,37 @@ public void verify(TimestampResponse tsResp) throws TimestampVerificationExcepti
       tsaVerificationFailure.put(
           tsa.getUri().toString(),
           "Timestamp generation time is not within TSA's validity period.");
-    } else {
-      return;
+      String errors =
+          tsaVerificationFailure.entrySet().stream()
+              .map(entry -> entry.getKey() + " (" + entry.getValue() + ")")
+              .collect(Collectors.joining("\n"));
+      throw new TimestampVerificationException(
+          "Certificate was not verifiable against TSAs\n" + errors);
     }
 
-    String errors =
-        tsaVerificationFailure.entrySet().stream()
-            .map(entry -> entry.getKey() + " (" + entry.getValue() + ")")
-            .collect(Collectors.joining("\n"));
-    throw new TimestampVerificationException(
-        "Certificate was not verifiable against TSAs\n" + errors);
+    // Validate the message imprint digest in the token
+    var oid = tsToken.getTimeStampInfo().getMessageImprintAlgOID();
+    HashAlgorithm hashAlgorithm;
+    try {
+      hashAlgorithm = HashAlgorithm.from(oid);
+    } catch (UnsupportedHashAlgorithmException e) {
+      throw new TimestampVerificationException(e);
+    }
+    byte[] artifactDigest;
+    switch (hashAlgorithm) {
+      case SHA256:
+        artifactDigest = Hashing.sha256().hashBytes(artifact).asBytes();
+        break;
+      case SHA384:
+        artifactDigest = Hashing.sha384().hashBytes(artifact).asBytes();
+        break;
+      case SHA512:
+        artifactDigest = Hashing.sha512().hashBytes(artifact).asBytes();
+        break;
+      default:
+        throw new IllegalStateException(); // We shouldn't be here.
+    }
+    validateTokenMessageImprintDigest(tsToken, artifactDigest);
   }
 
   /** Validates the signature of the TimeStampToken using the provided signing certificate. */
@@ -159,6 +184,19 @@ private void validateTokenSignature(TimeStampToken token, X509Certificate signin
     }
   }
 
+  /**
+   * Validates that the message imprint digest in the timestamp token matches the provided artifact
+   * digest.
+   */
+  private void validateTokenMessageImprintDigest(TimeStampToken token, byte[] artifactDigest)
+      throws TimestampVerificationException {
+    var messageImprintDigest = token.getTimeStampInfo().getMessageImprintDigest();
+    if (!Arrays.equals(messageImprintDigest, artifactDigest)) {
+      throw new TimestampVerificationException(
+          "Timestamp message imprint digest does not match artifact hash");
+    }
+  }
+
   /** Validates that the provided TSA's certificate chain is self-consistent. */
   void validateTsaChain(CertificateAuthority tsa, Date tsDate)
       throws TimestampException,
 
@@ -0,0 +1,22 @@
+/*
+ * Copyright 2025 The Sigstore Authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package dev.sigstore.timestamp.client;
+
+public class UnsupportedHashAlgorithmException extends Exception {
+  public UnsupportedHashAlgorithmException(String algorithm) {
+    super("Unsupported hash algorithm: " + algorithm);
+  }
+}
@@ -19,6 +19,7 @@
 import static org.junit.jupiter.api.Assertions.assertEquals;
 import static org.junit.jupiter.api.Assertions.assertNotNull;
 import static org.junit.jupiter.api.Assertions.assertThrows;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 
 import com.google.common.io.Resources;
 import dev.sigstore.json.ProtoJson;
@@ -34,31 +35,33 @@
 
 public class TimestampVerifierTest {
   private static SigstoreTrustedRoot trustedRoot;
+  private static SigstoreTrustedRoot trustedRootWithOneTsa;
   private static SigstoreTrustedRoot trustedRootWithOutdatedTsa;
-  private static SigstoreTrustedRoot trustedRootWithMultipleTsas;
+  private static byte[] artifact;
   private static byte[] trustedTsRespBytesWithEmbeddedCerts;
   private static byte[] trustedTsRespBytesWithoutEmbeddedCerts;
   private static byte[] invalidTsRespBytes;
   private static byte[] untrustedTsRespBytes;
 
   @BeforeAll
   public static void loadResources() throws Exception {
-    // Response from Sigstore TSA (in trusted root) with embedded certs
+    artifact = "test\n".getBytes(StandardCharsets.UTF_8);
+
     try (var is =
         Resources.getResource(
-                "dev/sigstore/samples/timestamp-response/valid/sigstore_tsa_response_with_embedded_certs.tsr")
+                "dev/sigstore/samples/timestamp-response/valid/sigstage_tsa_response_with_embedded_certs.tsr")
             .openStream()) {
       trustedTsRespBytesWithEmbeddedCerts = is.readAllBytes();
     }
 
     // Response from Sigstore TSA (in trusted root) without embedded certs
     try (var is =
         Resources.getResource(
-                "dev/sigstore/samples/timestamp-response/valid/sigstore_tsa_response_without_embedded_certs.tsr")
+                "dev/sigstore/samples/timestamp-response/valid/sigstage_tsa_response_without_embedded_certs.tsr")
             .openStream()) {
       if (is == null) {
         throw new IOException(
-            "dev/sigstore/samples/timestamp-response/valid/sigstore_tsa_response_without_embedded_certs.tsr");
+            "dev/sigstore/samples/timestamp-response/valid/sigstage_tsa_response_without_embedded_certs.tsr");
       }
       trustedTsRespBytesWithoutEmbeddedCerts = is.readAllBytes();
     }
@@ -90,7 +93,7 @@ public static void loadResources() throws Exception {
   public static void initTrustRoot() throws Exception {
     var json =
         Resources.toString(
-            Resources.getResource("dev/sigstore/trustroot/trusted_root.json"),
+            Resources.getResource("dev/sigstore/trustroot/staging_trusted_root.json"),
             StandardCharsets.UTF_8);
     var builder = TrustedRoot.newBuilder();
     ProtoJson.parser().merge(json, builder);
@@ -99,69 +102,73 @@ public static void initTrustRoot() throws Exception {
 
     json =
         Resources.toString(
-            Resources.getResource("dev/sigstore/trustroot/trusted_root_with_outdated_tsa.json"),
+            Resources.getResource("dev/sigstore/trustroot/staging_trusted_root_with_one_tsa.json"),
             StandardCharsets.UTF_8);
     builder = TrustedRoot.newBuilder();
     ProtoJson.parser().merge(json, builder);
 
-    trustedRootWithOutdatedTsa = SigstoreTrustedRoot.from(builder.build());
+    trustedRootWithOneTsa = SigstoreTrustedRoot.from(builder.build());
+    trustedRootWithOneTsa = SigstoreTrustedRoot.from(builder.build());
 
     json =
         Resources.toString(
-            Resources.getResource("dev/sigstore/trustroot/trusted_root_with_multiple_tsas.json"),
+            Resources.getResource(
+                "dev/sigstore/trustroot/staging_trusted_root_with_outdated_tsa.json"),
             StandardCharsets.UTF_8);
     builder = TrustedRoot.newBuilder();
     ProtoJson.parser().merge(json, builder);
 
-    trustedRootWithMultipleTsas = SigstoreTrustedRoot.from(builder.build());
+    trustedRootWithOutdatedTsa = SigstoreTrustedRoot.from(builder.build());
+    trustedRootWithOutdatedTsa = SigstoreTrustedRoot.from(builder.build());
   }
 
   @Test
-  public void verify_success_validResponseWithEmbeddedCerts() throws Exception {
+  public void verify_success_validResponseWithEmbeddedCerts_multipleTsas() throws Exception {
     var tsResp =
         ImmutableTimestampResponse.builder().encoded(trustedTsRespBytesWithEmbeddedCerts).build();
     var verifier = TimestampVerifier.newTimestampVerifier(trustedRoot);
 
-    assertDoesNotThrow(() -> verifier.verify(tsResp));
+    assertDoesNotThrow(() -> verifier.verify(tsResp, artifact));
   }
 
   @Test
-  public void verify_success_validResponseWithoutEmbeddedCerts() throws Exception {
+  public void verify_success_validResponseWithoutEmbeddedCerts_multipleTsas() throws Exception {
     var tsResp =
         ImmutableTimestampResponse.builder()
             .encoded(trustedTsRespBytesWithoutEmbeddedCerts)
             .build();
     var verifier = TimestampVerifier.newTimestampVerifier(trustedRoot);
 
-    assertDoesNotThrow(() -> verifier.verify(tsResp));
+    assertDoesNotThrow(() -> verifier.verify(tsResp, artifact));
   }
 
   @Test
-  public void verify_success_validResponseWithEmbeddedCerts_multipleTsas() throws Exception {
+  public void verify_success_validResponseWithEmbeddedCerts_oneTsa() throws Exception {
     var tsResp =
         ImmutableTimestampResponse.builder().encoded(trustedTsRespBytesWithEmbeddedCerts).build();
-    var verifier = TimestampVerifier.newTimestampVerifier(trustedRootWithMultipleTsas);
+    var verifier = TimestampVerifier.newTimestampVerifier(trustedRootWithOneTsa);
 
-    assertDoesNotThrow(() -> verifier.verify(tsResp));
+    assertDoesNotThrow(() -> verifier.verify(tsResp, artifact));
   }
 
   @Test
-  public void verify_success_validResponseWithoutEmbeddedCerts_multipleTsas() throws Exception {
+  public void verify_success_validResponseWithoutEmbeddedCerts_oneTsa() throws Exception {
     var tsResp =
         ImmutableTimestampResponse.builder()
             .encoded(trustedTsRespBytesWithoutEmbeddedCerts)
             .build();
-    var verifier = TimestampVerifier.newTimestampVerifier(trustedRootWithMultipleTsas);
+    var verifier = TimestampVerifier.newTimestampVerifier(trustedRootWithOneTsa);
 
-    assertDoesNotThrow(() -> verifier.verify(tsResp));
+    assertDoesNotThrow(() -> verifier.verify(tsResp, artifact));
   }
 
   @Test
   public void verify_failure_invalidResponse() throws Exception {
     var tsResp = ImmutableTimestampResponse.builder().encoded(invalidTsRespBytes).build();
     var verifier = TimestampVerifier.newTimestampVerifier(trustedRoot);
 
-    var tsve = assertThrows(TimestampVerificationException.class, () -> verifier.verify(tsResp));
+    var tsve =
+        assertThrows(TimestampVerificationException.class, () -> verifier.verify(tsResp, artifact));
     assertEquals("Failed to parse TimeStampResponse", tsve.getMessage());
   }
 
@@ -172,10 +179,13 @@ public void verify_failure_untrustedTsa() throws Exception {
 
     var verifier = TimestampVerifier.newTimestampVerifier(trustedRoot);
 
-    var tsve = assertThrows(TimestampVerificationException.class, () -> verifier.verify(tsResp));
-    assertEquals(
-        "Certificates in token were not verifiable against TSAs\nhttps://timestamp.sigstore.dev (Embedded leaf certificate does not match this trusted TSA's leaf.)",
-        tsve.getMessage());
+    var tsve =
+        assertThrows(TimestampVerificationException.class, () -> verifier.verify(tsResp, artifact));
+    assertTrue(
+        tsve.getMessage().startsWith("Certificates in token were not verifiable against TSAs"));
+    assertTrue(
+        tsve.getMessage()
+            .contains("Embedded leaf certificate does not match this trusted TSA's leaf."));
   }
 
   @Test
@@ -186,9 +196,10 @@ public void verify_failure_outdatedTsa() throws Exception {
 
     var verifier = TimestampVerifier.newTimestampVerifier(trustedRootWithOutdatedTsa);
 
-    var tsve = assertThrows(TimestampVerificationException.class, () -> verifier.verify(tsResp));
+    var tsve =
+        assertThrows(TimestampVerificationException.class, () -> verifier.verify(tsResp, artifact));
     assertEquals(
-        "Certificate was not verifiable against TSAs\nhttps://timestamp.sigstore.dev (Timestamp generation time is not within TSA's validity period.)",
+        "Certificate was not verifiable against TSAs\nhttps://timestamp.sigstage.dev/api/v1/timestamp (Timestamp generation time is not within TSA's validity period.)",
         tsve.getMessage());
   }
 
@@ -205,7 +216,8 @@ public void verify_failure_tsLacksToken() throws Exception {
     var tsResp = ImmutableTimestampResponse.builder().encoded(failResponseBytes).build();
     var verifier = TimestampVerifier.newTimestampVerifier(trustedRoot);
 
-    var tsve = assertThrows(TimestampVerificationException.class, () -> verifier.verify(tsResp));
+    var tsve =
+        assertThrows(TimestampVerificationException.class, () -> verifier.verify(tsResp, artifact));
     assertEquals("No TimeStampToken found in response", tsve.getMessage());
   }
 }
@@ -85,6 +85,26 @@
     }
   ],
   "timestampAuthorities": [
+    {
+      "subject": {
+        "organization": "sigstore.dev",
+        "commonName": "sigstore-tsa-selfsigned"
+      },
+      "uri": "https://timestamp.sigstage.dev/api/v1/timestamp",
+      "certChain": {
+        "certificates": [
+          {
+            "rawBytes": "MIICDzCCAZagAwIBAgIUCjWhBmHV4kFzxomWp/J98n4DfKcwCgYIKoZIzj0EAwMwOTEVMBMGA1UEChMMc2lnc3RvcmUuZGV2MSAwHgYDVQQDExdzaWdzdG9yZS10c2Etc2VsZnNpZ25lZDAeFw0yNTAzMjgwOTE0MDZaFw0zNTAzMjYwODE0MDZaMC4xFTATBgNVBAoTDHNpZ3N0b3JlLmRldjEVMBMGA1UEAxMMc2lnc3RvcmUtdHNhMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEx1v5F3HpD9egHuknpBFlRz7QBRDJu4aeVzt9zJLRY0lvmx1lF7WBM2c9AN8ZGPQsmDqHlJN2R/7+RxLkvlLzkc19IOx38t7mGGEcB7agUDdCF/Ky3RTLSK0Xo/0AgHQdo2owaDAOBgNVHQ8BAf8EBAMCB4AwHQYDVR0OBBYEFKj8ZPYo3i7mO3NPVIxSxOGc3VOlMB8GA1UdIwQYMBaAFDsgRlletTJNRzDObmPuc3RH8gR9MBYGA1UdJQEB/wQMMAoGCCsGAQUFBwMIMAoGCCqGSM49BAMDA2cAMGQCMESvVS6GGtF33+J19TfwENWJXjRv4i0/HQFwLUSkX6TfV7g0nG8VnqNHJLvEpAtOjQIwUD3uywTXorQP1DgbV09rF9Yen+CEqs/iEpieJWPst280SSOZ5Na+dyPVk9/8SFk6"
+          },
+          {
+            "rawBytes": "MIIB9zCCAXygAwIBAgIUCPExEFKiQh0dP4sp5ltmSYSSkFUwCgYIKoZIzj0EAwMwOTEVMBMGA1UEChMMc2lnc3RvcmUuZGV2MSAwHgYDVQQDExdzaWdzdG9yZS10c2Etc2VsZnNpZ25lZDAeFw0yNTAzMjgwOTE0MDZaFw0zNTAzMjYwODE0MDZaMDkxFTATBgNVBAoTDHNpZ3N0b3JlLmRldjEgMB4GA1UEAxMXc2lnc3RvcmUtdHNhLXNlbGZzaWduZWQwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAATt0tIDWyo4ARfL9BaSo0W5bJQEbKJTU/u7llvdjSI5aTkOAJa8tixn2+LEfPG4dMFdsMPtsIuU1qn2OqFiuMk6vHv/c+az25RQVY1oo50iMb0jIL3N4FgwhPFpZnCbQPOjRTBDMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBQ7IEZZXrUyTUcwzm5j7nN0R/IEfTAKBggqhkjOPQQDAwNpADBmAjEA2MI1VXgbf3dUOSc95hSRypBKOab18eh2xzQtxUsHvWeY+1iFgyMluUuNR6taoSmFAjEA31m2czguZhKYX+4JSKu5pRYhBTXAd8KKQ3xdPRX/qCaLvT2qJAEQ1YQM3EJRrtI7"
+          }
+        ]
+      },
+      "validFor": {
+        "start": "2025-04-09T00:00:00Z"
+      }
+    },
     {
       "subject": {
         "organization": "GitHub, Inc.",