Package eu.europa.esig.dss.spi.x509.tsp
Class TimestampToken
java.lang.Object
eu.europa.esig.dss.model.x509.Token
eu.europa.esig.dss.spi.x509.tsp.TimestampToken
- All Implemented Interfaces:
IdentifierBasedObject,Serializable
- Direct Known Subclasses:
PdfTimestampToken
SignedToken containing a TimeStamp.
- See Also:
-
Field Summary
Fields inherited from class eu.europa.esig.dss.model.x509.Token
publicKeyOfTheSigner, signatureAlgorithm, signatureInvalidityReason, signatureValidity -
Constructor Summary
ConstructorsConstructorDescriptionTimestampToken(byte[] binaries, TimestampType type) Default constructorTimestampToken(byte[] binaries, TimestampType type, List<TimestampedReference> timestampedReferences) Default constructor with timestamped referencesTimestampToken(byte[] binaries, TimestampType type, List<TimestampedReference> timestampedReferences, TimestampIdentifierBuilder identifierBuilder) Default constructor with timestamped references and identifier builderTimestampToken(org.bouncycastle.cms.CMSSignedData cms, TimestampType type, List<TimestampedReference> timestampedReferences) Constructor from CMS with timestamped referencesTimestampToken(org.bouncycastle.cms.CMSSignedData cms, TimestampType type, List<TimestampedReference> timestampedReferences, TimestampIdentifierBuilder identifierBuilder) Constructor from CMS with timestamped references and identifier builderTimestampToken(org.bouncycastle.tsp.TimeStampToken timeStamp, TimestampType type, List<TimestampedReference> timestampedReferences) Constructor with an indication of the timestamp type and time-stamped references.TimestampToken(org.bouncycastle.tsp.TimeStampToken timeStamp, TimestampType type, List<TimestampedReference> timestampedReferences, TimestampIdentifierBuilder identifierBuilder) Constructor with an indication of the timestamp type, time-stamped references and an identifier builder. -
Method Summary
Modifier and TypeMethodDescriptionvoidaddDetachedEvidenceRecord(EvidenceRecord evidenceRecord) Adds an evidence record to the time-stamp's listprotected booleanThis method verifies whether the corresponding reference validations are validprotected TokenIdentifierBuilds a token unique identifierprotected SignatureValiditycheckIsSignedBy(CertificateToken candidate) Checks if timestamp is signed by teh given certificateprotected SignatureValiditycheckIsSignedBy(PublicKey publicKey) Verifies if the current token has been signed by the specified publicKeyThis method returns the DSS abbreviation of the token.Gets theArchiveTimestampType, when applicableReturns an object with signing candidatesApplies only from XAdES timestampsReturns the Set of contained certificate references.Returns the list of wrapped certificates.ReturnsTimestampCertificateSourcefor the timestampReturns the creation date of this token.ReturnsTimestampCRLSourcefor the timestampGets a list of detached evidence records covering the time-stamp, when applicablebyte[]getDigest(DigestAlgorithm digestAlgorithm) Returns the digest value of the wrapped tokenThis method returns aDigestAlgorithmused for message-imprint computation of the timestamp tokenbyte[]Returns the encoded form of the wrapped token.Gets theEvidenceRecordTimestampType, when applicableThis method returns the file name of a detached timestampRetrieves the timestamp generation time.Returns theX500Principalof the certificate which was used to sign this token.This method returns the covered manifest file NOTE: applicable only for ASiC-E CAdESThis method returns the embedded message-imprint valueReturnsTimestampOCSPSourcefor the timestampReturns a list of timestamped data reference validations (used for Evidence Record timestamps)org.bouncycastle.cms.SignerInformationReturns used signer information from CMS Signed Data objectReturns a list of found CertificateIdentifier in the SignerInformationStoreorg.bouncycastle.tsp.TimeStampTokenGets BouncyCastle implementation of a TimestampTokenGets list ofTimestampedReferences covered by the current timestampprotected TimestampIdentifierBuilderReturns aTimestampTokenIdentifierBuilderimplementationReturns the covered references by the current timestamp (XAdES IndividualDataObjectsTimeStamp)Returns the scope of the current timestamp (detached timestamps only)Retrieves the type of the timestamp token.Returns a TSTInfo.tsa attribute identifying the timestamp issuer, when attribute is presentorg.bouncycastle.asn1.cms.AttributeTableGets unsigned attribute tablebooleanChecks if the data for message-imprint computation has been foundbooleanThe methodmatchDatamust be invoked previously.booleanChecks if the timestamp's signature has been validatedbooleanisSignedBy(CertificateToken certificateToken) Checks if the timestamp token is signed by the given publicKeybooleanisSignedBy(PublicKey publicKey) Checks if the OCSP token is signed by the given publicKeybooleanisValid()Indicated if the signature is intact and the message-imprint matches the computed message-imprint.booleanmatchData(byte[] expectedMessageImprintDigest) Checks if theTimeStampTokenmatches the signed data.booleanmatchData(byte[] expectedMessageImprintDigest, boolean suppressMatchWarnings) Checks if theTimeStampTokenmatches the signed data.booleanmatchData(DSSDocument timestampedData) Checks if theTimeStampTokenmatches the signed data.booleanmatchData(DSSDocument timestampedData, boolean suppressMatchWarnings) Checks if theTimeStampTokenmatches the signed data.booleanmatchData(DSSMessageDigest messageDigest) Checks if theTimeStampTokenmatches the message-imprint digest with warning enabled.booleanmatchData(DSSMessageDigest messageDigest, boolean suppressMatchWarnings) Checks if theTimeStampTokenmatches the message-imprint digest.voidsetArchiveTimestampType(ArchiveTimestampType archiveTimestampType) Archive timestamps can be of different subtype.voidsetCanonicalizationMethod(String canonicalizationMethod) Allows to set the canonicalization method used by the timestamp.voidsetEvidenceRecordTimestampType(EvidenceRecordTimestampType evidenceRecordTimestampType) Sets theEvidenceRecordTimestampType, for an evidence record's time-stampvoidsetFileName(String fileName) Sets the filename of a detached timestampvoidsetManifestFile(ManifestFile manifestFile) Sets the manifest file covered by the current timestamp NOTE: applicable only for ASiC-E CAdESvoidsetReferenceValidations(List<ReferenceValidation> referenceValidations) Sets a list of timestamped data reference validations (used for Evidence Record timestamps)voidsetTimestampIncludes(List<TimestampInclude> timestampIncludes) Sets the covered references by the current timestamp (XAdES IndividualDataObjectsTimeStamp)voidsetTimestampScopes(List<SignatureScope> timestampScopes) Sets timestamp's signature scopesReturns a string representation of the token.Methods inherited from class eu.europa.esig.dss.model.x509.Token
equals, getDSSId, getDSSIdAsString, getInvalidityReason, getPublicKeyOfTheSigner, getSignatureAlgorithm, getSignatureValidity, hashCode, isSelfSigned, isSignatureIntact, toString
-
Constructor Details
-
TimestampToken
public TimestampToken(byte[] binaries, TimestampType type) throws org.bouncycastle.tsp.TSPException, IOException, org.bouncycastle.cms.CMSException Default constructor- Parameters:
binaries- byte arraytype-TimestampType- Throws:
org.bouncycastle.tsp.TSPException- if timestamp creation exception occursIOException- if IOException occursorg.bouncycastle.cms.CMSException- if CMS data building exception occurs
-
TimestampToken
public TimestampToken(byte[] binaries, TimestampType type, List<TimestampedReference> timestampedReferences) throws org.bouncycastle.tsp.TSPException, IOException, org.bouncycastle.cms.CMSException Default constructor with timestamped references- Parameters:
binaries- byte arraytype-TimestampTypetimestampedReferences- a list ofTimestampedReferences- Throws:
org.bouncycastle.tsp.TSPException- if timestamp creation exception occursIOException- if IOException occursorg.bouncycastle.cms.CMSException- if CMS data building exception occurs
-
TimestampToken
public TimestampToken(byte[] binaries, TimestampType type, List<TimestampedReference> timestampedReferences, TimestampIdentifierBuilder identifierBuilder) throws org.bouncycastle.tsp.TSPException, IOException, org.bouncycastle.cms.CMSException Default constructor with timestamped references and identifier builder- Parameters:
binaries- byte arraytype-TimestampTypetimestampedReferences- a list ofTimestampedReferencesidentifierBuilder-TimestampIdentifierBuilder- Throws:
org.bouncycastle.tsp.TSPException- if timestamp creation exception occursIOException- if IOException occursorg.bouncycastle.cms.CMSException- if CMS data building exception occurs
-
TimestampToken
public TimestampToken(org.bouncycastle.cms.CMSSignedData cms, TimestampType type, List<TimestampedReference> timestampedReferences) throws org.bouncycastle.tsp.TSPException, IOException Constructor from CMS with timestamped references- Parameters:
cms-CMSSignedDatatype-TimestampTypetimestampedReferences- a list ofTimestampedReferences- Throws:
org.bouncycastle.tsp.TSPException- if timestamp creation exception occursIOException- if IOException occurs
-
TimestampToken
public TimestampToken(org.bouncycastle.cms.CMSSignedData cms, TimestampType type, List<TimestampedReference> timestampedReferences, TimestampIdentifierBuilder identifierBuilder) throws org.bouncycastle.tsp.TSPException, IOException Constructor from CMS with timestamped references and identifier builder- Parameters:
cms-CMSSignedDatatype-TimestampTypetimestampedReferences- a list ofTimestampedReferencesidentifierBuilder-TimestampIdentifierBuilder- Throws:
org.bouncycastle.tsp.TSPException- if timestamp creation exception occursIOException- if IOException occurs
-
TimestampToken
public TimestampToken(org.bouncycastle.tsp.TimeStampToken timeStamp, TimestampType type, List<TimestampedReference> timestampedReferences) Constructor with an indication of the timestamp type and time-stamped references. The default constructor forTimestampToken. Builds an implementation independent identifier.- Parameters:
timeStamp-TimeStampTokentype-TimestampTypetimestampedReferences- timestamped references timestamp comes from
-
TimestampToken
public TimestampToken(org.bouncycastle.tsp.TimeStampToken timeStamp, TimestampType type, List<TimestampedReference> timestampedReferences, TimestampIdentifierBuilder identifierBuilder) Constructor with an indication of the timestamp type, time-stamped references and an identifier builder.- Parameters:
timeStamp-TimeStampTokentype-TimestampTypetimestampedReferences- timestamped references timestamp comes fromidentifierBuilder-TimestampIdentifierBuilder
-
-
Method Details
-
getIssuerX500Principal
Description copied from class:TokenReturns theX500Principalof the certificate which was used to sign this token.- Specified by:
getIssuerX500Principalin classToken- Returns:
- the issuer's
X500Principal
-
getAbbreviation
Description copied from class:TokenThis method returns the DSS abbreviation of the token. It is used for debugging purpose.- Overrides:
getAbbreviationin classToken- Returns:
- an abbreviation for the certificate
-
getCertificateSource
ReturnsTimestampCertificateSourcefor the timestamp- Returns:
TimestampCertificateSource
-
getCRLSource
ReturnsTimestampCRLSourcefor the timestamp- Returns:
TimestampCRLSource
-
getOCSPSource
ReturnsTimestampOCSPSourcefor the timestamp- Returns:
TimestampOCSPSource
-
isValid
public boolean isValid()Indicated if the signature is intact and the message-imprint matches the computed message-imprint. NOTE: The method isSignedBy(CertificateToken) must be called before calling the method. SeeTimestampToken.isSignatureIntact()for more details -
isSignedBy
Checks if the timestamp token is signed by the given publicKey- Overrides:
isSignedByin classToken- Parameters:
certificateToken- the candidate to be tested- Returns:
- true if this token is signed by the given public key
-
isSignedBy
Description copied from class:TokenChecks if the OCSP token is signed by the given publicKey- Overrides:
isSignedByin classToken- Parameters:
publicKey- the candidate to be tested- Returns:
- true if this token is signed by the given public key
-
checkIsSignedBy
Checks if timestamp is signed by teh given certificate- Parameters:
candidate-CertificateToken- Returns:
SignatureValidity
-
checkIsSignedBy
Description copied from class:TokenVerifies if the current token has been signed by the specified publicKey- Specified by:
checkIsSignedByin classToken- Parameters:
publicKey-PublicKeyof a signing candidate- Returns:
SignatureValidity
-
matchData
Checks if theTimeStampTokenmatches the signed data.- Parameters:
timestampedData- aDSSDocumentrepresenting the timestamped data- Returns:
- true if the data is verified by the TimeStampToken
-
matchData
Checks if theTimeStampTokenmatches the signed data.- Parameters:
timestampedData- aDSSDocumentrepresenting the timestamped datasuppressMatchWarnings- if true the message imprint match warning logs are suppressed.- Returns:
- true if the data is verified by the TimeStampToken
-
matchData
Checks if theTimeStampTokenmatches the message-imprint digest with warning enabled.- Parameters:
messageDigest-DSSMessageDigestrepresenting the message-imprint digest- Returns:
- true if the data is verified by the TimeStampToken
-
matchData
Checks if theTimeStampTokenmatches the message-imprint digest.- Parameters:
messageDigest-DSSMessageDigestrepresenting the message-imprint digestsuppressMatchWarnings- if true the message imprint match warning logs are suppressed.- Returns:
- true if the data is verified by the TimeStampToken
-
matchData
public boolean matchData(byte[] expectedMessageImprintDigest) Checks if theTimeStampTokenmatches the signed data.- Parameters:
expectedMessageImprintDigest- the expected message-imprint digest value- Returns:
- true if the data is verified by the TimeStampToken
-
matchData
public boolean matchData(byte[] expectedMessageImprintDigest, boolean suppressMatchWarnings) Checks if theTimeStampTokenmatches the signed data.- Parameters:
expectedMessageImprintDigest- the expected message-imprint digest valuesuppressMatchWarnings- if true the message imprint match warning logs are suppressed.- Returns:
- true if the data is verified by the TimeStampToken
-
isProcessed
public boolean isProcessed()Checks if the timestamp's signature has been validated- Returns:
- TRUE if the timestamp's signature has been validated, FALSE otherwise
-
getTimeStampType
Retrieves the type of the timestamp token.- Returns:
TimestampType
-
getGenerationTime
-
getCreationDate
Description copied from class:TokenReturns the creation date of this token. This date is mainly used to retrieve the correct issuer within a collection of renewed certificates (new certificate with the same key pair).- Specified by:
getCreationDatein classToken- Returns:
- the creation date of the token (notBefore for a certificate, productionDate for revocation data,...)
-
getMessageImprint
This method returns the embedded message-imprint value- Returns:
- a Digest DTO with the algorithm and the value
-
getDigestAlgorithm
This method returns aDigestAlgorithmused for message-imprint computation of the timestamp token- Returns:
DigestAlgorithm
-
isMessageImprintDataFound
public boolean isMessageImprintDataFound()Checks if the data for message-imprint computation has been found- Returns:
- true if the message imprint data was found, false otherwise
-
isMessageImprintDataIntact
public boolean isMessageImprintDataIntact()The methodmatchDatamust be invoked previously.- Returns:
- true if the message imprint data is intact, false otherwise
-
getFileName
-
setFileName
-
getManifestFile
This method returns the covered manifest file NOTE: applicable only for ASiC-E CAdES- Returns:
ManifestFile
-
setManifestFile
Sets the manifest file covered by the current timestamp NOTE: applicable only for ASiC-E CAdES- Parameters:
manifestFile-ManifestFile
-
getTimestampedReferences
Gets list ofTimestampedReferences covered by the current timestamp- Returns:
ListofTimestampReferences
-
getArchiveTimestampType
Gets theArchiveTimestampType, when applicable- Returns:
ArchiveTimestampTypein the case of an archive timestamp,nullotherwise
-
setArchiveTimestampType
Archive timestamps can be of different subtype.- Parameters:
archiveTimestampType-ArchiveTimestampType
-
getEvidenceRecordTimestampType
Gets theEvidenceRecordTimestampType, when applicable- Returns:
EvidenceRecordTimestampTypein the case of an evidence record archive time-stamp, null otherwise
-
setEvidenceRecordTimestampType
Sets theEvidenceRecordTimestampType, for an evidence record's time-stamp- Parameters:
evidenceRecordTimestampType-EvidenceRecordTimestampType
-
getCanonicalizationMethod
Applies only from XAdES timestamps- Returns:
Stringrepresenting the canonicalization method used by the timestamp
-
setCanonicalizationMethod
Allows to set the canonicalization method used by the timestamp. Applies only with XAdES timestamps.- Parameters:
canonicalizationMethod-Stringrepresenting the canonicalization method
-
getEncoded
public byte[] getEncoded()Description copied from class:TokenReturns the encoded form of the wrapped token.- Specified by:
getEncodedin classToken- Returns:
- the encoded form of the wrapped token
-
getTimestampIncludes
Returns the covered references by the current timestamp (XAdES IndividualDataObjectsTimeStamp)- Returns:
- a list of timestamp's includes
-
setTimestampIncludes
Sets the covered references by the current timestamp (XAdES IndividualDataObjectsTimeStamp)- Parameters:
timestampIncludes- a list of timestamp's includes
-
getReferenceValidations
Returns a list of timestamped data reference validations (used for Evidence Record timestamps)- Returns:
- a list of
ReferenceValidations
-
setReferenceValidations
Sets a list of timestamped data reference validations (used for Evidence Record timestamps)- Parameters:
referenceValidations- a list ofReferenceValidations
-
areReferenceValidationsValid
protected boolean areReferenceValidationsValid()This method verifies whether the corresponding reference validations are valid- Returns:
- TRUE if all reference validations are valid, FALSE otherwise
-
getDetachedEvidenceRecords
Gets a list of detached evidence records covering the time-stamp, when applicable- Returns:
- a list of
EvidenceRecords
-
addDetachedEvidenceRecord
Adds an evidence record to the time-stamp's list- Parameters:
evidenceRecord-EvidenceRecord
-
getTimestampScopes
Returns the scope of the current timestamp (detached timestamps only)- Returns:
- a list of SignatureScope
-
setTimestampScopes
Sets timestamp's signature scopes- Parameters:
timestampScopes- a list ofSignatureScopes
-
getCertificates
Returns the list of wrapped certificates.- Returns:
ListofCertificateToken
-
getCertificateRefs
Returns the Set of contained certificate references.- Returns:
SetofCertificateRef
-
getUnsignedAttributes
public org.bouncycastle.asn1.cms.AttributeTable getUnsignedAttributes()Gets unsigned attribute table- Returns:
AttributeTable
-
getTSTInfoTsa
Returns a TSTInfo.tsa attribute identifying the timestamp issuer, when attribute is present- Returns:
GeneralName
-
getTimeStamp
public org.bouncycastle.tsp.TimeStampToken getTimeStamp()Gets BouncyCastle implementation of a TimestampToken- Returns:
TimeStampToken
-
toString
-
getSignerInformationStoreInfos
Returns a list of found CertificateIdentifier in the SignerInformationStore- Returns:
- a list of
SignerIdentifiers
-
getCandidatesForSigningCertificate
Returns an object with signing candidates- Returns:
CandidatesForSigningCertificate
-
getSignerInformation
public org.bouncycastle.cms.SignerInformation getSignerInformation()Returns used signer information from CMS Signed Data object- Returns:
SignerInformation
-
buildTokenIdentifier
Description copied from class:TokenBuilds a token unique identifier- Specified by:
buildTokenIdentifierin classToken- Returns:
TokenIdentifier
-
getTimestampIdentifierBuilder
Returns aTimestampTokenIdentifierBuilderimplementation- Returns:
TimestampIdentifierBuilder
-
getDigest
Description copied from class:TokenReturns the digest value of the wrapped token
-