Package eu.europa.esig.dss.validation.timestamp

Class TimestampToken

java.lang.Object
eu.europa.esig.dss.model.x509.Token
eu.europa.esig.dss.validation.timestamp.TimestampToken
All Implemented Interfaces:
IdentifierBasedObject, Serializable
Direct Known Subclasses:
PdfTimestampToken
public class TimestampToken extends Token
SignedToken containing a TimeStamp.
See Also:

  • Constructor Details

    • TimestampToken

      public TimestampToken(byte[] binaries, TimestampType type) throws org.bouncycastle.tsp.TSPException, IOException, org.bouncycastle.cms.CMSException
      Default constructor
      Parameters:
      binaries - byte array
      type - TimestampType
      Throws:
      org.bouncycastle.tsp.TSPException - if timestamp creation exception occurs
      IOException - if IOException occurs
      org.bouncycastle.cms.CMSException - if CMS data building exception occurs

    • TimestampToken

      public TimestampToken(byte[] binaries, TimestampType type, List<TimestampedReference> timestampedReferences) throws org.bouncycastle.tsp.TSPException, IOException, org.bouncycastle.cms.CMSException
      Default constructor with timestamped references
      Parameters:
      binaries - byte array
      type - TimestampType
      timestampedReferences - a list of TimestampedReferences
      Throws:
      org.bouncycastle.tsp.TSPException - if timestamp creation exception occurs
      IOException - if IOException occurs
      org.bouncycastle.cms.CMSException - if CMS data building exception occurs

    • TimestampToken

      public TimestampToken(org.bouncycastle.cms.CMSSignedData cms, TimestampType type, List<TimestampedReference> timestampedReferences) throws org.bouncycastle.tsp.TSPException, IOException
      Default constructor with timestamped references
      Parameters:
      cms - CMSSignedData
      type - TimestampType
      timestampedReferences - a list of TimestampedReferences
      Throws:
      org.bouncycastle.tsp.TSPException - if timestamp creation exception occurs
      IOException - if IOException occurs

    • TimestampToken

      public TimestampToken(org.bouncycastle.tsp.TimeStampToken timeStamp, TimestampType type, List<TimestampedReference> timestampedReferences)
      Constructor with an indication of the timestamp type. The default constructor for TimestampToken.
      Parameters:
      timeStamp - TimeStampToken
      type - TimestampType
      timestampedReferences - timestamped references timestamp comes from

  • Method Details

    • getIssuerX500Principal

      public X500Principal getIssuerX500Principal()
      Description copied from class: Token
      Returns the X500Principal of the certificate which was used to sign this token.
      Specified by:
      getIssuerX500Principal in class Token
      Returns:
      the issuer's X500Principal

    • getAbbreviation

      public String getAbbreviation()
      Description copied from class: Token
      This method returns the DSS abbreviation of the token. It is used for debugging purpose.
      Overrides:
      getAbbreviation in class Token
      Returns:
      an abbreviation for the certificate

    • getCertificateSource

      public TimestampCertificateSource getCertificateSource()
      Returns TimestampCertificateSource for the timestamp
      Returns:
      TimestampCertificateSource

    • getCRLSource

      public TimestampCRLSource getCRLSource()
      Returns TimestampCRLSource for the timestamp
      Returns:
      TimestampCRLSource

    • getOCSPSource

      public TimestampOCSPSource getOCSPSource()
      Returns TimestampOCSPSource for the timestamp
      Returns:
      TimestampOCSPSource

    • isSignatureValid

      @Deprecated public boolean isSignatureValid()
      Deprecated.
      since DSS 5.12. Use #isValid method instead.
      Indicated if the signature is intact and the message-imprint matches the computed message-imprint. NOTE: The method isSignedBy(CertificateToken) must be called before calling the method. See TimestampToken.isSignatureIntact() for more details
      Returns:
      TRUE if the signature is cryptographically intact and message-imprint matches, FALSE otherwise

    • isValid

      public boolean isValid()
      Indicated if the signature is intact and the message-imprint matches the computed message-imprint. NOTE: The method isSignedBy(CertificateToken) must be called before calling the method. See TimestampToken.isSignatureIntact() for more details
      Overrides:
      isValid in class Token
      Returns:
      TRUE if the signature is cryptographically intact and message-imprint matches, FALSE otherwise

    • isSignedBy

      public boolean isSignedBy(CertificateToken certificateToken)
      Checks if the timestamp token is signed by the given publicKey
      Overrides:
      isSignedBy in class Token
      Parameters:
      certificateToken - the candidate to be tested
      Returns:
      true if this token is signed by the given public key

    • isSignedBy

      public boolean isSignedBy(PublicKey publicKey)
      Description copied from class: Token
      Checks if the OCSP token is signed by the given publicKey
      Overrides:
      isSignedBy in class Token
      Parameters:
      publicKey - the candidate to be tested
      Returns:
      true if this token is signed by the given public key

    • checkIsSignedBy

      protected SignatureValidity checkIsSignedBy(CertificateToken candidate)
      Checks if timestamp is signed by teh given certificate
      Parameters:
      candidate - CertificateToken
      Returns:
      SignatureValidity

    • checkIsSignedBy

      protected SignatureValidity checkIsSignedBy(PublicKey publicKey)
      Description copied from class: Token
      Verifies if the current token has been signed by the specified publicKey
      Specified by:
      checkIsSignedBy in class Token
      Parameters:
      publicKey - PublicKey of a signing candidate
      Returns:
      SignatureValidity

    • matchData

      public boolean matchData(DSSDocument timestampedData)
      Checks if the TimeStampToken matches the signed data.
      Parameters:
      timestampedData - a DSSDocument representing the timestamped data
      Returns:
      true if the data is verified by the TimeStampToken

    • matchData

      public boolean matchData(DSSDocument timestampedData, boolean suppressMatchWarnings)
      Checks if the TimeStampToken matches the signed data.
      Parameters:
      timestampedData - a DSSDocument representing the timestamped data
      suppressMatchWarnings - if true the message imprint match warning logs are suppressed.
      Returns:
      true if the data is verified by the TimeStampToken

    • matchData

      public boolean matchData(DSSMessageDigest messageDigest)
      Checks if the TimeStampToken matches the message-imprint digest with warning enabled.
      Parameters:
      messageDigest - DSSMessageDigest representing the message-imprint digest
      Returns:
      true if the data is verified by the TimeStampToken

    • matchData

      public boolean matchData(DSSMessageDigest messageDigest, boolean suppressMatchWarnings)
      Checks if the TimeStampToken matches the message-imprint digest.
      Parameters:
      messageDigest - DSSMessageDigest representing the message-imprint digest
      suppressMatchWarnings - if true the message imprint match warning logs are suppressed.
      Returns:
      true if the data is verified by the TimeStampToken

    • matchData

      public boolean matchData(byte[] expectedMessageImprintDigest)
      Checks if the TimeStampToken matches the signed data.
      Parameters:
      expectedMessageImprintDigest - the expected message-imprint digest value
      Returns:
      true if the data is verified by the TimeStampToken

    • matchData

      public boolean matchData(byte[] expectedMessageImprintDigest, boolean suppressMatchWarnings)
      Checks if the TimeStampToken matches the signed data.
      Parameters:
      expectedMessageImprintDigest - the expected message-imprint digest value
      suppressMatchWarnings - if true the message imprint match warning logs are suppressed.
      Returns:
      true if the data is verified by the TimeStampToken

    • isProcessed

      public boolean isProcessed()
      Checks if the timestamp's signature has been validated
      Returns:
      TRUE if the timestamp's signature has been validated, FALSE otherwise

    • getTimeStampType

      public TimestampType getTimeStampType()
      Retrieves the type of the timestamp token.
      Returns:
      TimestampType

    • getGenerationTime

      public Date getGenerationTime()
      Retrieves the timestamp generation time.
      Returns:
      Date

    • getCreationDate

      public Date getCreationDate()
      Description copied from class: Token
      Returns the creation date of this token. This date is mainly used to retrieve the correct issuer within a collection of renewed certificates (new certificate with the same key pair).
      Specified by:
      getCreationDate in class Token
      Returns:
      the creation date of the token (notBefore for a certificate, productionDate for revocation data,...)

    • getMessageImprint

      public Digest getMessageImprint()
      This method returns the embedded message-imprint value
      Returns:
      a Digest DTO with the algorithm and the value

    • getDigestAlgorithm

      public DigestAlgorithm getDigestAlgorithm()
      This method returns a DigestAlgorithm used for message-imprint computation of the timestamp token
      Returns:
      DigestAlgorithm

    • isMessageImprintDataFound

      public boolean isMessageImprintDataFound()
      Checks if the data for message-imprint computation has been found
      Returns:
      true if the message imprint data was found, false otherwise

    • isMessageImprintDataIntact

      public boolean isMessageImprintDataIntact()
      The method matchData must be invoked previously.
      Returns:
      true if the message imprint data is intact, false otherwise

    • getFileName

      public String getFileName()
      This method returns the file name of a detached timestamp
      Returns:
      String

    • setFileName

      public void setFileName(String fileName)
      Sets the filename of a detached timestamp
      Parameters:
      fileName - String

    • getManifestFile

      public ManifestFile getManifestFile()
      This method returns the covered manifest file NOTE: applicable only for ASiC-E CAdES
      Returns:
      ManifestFile

    • setManifestFile

      public void setManifestFile(ManifestFile manifestFile)
      Sets the manifest file covered by the current timestamp NOTE: applicable only for ASiC-E CAdES
      Parameters:
      manifestFile - ManifestFile

    • getTimestampedReferences

      public List<TimestampedReference> getTimestampedReferences()
      Gets list of TimestampedReferences covered by the current timestamp
      Returns:
      List of TimestampReferences

    • getArchiveTimestampType

      public ArchiveTimestampType getArchiveTimestampType()
      Gets the ArchiveTimestampType, when applicable
      Returns:
      ArchiveTimestampType in the case of an archive timestamp, null otherwise

    • setArchiveTimestampType

      public void setArchiveTimestampType(ArchiveTimestampType archiveTimestampType)
      Archive timestamps can be of different sub type.
      Parameters:
      archiveTimestampType - ArchiveTimestampType

    • getCanonicalizationMethod

      public String getCanonicalizationMethod()
      Applies only from XAdES timestamps
      Returns:
      String representing the canonicalization method used by the timestamp

    • setCanonicalizationMethod

      public void setCanonicalizationMethod(String canonicalizationMethod)
      Allows to set the canonicalization method used by the timestamp. Applies only with XAdES timestamps.
      Parameters:
      canonicalizationMethod - String representing the canonicalization method

    • getEncoded

      public byte[] getEncoded()
      Description copied from class: Token
      Returns the encoded form of the wrapped token.
      Specified by:
      getEncoded in class Token
      Returns:
      the encoded form of the wrapped token

    • getTimestampIncludes

      public List<TimestampInclude> getTimestampIncludes()
      Returns the covered references by the current timestamp (XAdES IndividualDataObjectsTimeStamp)
      Returns:
      a list of timestamp's includes

    • setTimestampIncludes

      public void setTimestampIncludes(List<TimestampInclude> timestampIncludes)
      Sets the covered references by the current timestamp (XAdES IndividualDataObjectsTimeStamp)
      Parameters:
      timestampIncludes - a list of timestamp's includes

    • getTimestampScopes

      public List<SignatureScope> getTimestampScopes()
      Returns the scope of the current timestamp (detached timestamps only)
      Returns:
      a list of SignatureScope

    • setTimestampScopes

      public void setTimestampScopes(List<SignatureScope> timestampScopes)
      Sets timestamp's signature scopes
      Parameters:
      timestampScopes - a list of SignatureScopes

    • getCertificates

      public List<CertificateToken> getCertificates()
      Returns the list of wrapped certificates.
      Returns:
      List of CertificateToken

    • getCertificateRefs

      public Set<CertificateRef> getCertificateRefs()
      Returns the Set of contained certificate references.
      Returns:
      Set of CertificateRef

    • getUnsignedAttributes

      public org.bouncycastle.asn1.cms.AttributeTable getUnsignedAttributes()
      Gets unsigned attribute table
      Returns:
      AttributeTable

    • getTSTInfoTsa

      public X500Principal getTSTInfoTsa()
      Returns a TSTInfo.tsa attribute identifying the timestamp issuer, when attribute is present
      Returns:
      GeneralName

    • getTimeStamp

      public org.bouncycastle.tsp.TimeStampToken getTimeStamp()
      Gets BouncyCastle implementation of a TimestampToken
      Returns:
      TimeStampToken

    • getTimestampAttribute

      public SignatureAttribute getTimestampAttribute()
      Gets the timestamp's element attribute (XAdES, JAdES)
      Returns:
      SignatureAttribute

    • setTimestampAttribute

      public void setTimestampAttribute(SignatureAttribute attribute)
      Sets the timestamp's element attribute (XAdES, JAdES)
      Parameters:
      attribute - SignatureAttribute

    • toString

      public String toString(String indentStr)
      Description copied from class: Token
      Returns a string representation of the token.
      Specified by:
      toString in class Token
      Parameters:
      indentStr - the indentation to use
      Returns:
      string representation of the token

    • getSignerInformationStoreInfos

      public Set<SignerIdentifier> getSignerInformationStoreInfos()
      Returns a list of found CertificateIdentifier in the SignerInformationStore
      Returns:
      a list of SignerIdentifiers

    • getCandidatesForSigningCertificate

      public CandidatesForSigningCertificate getCandidatesForSigningCertificate()
      Returns an object with signing candidates
      Returns:
      CandidatesForSigningCertificate

    • getSignerInformation

      public org.bouncycastle.cms.SignerInformation getSignerInformation()
      Returns used signer information from CMS Signed Data object
      Returns:
      SignerInformation

    • buildTokenIdentifier

      protected TokenIdentifier buildTokenIdentifier()
      Description copied from class: Token
      Builds a token unique identifier
      Specified by:
      buildTokenIdentifier in class Token
      Returns:
      TokenIdentifier