Module jpms_dss_spi
Package eu.europa.esig.dss.spi.x509.tsp

Class TimestampToken

java.lang.Object
eu.europa.esig.dss.model.x509.Token
eu.europa.esig.dss.spi.x509.tsp.TimestampToken
All Implemented Interfaces:
eu.europa.esig.dss.model.identifier.IdentifierBasedObject, Serializable
public class TimestampToken extends eu.europa.esig.dss.model.x509.Token
SignedToken containing a TimeStamp.
See Also:

  • Constructor Details

    • TimestampToken

      public TimestampToken(byte[] binaries, eu.europa.esig.dss.enumerations.TimestampType type) throws org.bouncycastle.tsp.TSPException, IOException, org.bouncycastle.cms.CMSException
      Default constructor
      Parameters:
      binaries - byte array
      type - TimestampType
      Throws:
      org.bouncycastle.tsp.TSPException - if timestamp creation exception occurs
      IOException - if IOException occurs
      org.bouncycastle.cms.CMSException - if CMS data building exception occurs

    • TimestampToken

      public TimestampToken(byte[] binaries, eu.europa.esig.dss.enumerations.TimestampType type, List<TimestampedReference> timestampedReferences) throws org.bouncycastle.tsp.TSPException, IOException, org.bouncycastle.cms.CMSException
      Default constructor with timestamped references
      Parameters:
      binaries - byte array
      type - TimestampType
      timestampedReferences - a list of TimestampedReferences
      Throws:
      org.bouncycastle.tsp.TSPException - if timestamp creation exception occurs
      IOException - if IOException occurs
      org.bouncycastle.cms.CMSException - if CMS data building exception occurs

    • TimestampToken

      public TimestampToken(byte[] binaries, eu.europa.esig.dss.enumerations.TimestampType type, List<TimestampedReference> timestampedReferences, TimestampIdentifierBuilder identifierBuilder) throws org.bouncycastle.tsp.TSPException, IOException, org.bouncycastle.cms.CMSException
      Default constructor with timestamped references and identifier builder
      Parameters:
      binaries - byte array
      type - TimestampType
      timestampedReferences - a list of TimestampedReferences
      identifierBuilder - TimestampIdentifierBuilder
      Throws:
      org.bouncycastle.tsp.TSPException - if timestamp creation exception occurs
      IOException - if IOException occurs
      org.bouncycastle.cms.CMSException - if CMS data building exception occurs

    • TimestampToken

      public TimestampToken(org.bouncycastle.cms.CMSSignedData cms, eu.europa.esig.dss.enumerations.TimestampType type, List<TimestampedReference> timestampedReferences) throws org.bouncycastle.tsp.TSPException, IOException
      Constructor from CMS with timestamped references
      Parameters:
      cms - CMSSignedData
      type - TimestampType
      timestampedReferences - a list of TimestampedReferences
      Throws:
      org.bouncycastle.tsp.TSPException - if timestamp creation exception occurs
      IOException - if IOException occurs

    • TimestampToken

      public TimestampToken(org.bouncycastle.cms.CMSSignedData cms, eu.europa.esig.dss.enumerations.TimestampType type, List<TimestampedReference> timestampedReferences, TimestampIdentifierBuilder identifierBuilder) throws org.bouncycastle.tsp.TSPException, IOException
      Constructor from CMS with timestamped references and identifier builder
      Parameters:
      cms - CMSSignedData
      type - TimestampType
      timestampedReferences - a list of TimestampedReferences
      identifierBuilder - TimestampIdentifierBuilder
      Throws:
      org.bouncycastle.tsp.TSPException - if timestamp creation exception occurs
      IOException - if IOException occurs

    • TimestampToken

      public TimestampToken(org.bouncycastle.tsp.TimeStampToken timeStamp, eu.europa.esig.dss.enumerations.TimestampType type, List<TimestampedReference> timestampedReferences)
      Constructor with an indication of the timestamp type and time-stamped references. The default constructor for TimestampToken. Builds an implementation independent identifier.
      Parameters:
      timeStamp - TimeStampToken
      type - TimestampType
      timestampedReferences - timestamped references timestamp comes from

    • TimestampToken

      public TimestampToken(org.bouncycastle.tsp.TimeStampToken timeStamp, eu.europa.esig.dss.enumerations.TimestampType type, List<TimestampedReference> timestampedReferences, TimestampIdentifierBuilder identifierBuilder)
      Constructor with an indication of the timestamp type, time-stamped references and an identifier builder.
      Parameters:
      timeStamp - TimeStampToken
      type - TimestampType
      timestampedReferences - timestamped references timestamp comes from
      identifierBuilder - TimestampIdentifierBuilder

  • Method Details

    • getIssuerX500Principal

      public X500Principal getIssuerX500Principal()
      Specified by:
      getIssuerX500Principal in class eu.europa.esig.dss.model.x509.Token

    • getAbbreviation

      public String getAbbreviation()
      Overrides:
      getAbbreviation in class eu.europa.esig.dss.model.x509.Token

    • getCertificateSource

      public TimestampCertificateSource getCertificateSource()
      Returns TimestampCertificateSource for the timestamp
      Returns:
      TimestampCertificateSource

    • getCRLSource

      public TimestampCRLSource getCRLSource()
      Returns TimestampCRLSource for the timestamp
      Returns:
      TimestampCRLSource

    • getOCSPSource

      public TimestampOCSPSource getOCSPSource()
      Returns TimestampOCSPSource for the timestamp
      Returns:
      TimestampOCSPSource

    • isValid

      public boolean isValid()
      Indicated if the signature is intact and the message-imprint matches the computed message-imprint.

      NOTE: The method isSignedBy(CertificateToken) must be called before calling the method. See TimestampToken.isSignatureIntact() for more details

      Overrides:
      isValid in class eu.europa.esig.dss.model.x509.Token
      Returns:
      TRUE if the signature is cryptographically intact and message-imprint matches, FALSE otherwise

    • isSignedBy

      public boolean isSignedBy(eu.europa.esig.dss.model.x509.CertificateToken certificateToken)
      Checks if the timestamp token is signed by the given publicKey
      Overrides:
      isSignedBy in class eu.europa.esig.dss.model.x509.Token
      Parameters:
      certificateToken - the candidate to be tested
      Returns:
      true if this token is signed by the given public key

    • isSignedBy

      public boolean isSignedBy(PublicKey publicKey)
      Overrides:
      isSignedBy in class eu.europa.esig.dss.model.x509.Token

    • checkIsSignedBy

      protected eu.europa.esig.dss.enumerations.SignatureValidity checkIsSignedBy(eu.europa.esig.dss.model.x509.CertificateToken candidate)
      Checks if timestamp is signed by teh given certificate
      Parameters:
      candidate - CertificateToken
      Returns:
      SignatureValidity

    • checkIsSignedBy

      protected eu.europa.esig.dss.enumerations.SignatureValidity checkIsSignedBy(PublicKey publicKey)
      Specified by:
      checkIsSignedBy in class eu.europa.esig.dss.model.x509.Token

    • matchData

      public boolean matchData(eu.europa.esig.dss.model.DSSDocument timestampedData)
      Checks if the TimeStampToken matches the signed data.
      Parameters:
      timestampedData - a DSSDocument representing the timestamped data
      Returns:
      true if the data is verified by the TimeStampToken

    • matchData

      public boolean matchData(eu.europa.esig.dss.model.DSSDocument timestampedData, boolean suppressMatchWarnings)
      Checks if the TimeStampToken matches the signed data.
      Parameters:
      timestampedData - a DSSDocument representing the timestamped data
      suppressMatchWarnings - if true the message imprint match warning logs are suppressed.
      Returns:
      true if the data is verified by the TimeStampToken

    • matchData

      public boolean matchData(eu.europa.esig.dss.model.DSSMessageDigest messageDigest)
      Checks if the TimeStampToken matches the message-imprint digest with warning enabled.
      Parameters:
      messageDigest - DSSMessageDigest representing the message-imprint digest
      Returns:
      true if the data is verified by the TimeStampToken

    • matchData

      public boolean matchData(eu.europa.esig.dss.model.DSSMessageDigest messageDigest, boolean suppressMatchWarnings)
      Checks if the TimeStampToken matches the message-imprint digest.
      Parameters:
      messageDigest - DSSMessageDigest representing the message-imprint digest
      suppressMatchWarnings - if true the message imprint match warning logs are suppressed.
      Returns:
      true if the data is verified by the TimeStampToken

    • matchData

      public boolean matchData(byte[] expectedMessageImprintDigest)
      Checks if the TimeStampToken matches the signed data.
      Parameters:
      expectedMessageImprintDigest - the expected message-imprint digest value
      Returns:
      true if the data is verified by the TimeStampToken

    • matchData

      public boolean matchData(byte[] expectedMessageImprintDigest, boolean suppressMatchWarnings)
      Checks if the TimeStampToken matches the signed data.
      Parameters:
      expectedMessageImprintDigest - the expected message-imprint digest value
      suppressMatchWarnings - if true the message imprint match warning logs are suppressed.
      Returns:
      true if the data is verified by the TimeStampToken

    • isProcessed

      public boolean isProcessed()
      Checks if the timestamp's signature has been validated
      Returns:
      TRUE if the timestamp's signature has been validated, FALSE otherwise

    • getTimeStampType

      public eu.europa.esig.dss.enumerations.TimestampType getTimeStampType()
      Retrieves the type of the timestamp token.
      Returns:
      TimestampType

    • getGenerationTime

      public Date getGenerationTime()
      Retrieves the timestamp generation time.
      Returns:
      Date

    • getCreationDate

      public Date getCreationDate()
      Specified by:
      getCreationDate in class eu.europa.esig.dss.model.x509.Token

    • getMessageImprint

      public eu.europa.esig.dss.model.Digest getMessageImprint()
      This method returns the embedded message-imprint value
      Returns:
      a Digest DTO with the algorithm and the value

    • getDigestAlgorithm

      public eu.europa.esig.dss.enumerations.DigestAlgorithm getDigestAlgorithm()
      This method returns a DigestAlgorithm used for message-imprint computation of the timestamp token
      Returns:
      DigestAlgorithm

    • isMessageImprintDataFound

      public boolean isMessageImprintDataFound()
      Checks if the data for message-imprint computation has been found
      Returns:
      true if the message imprint data was found, false otherwise

    • isMessageImprintDataIntact

      public boolean isMessageImprintDataIntact()
      The method matchData must be invoked previously.
      Returns:
      true if the message imprint data is intact, false otherwise

    • getFilename

      public String getFilename()
      This method returns the file name of a detached timestamp
      Returns:
      String

    • setFilename

      public void setFilename(String filename)
      Sets the filename of a detached timestamp
      Parameters:
      filename - String

    • getManifestFile

      public eu.europa.esig.dss.model.ManifestFile getManifestFile()
      This method returns the covered manifest file NOTE: applicable only for ASiC-E CAdES
      Returns:
      ManifestFile

    • setManifestFile

      public void setManifestFile(eu.europa.esig.dss.model.ManifestFile manifestFile)
      Sets the manifest file covered by the current timestamp NOTE: applicable only for ASiC-E CAdES
      Parameters:
      manifestFile - ManifestFile

    • getTimestampedReferences

      public List<TimestampedReference> getTimestampedReferences()
      Gets list of TimestampedReferences covered by the current timestamp
      Returns:
      List of TimestampReferences

    • getArchiveTimestampType

      public eu.europa.esig.dss.enumerations.ArchiveTimestampType getArchiveTimestampType()
      Gets the ArchiveTimestampType, when applicable
      Returns:
      ArchiveTimestampType in the case of an archive timestamp, null otherwise

    • setArchiveTimestampType

      public void setArchiveTimestampType(eu.europa.esig.dss.enumerations.ArchiveTimestampType archiveTimestampType)
      Archive timestamps can be of different subtype.
      Parameters:
      archiveTimestampType - ArchiveTimestampType

    • getEvidenceRecordTimestampType

      public eu.europa.esig.dss.enumerations.EvidenceRecordTimestampType getEvidenceRecordTimestampType()
      Gets the EvidenceRecordTimestampType, when applicable
      Returns:
      EvidenceRecordTimestampType in the case of an evidence record archive time-stamp, null otherwise

    • setEvidenceRecordTimestampType

      public void setEvidenceRecordTimestampType(eu.europa.esig.dss.enumerations.EvidenceRecordTimestampType evidenceRecordTimestampType)
      Sets the EvidenceRecordTimestampType, for an evidence record's time-stamp
      Parameters:
      evidenceRecordTimestampType - EvidenceRecordTimestampType

    • getCanonicalizationMethod

      public String getCanonicalizationMethod()
      Applies only from XAdES timestamps
      Returns:
      String representing the canonicalization method used by the timestamp

    • setCanonicalizationMethod

      public void setCanonicalizationMethod(String canonicalizationMethod)
      Allows to set the canonicalization method used by the timestamp. Applies only with XAdES timestamps.
      Parameters:
      canonicalizationMethod - String representing the canonicalization method

    • getEncoded

      public byte[] getEncoded()
      Specified by:
      getEncoded in class eu.europa.esig.dss.model.x509.Token

    • getTimestampIncludes

      public List<TimestampInclude> getTimestampIncludes()
      Returns the covered references by the current timestamp (XAdES IndividualDataObjectsTimeStamp)
      Returns:
      a list of timestamp's includes

    • setTimestampIncludes

      public void setTimestampIncludes(List<TimestampInclude> timestampIncludes)
      Sets the covered references by the current timestamp (XAdES IndividualDataObjectsTimeStamp)
      Parameters:
      timestampIncludes - a list of timestamp's includes

    • getReferenceValidations

      public List<eu.europa.esig.dss.model.ReferenceValidation> getReferenceValidations()
      Returns a list of timestamped data reference validations (used for Evidence Record timestamps)
      Returns:
      a list of ReferenceValidations

    • setReferenceValidations

      public void setReferenceValidations(List<eu.europa.esig.dss.model.ReferenceValidation> referenceValidations)
      Sets a list of timestamped data reference validations (used for Evidence Record timestamps)
      Parameters:
      referenceValidations - a list of ReferenceValidations

    • areReferenceValidationsValid

      public boolean areReferenceValidationsValid()
      This method verifies whether the corresponding reference validations are valid
      Returns:
      TRUE if all reference validations are valid, FALSE otherwise

    • getDetachedEvidenceRecords

      public List<EvidenceRecord> getDetachedEvidenceRecords()
      Gets a list of detached evidence records covering the time-stamp, when applicable
      Returns:
      a list of EvidenceRecords

    • addDetachedEvidenceRecord

      public void addDetachedEvidenceRecord(EvidenceRecord evidenceRecord)
      Adds an evidence record to the time-stamp's list
      Parameters:
      evidenceRecord - EvidenceRecord

    • getTimestampScopes

      public List<eu.europa.esig.dss.model.scope.SignatureScope> getTimestampScopes()
      Returns the scope of the current timestamp (detached timestamps only)
      Returns:
      a list of SignatureScope

    • setTimestampScopes

      public void setTimestampScopes(List<eu.europa.esig.dss.model.scope.SignatureScope> timestampScopes)
      Sets timestamp's signature scopes
      Parameters:
      timestampScopes - a list of SignatureScopes

    • getCertificates

      public List<eu.europa.esig.dss.model.x509.CertificateToken> getCertificates()
      Returns the list of wrapped certificates.
      Returns:
      List of CertificateToken

    • getCertificateRefs

      public Set<CertificateRef> getCertificateRefs()
      Returns the Set of contained certificate references.
      Returns:
      Set of CertificateRef

    • getUnsignedAttributes

      public org.bouncycastle.asn1.cms.AttributeTable getUnsignedAttributes()
      Gets unsigned attribute table
      Returns:
      AttributeTable

    • getTSTInfoTsa

      public X500Principal getTSTInfoTsa()
      Returns a TSTInfo.tsa attribute identifying the timestamp issuer, when attribute is present
      Returns:
      GeneralName

    • getTimeStamp

      public org.bouncycastle.tsp.TimeStampToken getTimeStamp()
      Gets BouncyCastle implementation of a TimestampToken
      Returns:
      TimeStampToken

    • toString

      public String toString(String indentStr)
      Specified by:
      toString in class eu.europa.esig.dss.model.x509.Token

    • getSignerInformationStoreInfos

      public Set<SignerIdentifier> getSignerInformationStoreInfos()
      Returns a set of found CertificateIdentifier in the SignerInformationStore
      Returns:
      a set of SignerIdentifiers

    • getCandidatesForSigningCertificate

      public CandidatesForSigningCertificate getCandidatesForSigningCertificate()
      Returns an object with signing candidates
      Returns:
      CandidatesForSigningCertificate

    • getSignerInformation

      public org.bouncycastle.cms.SignerInformation getSignerInformation()
      Returns used signer information from CMS Signed Data object
      Returns:
      SignerInformation

    • getAtsHashIndexStatus

      public ArchiveTimestampHashIndexStatus getAtsHashIndexStatus()
      Gets the validation status of the ats-hash-index(-v3) attribute, when applicable. NOTE: supports only archive-time-stamp-v3 timestamp type
      Returns:
      ArchiveTimestampHashIndexStatus if validation ts-hash-index(-v3) attribute has been performed, NULL otherwise

    • setAtsHashIndexStatus

      public void setAtsHashIndexStatus(ArchiveTimestampHashIndexStatus hashIndexStatus)
      Sets the validation status of the ats-hash-index(-v3) attribute, when applicable.
      Parameters:
      hashIndexStatus - ArchiveTimestampHashIndexStatus

    • buildTokenIdentifier

      protected eu.europa.esig.dss.model.identifier.TokenIdentifier buildTokenIdentifier()
      Specified by:
      buildTokenIdentifier in class eu.europa.esig.dss.model.x509.Token

    • getTimestampIdentifierBuilder

      protected TimestampIdentifierBuilder getTimestampIdentifierBuilder()
      Returns a TimestampTokenIdentifierBuilder implementation
      Returns:
      TimestampIdentifierBuilder

    • getDigest

      public byte[] getDigest(eu.europa.esig.dss.enumerations.DigestAlgorithm digestAlgorithm)
      Overrides:
      getDigest in class eu.europa.esig.dss.model.x509.Token