Package eu.europa.esig.dss.validation.timestamp

Class TimestampToken

java.lang.Object
eu.europa.esig.dss.model.x509.Token
eu.europa.esig.dss.validation.timestamp.TimestampToken
All Implemented Interfaces:
Serializable
public class TimestampToken
extends Token
SignedToken containing a TimeStamp.
See Also:
Serialized Form

  • Constructor Details

  • Method Details

    • getIssuerX500Principal

      public X500Principal getIssuerX500Principal()
      Description copied from class: Token
      Returns the X500Principal of the certificate which was used to sign this token.
      Specified by:
      getIssuerX500Principal in class Token
      Returns:
      the issuer's X500Principal

    • getAbbreviation

      public String getAbbreviation()
      Description copied from class: Token
      This method returns the DSS abbreviation of the token. It is used for debugging purpose.
      Overrides:
      getAbbreviation in class Token
      Returns:
      an abbreviation for the certificate

    • getCertificateSource

      public TimestampCertificateSource getCertificateSource()
      Returns TimestampCertificateSource for the timestamp
      Returns:
      TimestampCertificateSource

    • getCRLSource

      public TimestampCRLSource getCRLSource()
      Returns TimestampCRLSource for the timestamp
      Returns:
      TimestampCRLSource

    • getOCSPSource

      public TimestampOCSPSource getOCSPSource()
      Returns TimestampOCSPSource for the timestamp
      Returns:
      TimestampOCSPSource

    • isSignatureValid

      public boolean isSignatureValid()
      Indicates if the token's signature is intact. The method isSignedBy(CertificateToken) must be called to set this flag. Note: return false if the check isSignedBy() was not performed or the signer's public key does not much. In order to check if the validation has been performed, use the method getSignatureValidity() that returns a three-state value.
      Returns:
      true if the signature is valid (== SignatureValidity.VALID)

    • checkIsSignedBy

      protected SignatureValidity checkIsSignedBy​(CertificateToken candidate)
      Description copied from class: Token
      Verifies if the current token has been signed by the specified certificateToken
      Specified by:
      checkIsSignedBy in class Token
      Parameters:
      candidate - CertificateToken signed candidate
      Returns:
      SignatureValidity

    • matchData

      public boolean matchData​(DSSDocument timestampedData)
      Checks if the TimeStampToken matches the signed data.
      Parameters:
      timestampedData - a DSSDocument representing the timestamped data
      Returns:
      true if the data is verified by the TimeStampToken

    • matchData

      public boolean matchData​(DSSDocument timestampedData, boolean suppressMatchWarnings)
      Checks if the TimeStampToken matches the signed data. This method is used when we want to test whether the TimeStampToken matches the signed data calculated according to ETSI TS 101 733 v2.2.1 and depending on the result re-run the message imprint calculation according to ETSI TS 101 733 v1.8.3. It is part of solution for the issue DSS-1401 (https://ec.europa.eu/cefdigital/tracker/browse/DSS-1401)
      Parameters:
      timestampedData - a DSSDocument representing the timestamped data
      suppressMatchWarnings - if true the message imprint match warning logs are suppressed.
      Returns:
      true if the data is verified by the TimeStampToken

    • matchData

      public boolean matchData​(byte[] expectedMessageImprintValue)
      Checks if the TimeStampToken matches the signed data.
      Parameters:
      expectedMessageImprintValue - the expected message-imprint value
      Returns:
      true if the data is verified by the TimeStampToken

    • matchData

      public boolean matchData​(byte[] expectedMessageImprintValue, boolean suppressMatchWarnings)
      Checks if the TimeStampToken matches the signed data.
      Parameters:
      expectedMessageImprintValue - the expected message-imprint value
      suppressMatchWarnings - if true the message imprint match warning logs are suppressed.
      Returns:
      true if the data is verified by the TimeStampToken

    • isProcessed

      public boolean isProcessed()

    • getPdfRevision

      public PdfRevision getPdfRevision()
      Returns the current PDF timestamp revision
      Returns:
      PdfRevision

    • getTimeStampType

      public TimestampType getTimeStampType()
      Retrieves the type of the timestamp token.
      Returns:
      TimestampType

    • getTimestampLocation

      public TimestampLocation getTimestampLocation()
      Retrieves the location of timestamp token.
      Returns:
      TimestampLocation

    • getGenerationTime

      public Date getGenerationTime()
      Retrieves the timestamp generation time.
      Returns:
      Date

    • getCreationDate

      public Date getCreationDate()
      Description copied from class: Token
      Returns the creation date of this token. This date is mainly used to retrieve the correct issuer within a collection of renewed certificates (new certificate with the same key pair).
      Specified by:
      getCreationDate in class Token
      Returns:
      the creation date of the token (notBefore for a certificate, productionDate for revocation data,...)

    • getMessageImprint

      public Digest getMessageImprint()
      This method returns the embedded message-imprint value
      Returns:
      a Digest DTO with the algorithm and the value

    • isMessageImprintDataFound

      public Boolean isMessageImprintDataFound()
      Returns:
      true if the message imprint data was found, false otherwise

    • isMessageImprintDataIntact

      public Boolean isMessageImprintDataIntact()
      The method matchData must be invoked previously.
      Returns:
      true if the message imprint data is intact, false otherwise

    • getFileName

      public String getFileName()
      This method returns the file name of a detached timestamp
      Returns:
      String

    • setFileName

      public void setFileName​(String fileName)
      Sets the filename of a detached timestamp
      Parameters:
      fileName - String

    • getManifestFile

      public ManifestFile getManifestFile()
      This method returns the covered manifest file NOTE: applicable only for ASiC-E CAdES
      Returns:
      ManifestFile

    • setManifestFile

      public void setManifestFile​(ManifestFile manifestFile)
      Sets the manifest file covered by the current timestamp NOTE: applicable only for ASiC-E CAdES
      Parameters:
      manifestFile - ManifestFile

    • getTimestampedReferences

      public List<TimestampedReference> getTimestampedReferences()
      Returns:
      List of TimestampReferences

    • getArchiveTimestampType

      public ArchiveTimestampType getArchiveTimestampType()
      Returns:
      ArchiveTimestampType in the case of an archive timestamp, null otherwise

    • setArchiveTimestampType

      public void setArchiveTimestampType​(ArchiveTimestampType archiveTimestampType)
      Archive timestamps can be of different sub type.
      Parameters:
      archiveTimestampType - ArchiveTimestampType

    • getCanonicalizationMethod

      public String getCanonicalizationMethod()
      Applies only from XAdES timestamps
      Returns:
      String representing the canonicalization method used by the timestamp

    • setCanonicalizationMethod

      public void setCanonicalizationMethod​(String canonicalizationMethod)
      Allows to set the canonicalization method used by the timestamp. Applies only with XAdES timestamps.
      Parameters:
      canonicalizationMethod - String representing the canonicalization method

    • getEncoded

      public byte[] getEncoded()
      Description copied from class: Token
      Returns the encoded form of the wrapped token.
      Specified by:
      getEncoded in class Token
      Returns:
      the encoded form of the wrapped token

    • getTimestampIncludes

      public List<TimestampInclude> getTimestampIncludes()
      Returns the covered references by the current timestamp (XAdES IndividualDataObjectsTimeStamp)
      Returns:

    • setTimestampIncludes

      public void setTimestampIncludes​(List<TimestampInclude> timestampIncludes)

    • getTimestampScopes

      public List<SignatureScope> getTimestampScopes()
      Returns the scope of the current timestamp (detached timestamps only)
      Returns:
      a list of SignatureScope

    • setTimestampScopes

      public void setTimestampScopes​(List<SignatureScope> timestampScopes)

    • getCertificates

      public List<CertificateToken> getCertificates()
      Returns the list of wrapped certificates.
      Returns:
      List of CertificateToken

    • getCertificateRefs

      public Set<CertificateRef> getCertificateRefs()
      Returns the Set of contained certificate references.
      Returns:
      Set of CertificateRef

    • getUnsignedAttributes

      public org.bouncycastle.asn1.cms.AttributeTable getUnsignedAttributes()

    • getTimeStamp

      public org.bouncycastle.tsp.TimeStampToken getTimeStamp()

    • setHashCode

      public void setHashCode​(int hashCode)
      Used only with XAdES timestamps.
      Parameters:
      hashCode - the hash code of the DOM element containing the timestamp

    • getHashCode

      public int getHashCode()
      Used only with XAdES timestamps.
      Returns:
      the hash code of the DOM element containing the timestamp

    • toString

      public String toString​(String indentStr)
      Description copied from class: Token
      Returns a string representation of the token.
      Specified by:
      toString in class Token
      Parameters:
      indentStr - the indentation to use
      Returns:
      string representation of the token

    • getSignerInformationStoreInfos

      public Set<CertificateIdentifier> getSignerInformationStoreInfos()
      Returns a list of found CertificateIdentifier in the SignerInformationStore
      Returns:
      a list of CertificateIdentifiers

    • getCandidatesForSigningCertificate

      public CandidatesForSigningCertificate getCandidatesForSigningCertificate()
      Returns an object with signing candidates
      Returns:
      CandidatesForSigningCertificate

    • getSignerInformation

      public org.bouncycastle.cms.SignerInformation getSignerInformation()
      Returns used signer information from CMS Signed Data object
      Returns:
      SignerInformation

    • buildTokenIdentifier

      protected TokenIdentifier buildTokenIdentifier()
      Description copied from class: Token
      Builds a token unique identifier
      Specified by:
      buildTokenIdentifier in class Token
      Returns:
      TokenIdentifier