Package org.bouncycastle.tsp

Class TimeStampToken

java.lang.Object
org.bouncycastle.tsp.TimeStampToken
public class TimeStampToken extends Object
Carrier class for a TimeStampToken.

  • Constructor Details

  • Method Details

    • getTimeStampInfo

      public TimeStampTokenInfo getTimeStampInfo()

    • getSID

      public SignerId getSID()

    • getSignedAttributes

      public org.bouncycastle.asn1.cms.AttributeTable getSignedAttributes()

    • getUnsignedAttributes

      public org.bouncycastle.asn1.cms.AttributeTable getUnsignedAttributes()

    • getCertificates

      public org.bouncycastle.util.Store<X509CertificateHolder> getCertificates()

    • getCRLs

      public org.bouncycastle.util.Store<X509CRLHolder> getCRLs()

    • getAttributeCertificates

      public org.bouncycastle.util.Store<X509AttributeCertificateHolder> getAttributeCertificates()

    • validate

      public void validate(SignerInformationVerifier sigVerifier) throws TSPException, TSPValidationException
      Validate the time stamp token.

      To be valid the token must be signed by the passed in certificate and the certificate must be the one referred to by the SigningCertificate attribute included in the hashed attributes of the token. The certificate must also have the ExtendedKeyUsageExtension with only KeyPurposeId.id_kp_timeStamping and have been valid at the time the timestamp was created.

      A successful call to validate means all the above are true.

      Parameters:
      sigVerifier - the content verifier create the objects required to verify the CMS object in the timestamp.
      Throws:
      TSPException - if an exception occurs in processing the token.
      TSPValidationException - if the certificate or signature fail to be valid.
      IllegalArgumentException - if the sigVerifierProvider has no associated certificate.

    • isSignatureValid

      public boolean isSignatureValid(SignerInformationVerifier sigVerifier) throws TSPException
      Return true if the signature on time stamp token is valid.

      Note: this is a much weaker proof of correctness than calling validate().

      Parameters:
      sigVerifier - the content verifier create the objects required to verify the CMS object in the timestamp.
      Returns:
      true if the signature matches, false otherwise.
      Throws:
      TSPException - if the signature cannot be processed or the provider cannot match the algorithm.

    • toCMSSignedData

      public CMSSignedData toCMSSignedData()
      Return the underlying CMSSignedData object.
      Returns:
      the underlying CMS structure.

    • getEncoded

      public byte[] getEncoded() throws IOException
      Return a ASN.1 encoded byte stream representing the encoded object.
      Throws:
      IOException - if encoding fails.

    • getEncoded

      public byte[] getEncoded(String encoding) throws IOException
      return the ASN.1 encoded representation of this object using the specified encoding.
      Parameters:
      encoding - the ASN.1 encoding format to use ("BER", "DL", or "DER").
      Throws:
      IOException