Package org.bouncycastle.tsp

Class TimeStampToken

  • public class TimeStampToken
extends java.lang.Object
    Carrier class for a TimeStampToken.

    • Constructor Detail

      • TimeStampToken

        public TimeStampToken​(org.bouncycastle.asn1.cms.ContentInfo contentInfo)
               throws TSPException,
                      java.io.IOException
        Throws:
        TSPException
        java.io.IOException

    • Method Detail

      • getSignedAttributes

        public org.bouncycastle.asn1.cms.AttributeTable getSignedAttributes()

      • getUnsignedAttributes

        public org.bouncycastle.asn1.cms.AttributeTable getUnsignedAttributes()

      • getCRLs

        public org.bouncycastle.util.Store<X509CRLHolder> getCRLs()

      • validate

        public void validate​(SignerInformationVerifier sigVerifier)
              throws TSPException,
                     TSPValidationException
        Validate the time stamp token.

        To be valid the token must be signed by the passed in certificate and the certificate must be the one referred to by the SigningCertificate attribute included in the hashed attributes of the token. The certificate must also have the ExtendedKeyUsageExtension with only KeyPurposeId.id_kp_timeStamping and have been valid at the time the timestamp was created.

        A successful call to validate means all the above are true.

        Parameters:
        sigVerifier - the content verifier create the objects required to verify the CMS object in the timestamp.
        Throws:
        TSPException - if an exception occurs in processing the token.
        TSPValidationException - if the certificate or signature fail to be valid.
        java.lang.IllegalArgumentException - if the sigVerifierProvider has no associated certificate.

      • isSignatureValid

        public boolean isSignatureValid​(SignerInformationVerifier sigVerifier)
                         throws TSPException
        Return true if the signature on time stamp token is valid.

        Note: this is a much weaker proof of correctness than calling validate().

        Parameters:
        sigVerifier - the content verifier create the objects required to verify the CMS object in the timestamp.
        Returns:
        true if the signature matches, false otherwise.
        Throws:
        TSPException - if the signature cannot be processed or the provider cannot match the algorithm.

      • toCMSSignedData

        public CMSSignedData toCMSSignedData()
        Return the underlying CMSSignedData object.
        Returns:
        the underlying CMS structure.

      • getEncoded

        public byte[] getEncoded()
                  throws java.io.IOException
        Return a ASN.1 encoded byte stream representing the encoded object.
        Throws:
        java.io.IOException - if encoding fails.

      • getEncoded

        public byte[] getEncoded​(java.lang.String encoding)
                  throws java.io.IOException
        return the ASN.1 encoded representation of this object using the specified encoding.
        Parameters:
        encoding - the ASN.1 encoding format to use ("BER", "DL", or "DER").
        Throws:
        java.io.IOException