dgs.tlkt
Class CMSTsToken

java.lang.Object
  dgs.tlkt.SignedDataA
      dgs.tlkt.CMSTsToken

public final class CMSTsToken

extends SignedDataA

This is a Crytographic Message Syntax (CMS) record that contains a time stamp token.

You create an instance of this class by sending your time stamp request via the Internet to a time stamp server using this method: DgsComm.timeStamp(TsRequest). For an example and source code of a program to create and verify a time stamp see: ProductionProcess

The CMS is also referred to as a PKCS #7 record. This is a common PKIX digital signature structure.

The CMS structure is used to contain a time stamp. The information that was signed is the "TSTInfo" (your document's SHA1 hash value and the time). The TSTInfo is signed by DigiStamp. The TSTInfo, the signature, and the signed attributes are contained in this structure.

This implementation only supports those features of a CMS record as required to support time stamps that are created by DigiStamp.

A Singed Data object is defined in IETF RFC 2630, this implements "ContentInfo" for support of a "TimeStampToken" described in RFC3161. There are unique characteristics of a time stamp when compared to the more generic "signed data". For example, there can be only 1 SignerInfo and the content must be of the type TstInfo.

Constructor Summary

CMSTsToken(byte[] encodedTS)
Decode the CMS record that contains a time stamp.

CMSTsToken(java.io.InputStream encodedTS)
Decode the CMS record that contains a time stamp.

CMSTsToken(TsResponse resp)
CMSTsToken constructor from a DigiStamp server response.

Method Summary

byte[]	asEncoded() This method returns a BER encoded CMS record that contains a Signed Data.
TsVerifyResult	getLastVerifyResult() This is a convenience method that allows you to ask the results of the most recent verify action.
dgs.tlkt.SignerInfo	getSignerInfo() RFC 2630 SignedData.SignerInfos.
byte[]	getTimeStampedDataHash() Returns the hash value of the time stamped data.
TstInfo	getTstInfo() RFC 2630 SignedData.EncapsulatedContentInfo
void	setTimeStampedData(java.io.InputStream theDataThatWasTimeStamped) Supply the data that was time stamped.
TsVerifyResult	verify() Verify the timestamp under the assumption that you have supplied the data that was time stamped.
TsVerifyResult	verify(byte[] hashOfTSedData) Verify the timestamp based on your supplied value for the hash value of the time stamped data.
TsVerifyResult	verify(byte[] hashOfTSedData, java.security.cert.X509Certificate[] certificatesToUse) Verify the timestamp based on your supplied value for the hash value of the time stamped data.
TsVerifyResult	verify(java.security.cert.X509Certificate[] certificatesToUse) Verify the timestamp under the assumption that you have supplied the data that was time stamped.

Methods inherited from class dgs.tlkt.SignedDataA

addPublicKey, getCertificates, getContent, getContentHash, getContentType, getSignerInfos, getVersion, removeCertificates, removeContent, removePublicKey

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

CMSTsToken

public CMSTsToken(byte[] encodedTS)
           throws ExceptionDgsEncode

Decode the CMS record that contains a time stamp. This is the reverse operation of the method asEncoded(). For example, this could be used to re-instantiate a time stamp instance after being saved to disk.

Parameters:

encodedTS - byte[]

CMSTsToken

public CMSTsToken(java.io.InputStream encodedTS)
           throws ExceptionDgsEncode,
                  java.io.IOException

Decode the CMS record that contains a time stamp.

Parameters:

encodedTS - - contains an ASN encoded time stamp

Throws:

ExceptionDgsEncode

java.io.IOException

See Also:

CMSTsToken(byte[])

CMSTsToken

public CMSTsToken(TsResponse resp)
           throws ExceptionDgsInvalidState

CMSTsToken constructor from a DigiStamp server response.

This method extract the CMSTsToken from the server response. The server response contains both the CMSTsToken and status information.

Method Detail

asEncoded

public byte[] asEncoded()
                 throws ExceptionDgsInvalidState,
                        ExceptionDgsEncode,
                        java.io.IOException

Description copied from class: SignedDataA

This method returns a BER encoded CMS record that contains a Signed Data. This could be used, for example, to write the signed data to disk in its encode form.

Overrides:

asEncoded in class SignedDataA

Throws:

ExceptionDgsInvalidState

ExceptionDgsEncode

java.io.IOException

getLastVerifyResult

public TsVerifyResult getLastVerifyResult()

This is a convenience method that allows you to ask the results of the most recent verify action. This remembers the results of the last verify without incurring the overhead of an actual verify. This method can return null if a verify action has never been performed.

getSignerInfo

public dgs.tlkt.SignerInfo getSignerInfo()

RFC 2630 SignedData.SignerInfos.
The single member of the set is returned.

Returns:

dgs.tlkt.SignerInfo

getTimeStampedDataHash

public byte[] getTimeStampedDataHash()
                              throws java.io.IOException

Returns the hash value of the time stamped data.

Throws:

java.io.IOException

getTstInfo

public TstInfo getTstInfo()
                   throws ExceptionDgsEncode,
                          java.io.IOException

RFC 2630 SignedData.EncapsulatedContentInfo

Returns:

dgs.tlkt.TstInfo

Throws:

ExceptionDgsEncode

java.io.IOException

setTimeStampedData

public void setTimeStampedData(java.io.InputStream theDataThatWasTimeStamped)

Supply the data that was time stamped. This will be necessary for the several variations of the verify method.

Parameters:

theDataThatWasTimeStamped -

verify

public TsVerifyResult verify()
                      throws java.io.IOException,
                             java.security.GeneralSecurityException,
                             ExceptionDgs

Verify the timestamp under the assumption that you have supplied the data that was time stamped. Use the method setTimeStampedData(InputStream)before using this method to verify. This method relies on the x.509 certificates being part-of the time stamp.

Throws:

java.io.IOException

java.security.GeneralSecurityException

ExceptionDgs

verify

public TsVerifyResult verify(byte[] hashOfTSedData)
                      throws java.io.IOException,
                             java.security.GeneralSecurityException,
                             ExceptionDgsInvalidState

Verify the timestamp based on your supplied value for the hash value of the time stamped data. This approach assumes that you have calculated the hash value of the time stamped data externally. This method relies on the x.509 certificates being part-of the time stamp.

Parameters:

hashOfTSedData - - the hash value of the time stamped data

Throws:

java.io.IOException

java.security.GeneralSecurityException

ExceptionDgsInvalidState

verify

public TsVerifyResult verify(byte[] hashOfTSedData,
                             java.security.cert.X509Certificate[] certificatesToUse)
                      throws java.io.IOException,
                             java.security.GeneralSecurityException,
                             ExceptionDgsInvalidState

Verify the timestamp based on your supplied value for the hash value of the time stamped data. This approach assumes that you have calculated the hash value of the time stamped data externally.

Parameters:

hashOfTSedData - - the hash value of the time stamped data

certificatesToUse - - additional certificates to verify the time stamp and create the certificate chain

Throws:

java.io.IOException

java.security.GeneralSecurityException

ExceptionDgsInvalidState

verify

public TsVerifyResult verify(java.security.cert.X509Certificate[] certificatesToUse)
                      throws java.io.IOException,
                             java.security.GeneralSecurityException,
                             ExceptionDgs

Verify the timestamp under the assumption that you have supplied the data that was time stamped. Use the method setTimeStampedData(InputStream)before using this method to verify.

Parameters:

certificatesToUse - - additional certificates to verify the time stamp and create the certificate chain

Throws:

java.io.IOException

java.security.GeneralSecurityException

ExceptionDgs