public class ArchiveTimeStamp extends XAdESTimeStamp implements UnsignedSignaturePropertyElement
Archive validation data consists of the complete validation data and the complete certificate and revocation data, time-stamped together with the electronic signature. The Archive validation data is necessary if the hash function and the crypto algorithms that were used to create the signature are no longer secure. Also, if it cannot be assumed that the hash function used by the Time-Stamping Authority is secure, then nested time-stamps of archived electronic signature are required.
Nested time-stamps will also protect the verifier against key compromise or cracking the algorithm on the old electronic signatures.
The process will need to be performed and iterated before the cryptographic algorithms used for generating the previous time-stamp are no longer secure. Archive validation data MAY thus bear multiple embedded time-stamps.
The xadesv141:ArchiveTimeStamp element is an unsigned property qualifying the signature. Below follows the schema definition for this element.
<xsd:element name="ArchiveTimeStamp" type="XAdESTimeStampType"/>
Should a CounterSignature unsigned property be time-stamped by the xadesv141:ArchiveTimeStamp, any ulterior change of their contents (by addition of unsigned properties if the counter-signature is a XAdES signature, for instance) would make the validation of the xadesv141:ArchiveTimeStamp, and in consequence of the countersigned XAdES signature, fail. Implementers SHOULD, in consequence, not change the contents of the CounterSignature property once it has been time-stamped by the xadesv141:ArchiveTimeStamp. Implementors MAY, in these circumstances, to make use of the detached counter-signature mechanism specified (not supported!)
In addition it has to be noted that the present document allows to counter-sign a previously time-stamped countersignature with another CounterSignature property added to the embedding XAdES signature after the time-stamp container.
Depending whether all the unsigned properties covered by the time-stamp token and the xadesv141:ArchiveTimeStamp property itself have the same parent or not, its contents may be different. Details are given in clauses below.
NOTE: Readers are warned that once an xadesv141:ArchiveTimeStamp property is added to the signature, any ulterior addition of a ds:Object to the signature, would make the verification of such time-stamp fail.
When xadesv141:ArchiveTimeStamp and all the unsigned properties covered by its time-stamp token have the same parent, this property uses the Implicit mechanism for all the time-stamped data objects. The input to the computation of the digest value MUST be built as follows:
loggermCanonicalizationMethod, mEncapsulatedTimeStamps, mIncludes, mReferenceInfos, mXMLTimeStampsmContext, mElement, mId| Constructor and Description |
|---|
ArchiveTimeStamp(Context aContext,
XMLSignature aSignature,
DigestMethod aDMForTimestamp,
tr.gov.tubitak.uekae.esya.api.infra.tsclient.TSSettings aAyar) |
ArchiveTimeStamp(org.w3c.dom.Element aElement,
Context aContext) |
| Modifier and Type | Method and Description |
|---|---|
byte[] |
getContentForTimeStamp(XMLSignature aSignature) |
java.lang.String |
getLocalName() |
java.lang.String |
getNamespace() |
tr.gov.tubitak.uekae.esya.api.signature.attribute.TimestampType |
getType() |
addEncapsulatedTimeStamp, addInclude, addReferenceInfo, getCanonicalizationMethod, getEncapsulatedTimeStamp, getEncapsulatedTimeStampCount, getInclude, getIncludeCount, getReferenceInfo, getReferenceInfoCount, getXMLTimeStamps, setCanonicalizationMethod, setXMLTimeStampsaddBigIntegerElement, addLineBreak, addLineBreak, checkNamespace, createElement, generateAndSetId, getAttribute, getBigIntegerFromElement, getChildText, getContext, getDocument, getElement, getId, insertBase64EncodedElement, insertElement, insertTextElement, selectChildElement, selectChildren, setIdpublic ArchiveTimeStamp(Context aContext, XMLSignature aSignature, DigestMethod aDMForTimestamp, tr.gov.tubitak.uekae.esya.api.infra.tsclient.TSSettings aAyar) throws XMLSignatureException
XMLSignatureExceptionpublic ArchiveTimeStamp(org.w3c.dom.Element aElement,
Context aContext)
throws XMLSignatureException
XMLSignatureExceptionpublic byte[] getContentForTimeStamp(XMLSignature aSignature) throws XMLSignatureException
getContentForTimeStamp in class XAdESTimeStampXMLSignatureExceptionpublic tr.gov.tubitak.uekae.esya.api.signature.attribute.TimestampType getType()
getType in class XAdESTimeStamppublic java.lang.String getLocalName()
getLocalName in class BaseElementpublic java.lang.String getNamespace()
getNamespace in class XAdESBaseElementCopyright © 2025. All rights reserved.