public class SignatureTimeStamp extends XAdESTimeStamp implements UnsignedSignaturePropertyElement
A signer, verifier or both MAY be required to provide on request, proof that a digital signature was created or verified during the validity period of all the certificates that make up the certificate path. In this case, the signer, verifier or both will also be required to provide proof that all the user and CA certificates used were not revoked when the signature was created or verified.
It would be quite unacceptable to consider a signature as invalid even if the keys or certificates were only compromised later. Thus there is a need to be able to demonstrate that the signature key was valid around the time that the signature was created to provide long term evidence of the validity of a signature. Time-stamping by a Time-Stamping Authority (TSA) can provide such evidence.
Time-stamping an electronic signature before the revocation of the signer's private key and before the end of the validity of the certificate provides evidence that the signature has been created while the certificate was valid and before it was revoked.
If a recipient wants to keep the result of the validation of an electronic signature valid, he will have to ensure that he has obtained a valid time-stamp for it, before that key (and any key involved in the validation) is revoked. The sooner the time-stamp is obtained after the signing time, the better.
It is important to note that signatures MAY be generated "off-line" and time-stamped at a later time by anyone, for example by the signer or any recipient interested in the signature. The time-stamp can thus be provided by the signer together with the signed data object, or obtained by the recipient following receipt of the signed data object.
The validation mandated by the signature policy can specify a maximum
acceptable time difference which is allowed between the time indicated in
the SigningTime element and the time indicated by the
SignatureTimeStamp element. If this delay is exceeded then the
electronic signature shall be considered as invalid.
The SignatureTimeStamp encapsulates the time-stamp over the
ds:SignatureValue element.
This property uses the implicit mechanism as the time-stamped data object is always the same. For building the input to the digest computation, applications MUST:
ds:SignatureValue element and its contents.
ds:Canonicalization element is present canonicalize
it using the indicated algorithm. If not, use the standard canonicalization
method specified by XMLDSIG.
The SignatureTimeStamp element is an unsigned property
qualifying the signature. A XAdES-T form MAY contain several
SignatureTimeSamp elements, obtained from different TSAs.
Below follows the schema definition for this element.
<xsd:element name="SignatureTimeStamp" type="XAdESTimeStampType"/>
loggermCanonicalizationMethod, mEncapsulatedTimeStamps, mIncludes, mReferenceInfos, mXMLTimeStampsmContext, mElement, mId| Constructor and Description |
|---|
SignatureTimeStamp(Context aContext,
XMLSignature aSignature,
C14nMethod c14nMethod,
DigestMethod aDMForTimestamp,
tr.gov.tubitak.uekae.esya.api.infra.tsclient.TSSettings aAyar) |
SignatureTimeStamp(Context aContext,
XMLSignature aSignature,
DigestMethod aDMForTimestamp,
tr.gov.tubitak.uekae.esya.api.infra.tsclient.TSSettings aAyar) |
SignatureTimeStamp(org.w3c.dom.Element aElement,
Context aContext)
Construct GenericTimeStamp from existing
|
| Modifier and Type | Method and Description |
|---|---|
byte[] |
getContentForTimeStamp(XMLSignature aSignature) |
java.lang.String |
getLocalName() |
tr.gov.tubitak.uekae.esya.api.signature.attribute.TimestampType |
getType() |
addEncapsulatedTimeStamp, addInclude, addReferenceInfo, getCanonicalizationMethod, getEncapsulatedTimeStamp, getEncapsulatedTimeStampCount, getInclude, getIncludeCount, getReferenceInfo, getReferenceInfoCount, getXMLTimeStamps, setCanonicalizationMethod, setXMLTimeStampsgetNamespaceaddBigIntegerElement, addLineBreak, addLineBreak, checkNamespace, createElement, generateAndSetId, getAttribute, getBigIntegerFromElement, getChildText, getContext, getDocument, getElement, getId, insertBase64EncodedElement, insertElement, insertTextElement, selectChildElement, selectChildren, setIdpublic SignatureTimeStamp(Context aContext, XMLSignature aSignature, DigestMethod aDMForTimestamp, tr.gov.tubitak.uekae.esya.api.infra.tsclient.TSSettings aAyar) throws XMLSignatureException
XMLSignatureExceptionpublic SignatureTimeStamp(Context aContext, XMLSignature aSignature, C14nMethod c14nMethod, DigestMethod aDMForTimestamp, tr.gov.tubitak.uekae.esya.api.infra.tsclient.TSSettings aAyar) throws XMLSignatureException
XMLSignatureExceptionpublic SignatureTimeStamp(org.w3c.dom.Element aElement,
Context aContext)
throws XMLSignatureException
aElement - xml elementaContext - according to contextXMLSignatureException - when structure is invalid or can not be
resolved appropriatelypublic byte[] getContentForTimeStamp(XMLSignature aSignature) throws XMLSignatureException
getContentForTimeStamp in class XAdESTimeStampXMLSignatureExceptionpublic tr.gov.tubitak.uekae.esya.api.signature.attribute.TimestampType getType()
getType in class XAdESTimeStamppublic java.lang.String getLocalName()
getLocalName in class BaseElementCopyright © 2025. All rights reserved.