private TimestampReference createCertificateTimestampReference(CertificateToken certificate) {
final byte[] certificateDigest =
DSSUtils.digest(DigestAlgorithm.SHA1, certificate.getEncoded());
final TimestampReference reference =
new TimestampReference(
DigestAlgorithm.SHA1.name(), Base64.encodeBase64String(certificateDigest));
return reference;
}
/**
* Constructor with an indication of the timestamp type. The default constructor for {@code
* TimestampToken}.
*
* @param timeStamp {@code TimeStampToken}
* @param type {@code TimestampType}
* @param certPool {@code CertificatePool} which is used to identify the signing certificate of
* the timestamp
*/
public TimestampToken(
final TimeStampToken timeStamp, final TimestampType type, final CertificatePool certPool) {
this.timeStamp = timeStamp;
this.timeStampType = type;
this.extraInfo = new TokenValidationExtraInfo();
wrappedSource = new CAdESCertificateSource(timeStamp, certPool);
final Collection<CertificateToken> certs = wrappedSource.getCertificates();
for (final CertificateToken certificateToken : certs) {
final byte[] encoded = certificateToken.getEncoded();
final Certificate certificate = Certificate.getInstance(encoded);
final X509CertificateHolder x509CertificateHolder = new X509CertificateHolder(certificate);
if (timeStamp.getSID().match(x509CertificateHolder)) {
boolean valid = isSignedBy(certificateToken);
if (valid) {
break;
}
}
}
}