FlowGuard API - v1.2.0-tp.1
    Preparing search index...

    Function verifyTsaMessageImprint

    • Verify TSA message imprint against recomputed canonical event digest.

      Only checks events that have TSA evidence. Events without TSA evidence pass (backward compat — legacy events). Stored canonicalEventDigest is cross-check evidence only; it is not the digest authority during verification.

      Trust model:

      • When tokenDerBase64 is present: mutable timestampEvidence.tsa.messageImprint cannot be trusted. Returns needsTokenVerification=true to signal that async cryptographic token verification is required.
      • When tokenDerBase64 is absent (mock/internal TSA): messageImprint is the trusted internal imprint and is compared against the recomputed canonical digest.

      Parameters

      • event: AuditEvent

        Audit event with optional timestampEvidence.

      Returns TimestampEvidenceCheck