Package eu.europa.esig.dss.cades.validation

Class CAdESSignature

    • Constructor Detail

      • CAdESSignature

        public CAdESSignature​(byte[] data)
               throws org.bouncycastle.cms.CMSException
        Parameters:
        data - byte array representing CMSSignedData
        Throws:
        org.bouncycastle.cms.CMSException

      • CAdESSignature

        public CAdESSignature​(byte[] data,
                      CertificatePool certPool)
               throws org.bouncycastle.cms.CMSException
        Parameters:
        data - byte array representing CMSSignedData
        certPool - can be null
        Throws:
        org.bouncycastle.cms.CMSException

      • CAdESSignature

        public CAdESSignature​(org.bouncycastle.cms.CMSSignedData cms,
                      CertificatePool certPool)
        The default constructor for CAdESSignature.
        Parameters:
        cms - CMSSignedData
        certPool - can be null

      • CAdESSignature

        public CAdESSignature​(org.bouncycastle.cms.CMSSignedData cmsSignedData,
                      org.bouncycastle.cms.SignerInformation signerInformation)
        Parameters:
        cmsSignedData - CMSSignedData
        signerInformation - an expanded SignerInfo block from a CMS Signed message

      • CAdESSignature

        public CAdESSignature​(org.bouncycastle.cms.CMSSignedData cmsSignedData,
                      org.bouncycastle.cms.SignerInformation signerInformation,
                      CertificatePool certPool)
        The default constructor for CAdESSignature.
        Parameters:
        cmsSignedData - CMSSignedData
        signerInformation - an expanded SignerInfo block from a CMS Signed message
        certPool - can be null

    • Method Detail

      • getSignatureForm

        public SignatureForm getSignatureForm()
        Description copied from interface: AdvancedSignature
        Specifies the format of the signature

      • getCertificateSource

        public SignatureCertificateSource getCertificateSource()
        Description copied from interface: AdvancedSignature
        Gets a certificate source which contains ALL certificates embedded in the signature.
        Returns:

      • getCRLSource

        public SignatureCRLSource getCRLSource()
        Description copied from interface: AdvancedSignature
        Gets a CRL source which contains ALL CRLs embedded in the signature.
        Returns:
        SignatureCRLSource

      • getOCSPSource

        public SignatureOCSPSource getOCSPSource()
        Description copied from interface: AdvancedSignature
        Gets an OCSP source which contains ALL OCSP responses embedded in the signature.
        Returns:
        SignatureOCSPSource

      • getTimestampSource

        public CAdESTimestampSource getTimestampSource()
        Description copied from interface: AdvancedSignature
        Gets a Signature Timestamp source which contains ALL timestamps embedded in the signature.
        Returns:
        SignatureTimestampSource

      • getSignerId

        public org.bouncycastle.cms.SignerId getSignerId()
        Returns SignerId of the related to the signature signerInformation
        Returns:
        SignerId

      • getCandidatesForSigningCertificate

        public CandidatesForSigningCertificate getCandidatesForSigningCertificate()
        ETSI TS 101 733 V2.2.1 (2013-04) 5.6.3 Signature Verification Process ...the public key from the first certificate identified in the sequence of certificate identifiers from SigningCertificate shall be the key used to verify the digital signature.
        Returns:

      • getSigningTime

        public Date getSigningTime()
        Description copied from interface: AdvancedSignature
        Returns the signing time included within the signature.
        Returns:
        Date representing the signing time or null

      • getCmsSignedData

        public org.bouncycastle.cms.CMSSignedData getCmsSignedData()
        Returns:
        the cmsSignedData

      • getSignatureProductionPlace

        public SignatureProductionPlace getSignatureProductionPlace()
        Description copied from interface: AdvancedSignature
        Returns information about the place where the signature was generated
        Returns:
        SignatureProductionPlace

      • getCommitmentTypeIndication

        public CommitmentType getCommitmentTypeIndication()
        Description copied from interface: AdvancedSignature
        This method obtains the information concerning commitment type indication linked to the signature
        Returns:
        CommitmentType

      • getCertifiedSignerRoles

        public List<SignerRole> getCertifiedSignerRoles()
        Description copied from interface: AdvancedSignature
        Returns the certified roles of the signer.
        Returns:
        list of the SignerRoles

      • getEncryptionAlgorithm

        public EncryptionAlgorithm getEncryptionAlgorithm()
        Description copied from interface: AdvancedSignature
        Retrieves the encryption algorithm used for generating the signature.
        Returns:
        EncryptionAlgorithm

      • getDigestAlgorithm

        public DigestAlgorithm getDigestAlgorithm()
        Description copied from interface: AdvancedSignature
        Retrieves the digest algorithm used for generating the signature.
        Returns:
        DigestAlgorithm

      • getMaskGenerationFunction

        public MaskGenerationFunction getMaskGenerationFunction()
        Description copied from interface: AdvancedSignature
        Retrieves the mask generation function used for generating the signature.
        Returns:
        MaskGenerationFunction

      • getSignatureAlgorithm

        public SignatureAlgorithm getSignatureAlgorithm()
        Description copied from interface: AdvancedSignature
        Retrieves the signature algorithm (or cipher) used for generating the signature.
        Returns:
        SignatureAlgorithm

      • checkSignatureIntegrity

        public void checkSignatureIntegrity()
        Description copied from interface: AdvancedSignature
        Verifies the signature integrity; checks if the signed content has not been tampered with. In the case of a non-AdES signature no including the signing certificate then the latter must be provided by calling setProvidedSigningCertificateToken In the case of a detached signature the signed content must be provided by calling setProvidedSigningCertificateToken

      • getReferenceValidations

        public List<ReferenceValidation> getReferenceValidations​(org.bouncycastle.cms.SignerInformation signerInformationToCheck)

      • getReferenceValidations

        public List<ReferenceValidation> getReferenceValidations()
        Description copied from interface: AdvancedSignature
        Returns individual validation foreach reference (XAdES) or for the message-imprint (CAdES)
        Returns:
        a list with one or more ReferenceValidation

      • getSignatureDigestReference

        public SignatureDigestReference getSignatureDigestReference​(DigestAlgorithm digestAlgorithm)
        TS 119 442 - V1.1.1 - Electronic Signatures and Infrastructures (ESI), ch. 5.1.4.2.1.3 XML component: In case of CAdES signatures, the input to the digest value computation shall be one of the DER-encoded instances of SignedInfo type present within the CMS structure.
        Parameters:
        digestAlgorithm - DigestAlgorithm to use
        Returns:
        SignatureDigestReference

      • checkSigningCertificate

        public void checkSigningCertificate()
        Description copied from interface: AdvancedSignature
        This method checks the protection of the certificates included within the signature (XAdES: KeyInfo) against the substitution attack.

      • getContentType

        public String getContentType()
        Description copied from interface: AdvancedSignature
        Returns the value of the signed attribute content-type
        Returns:
        content type as String

      • getMimeType

        public String getMimeType()
        Description copied from interface: AdvancedSignature
        Returns the value of the signed attribute mime-type
        Returns:
        mime type as String

      • getContentIdentifier

        public String getContentIdentifier()
        Returns:
        content identifier as String

      • getContentHints

        public String getContentHints()
        Returns:
        content hints as String

      • getSignerInformation

        public org.bouncycastle.cms.SignerInformation getSignerInformation()
        Returns:
        the signerInformation

      • getSignatureValue

        public byte[] getSignatureValue()
        Description copied from interface: AdvancedSignature
        Returns the digital signature value
        Returns:
        digital signature value byte array

      • getCounterSignatures

        public List<AdvancedSignature> getCounterSignatures()
        Description copied from interface: AdvancedSignature
        Returns a list of counter signatures applied to this signature
        Returns:
        a List of AdvancedSignatures representing the counter signatures

      • getCertificateRefs

        public List<CertificateRef> getCertificateRefs()
        Description copied from interface: AdvancedSignature
        Retrieve list of certificate ref
        Returns:
        List of CertificateRef

      • getDAIdentifier

        public String getDAIdentifier()
        Description copied from interface: AdvancedSignature
        This method returns an identifier provided by the Driving Application (DA) Note: used only for XAdES
        Returns:
        The signature identifier

      • isDataForSignatureLevelPresent

        public boolean isDataForSignatureLevelPresent​(SignatureLevel signatureLevel)
        Parameters:
        signatureLevel - SignatureLevel to be checked
        Returns:
        true if the signature contains the data needed for this SignatureLevel. Doesn't mean any validity of the data found.

      • getSignatureLevels

        public SignatureLevel[] getSignatureLevels()
        Returns:
        the list of signature levels for this type of signature, in the simple to complete order. Example: B,T,LT,LTA