Package eu.europa.esig.dss.spi.x509.revocation

Class RevocationToken

    • Field Detail

      • revocationType

        protected RevocationType revocationType
        An identifier referencing a CRL or OCSP response has been used for determining the revocation status.

      • sourceURL

        protected String sourceURL
        The URL which was used to obtain the revocation data (online).

      • available

        protected boolean available
        This boolean shows if the online resource is available

      • status

        protected Boolean status
        Contains the revocation status of the token. True if is not revoked, false if is revoked or null if unknown.

      • productionDate

        protected Date productionDate
        Represents the production date of the OCSP response or the thisUpdate in case of CRL.

      • thisUpdate

        protected Date thisUpdate
        Represents the this update date of the CRL.

      • nextUpdate

        protected Date nextUpdate
        Represents the next update date of the CRL or null for OCSP response.

      • revocationDate

        protected Date revocationDate
        Represents the revocation date from an X509CRLEntry or from an BasicOCSPResp (if the related certificate is revoked)

      • expiredCertsOnCRL

        protected Date expiredCertsOnCRL

      • archiveCutOff

        protected Date archiveCutOff

      • certHashPresent

        protected boolean certHashPresent
        Represents if the certHash extension from an OCSP Response is present (optional)

      • certHashMatch

        protected boolean certHashMatch
        Represents if the certHash extension from an OCSP Response is match with the related certificate's hash (optional)

      • revocationTokenKey

        protected String revocationTokenKey
        Revocation Token Key, used for RevocationToken identification (i.e. id in DB)

    • Constructor Detail

      • RevocationToken

        public RevocationToken()

    • Method Detail

      • getRelatedCertificateID

        public String getRelatedCertificateID()

      • setRelatedCertificate

        public void setRelatedCertificate​(CertificateToken relatedCertificate)

      • getSourceURL

        public String getSourceURL()
        Returns the URL of the source (if available)
        Returns:
        URL of the CRL/OCSP Server (if available)

      • setSourceURL

        public void setSourceURL​(String sourceURL)
        This sets the revocation data source URL. It is only used in case of OnlineSource.
        Parameters:
        sourceURL - the URL which was used to retrieve this CRL

      • getOrigins

        public Set<RevocationOrigin> getOrigins()
        Returns the revocation origin (the signature itself or else)
        Returns:
        the origin of this revocation data

      • isAvailable

        public boolean isAvailable()
        Returns the online resource availability status
        Returns:
        true if the online resource was available

      • setAvailable

        public void setAvailable​(boolean available)

      • getStatus

        public Boolean getStatus()
        Returns the revocation status
        Returns:
        true if valid, false if revoked/onhold, null if not available

      • getProductionDate

        public Date getProductionDate()
        Returns the generation time of the current revocation data (when it was signed)
        Returns:
        the production time of the current revocation data

      • getCreationDate

        public Date getCreationDate()
        Description copied from class: Token
        Returns the creation date of this token. This date is mainly used to retrieve the correct issuer within a collection of renewed certificates (new certificate with the same key pair).
        Specified by:
        getCreationDate in class Token
        Returns:
        the creation date of the token (notBefore for a certificate, productionDate for revocation data,...)

      • getThisUpdate

        public Date getThisUpdate()

      • getNextUpdate

        public Date getNextUpdate()
        Returns the date of the next update
        Returns:
        the next update date

      • getRevocationDate

        public Date getRevocationDate()
        Returns the revocation date (if the token has been revoked)
        Returns:
        the revocation date or null

      • getExpiredCertsOnCRL

        public Date getExpiredCertsOnCRL()
        Returns the expiredCertsOnCRL date (from CRL)
        Returns:
        the expiredCertsOnCRL date value from a CRL or null

      • getArchiveCutOff

        public Date getArchiveCutOff()
        Returns the archiveCutOff date (from an OCSP Response)
        Returns:
        the archiveCutOff date or null

      • isCertHashPresent

        public boolean isCertHashPresent()
        Returns TRUE if the certHash extension (from an OCSP Response) is present
        Returns:
        the TRUE if certHash is present, FALSE otherwise

      • isCertHashMatch

        public boolean isCertHashMatch()
        Returns TRUE if the certHash extension (from an OCSP Response) is match to the hash of related certificate token
        Returns:
        the TRUE if certHash is match, FALSE otherwise

      • getReason

        public RevocationReason getReason()
        Returns the revocation reason (if the token has been revoked)
        Returns:
        the revocation reason or null

      • getRevocationTokenKey

        public String getRevocationTokenKey()
        Returns compiled revocation token key
        Returns:
        String key

      • setRevocationTokenKey

        public void setRevocationTokenKey​(String key)
        Sets the value for revocationTokenKey
        Parameters:
        key - String

      • initInfo

        public abstract void initInfo()
        Initialize inner attributes

      • isValid

        public abstract boolean isValid()
        Indicates if the token signature is intact and the signing certificate matches with the signature and if the extended key usage is present.
        Returns:
        true if the conditions are meet

      • getDSSIdAsString

        public String getDSSIdAsString()
        Description copied from class: Token
        Returns a string representation of the unique DSS token identifier.
        Overrides:
        getDSSIdAsString in class Token
        Returns:
        the unique string for the token

      • hashCode

        public int hashCode()
        Overrides:
        hashCode in class Token