Class SignatureValidationProperties
- java.lang.Object
-
- com.itextpdf.signatures.validation.SignatureValidationProperties
-
public class SignatureValidationProperties extends java.lang.Object
Class which stores properties, which are related to signature validation process.
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description (package private) static class
SignatureValidationProperties.ContextProperties
static class
SignatureValidationProperties.OnlineFetching
Enum representing possible online fetching permissions.
-
Field Summary
Fields Modifier and Type Field Description private java.util.List<ICrlClient>
crlClients
static boolean
DEFAULT_CONTINUE_AFTER_FAILURE
static java.time.Duration
DEFAULT_FRESHNESS_HISTORICAL
static java.time.Duration
DEFAULT_FRESHNESS_PRESENT_CRL
static java.time.Duration
DEFAULT_FRESHNESS_PRESENT_OCSP
static SignatureValidationProperties.OnlineFetching
DEFAULT_ONLINE_FETCHING
private java.util.List<IOcspClient>
ocspClients
private java.util.HashMap<ValidationContext,SignatureValidationProperties.ContextProperties>
properties
-
Constructor Summary
Constructors Constructor Description SignatureValidationProperties()
CreateSignatureValidationProperties
with default values.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description SignatureValidationProperties
addCrlClient(ICrlClient crlClient)
Adds newICrlClient
instance which will be used to retrieve CRL responses during the validation.SignatureValidationProperties
addOcspClient(IOcspClient ocspClient)
Adds newIOcspClient
instance which will be used to retrieve OCSP response during the validation.SignatureValidationProperties
addRequiredExtensions(CertificateSources certificateSources, java.util.List<CertificateExtension> requiredExtensions)
Adds list of extensions which are required to be set to a certificate depending on certificate source.boolean
getContinueAfterFailure(ValidationContext validationContext)
Returns the Continue after failure setting for the provided context or the default context.java.util.List<ICrlClient>
getCrlClients()
Gets allICrlClient
instances which will be used to retrieve CRL responses during the validation.java.time.Duration
getFreshness(ValidationContext validationContext)
Returns the freshness setting for the provided validation context or the default context in milliseconds.java.util.List<IOcspClient>
getOcspClients()
Gets allIOcspClient
instances which will be used to retrieve OCSP responses during the validation.(package private) <T> T
getParametersValueFor(ValidatorContext validatorContext, CertificateSource certSource, TimeBasedContext timeBasedContext, java.util.function.Function<SignatureValidationProperties.ContextProperties,T> getter)
This method executes the getter method to the most granular parameters set down until the getter returns a non-null valuejava.util.List<CertificateExtension>
getRequiredExtensions(ValidationContext validationContext)
Returns required extension for the provided validation context.SignatureValidationProperties.OnlineFetching
getRevocationOnlineFetching(ValidationContext validationContext)
Sets the onlineFetching property representing possible online fetching permissions.SignatureValidationProperties
setContinueAfterFailure(ValidatorContexts validatorContexts, CertificateSources certificateSources, boolean value)
Sets the Continue after failure setting for the provided context.SignatureValidationProperties
setFreshness(ValidatorContexts validatorContexts, CertificateSources certificateSources, TimeBasedContexts timeBasedContexts, java.time.Duration value)
Sets the freshness setting for the specified validator, time based and certificate source contexts in milliseconds.(package private) void
setParameterValueFor(java.util.EnumSet<ValidatorContext> validatorContexts, java.util.EnumSet<CertificateSource> certificateSources, java.util.EnumSet<TimeBasedContext> timeBasedContexts, java.util.function.Consumer<SignatureValidationProperties.ContextProperties> setter)
This method executes the setter method for every combination of selected validators and certificateSourcesSignatureValidationProperties
setRequiredExtensions(CertificateSources certificateSources, java.util.List<CertificateExtension> requiredExtensions)
Sets list of extensions which are required to be set to a certificate depending on certificate source.SignatureValidationProperties
setRevocationOnlineFetching(ValidatorContexts validatorContexts, CertificateSources certificateSources, TimeBasedContexts timeBasedContexts, SignatureValidationProperties.OnlineFetching onlineFetching)
Sets the onlineFetching property representing possible online fetching permissions.
-
-
-
Field Detail
-
DEFAULT_CONTINUE_AFTER_FAILURE
public static final boolean DEFAULT_CONTINUE_AFTER_FAILURE
- See Also:
- Constant Field Values
-
DEFAULT_FRESHNESS_PRESENT_CRL
public static final java.time.Duration DEFAULT_FRESHNESS_PRESENT_CRL
-
DEFAULT_FRESHNESS_PRESENT_OCSP
public static final java.time.Duration DEFAULT_FRESHNESS_PRESENT_OCSP
-
DEFAULT_FRESHNESS_HISTORICAL
public static final java.time.Duration DEFAULT_FRESHNESS_HISTORICAL
-
DEFAULT_ONLINE_FETCHING
public static final SignatureValidationProperties.OnlineFetching DEFAULT_ONLINE_FETCHING
-
properties
private final java.util.HashMap<ValidationContext,SignatureValidationProperties.ContextProperties> properties
-
ocspClients
private final java.util.List<IOcspClient> ocspClients
-
crlClients
private final java.util.List<ICrlClient> crlClients
-
-
Constructor Detail
-
SignatureValidationProperties
public SignatureValidationProperties()
CreateSignatureValidationProperties
with default values.
-
-
Method Detail
-
getFreshness
public java.time.Duration getFreshness(ValidationContext validationContext)
Returns the freshness setting for the provided validation context or the default context in milliseconds.- Parameters:
validationContext
- the validation context for which to retrieve the freshness setting- Returns:
- the freshness setting for the provided validation context or the default context in milliseconds
-
setFreshness
public final SignatureValidationProperties setFreshness(ValidatorContexts validatorContexts, CertificateSources certificateSources, TimeBasedContexts timeBasedContexts, java.time.Duration value)
Sets the freshness setting for the specified validator, time based and certificate source contexts in milliseconds.This parameter specifies how old revocation data can be, compared to validation time, in order to be trustworthy.
- Parameters:
validatorContexts
- the validators for which to apply the settingcertificateSources
- the certificate sources totimeBasedContexts
- the date comparison context for which to apply the settingvalue
- the settings value in milliseconds- Returns:
- this same
SignatureValidationProperties
instance.
-
getContinueAfterFailure
public boolean getContinueAfterFailure(ValidationContext validationContext)
Returns the Continue after failure setting for the provided context or the default context.- Parameters:
validationContext
- the context for which to retrieve the Continue after failure setting- Returns:
- the Continue after failure setting for the provided context or the default context
-
setContinueAfterFailure
public final SignatureValidationProperties setContinueAfterFailure(ValidatorContexts validatorContexts, CertificateSources certificateSources, boolean value)
Sets the Continue after failure setting for the provided context.This parameter specifies if validation is expected to continue after first failure is encountered. Only
ValidationReport.ValidationResult.INVALID
is considered to be a failure.- Parameters:
validatorContexts
- the validators for which to set the Continue after failure settingcertificateSources
- the certificateSources for which to set the Continue after failure settingvalue
- the Continue after failure setting- Returns:
- this same
SignatureValidationProperties
instance.
-
getRevocationOnlineFetching
public SignatureValidationProperties.OnlineFetching getRevocationOnlineFetching(ValidationContext validationContext)
Sets the onlineFetching property representing possible online fetching permissions.- Parameters:
validationContext
- the context for which to retrieve the online fetching setting- Returns:
- the online fetching setting.
-
setRevocationOnlineFetching
public final SignatureValidationProperties setRevocationOnlineFetching(ValidatorContexts validatorContexts, CertificateSources certificateSources, TimeBasedContexts timeBasedContexts, SignatureValidationProperties.OnlineFetching onlineFetching)
Sets the onlineFetching property representing possible online fetching permissions.- Parameters:
validatorContexts
- the validators for which to set this valuecertificateSources
- the certificate source for which to set this valuetimeBasedContexts
- time perspective context, at which validation is happeningonlineFetching
- onlineFetching property value to set- Returns:
- this same
SignatureValidationProperties
instance.
-
getRequiredExtensions
public java.util.List<CertificateExtension> getRequiredExtensions(ValidationContext validationContext)
Returns required extension for the provided validation context.- Parameters:
validationContext
- the validation context for which to retrieve required extensions- Returns:
- required extensions for the provided validation context
-
setRequiredExtensions
public final SignatureValidationProperties setRequiredExtensions(CertificateSources certificateSources, java.util.List<CertificateExtension> requiredExtensions)
Sets list of extensions which are required to be set to a certificate depending on certificate source.By default, required extensions are set to be compliant with common validation norms. Changing those can result in falsely positive validation result.
- Parameters:
certificateSources
-CertificateSource
for extensions to be presentrequiredExtensions
- list of requiredCertificateExtension
- Returns:
- this same
SignatureValidationProperties
instance
-
addRequiredExtensions
public final SignatureValidationProperties addRequiredExtensions(CertificateSources certificateSources, java.util.List<CertificateExtension> requiredExtensions)
Adds list of extensions which are required to be set to a certificate depending on certificate source.By default, required extensions are set to be compliant with common validation norms. Changing those can result in falsely positive validation result.
- Parameters:
certificateSources
-CertificateSource
for extensions to be presentrequiredExtensions
- list of requiredCertificateExtension
- Returns:
- this same
SignatureValidationProperties
instance
-
getCrlClients
public java.util.List<ICrlClient> getCrlClients()
Gets allICrlClient
instances which will be used to retrieve CRL responses during the validation.- Returns:
- all
ICrlClient
instances which will be used to retrieve CRL responses during the validation
-
addCrlClient
public final SignatureValidationProperties addCrlClient(ICrlClient crlClient)
Adds newICrlClient
instance which will be used to retrieve CRL responses during the validation.- Parameters:
crlClient
-ICrlClient
instance which will be used to retrieve CRL responses during the validation- Returns:
- this same
SignatureValidationProperties
instance
-
getOcspClients
public java.util.List<IOcspClient> getOcspClients()
Gets allIOcspClient
instances which will be used to retrieve OCSP responses during the validation.- Returns:
- all
IOcspClient
instances which will be used to retrieve OCSP responses during the validation
-
addOcspClient
public final SignatureValidationProperties addOcspClient(IOcspClient ocspClient)
Adds newIOcspClient
instance which will be used to retrieve OCSP response during the validation.- Parameters:
ocspClient
-IOcspClient
instance which will be used to retrieve OCSP response during the validation- Returns:
- this same
SignatureValidationProperties
instance
-
setParameterValueFor
final void setParameterValueFor(java.util.EnumSet<ValidatorContext> validatorContexts, java.util.EnumSet<CertificateSource> certificateSources, java.util.EnumSet<TimeBasedContext> timeBasedContexts, java.util.function.Consumer<SignatureValidationProperties.ContextProperties> setter)
This method executes the setter method for every combination of selected validators and certificateSources- Parameters:
validatorContexts
- the validators to execute the setter oncertificateSources
- the certificate sources to execute the setter onsetter
- the setter to execute
-
getParametersValueFor
<T> T getParametersValueFor(ValidatorContext validatorContext, CertificateSource certSource, TimeBasedContext timeBasedContext, java.util.function.Function<SignatureValidationProperties.ContextProperties,T> getter)
This method executes the getter method to the most granular parameters set down until the getter returns a non-null value- Type Parameters:
T
- the type of the return value of this method and the getter method- Parameters:
validatorContext
- the validator for which the value is to be retrievedcertSource
- the certificate source for which the value is to be retrievedgetter
- the getter to get the value from the parameters set- Returns:
- the first non-null value returned.
-
-