Module jpms_dss_document
Package eu.europa.esig.dss.signature

Class SignatureRequirementsChecker

java.lang.Object
eu.europa.esig.dss.signature.SignatureRequirementsChecker
public class SignatureRequirementsChecker extends Object
This class is used to verify if the signature can be created according to the provided requirements in a CertificateVerifier instance

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    protected final eu.europa.esig.dss.spi.validation.CertificateVerifier
    certificateVerifier
    CertificateVerifier to be used for certificates validation
    protected final AbstractSignatureParameters<?>
    signatureParameters
    The signature parameters used for signature creation/extension

  • Constructor Summary

    Constructors
    Constructor
    Description
    SignatureRequirementsChecker(eu.europa.esig.dss.spi.validation.CertificateVerifier certificateVerifier, AbstractSignatureParameters<?> signatureParameters)
    Default constructor

  • Method Summary

    Modifier and Type
    Method
    Description
    void
    assertCertificateChainValidForCLevel(List<eu.europa.esig.dss.spi.signature.AdvancedSignature> signatures)
    Checks whether across signatures the corresponding certificate chains require revocation data for C-level augmentation
    void
    assertCertificateChainValidForLTLevel(List<eu.europa.esig.dss.spi.signature.AdvancedSignature> signatures)
    Checks whether across signatures the corresponding certificate chains require revocation data for LT-level augmentation
    void
    assertCertificateChainValidForXLLevel(List<eu.europa.esig.dss.spi.signature.AdvancedSignature> signatures)
    Checks whether across signatures the corresponding certificate chains require revocation data for XL-level augmentation
    protected void
    assertCLevelIsHighest(List<eu.europa.esig.dss.spi.signature.AdvancedSignature> signatures)
    Checks whether across signatures the C-level is highest and C-level augmentation can be performed
    void
    assertExtendToCLevelPossible(List<eu.europa.esig.dss.spi.signature.AdvancedSignature> signatures)
    Verifies whether extension of signatures to C-level is possible
    void
    assertExtendToLTALevelPossible(List<eu.europa.esig.dss.spi.signature.AdvancedSignature> signatures)
    Verifies whether extension of signatures to LTA-level is possible
    void
    assertExtendToLTLevelPossible(List<eu.europa.esig.dss.spi.signature.AdvancedSignature> signatures)
    Verifies whether extension of signatures to LT-level is possible
    void
    assertExtendToTLevelPossible(List<eu.europa.esig.dss.spi.signature.AdvancedSignature> signatures)
    Verifies whether extension of signatures to T-level is possible
    void
    assertExtendToXLevelPossible(List<eu.europa.esig.dss.spi.signature.AdvancedSignature> signatures)
    Verifies whether extension of signatures to X-level is possible
    void
    assertExtendToXLLevelPossible(List<eu.europa.esig.dss.spi.signature.AdvancedSignature> signatures)
    Verifies whether extension of signatures to XL-level is possible
    protected void
    assertHasNoEmbeddedEvidenceRecords(List<eu.europa.esig.dss.spi.signature.AdvancedSignature> signatures)
    Checks whether across signatures the T-level is highest and T-level augmentation can be performed
    protected void
    assertLTLevelIsHighest(List<eu.europa.esig.dss.spi.signature.AdvancedSignature> signatures)
    Checks whether across signatures the LT-level is highest and LT-level augmentation can be performed
    void
    assertSignaturesValid(Collection<eu.europa.esig.dss.spi.signature.AdvancedSignature> signatures)
    Verifies cryptographical validity of the signatures
    void
    assertSigningCertificateIsValid(eu.europa.esig.dss.model.x509.CertificateToken certificateToken)
    This method verifies whether the provided certificate token is acceptable for a signature creation against the provided signatureParameters
    void
    assertSigningCertificateIsValid(Collection<eu.europa.esig.dss.spi.signature.AdvancedSignature> signatures)
    This method verifies a signing certificate for a collection of the given signatures
    protected void
    assertTLevelIsHighest(List<eu.europa.esig.dss.spi.signature.AdvancedSignature> signatures)
    Checks whether across signatures the T-level is highest and T-level augmentation can be performed
    protected void
    assertXLevelIsHighest(List<eu.europa.esig.dss.spi.signature.AdvancedSignature> signatures)
    Checks whether across signatures the X-level is highest and X-level augmentation can be performed
    protected void
    assertXLLevelIsHighest(List<eu.europa.esig.dss.spi.signature.AdvancedSignature> signatures)
    Checks whether across signatures the XL-level is highest and XL-level augmentation can be performed
    protected void
    checkCLevelIsHighest(eu.europa.esig.dss.spi.signature.AdvancedSignature signature, eu.europa.esig.dss.spi.validation.status.SignatureStatus status)
    Verifies whether the signature has maximum B-, T- or LT-level
    protected void
    checkHasEmbeddedEvidenceRecords(eu.europa.esig.dss.spi.signature.AdvancedSignature signature, eu.europa.esig.dss.spi.validation.status.SignatureStatus status)
    Verifies whether the signature has an embedded evidence record
    protected void
    checkLTLevelIsHighest(eu.europa.esig.dss.spi.signature.AdvancedSignature signature, eu.europa.esig.dss.spi.validation.status.SignatureStatus status)
    Verifies whether the signature has maximum B-, T- or LT-level
    protected void
    checkTLevelIsHighest(eu.europa.esig.dss.spi.signature.AdvancedSignature signature, eu.europa.esig.dss.spi.validation.status.SignatureStatus status)
    Verifies whether the signature has maximum B- or T-level
    protected void
    checkXLevelIsHighest(eu.europa.esig.dss.spi.signature.AdvancedSignature signature, eu.europa.esig.dss.spi.validation.status.SignatureStatus status)
    Verifies whether the signature has maximum B-, T- or LT-level
    protected void
    checkXLLevelIsHighest(eu.europa.esig.dss.spi.signature.AdvancedSignature signature, eu.europa.esig.dss.spi.validation.status.SignatureStatus status)
    Verifies whether the signature has maximum X-level
    protected eu.europa.esig.dss.spi.validation.CertificateVerifier
    getCertificateVerifier()
    Gets CertificateVerifier to be used for validation context verification
    boolean
    hasALevelOrHigher(eu.europa.esig.dss.spi.signature.AdvancedSignature signature)
    Checks if the signature has A-level
    boolean
    hasEmbeddedEvidenceRecords(eu.europa.esig.dss.spi.signature.AdvancedSignature signature)
    Checks if the signature has embedded evidence records
    boolean
    hasLTALevelOrHigher(eu.europa.esig.dss.spi.signature.AdvancedSignature signature)
    Checks if the signature has LTA-level
    boolean
    hasLTLevelOrHigher(eu.europa.esig.dss.spi.signature.AdvancedSignature signature)
    Checks if the signature has LTA-level
    boolean
    hasXLevelOrHigher(eu.europa.esig.dss.spi.signature.AdvancedSignature signature)
    Checks if the signature has LTA-level
    boolean
    hasXLLevelOrHigher(eu.europa.esig.dss.spi.signature.AdvancedSignature signature)
    Checks if the signature has LTA-level
    protected eu.europa.esig.dss.spi.validation.ValidationAlerter
    initValidationAlerter(eu.europa.esig.dss.model.x509.CertificateToken certificateToken)
    Initializes the validation alerter for certificate validation
    protected eu.europa.esig.dss.spi.validation.ValidationAlerter
    initValidationAlerter(Collection<eu.europa.esig.dss.spi.signature.AdvancedSignature> signatures)
    Initializes the validation alerter for signature validation

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Field Details

    • certificateVerifier

      protected final eu.europa.esig.dss.spi.validation.CertificateVerifier certificateVerifier
      CertificateVerifier to be used for certificates validation

    • signatureParameters

      protected final AbstractSignatureParameters<?> signatureParameters
      The signature parameters used for signature creation/extension

  • Constructor Details

    • SignatureRequirementsChecker

      public SignatureRequirementsChecker(eu.europa.esig.dss.spi.validation.CertificateVerifier certificateVerifier, AbstractSignatureParameters<?> signatureParameters)
      Default constructor
      Parameters:
      certificateVerifier - CertificateVerifier
      signatureParameters - AbstractSignatureParameters

  • Method Details

    • assertSigningCertificateIsValid

      public void assertSigningCertificateIsValid(eu.europa.esig.dss.model.x509.CertificateToken certificateToken)
      This method verifies whether the provided certificate token is acceptable for a signature creation against the provided signatureParameters
      Parameters:
      certificateToken - CertificateToken

    • assertSigningCertificateIsValid

      public void assertSigningCertificateIsValid(Collection<eu.europa.esig.dss.spi.signature.AdvancedSignature> signatures)
      This method verifies a signing certificate for a collection of the given signatures
      Parameters:
      signatures - a collection of AdvancedSignatures to verify signing-certificate for

    • initValidationAlerter

      protected eu.europa.esig.dss.spi.validation.ValidationAlerter initValidationAlerter(eu.europa.esig.dss.model.x509.CertificateToken certificateToken)
      Initializes the validation alerter for certificate validation
      Parameters:
      certificateToken - CertificateToken representing the signing-certificate to be validated
      Returns:
      ValidationAlerter

    • initValidationAlerter

      protected eu.europa.esig.dss.spi.validation.ValidationAlerter initValidationAlerter(Collection<eu.europa.esig.dss.spi.signature.AdvancedSignature> signatures)
      Initializes the validation alerter for signature validation
      Parameters:
      signatures - collection of AdvancedSignatures to be validated
      Returns:
      ValidationAlerter

    • getCertificateVerifier

      protected eu.europa.esig.dss.spi.validation.CertificateVerifier getCertificateVerifier()
      Gets CertificateVerifier to be used for validation context verification
      Returns:
      CertificateVerifier

    • assertExtendToTLevelPossible

      public void assertExtendToTLevelPossible(List<eu.europa.esig.dss.spi.signature.AdvancedSignature> signatures)
      Verifies whether extension of signatures to T-level is possible
      Parameters:
      signatures - a list of AdvancedSignatures

    • assertTLevelIsHighest

      protected void assertTLevelIsHighest(List<eu.europa.esig.dss.spi.signature.AdvancedSignature> signatures)
      Checks whether across signatures the T-level is highest and T-level augmentation can be performed
      Parameters:
      signatures - a list of AdvancedSignatures

    • checkTLevelIsHighest

      protected void checkTLevelIsHighest(eu.europa.esig.dss.spi.signature.AdvancedSignature signature, eu.europa.esig.dss.spi.validation.status.SignatureStatus status)
      Verifies whether the signature has maximum B- or T-level
      Parameters:
      signature - AdvancedSignature to be verified
      status - SignatureStatus to fill in case of error

    • hasLTLevelOrHigher

      public boolean hasLTLevelOrHigher(eu.europa.esig.dss.spi.signature.AdvancedSignature signature)
      Checks if the signature has LTA-level
      Parameters:
      signature - AdvancedSignature to be validated
      Returns:
      TRUE if the signature has LTA-level, FALSE otherwise

    • assertExtendToLTLevelPossible

      public void assertExtendToLTLevelPossible(List<eu.europa.esig.dss.spi.signature.AdvancedSignature> signatures)
      Verifies whether extension of signatures to LT-level is possible
      Parameters:
      signatures - a list of AdvancedSignatures

    • assertLTLevelIsHighest

      protected void assertLTLevelIsHighest(List<eu.europa.esig.dss.spi.signature.AdvancedSignature> signatures)
      Checks whether across signatures the LT-level is highest and LT-level augmentation can be performed
      Parameters:
      signatures - a list of AdvancedSignatures

    • checkLTLevelIsHighest

      protected void checkLTLevelIsHighest(eu.europa.esig.dss.spi.signature.AdvancedSignature signature, eu.europa.esig.dss.spi.validation.status.SignatureStatus status)
      Verifies whether the signature has maximum B-, T- or LT-level
      Parameters:
      signature - AdvancedSignature to be verified
      status - SignatureStatus to fill in case of error

    • hasLTALevelOrHigher

      public boolean hasLTALevelOrHigher(eu.europa.esig.dss.spi.signature.AdvancedSignature signature)
      Checks if the signature has LTA-level
      Parameters:
      signature - AdvancedSignature to be validated
      Returns:
      TRUE if the signature has LTA-level, FALSE otherwise

    • assertCertificateChainValidForLTLevel

      public void assertCertificateChainValidForLTLevel(List<eu.europa.esig.dss.spi.signature.AdvancedSignature> signatures)
      Checks whether across signatures the corresponding certificate chains require revocation data for LT-level augmentation
      Parameters:
      signatures - a list of AdvancedSignatures

    • assertCertificateChainValidForCLevel

      public void assertCertificateChainValidForCLevel(List<eu.europa.esig.dss.spi.signature.AdvancedSignature> signatures)
      Checks whether across signatures the corresponding certificate chains require revocation data for C-level augmentation
      Parameters:
      signatures - a list of AdvancedSignatures

    • assertCertificateChainValidForXLLevel

      public void assertCertificateChainValidForXLLevel(List<eu.europa.esig.dss.spi.signature.AdvancedSignature> signatures)
      Checks whether across signatures the corresponding certificate chains require revocation data for XL-level augmentation
      Parameters:
      signatures - a list of AdvancedSignatures

    • assertExtendToCLevelPossible

      public void assertExtendToCLevelPossible(List<eu.europa.esig.dss.spi.signature.AdvancedSignature> signatures)
      Verifies whether extension of signatures to C-level is possible
      Parameters:
      signatures - a list of AdvancedSignatures

    • assertCLevelIsHighest

      protected void assertCLevelIsHighest(List<eu.europa.esig.dss.spi.signature.AdvancedSignature> signatures)
      Checks whether across signatures the C-level is highest and C-level augmentation can be performed
      Parameters:
      signatures - a list of AdvancedSignatures

    • checkCLevelIsHighest

      protected void checkCLevelIsHighest(eu.europa.esig.dss.spi.signature.AdvancedSignature signature, eu.europa.esig.dss.spi.validation.status.SignatureStatus status)
      Verifies whether the signature has maximum B-, T- or LT-level
      Parameters:
      signature - AdvancedSignature to be verified
      status - SignatureStatus to fill in case of error

    • hasXLevelOrHigher

      public boolean hasXLevelOrHigher(eu.europa.esig.dss.spi.signature.AdvancedSignature signature)
      Checks if the signature has LTA-level
      Parameters:
      signature - AdvancedSignature to be validated
      Returns:
      TRUE if the signature has LTA-level, FALSE otherwise

    • assertExtendToXLevelPossible

      public void assertExtendToXLevelPossible(List<eu.europa.esig.dss.spi.signature.AdvancedSignature> signatures)
      Verifies whether extension of signatures to X-level is possible
      Parameters:
      signatures - a list of AdvancedSignatures

    • assertXLevelIsHighest

      protected void assertXLevelIsHighest(List<eu.europa.esig.dss.spi.signature.AdvancedSignature> signatures)
      Checks whether across signatures the X-level is highest and X-level augmentation can be performed
      Parameters:
      signatures - a list of AdvancedSignatures

    • checkXLevelIsHighest

      protected void checkXLevelIsHighest(eu.europa.esig.dss.spi.signature.AdvancedSignature signature, eu.europa.esig.dss.spi.validation.status.SignatureStatus status)
      Verifies whether the signature has maximum B-, T- or LT-level
      Parameters:
      signature - AdvancedSignature to be verified
      status - SignatureStatus to fill in case of error

    • hasXLLevelOrHigher

      public boolean hasXLLevelOrHigher(eu.europa.esig.dss.spi.signature.AdvancedSignature signature)
      Checks if the signature has LTA-level
      Parameters:
      signature - AdvancedSignature to be validated
      Returns:
      TRUE if the signature has LTA-level, FALSE otherwise

    • assertExtendToXLLevelPossible

      public void assertExtendToXLLevelPossible(List<eu.europa.esig.dss.spi.signature.AdvancedSignature> signatures)
      Verifies whether extension of signatures to XL-level is possible
      Parameters:
      signatures - a list of AdvancedSignatures

    • assertXLLevelIsHighest

      protected void assertXLLevelIsHighest(List<eu.europa.esig.dss.spi.signature.AdvancedSignature> signatures)
      Checks whether across signatures the XL-level is highest and XL-level augmentation can be performed
      Parameters:
      signatures - a list of AdvancedSignatures

    • checkXLLevelIsHighest

      protected void checkXLLevelIsHighest(eu.europa.esig.dss.spi.signature.AdvancedSignature signature, eu.europa.esig.dss.spi.validation.status.SignatureStatus status)
      Verifies whether the signature has maximum X-level
      Parameters:
      signature - AdvancedSignature to be verified
      status - SignatureStatus to fill in case of error

    • hasALevelOrHigher

      public boolean hasALevelOrHigher(eu.europa.esig.dss.spi.signature.AdvancedSignature signature)
      Checks if the signature has A-level
      Parameters:
      signature - AdvancedSignature to be validated
      Returns:
      TRUE if the signature has A-level, FALSE otherwise

    • assertExtendToLTALevelPossible

      public void assertExtendToLTALevelPossible(List<eu.europa.esig.dss.spi.signature.AdvancedSignature> signatures)
      Verifies whether extension of signatures to LTA-level is possible
      Parameters:
      signatures - a list of AdvancedSignatures

    • assertHasNoEmbeddedEvidenceRecords

      protected void assertHasNoEmbeddedEvidenceRecords(List<eu.europa.esig.dss.spi.signature.AdvancedSignature> signatures)
      Checks whether across signatures the T-level is highest and T-level augmentation can be performed
      Parameters:
      signatures - a list of AdvancedSignatures

    • checkHasEmbeddedEvidenceRecords

      protected void checkHasEmbeddedEvidenceRecords(eu.europa.esig.dss.spi.signature.AdvancedSignature signature, eu.europa.esig.dss.spi.validation.status.SignatureStatus status)
      Verifies whether the signature has an embedded evidence record
      Parameters:
      signature - AdvancedSignature to be verified
      status - SignatureStatus to fill in case of error

    • hasEmbeddedEvidenceRecords

      public boolean hasEmbeddedEvidenceRecords(eu.europa.esig.dss.spi.signature.AdvancedSignature signature)
      Checks if the signature has embedded evidence records
      Parameters:
      signature - AdvancedSignature to be validated
      Returns:
      TRUE if the signature has an embedded evidence record, FALSE otherwise

    • assertSignaturesValid

      public void assertSignaturesValid(Collection<eu.europa.esig.dss.spi.signature.AdvancedSignature> signatures)
      Verifies cryptographical validity of the signatures
      Parameters:
      signatures - a collection of AdvancedSignatures