Package eu.europa.esig.dss.jades.validation

Class JAdESSignature

java.lang.Object

eu.europa.esig.dss.spi.signature.DefaultAdvancedSignature

eu.europa.esig.dss.jades.validation.JAdESSignature

All Implemented Interfaces:

IdentifierBasedObject, AdvancedSignature, Serializable

public class JAdESSignature
extends DefaultAdvancedSignature

Represents the JAdES signature

See Also:

• Serialized Form

Field Summary

Fields inherited from class eu.europa.esig.dss.spi.signature.DefaultAdvancedSignature

counterSignatures, detachedContents, manifestFile, offlineCertificateSource, referenceValidations, signatureCRLSource, signatureCryptographicVerification, signatureIdentifier, signatureOCSPSource, signaturePolicy, signatureTimestampSource, signingCertificateSource, structureValidationMessages

Constructor Summary

Constructors

Constructor	Description
JAdESSignature(JWS jws)	Default constructor

Method Summary

Modifier and Type	Method	Description
void	addExternalTimestamp(TimestampToken timestamp)	This method allows to add an external timestamp.
protected SignaturePolicy	buildSignaturePolicy()	This method extracts a signature policy from a signature and builds the object
void	checkSignatureIntegrity()	Verifies the signature integrity; checks if the signed content has not been tampered with.
protected JAdESBaselineRequirementsChecker	createBaselineRequirementsChecker(CertificateVerifier certificateVerifier)	Instantiates a BaselineRequirementsChecker according to the signature format
protected List<SignatureScope>	findSignatureScopes()	Finds signature scopes
SignatureCertificateSource	getCertificateSource()	Gets a certificate source which contains ALL certificates embedded in the signature.
List<SignerRole>	getCertifiedSignerRoles()	Returns the certified roles of the signer.
List<SignerRole>	getClaimedSignerRoles()	Returns the claimed roles of the signer.
List<CommitmentTypeIndication>	getCommitmentTypeIndications()	This method obtains the information concerning commitment type indication linked to the signature
String	getContentType()	Returns the value of the signed attribute content-type
List<AdvancedSignature>	getCounterSignatures()	Returns a list of counter signatures applied to this signature
OfflineCRLSource	getCRLSource()	Gets a CRL source which contains ALL CRLs embedded in the signature.
String	getDAIdentifier()	This method returns an identifier provided by the Driving Application (DA) Note: used only for XAdES
SignatureLevel	getDataFoundUpToLevel()	This method returns the signature level
Digest	getDataToBeSignedRepresentation()	TS 119 102-1 (4.2.8 Data to be signed representation (DTBSR)) : The DTBS preparation component shall take the DTBSF and hash it according to the hash algorithm specified in the cryptographic suite.
DigestAlgorithm	getDigestAlgorithm()	Retrieves the digest algorithm used for generating the signature.
EncryptionAlgorithm	getEncryptionAlgorithm()	Retrieves the encryption algorithm used for generating the signature.
JAdESEtsiUHeader	getEtsiUHeader()	Returns unsigned properties embedded into the 'etsiU' array
JWS	getJws()	Gets the associated JWS
String	getKid()	Gets Kid value when present
MaskGenerationFunction	getMaskGenerationFunction()	Deprecated.
EtsiUComponent	getMasterCSigComponent()	Gets a 'cSig' component embedding the current signature
String	getMimeType()	Returns the value of the signed attribute mime-type
OfflineOCSPSource	getOCSPSource()	Gets an OCSP source which contains ALL OCSP responses embedded in the signature.
List<DSSDocument>	getOriginalDocuments()	Returns a list of original documents signed by the signature
List<ReferenceValidation>	getReferenceValidations()	Returns individual validation foreach reference (XAdES, JAdES) or for the message-imprint (CAdES)
SigDMechanism	getSigDMechanism()	Returns a mechanism used in 'sigD' to cover a detached content
SignatureAlgorithm	getSignatureAlgorithm()	Retrieves the signature algorithm (or cipher) used for generating the signature.
SignatureDigestReference	getSignatureDigestReference(DigestAlgorithm digestAlgorithm)	Returns a signature reference element as defined in TS 119 442 - V1.1.1 - Electronic Signatures and Infrastructures (ESI), ch. 5.1.4.2.1.3 XML component
SignatureForm	getSignatureForm()	Specifies the format of the signature
protected SignatureIdentifierBuilder	getSignatureIdentifierBuilder()	Returns a builder to define and build a signature Id
SignaturePolicyStore	getSignaturePolicyStore()	Returns the Signature Policy Store from the signature
SignatureProductionPlace	getSignatureProductionPlace()	Returns information about the place where the signature was generated
String	getSignatureType()	Returns value of the "typ" header parameter, declaring the media type of the JWS, when present.
byte[]	getSignatureValue()	Returns the digital signature value
List<SignerRole>	getSignedAssertions()	Returns the list of embedded signed assertions.
List<DSSDocument>	getSignedDocumentsByHTTPHeaderName()	Returns a list of signed documents by the list of URIs present in 'sigD' Keeps the original order according to 'pars' dictionary content Used in HTTPHeaders detached signature mechanism
List<DSSDocument>	getSignedDocumentsForObjectIdByUriMechanism()	This method returns a list of documents for ObjectIdByUrl or ObjectIdByUriHash mechanisms Keeps the original order according to 'pars' dictionary content
Date	getSigningTime()	Returns the signing time included within the signature.
JAdESTimestampSource	getTimestampSource()	Gets a Signature Timestamp source which contains ALL timestamps embedded in the signature.
boolean	isDetachedSignature()	Checks if the JAdES Signature is a detached (contains 'sigD' dictionary)
void	setMasterCSigComponent(EtsiUComponent masterCSigComponent)	Sets a 'cSig' component embedding the current signature
protected List<String>	validateStructure()	This method processes the structure validation of the signature.

Methods inherited from class eu.europa.esig.dss.spi.signature.DefaultAdvancedSignature

addExternalEvidenceRecord, areAllSelfSignedCertificates, equals, getAllEvidenceRecords, getAllTimestamps, getArchiveTimestamps, getBaselineRequirementsChecker, getCandidatesForSigningCertificate, getCertificates, getCompleteCertificateSource, getCompleteCRLSource, getCompleteOCSPSource, getContainerContents, getContentTimestamps, getCounterSignaturesCertificateSource, getCounterSignaturesCRLSource, getCounterSignaturesOCSPSource, getDetachedContents, getDetachedEvidenceRecords, getDetachedTimestamps, getDocumentTimestamps, getDSSId, getEmbeddedEvidenceRecords, getId, getManifestFile, getMasterSignature, getSignatureCryptographicVerification, getSignatureFilename, getSignaturePolicy, getSignatureScopes, getSignatureTimestamps, getSignerRoles, getSigningCertificateToken, getStructureValidationResult, getTimestampsX1, getTimestampsX2, hasAProfile, hasBESProfile, hasBProfile, hasCProfile, hasEPESProfile, hasExtendedTProfile, hashCode, hasLTAProfile, hasLTProfile, hasTProfile, hasXLProfile, hasXProfile, initBaselineRequirementsChecker, isCounterSignature, isDocHashOnlyValidation, isHashOnlyValidation, resetCertificateSource, resetRevocationSources, resetTimestampSource, setContainerContents, setDetachedContents, setManifestFile, setMasterSignature, setSignatureFilename, setSigningCertificateSource, toString

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Constructor Details

JAdESSignature

public JAdESSignature(JWS jws)

Default constructor

Parameters:

jws - JWS

Method Details

getJws

public JWS getJws()

Gets the associated JWS

Returns:

JWS

getSignatureForm

public SignatureForm getSignatureForm()

Description copied from interface: AdvancedSignature

Specifies the format of the signature

Returns:

SignatureForm

getSignatureAlgorithm

public SignatureAlgorithm getSignatureAlgorithm()

Description copied from interface: AdvancedSignature

Retrieves the signature algorithm (or cipher) used for generating the signature.

Returns:

SignatureAlgorithm

getEncryptionAlgorithm

public EncryptionAlgorithm getEncryptionAlgorithm()

Description copied from interface: AdvancedSignature

Retrieves the encryption algorithm used for generating the signature.

Returns:

EncryptionAlgorithm

getDigestAlgorithm

public DigestAlgorithm getDigestAlgorithm()

Description copied from interface: AdvancedSignature

Retrieves the digest algorithm used for generating the signature.

Returns:

DigestAlgorithm

getMaskGenerationFunction

@Deprecated
public MaskGenerationFunction getMaskGenerationFunction()

Deprecated.

Description copied from interface: AdvancedSignature

Retrieves the mask generation function used for generating the signature.

Returns:

MaskGenerationFunction

getSigningTime

public Date getSigningTime()

Description copied from interface: AdvancedSignature

Returns the signing time included within the signature.

Returns:

Date representing the signing time or null

isDetachedSignature

public boolean isDetachedSignature()

Checks if the JAdES Signature is a detached (contains 'sigD' dictionary)

Returns:

TRUE if the signature is detached, FALSE otherwise

getMasterCSigComponent

public EtsiUComponent getMasterCSigComponent()

Gets a 'cSig' component embedding the current signature

Returns:

EtsiUComponent 'cSig' embedding the current signature

setMasterCSigComponent

public void setMasterCSigComponent(EtsiUComponent masterCSigComponent)

Sets a 'cSig' component embedding the current signature

Parameters:

masterCSigComponent - Object 'cSig' embedding the current signature

getCertificateSource

public SignatureCertificateSource getCertificateSource()

Description copied from interface: AdvancedSignature

Gets a certificate source which contains ALL certificates embedded in the signature.

Returns:

SignatureCertificateSource

getCRLSource

public OfflineCRLSource getCRLSource()

Description copied from interface: AdvancedSignature

Gets a CRL source which contains ALL CRLs embedded in the signature.

Returns:

OfflineRevocationSource

getOCSPSource

public OfflineOCSPSource getOCSPSource()

Description copied from interface: AdvancedSignature

Gets an OCSP source which contains ALL OCSP responses embedded in the signature.

Returns:

OfflineRevocationSource

getTimestampSource

public JAdESTimestampSource getTimestampSource()

Description copied from interface: AdvancedSignature

Gets a Signature Timestamp source which contains ALL timestamps embedded in the signature.

Returns:

SignatureTimestampSource

getSignatureProductionPlace

public SignatureProductionPlace getSignatureProductionPlace()

Description copied from interface: AdvancedSignature

Returns information about the place where the signature was generated

Returns:

SignatureProductionPlace

getSignaturePolicyStore

public SignaturePolicyStore getSignaturePolicyStore()

Description copied from interface: AdvancedSignature

Returns the Signature Policy Store from the signature

Returns:

SignaturePolicyStore

getCommitmentTypeIndications

public List<CommitmentTypeIndication> getCommitmentTypeIndications()

Description copied from interface: AdvancedSignature

This method obtains the information concerning commitment type indication linked to the signature

Returns:

a list of CommitmentTypeIndications

getContentType

public String getContentType()

Description copied from interface: AdvancedSignature

Returns the value of the signed attribute content-type

Returns:

content type as String

getMimeType

public String getMimeType()

Description copied from interface: AdvancedSignature

Returns the value of the signed attribute mime-type

Returns:

mime type as String

getSignatureType

public String getSignatureType()

Returns value of the "typ" header parameter, declaring the media type of the JWS, when present.

Returns:

String

getCertifiedSignerRoles

public List<SignerRole> getCertifiedSignerRoles()

Description copied from interface: AdvancedSignature

Returns the certified roles of the signer.

Returns:

list of the SignerRoles

getClaimedSignerRoles

public List<SignerRole> getClaimedSignerRoles()

Description copied from interface: AdvancedSignature

Returns the claimed roles of the signer.

Returns:

list of the SignerRoles

getSignedAssertions

public List<SignerRole> getSignedAssertions()

Description copied from interface: AdvancedSignature

Returns the list of embedded signed assertions.

Returns:

list of the assertions s

getCounterSignatures

public List<AdvancedSignature> getCounterSignatures()

Description copied from interface: AdvancedSignature

Returns a list of counter signatures applied to this signature

Returns:

a List of AdvancedSignatures representing the counter signatures

getDAIdentifier

public String getDAIdentifier()

Description copied from interface: AdvancedSignature

This method returns an identifier provided by the Driving Application (DA) Note: used only for XAdES

Returns:

The signature identifier

buildSignaturePolicy

protected SignaturePolicy buildSignaturePolicy()

Description copied from class: DefaultAdvancedSignature

This method extracts a signature policy from a signature and builds the object

Specified by:

buildSignaturePolicy in class DefaultAdvancedSignature

Returns:

SignaturePolicy

getSignatureValue

public byte[] getSignatureValue()

Description copied from interface: AdvancedSignature

Returns the digital signature value

Returns:

digital signature value byte array

getEtsiUHeader

public JAdESEtsiUHeader getEtsiUHeader()

Returns unsigned properties embedded into the 'etsiU' array

Returns:

JAdESEtsiUHeader

getSignatureDigestReference

public SignatureDigestReference getSignatureDigestReference(DigestAlgorithm digestAlgorithm)

Description copied from interface: AdvancedSignature

Returns a signature reference element as defined in TS 119 442 - V1.1.1 - Electronic Signatures and Infrastructures (ESI), ch. 5.1.4.2.1.3 XML component

Parameters:

digestAlgorithm - DigestAlgorithm to use

Returns:

SignatureDigestReference

getDataToBeSignedRepresentation

public Digest getDataToBeSignedRepresentation()

Description copied from interface: AdvancedSignature

TS 119 102-1 (4.2.8 Data to be signed representation (DTBSR)) : The DTBS preparation component shall take the DTBSF and hash it according to the hash algorithm specified in the cryptographic suite.

Returns:

Digest DTBSR, which is then used to create the signature.

getSignatureIdentifierBuilder

protected SignatureIdentifierBuilder getSignatureIdentifierBuilder()

Description copied from class: DefaultAdvancedSignature

Returns a builder to define and build a signature Id

Specified by:

getSignatureIdentifierBuilder in class DefaultAdvancedSignature

Returns:

SignatureIdentifierBuilder

checkSignatureIntegrity

public void checkSignatureIntegrity()

Description copied from interface: AdvancedSignature

Verifies the signature integrity; checks if the signed content has not been tampered with. In the case of a non-AdES signature no including the signing certificate then the latter must be provided by calling setProvidedSigningCertificateToken In the case of a detached signature the signed content must be provided by calling setProvidedSigningCertificateToken

getReferenceValidations

public List<ReferenceValidation> getReferenceValidations()

Description copied from interface: AdvancedSignature

Returns individual validation foreach reference (XAdES, JAdES) or for the message-imprint (CAdES)

Returns:

a list with one or more ReferenceValidation

getKid

public String getKid()

Gets Kid value when present

Returns:

String

getSigDMechanism

public SigDMechanism getSigDMechanism()

Returns a mechanism used in 'sigD' to cover a detached content

Returns:

SigDMechanism

getSignedDocumentsByHTTPHeaderName

public List<DSSDocument> getSignedDocumentsByHTTPHeaderName()

Returns a list of signed documents by the list of URIs present in 'sigD' Keeps the original order according to 'pars' dictionary content Used in HTTPHeaders detached signature mechanism

Returns:

a list of DSSDocuments

getSignedDocumentsForObjectIdByUriMechanism

public List<DSSDocument> getSignedDocumentsForObjectIdByUriMechanism()

This method returns a list of documents for ObjectIdByUrl or ObjectIdByUriHash mechanisms Keeps the original order according to 'pars' dictionary content

Returns:

a list of DSSDocuments

getOriginalDocuments

public List<DSSDocument> getOriginalDocuments()

Returns a list of original documents signed by the signature

Returns:

a list of DSSDocuments

getDataFoundUpToLevel

public SignatureLevel getDataFoundUpToLevel()

Description copied from interface: AdvancedSignature

This method returns the signature level

Returns:

a value of SignatureLevel

createBaselineRequirementsChecker

protected JAdESBaselineRequirementsChecker createBaselineRequirementsChecker(CertificateVerifier certificateVerifier)

Description copied from class: DefaultAdvancedSignature

Instantiates a BaselineRequirementsChecker according to the signature format

Specified by:

createBaselineRequirementsChecker in class DefaultAdvancedSignature

Parameters:

certificateVerifier - CertificateVerifier to be used

Returns:

BaselineRequirementsChecker

validateStructure

protected List<String> validateStructure()

Description copied from class: DefaultAdvancedSignature

This method processes the structure validation of the signature.

Overrides:

validateStructure in class DefaultAdvancedSignature

Returns:

list of String errors

findSignatureScopes

protected List<SignatureScope> findSignatureScopes()

Description copied from class: DefaultAdvancedSignature

Finds signature scopes

Specified by:

findSignatureScopes in class DefaultAdvancedSignature

Returns:

a list of SignatureScopes

addExternalTimestamp

public void addExternalTimestamp(TimestampToken timestamp)

Description copied from interface: AdvancedSignature

This method allows to add an external timestamp. The given timestamp must be processed before. NOTE: The method is supported only for CAdES signatures

Parameters:

timestamp - the timestamp token