Package eu.europa.esig.dss.model.x509
Class Token
java.lang.Object
eu.europa.esig.dss.model.x509.Token
- All Implemented Interfaces:
IdentifierBasedObject,Serializable
- Direct Known Subclasses:
CertificateToken,RevocationToken,TimestampToken
This is the base class for the different types of tokens (certificate, OCSP,
CRL, Timestamp) used in the process of signature validation.
- See Also:
-
Field Summary
FieldsModifier and TypeFieldDescriptionprotected PublicKeyThe publicKey of the signed certificate(s)protected SignatureAlgorithmThe algorithm that was used to sign the token.protected StringIndicates the token signature invalidity reason.protected SignatureValidityIndicates a status of token's signature Method isSignedBy(CertificateToken) must be called in order to obtain a signature validity Default: NOT_EVALUATED -
Constructor Summary
ConstructorsModifierConstructorDescriptionprotectedToken()Default constructor instantiating object with null values -
Method Summary
Modifier and TypeMethodDescriptionprotected abstract TokenIdentifierBuilds a token unique identifierprotected abstract SignatureValiditycheckIsSignedBy(PublicKey publicKey) Verifies if the current token has been signed by the specified publicKeybooleanThis method returns the DSS abbreviation of the token.abstract DateReturns the creation date of this token.byte[]getDigest(DigestAlgorithm digestAlgorithm) Returns the digest value of the wrapped tokengetDSSId()Returns a DSS unique token identifier.Returns a string representation of the unique DSS token identifier.abstract byte[]Returns the encoded form of the wrapped token.Returns the token invalidity reason when applicable.abstract X500PrincipalReturns theX500Principalof the certificate which was used to sign this token.This method returns the public key of the token signerReturns the algorithm that was used to sign the token (ex: SHA1WithRSAEncryption, SHA1withRSA...).Indicates a status of the token's signature validity.inthashCode()booleanChecks if the certificate is self-signed.booleanIndicates if the token's signature is intact.booleanisSignedBy(CertificateToken token) Checks if the token is signed by the given token in the parameter.booleanisSignedBy(PublicKey publicKey) Checks if the OCSP token is signed by the given publicKeybooleanisValid()Indicates if the token's signature is intact and the token is valid (e.g. token's structure, message-imprint, etc.).toString()abstract StringReturns a string representation of the token.
-
Field Details
-
publicKeyOfTheSigner
The publicKey of the signed certificate(s) -
signatureValidity
Indicates a status of token's signature Method isSignedBy(CertificateToken) must be called in order to obtain a signature validity Default: NOT_EVALUATED -
signatureInvalidityReason
Indicates the token signature invalidity reason. -
signatureAlgorithm
The algorithm that was used to sign the token.
-
-
Constructor Details
-
Token
protected Token()Default constructor instantiating object with null values
-
-
Method Details
-
hashCode
-
equals
-
isSelfSigned
public boolean isSelfSigned()Checks if the certificate is self-signed. For all tokens different from CertificateToken this method always returns false. This method was introduced in order to manage in a uniform manner the different tokens.- Returns:
- true if the token is self-signed
-
getDSSId
Returns a DSS unique token identifier.- Specified by:
getDSSIdin interfaceIdentifierBasedObject- Returns:
- an instance of TokenIdentifier
-
buildTokenIdentifier
Builds a token unique identifier- Returns:
TokenIdentifier
-
getDSSIdAsString
Returns a string representation of the unique DSS token identifier.- Returns:
- the unique string for the token
-
isSignedBy
Checks if the token is signed by the given token in the parameter.- Parameters:
token- the candidate to be tested- Returns:
- true if this token is signed by the given certificate token
-
isSignedBy
Checks if the OCSP token is signed by the given publicKey- Parameters:
publicKey- the candidate to be tested- Returns:
- true if this token is signed by the given public key
-
checkIsSignedBy
Verifies if the current token has been signed by the specified publicKey- Parameters:
publicKey-PublicKeyof a signing candidate- Returns:
SignatureValidity
-
getIssuerX500Principal
Returns theX500Principalof the certificate which was used to sign this token.- Returns:
- the issuer's
X500Principal
-
getCreationDate
Returns the creation date of this token. This date is mainly used to retrieve the correct issuer within a collection of renewed certificates (new certificate with the same key pair).- Returns:
- the creation date of the token (notBefore for a certificate, productionDate for revocation data,...)
-
getAbbreviation
This method returns the DSS abbreviation of the token. It is used for debugging purpose.- Returns:
- an abbreviation for the certificate
-
getSignatureAlgorithm
Returns the algorithm that was used to sign the token (ex: SHA1WithRSAEncryption, SHA1withRSA...).- Returns:
- the used signature algorithm to sign this token
-
isSignatureIntact
public boolean isSignatureIntact()Indicates if the token's signature is intact. NOTE: The method isSignedBy(CertificateToken) must be called to set this flag. Return false if the check isSignedBy() was not performed or the signer's public key does not much. In order to check if the validation has been performed, use the method getSignatureValidity() that returns a three-state value.- Returns:
- whether the token's signature is intact
-
isValid
public boolean isValid()Indicates if the token's signature is intact and the token is valid (e.g. token's structure, message-imprint, etc.). NOTE: method isSignedBy(CertificateToken) shall be called before.- Returns:
trueif the conditions corresponding to the token validity are met
-
getSignatureValidity
Indicates a status of the token's signature validity. For each kind of token the method isSignedBy(CertificateToken) must be called to set this flag.- Returns:
SignatureValidity
-
getInvalidityReason
-
getPublicKeyOfTheSigner
This method returns the public key of the token signer- Returns:
- the public key which signed this token
-
toString
-
toString
-
getEncoded
public abstract byte[] getEncoded()Returns the encoded form of the wrapped token.- Returns:
- the encoded form of the wrapped token
-
getDigest
Returns the digest value of the wrapped token- Parameters:
digestAlgorithm- the requested digest algorithm- Returns:
- the digest value in binaries
-