Uses of Class
eu.europa.esig.dss.model.x509.CertificateToken
Package
Description
-
Uses of CertificateToken in eu.europa.esig.dss.cades
Modifier and TypeMethodDescriptionstatic void
CMSUtils.addSigningCertificateAttribute
(org.bouncycastle.asn1.ASN1EncodableVector signedAttributes, DigestAlgorithm digestAlgorithm, CertificateToken signingToken) Method to add signing certificate to ASN.1 DER encoded signed attributes. -
Uses of CertificateToken in eu.europa.esig.dss.cades.signature
ModifierConstructorDescriptionCadesLevelBaselineLTATimestampExtractor
(org.bouncycastle.cms.CMSSignedData cmsSignedData, Collection<CertificateToken> certificates) Constructor with a custom collection of certificates -
Uses of CertificateToken in eu.europa.esig.dss.crl
Modifier and TypeMethodDescriptionstatic CRLValidity
CRLUtils.buildCRLValidity
(CRLBinary crlBinary, CertificateToken issuerToken) This method verifies and creates: the signature of the CRL, the key usage of its signing certificate and the coherence between the subject names of the CRL signing certificate and the issuer name of the certificate for which the verification of the revocation data is carried out.ICRLUtils.buildCRLValidity
(CRLBinary crlBinary, CertificateToken issuerToken) This method verifies: the signature of the CRL, the key usage of its signing certificate and the coherence between the subject names of the CRL signing certificate and the issuer name of the certificate for which the verification of the revocation data is carried out.void
CRLValidity.setIssuerToken
(CertificateToken issuerToken) Sets the issuer certificateToken -
Uses of CertificateToken in eu.europa.esig.dss.crl.stream.impl
Modifier and TypeMethodDescriptionCRLUtilsStreamImpl.buildCRLValidity
(CRLBinary crlBinary, CertificateToken issuerToken) -
Uses of CertificateToken in eu.europa.esig.dss.crl.x509.impl
Modifier and TypeMethodDescriptionCRLUtilsX509CRLImpl.buildCRLValidity
(CRLBinary crlBinary, CertificateToken issuerToken) This method verifies: the signature of the CRL, the key usage of its signing certificate and the coherence between the subject names of the CRL signing certificate and the issuer name of the certificate for which the verification of the revocation data is carried out. -
Uses of CertificateToken in eu.europa.esig.dss.jades
Modifier and TypeMethodDescriptionstatic String
DSSJsonUtils.generateKid
(CertificateToken signingCertificate) Generates the 'kid' value as in IETF RFC 5035 -
Uses of CertificateToken in eu.europa.esig.dss.jades.signature
Modifier and TypeMethodDescriptionprotected void
JAdESLevelBaselineB.incorporateSigningCertificateOtherDigestReference
(CertificateToken signingCertificate, DigestAlgorithm digestAlgorithm) Incorporates 5.2.2.2 The x5t#o (X509 certificate digest) header parameterprotected void
JAdESLevelBaselineB.incorporateSigningCertificateSha256Thumbprint
(CertificateToken signingCertificate) Incorporates 5.1.7 The x5t#S256 (X.509 Certificate SHA-256 Thumbprint) header parameterboolean
JAdESService.isValidSignatureValue
(ToBeSigned toBeSigned, SignatureValue signatureValue, CertificateToken signingCertificate) Modifier and TypeMethodDescriptionprotected org.jose4j.json.internal.json_simple.JSONArray
JAdESLevelBaselineLT.getXVals
(Set<CertificateToken> certificateValuesToAdd) Builds and returns 'xVals' JSONArrayprotected void
JAdESLevelBaselineLT.incorporateXVals
(JAdESEtsiUHeader etsiUHeader, Set<CertificateToken> certificateValuesToAdd, boolean base64UrlEncoded) Incorporates the provided set of certificates intoetsiUHeader
-
Uses of CertificateToken in eu.europa.esig.dss.jades.validation
Modifier and TypeMethodDescriptionCommonX509URLCertificateSource.addCertificate
(CertificateToken certificateToAdd) CommonX509URLCertificateSource.addCertificate
(String uri, CertificateToken certificate) Adds a certificate for a given 'x5u' URL (JWS/JAdES)KidCertificateSource.addCertificate
(CertificateToken certificateToAdd) KidCertificateSource.addCertificate
(String kid, CertificateToken certificate) Adds a certificate for a given 'kid' (JWS/JAdES)KidCertificateSource.getCertificateByKid
(String kid) Gets aCertificateToken
by the given KIDModifier and TypeMethodDescriptionCommonX509URLCertificateSource.addCertificates
(String uri, Collection<CertificateToken> certificates) Adds a collection of certificates for a given 'x5u' URL (JWS/JAdES)JAdESCertificateSource.findTokensFromCertRef
(CertificateRef certificateRef) CommonX509URLCertificateSource.getCertificatesByUrl
(String uri) X509URLCertificateSource.getCertificatesByUrl
(String uri) Gets a collection ofCertificateToken
s retrieved from the given URIJAdESCertificateSource.getKeyIdentifierCertificates()
Retrieves the Set ofCertificateToken
s according to a reference present within a 'kid' (key identifier) headerModifier and TypeMethodDescriptionCommonX509URLCertificateSource.addCertificate
(CertificateToken certificateToAdd) CommonX509URLCertificateSource.addCertificate
(String uri, CertificateToken certificate) Adds a certificate for a given 'x5u' URL (JWS/JAdES)KidCertificateSource.addCertificate
(CertificateToken certificateToAdd) KidCertificateSource.addCertificate
(String kid, CertificateToken certificate) Adds a certificate for a given 'kid' (JWS/JAdES)JAdESCertificateSource.getReferencesForCertificateToken
(CertificateToken certificateToken) Modifier and TypeMethodDescriptionCommonX509URLCertificateSource.addCertificates
(String uri, Collection<CertificateToken> certificates) Adds a collection of certificates for a given 'x5u' URL (JWS/JAdES) -
Uses of CertificateToken in eu.europa.esig.dss.model
Modifier and TypeMethodDescriptionSerializableSignatureParameters.getSigningCertificate()
Get the signing certificate -
Uses of CertificateToken in eu.europa.esig.dss.model.identifier
ModifierConstructorDescriptionCertificateTokenIdentifier
(CertificateToken certificateToken) Default constructor -
Uses of CertificateToken in eu.europa.esig.dss.model.tsl
Modifier and TypeMethodDescriptionValidationInfoRecord.getSigningCertificate()
Gets the signing certificateModifier and TypeMethodDescriptionTrustService.getCertificates()
Gets a list of certificatesPivotInfo.getCertificateStatusMap()
Returns a map of certificate tokens with a status regarding to the current pivotValidationInfoRecord.getPotentialSigners()
Gets a list of signing candidatesOtherTSLPointer.getSdiCertificates()
Gets a list of ServiceDigitalIdentity X509 certificatesOtherTSLPointer.OtherTSLPointerBuilder.getSdiCertificates()
Gets the ServiceDigitalIdentity X509 certificatesModifier and TypeMethodDescriptionboolean
Condition.check
(CertificateToken certificateToken) Returns true if the condition is evaluated to true for the given certificate.TrustPropertiesCertificateSource.getTrustServices
(CertificateToken token) Returns TrustProperties for the given certificate, when applicableModifier and TypeMethodDescriptionTrustService.TrustServiceBuilder.setCertificates
(List<CertificateToken> certificates) Sets a list of certificatesOtherTSLPointer.OtherTSLPointerBuilder.setSdiCertificates
(List<CertificateToken> sdiCertificates) Sets the ServiceDigitalIdentity X509 certificatesvoid
TrustPropertiesCertificateSource.setTrustPropertiesByCertificates
(Map<CertificateToken, List<TrustProperties>> trustPropertiesByCerts) The method allows to fill the CertificateSourceModifierConstructorDescriptionPivotInfo
(DownloadInfoRecord downloadCacheInfo, ParsingInfoRecord parsingCacheInfo, ValidationInfoRecord validationCacheInfo, String url, Map<CertificateToken, CertificatePivotStatus> certificates, String lotlLocation) The default constructorTrustService
(List<CertificateToken> certificates, TimeDependentValues<TrustServiceStatusAndInformationExtensions> status) Default constructor -
Uses of CertificateToken in eu.europa.esig.dss.model.x509
Modifier and TypeMethodDescriptionboolean
CertificateToken.isEquivalent
(CertificateToken token) This method returns true if the given token is equivalent.boolean
Token.isSignedBy
(CertificateToken token) Checks if the token is signed by the given token in the parameter. -
Uses of CertificateToken in eu.europa.esig.dss.model.x509.extension
Modifier and TypeMethodDescriptionvoid
CertificateExtension.checkCritical
(CertificateToken certificateToken) Checks and sets whether the certificate extension is critical -
Uses of CertificateToken in eu.europa.esig.dss.pades.validation
Modifier and TypeMethodDescriptionPAdESCertificateSource.getCertificateMap()
Gets the map of certificate PDF object ids and the certificateTokensPAdESCertificateSource.getCertificateValues()
PAdESCertificateSource.getDSSDictionaryCertValues()
PAdESCertificateSource.getVRIDictionaryCertValues()
Modifier and TypeMethodDescriptionPAdESCRLSource.getRevocationTokens
(CertificateToken certificateToken, CertificateToken issuerToken) PAdESOCSPSource.getRevocationTokens
(CertificateToken certificateToken, CertificateToken issuerToken) -
Uses of CertificateToken in eu.europa.esig.dss.pades.validation.dss
Modifier and TypeMethodDescriptionPdfDssDictCertificateSource.getCertificateMap()
Gets a map of PDF object ids and corresponding certificate tokensprotected Set
<CertificateToken> PdfCompositeDssDictCertificateSource.getCertificateTokensByObjectId
(Long objectId) This method returns a set ofCertificateToken
s with the given PDF object idPdfDssDictCertificateSource.getDSSDictionaryCertValues()
Gets list of DSS dictionary certificate tokensPdfDssDictCertificateSource.getVRIDictionaryCertValues()
Gets list of certificate tokens extracted from all VRI dictionariesModifier and TypeMethodDescriptionPdfDssDictCRLSource.getRevocationTokens
(CertificateToken certificateToken, CertificateToken issuerToken) PdfDssDictOCSPSource.getRevocationTokens
(CertificateToken certificateToken, CertificateToken issuerToken) -
Uses of CertificateToken in eu.europa.esig.dss.pdf
Modifier and TypeMethodDescriptionAbstractPdfDssDict.getCERTs()
PdfDssDict.getCERTs()
Returns a map of unique identifiers and Certificate Tokensstatic Map
<Long, CertificateToken> DSSDictionaryExtractionUtils.getCertsFromArray
(PdfDict dict, String dictionaryName, String arrayName) Extract certificate object map -
Uses of CertificateToken in eu.europa.esig.dss.pki.jaxb.builder
Modifier and TypeMethodDescriptionX509CertificateBuilder.issuer
(CertificateToken issuerCertificate, PrivateKey issuerPrivateKey, SignatureAlgorithm signatureAlgorithm) Sets mandatory information about the certificate's issuer to sign the created certificate with a CertificateToken of the issuerJAXBCertEntityBuilder.setCertificateToken
(CertificateToken certificateToken) Sets the certificate token associated with this entity -
Uses of CertificateToken in eu.europa.esig.dss.pki.jaxb.model
Modifier and TypeMethodDescriptionJAXBCertEntity.getCertificateToken()
Retrieves the CertificateToken associated with this entity.Modifier and TypeMethodDescriptionJAXBCertEntity.getCertificateChain()
Retrieves the certificate chain as a list of CertificateToken objects.Modifier and TypeMethodDescriptionJAXBCertEntityRepository.getByCertificateToken
(CertificateToken certificateToken) void
JAXBCertEntity.setCertificateToken
(CertificateToken certificateToken) Sets the certificate token associated with this entity -
Uses of CertificateToken in eu.europa.esig.dss.pki.model
Modifier and TypeMethodDescriptionCertEntity.getCertificateToken()
Gets the certificate token associated with this certificate entity.Modifier and TypeMethodDescriptionCertEntity.getCertificateChain()
Gets the certificate chain associated with this certificate entity.Modifier and TypeMethodDescriptionCertEntityRepository.getByCertificateToken
(CertificateToken certificateToken) Retrieves the certificate entity associated with the given certificate token. -
Uses of CertificateToken in eu.europa.esig.dss.pki.x509.aia
Modifier and TypeMethodDescriptionprotected CertificateToken
PKIAIASource.getCertificateIssuer
(CertificateToken certificateToken) Returns issuer of thecertificateToken
Modifier and TypeMethodDescriptionprotected List
<CertificateToken> PKIAIASource.getCertificateChain
(CertificateToken certificateToken) Returns a certificate chain for the givencertificateToken
PKIAIASource.getCertificatesByAIA
(CertificateToken certificateToken) Modifier and TypeMethodDescriptionprotected boolean
PKIAIASource.canGenerate
(CertificateToken certificateToken) Returns whether the current implementation is able to produce a CA issuers certificate chain for the givencertificateToken
protected CertEntity
PKIAIASource.getCertEntity
(CertificateToken certificateToken) Returns a cert entity for the correspondingeu.europa.esig.dss.model.x509.CertificateToken
protected List
<CertificateToken> PKIAIASource.getCertificateChain
(CertificateToken certificateToken) Returns a certificate chain for the givencertificateToken
protected CertificateToken
PKIAIASource.getCertificateIssuer
(CertificateToken certificateToken) Returns issuer of thecertificateToken
PKIAIASource.getCertificatesByAIA
(CertificateToken certificateToken) -
Uses of CertificateToken in eu.europa.esig.dss.pki.x509.revocation.crl
Modifier and TypeMethodDescriptionprotected boolean
PKICRLSource.canGenerate
(CertificateToken certificateToken, CertificateToken issuerCertificateToken) Returns whether the current implementation is able to produce a CRL for the givencertificateToken
protected CertEntity
PKICRLSource.getCrlIssuer
(CertificateToken certificateToken, CertificateToken issuerCertificateToken) Returns aCertEntity
to be used as an CRL issuer.PKICRLSource.getRevocationToken
(CertificateToken certificateToken, CertificateToken issuerCertificateToken) Retrieves a Certificate Revocation List (CRL) token for the given certificate and its issuer certificate if the CertEntity is not already. -
Uses of CertificateToken in eu.europa.esig.dss.pki.x509.revocation.ocsp
Modifier and TypeMethodDescriptionprotected org.bouncycastle.cert.ocsp.OCSPReq
PKIOCSPSource.buildOCSPRequest
(CertificateToken certificateToken, CertificateToken issuerCertificateToken) Builds an OCSP request for the givenCertificateToken
protected org.bouncycastle.cert.ocsp.OCSPResp
PKIOCSPSource.buildOCSPResponse
(CertificateToken certificateToken, CertificateToken issuerCertificateToken, org.bouncycastle.cert.ocsp.OCSPReq ocspReq) Builds an OCSP Responseprotected boolean
PKIOCSPSource.canGenerate
(CertificateToken certificateToken, CertificateToken issuerCertificateToken) Returns whether the current implementation is able to produce an OCSP response for the givencertificateToken
protected CertEntityRevocation
PKIOCSPSource.getCertificateTokenRevocation
(CertificateToken certificateToken, org.bouncycastle.cert.ocsp.OCSPReq ocspReq) Returns a revocation status for the givenCertificateToken
or a certificate withinOCSPReq
protected CertEntity
PKIDelegatedOCSPSource.getOcspResponder
(CertificateToken certificateToken, CertificateToken issuerCertificateToken) protected CertEntity
PKIOCSPSource.getOcspResponder
(CertificateToken certificateToken, CertificateToken issuerCertificateToken) Returns aCertEntity
to be used as an OCSP Response issuer.protected org.bouncycastle.cert.ocsp.RespID
PKIOCSPSource.getRespID
(CertificateToken ocspResponderCertificate) Builds aorg.bouncycastle.cert.ocsp.RespID
PKIOCSPSource.getRevocationToken
(CertificateToken certificateToken, CertificateToken issuerCertificateToken) Retrieves the OCSP token for the revocation status of the given certificate.protected org.bouncycastle.cert.ocsp.BasicOCSPRespBuilder
PKIOCSPSource.initBuilder
(CertificateToken ocspResponderCertificate) Initializes aBasicOCSPRespBuilder
-
Uses of CertificateToken in eu.europa.esig.dss.service.crl
Modifier and TypeMethodDescriptionprotected RevocationToken
<CRL> JdbcCacheCRLSource.buildRevocationTokenFromResult
(SqlRecord response, CertificateToken certificateToken, CertificateToken issuerCertificateToken) OnlineCRLSource.getCRLAccessURLs
(CertificateToken certificateToken, List<String> alternativeUrls) Extracts a list of CRL distribution point URLs to be used in the provided order to retrieve a CRLJdbcCacheCRLSource.getRevocationAccessUrls
(CertificateToken certificateToken) JdbcCacheCRLSource.getRevocationToken
(CertificateToken certificateToken, CertificateToken issuerCertificateToken) JdbcCacheCRLSource.getRevocationToken
(CertificateToken certificateToken, CertificateToken issuerCertificateToken, boolean forceRefresh) OnlineCRLSource.getRevocationToken
(CertificateToken certificateToken, CertificateToken issuerCertificateToken) OnlineCRLSource.getRevocationToken
(CertificateToken certificateToken, CertificateToken issuerToken, List<String> alternativeUrls) protected String
JdbcCacheCRLSource.getRevocationTokenKey
(CertificateToken certificateToken, String urlString) JdbcCacheCRLSource.initRevocationTokenKeys
(CertificateToken certificateToken) Returns a revocation token key -
Uses of CertificateToken in eu.europa.esig.dss.service.http.commons
Modifier and TypeMethodDescriptionSSLCertificateLoader.getCertificates
(String urlString) The method to extract SSL-certificates from the given web page -
Uses of CertificateToken in eu.europa.esig.dss.service.ocsp
Modifier and TypeMethodDescriptionprotected byte[]
OnlineOCSPSource.buildOCSPRequest
(CertificateToken certificateToken, CertificateToken issuerToken, byte[] nonce) Builds an OCSP request forcertificateToken
protected RevocationToken
<OCSP> JdbcCacheOCSPSource.buildRevocationTokenFromResult
(SqlRecord response, CertificateToken certificateToken, CertificateToken issuerCert) OnlineOCSPSource.getOCSPAccessURLs
(CertificateToken certificateToken, List<String> alternativeUrls) Extracts a list of OCSP access URLs to be used in the provided order to retrieve an OCSP responseJdbcCacheOCSPSource.getRevocationAccessUrls
(CertificateToken certificateToken) JdbcCacheOCSPSource.getRevocationToken
(CertificateToken certificateToken, CertificateToken issuerCertificateToken) JdbcCacheOCSPSource.getRevocationToken
(CertificateToken certificateToken, CertificateToken issuerCertificateToken, boolean forceRefresh) OnlineOCSPSource.getRevocationToken
(CertificateToken certificateToken, CertificateToken issuerCertificateToken) OnlineOCSPSource.getRevocationToken
(CertificateToken certificateToken, CertificateToken issuerCertificateToken, List<String> alternativeUrls) protected String
JdbcCacheOCSPSource.getRevocationTokenKey
(CertificateToken certificateToken, String urlString) JdbcCacheOCSPSource.initRevocationTokenKeys
(CertificateToken certificateToken) -
Uses of CertificateToken in eu.europa.esig.dss.service.x509.aia
Modifier and TypeMethodDescriptionprotected Set
<CertificateToken> JdbcCacheAIASource.findCertificates
(String key) Modifier and TypeMethodDescriptionprotected void
JdbcCacheAIASource.insertCertificate
(String aiaKey, CertificateToken certificateTokens) -
Uses of CertificateToken in eu.europa.esig.dss.signature
Modifier and TypeMethodDescriptionAbstractSignatureParameters.getSigningCertificate()
Get the signing certificateModifier and TypeMethodDescriptionAbstractSignatureParameters.getCertificateChain()
Set the certificate chainModifier and TypeMethodDescriptionvoid
SignatureRequirementsChecker.assertSigningCertificateIsValid
(CertificateToken certificateToken) This method verifies whether the provided certificate token is acceptable for a signature creation against the providedsignatureParameters
boolean
AbstractSignatureService.isValidSignatureValue
(ToBeSigned toBeSigned, SignatureValue signatureValue, CertificateToken signingCertificate) boolean
DocumentSignatureService.isValidSignatureValue
(ToBeSigned toBeSigned, SignatureValue signatureValue, CertificateToken signingCertificate) Verifies the signature value against aToBeSigned
and aCertificateToken
boolean
MultipleDocumentsSignatureService.isValidSignatureValue
(ToBeSigned toBeSigned, SignatureValue signatureValue, CertificateToken signingCertificate) Verifies the signature value against aToBeSigned
and aCertificateToken
void
AbstractSignatureParameters.setCertificateChain
(CertificateToken... certificateChainArray) This method sets the list of certificates which constitute the chain.void
AbstractSignatureParameters.setSigningCertificate
(CertificateToken signingCertificate) Set the signing certificate.Modifier and TypeMethodDescriptionvoid
AbstractSignatureParameters.setCertificateChain
(List<CertificateToken> certificateChain) Set the certificate chainModifierConstructorDescriptionprotected
AbstractSignatureParametersBuilder
(CertificateToken signingCertificate) The default constructorprotected
AbstractSignatureParametersBuilder
(CertificateToken signingCertificate, List<CertificateToken> certificateChain) A constructor with a certificateChainModifierConstructorDescriptionprotected
AbstractSignatureParametersBuilder
(CertificateToken signingCertificate, List<CertificateToken> certificateChain) A constructor with a certificateChain -
Uses of CertificateToken in eu.europa.esig.dss.spi
Modifier and TypeMethodDescriptionstatic CertificateToken
DSSASN1Utils.getCertificate
(org.bouncycastle.cert.X509CertificateHolder x509CertificateHolder) Extract the certificate token fromX509CertificateHolder
static CertificateToken
DSSUtils.loadCertificate
(byte[] input) This method loads a certificate from the byte array.static CertificateToken
DSSUtils.loadCertificate
(File file) This method loads a certificate from the given location.static CertificateToken
DSSUtils.loadCertificate
(InputStream inputStream) This method loads a certificate from the given location.static CertificateToken
DSSUtils.loadCertificateFromBase64EncodedString
(String base64Encoded) This method loads a certificate from a base 64 encoded StringModifier and TypeMethodDescriptionSignatureCertificateSource.getAttrAuthoritiesCertValues()
Retrieves the list of all certificates from the AttrAuthoritiesCertValues (XAdES)SignatureCertificateSource.getAttributeCertificates()
Retrieves the Set ofCertificateToken
s according to references included in the attribute attribute-certificate-references (CAdES) or the AttributeCertificateRefs/AttributeCertificateRefsV2 (XAdES)SignatureCertificateSource.getCertificateValues()
Retrieves the list of all certificates from CertificateValues (XAdES/CAdES)SignatureCertificateSource.getCompleteCertificates()
Retrieves the Set ofCertificateToken
s according references to included in the attribute complete-certificate-references (CAdES) or the CompleteCertificateRefs/CompleteCertificateRefsV2 (XAdES)SignatureCertificateSource.getDSSDictionaryCertValues()
Retrieves the list of all certificates from the DSS dictionary (PAdES)SignatureCertificateSource.getKeyInfoCertificates()
Retrieves the list of all certificates present in the KeyInfo element (XAdES) (can be unsigned)SignatureCertificateSource.getSignedDataCertificates()
Retrieves the list of all certificates present in a signed element (i.e. the CMS Signed data (CAdES))SignatureCertificateSource.getSigningCertificates()
Retrieves the Set ofCertificateToken
s for the signing certificate (V1/V2)SignatureCertificateSource.getTimeStampValidationDataCertValues()
Retrieves the list of all certificates from the TimeStampValidationData (XAdES)SignatureCertificateSource.getVRIDictionaryCertValues()
Retrieves the list of all certificates from the VRI dictionary (PAdES)static List
<CertificateToken> DSSUtils.loadCertificateFromP7c
(InputStream is) Loads a collection of certificates from a p7c sourceModifier and TypeMethodDescriptionstatic boolean
DSSRevocationUtils.checkIssuerValidAtRevocationProductionTime
(RevocationToken<?> revocationToken, CertificateToken issuerCertificateToken) Checks if the revocation has been produced during the issuer certificate validity rangestatic byte[]
DSSASN1Utils.computeSkiFromCert
(CertificateToken certificateToken) Computes SHA-1 hash of thecertificateToken
's public keystatic String
DSSUtils.convertToPEM
(CertificateToken cert) This method converts the given certificate into its PEM string.static AuthorityInformationAccess
CertificateExtensionsUtils.getAuthorityInformationAccess
(CertificateToken certificateToken) Returns the authority information access, when presentstatic AuthorityKeyIdentifier
CertificateExtensionsUtils.getAuthorityKeyIdentifier
(CertificateToken certificateToken) Returns the subject key identifier, when presentstatic BasicConstraints
CertificateExtensionsUtils.getBasicConstraints
(CertificateToken certificateToken) Returns a basic constraints extension, when presentCertificateExtensionsUtils.getCAIssuersAccessUrls
(CertificateToken certificate) Returns the CA issuers URIs extracted from authorityInfoAccess.caIssuers fieldstatic CertificateExtensions
CertificateExtensionsUtils.getCertificateExtensions
(CertificateToken certificateToken) This method extracts the certificate extensions from the givencertificateToken
static CertificatePolicies
CertificateExtensionsUtils.getCertificatePolicies
(CertificateToken certificateToken) Returns the certificate policies, when presentCertificateExtensionsUtils.getCRLAccessUrls
(CertificateToken certificate) Returns the CRL distribution URIs extracted from cRLDistributionPoints fieldstatic CRLDistributionPoints
CertificateExtensionsUtils.getCRLDistributionPoints
(CertificateToken certificateToken) Returns the CRL distribution points, when presentDSSRevocationUtils.getCRLRevocationTokenKeys
(CertificateToken certificateToken) static ExtendedKeyUsages
CertificateExtensionsUtils.getExtendedKeyUsage
(CertificateToken certificateToken) Returns the extended key usage, when presentDSSASN1Utils.getExtendedKeyUsage
(CertificateToken certToken) Extracts all extended key usages for the certificate tokenstatic String
DSSASN1Utils.getHumanReadableName
(CertificateToken cert) Extracts the pretty printed name of the certificate tokenstatic InhibitAnyPolicy
CertificateExtensionsUtils.getInhibitAnyPolicy
(CertificateToken certificateToken) Returns an inhibit anyPolicy extension, when presentstatic org.bouncycastle.asn1.x509.IssuerSerial
DSSASN1Utils.getIssuerSerial
(CertificateToken certToken) This method returns a new IssuerSerial based on the certificate tokenstatic KeyUsage
CertificateExtensionsUtils.getKeyUsage
(CertificateToken certificateToken) Returns the key usage, when presentstatic org.bouncycastle.cert.ocsp.SingleResp
DSSRevocationUtils.getLatestSingleResponse
(org.bouncycastle.cert.ocsp.BasicOCSPResp basicResponse, CertificateToken certificate, CertificateToken issuer) Gets the latest single response from the OCSP responsestatic NameConstraints
CertificateExtensionsUtils.getNameConstraints
(CertificateToken certificateToken) Returns a name constraints extension, when presentCertificateExtensionsUtils.getOCSPAccessUrls
(CertificateToken certificate) Returns the OCSP URIs extracted from authorityInfoAccess.ocsp fieldstatic org.bouncycastle.cert.ocsp.CertificateID
DSSRevocationUtils.getOCSPCertificateID
(CertificateToken cert, CertificateToken issuerCert, DigestAlgorithm digestAlgorithm) Returns theCertificateID
for the given certificate and its issuer's certificate.static OCSPNoCheck
CertificateExtensionsUtils.getOcspNoCheck
(CertificateToken certificateToken) Returns the ocsp-nocheck extension value, when presentstatic String
DSSRevocationUtils.getOcspRevocationKey
(CertificateToken certificateToken, String ocspUrl) Gets OCSP key (SHA-1 digest) of the urlDSSRevocationUtils.getOcspRevocationTokenKeys
(CertificateToken certificateToken) static PolicyConstraints
CertificateExtensionsUtils.getPolicyConstraints
(CertificateToken certificateToken) Returns a policy constraints extension, when presentstatic QcStatements
CertificateExtensionsUtils.getQcStatements
(CertificateToken certificateToken) Returns the qc-statements extension value, when presentstatic QcStatements
QcStatementUtils.getQcStatements
(CertificateToken certToken) Extracts the QCStatements from a certificate tokenstatic List
<org.bouncycastle.cert.ocsp.SingleResp> DSSRevocationUtils.getSingleResponses
(org.bouncycastle.cert.ocsp.BasicOCSPResp basicResponse, CertificateToken certificate, CertificateToken issuer) Gets a list of single response from the OCSP responsestatic SubjectAlternativeNames
CertificateExtensionsUtils.getSubjectAlternativeNames
(CertificateToken certificateToken) Returns a subject alternative names, when presentstatic String
DSSASN1Utils.getSubjectCommonName
(CertificateToken cert) Extracts the Subject Common name from the certificate tokenstatic SubjectKeyIdentifier
CertificateExtensionsUtils.getSubjectKeyIdentifier
(CertificateToken certificateToken) Returns the subject key identifier, when presentstatic ValidityAssuredShortTerm
CertificateExtensionsUtils.getValAssuredSTCerts
(CertificateToken certificateToken) Returns the ext-etsi-valassured-ST-certs extension value, when presentstatic org.bouncycastle.cert.X509CertificateHolder
DSSASN1Utils.getX509CertificateHolder
(CertificateToken certToken) Returns aX509CertificateHolder
encapsulating the givenX509Certificate
.static boolean
CertificateExtensionsUtils.hasOcspNoCheckExtension
(CertificateToken certificateToken) Checks if the certificate contains ocsp-nocheck extension indicating if the revocation data should be checked for an OCSP signing certificate.
RFC 6960static boolean
CertificateExtensionsUtils.hasValAssuredShortTermCertsExtension
(CertificateToken certificateToken) Checks if the certificate contains ext-etsi-valassured-ST-certs extension indicating that the validity of the certificate is assured because the certificate is a "short-term certificate".static boolean
DSSASN1Utils.isSkiEqual
(byte[] ski, CertificateToken certificateToken) Checks if the provided ski matches to a ski computed from a certificateToken's public key -
Uses of CertificateToken in eu.europa.esig.dss.spi.signature
Modifier and TypeMethodDescriptionAdvancedSignature.getSigningCertificateToken()
This method returns the signing certificate token or null if there is no valid signing certificate.DefaultAdvancedSignature.getSigningCertificateToken()
Modifier and TypeMethodDescriptionAdvancedSignature.getCertificates()
Get certificates embedded in the signatureDefaultAdvancedSignature.getCertificates()
Returns an unmodifiable list of all certificate tokens encapsulated in the signatureModifier and TypeMethodDescriptionprotected boolean
BaselineRequirementsChecker.containsSigningCertificate
(Collection<CertificateToken> certificateTokens) Checks if the given collection ofCertificateToken
s contains the signing certificate for the signature -
Uses of CertificateToken in eu.europa.esig.dss.spi.tsl
Modifier and TypeMethodDescriptionTrustedListsCertificateSource.addCertificate
(CertificateToken certificate) This method is not applicable for this kind of certificate source.Modifier and TypeMethodDescriptionTrustedListsCertificateSource.addCertificate
(CertificateToken certificate) This method is not applicable for this kind of certificate source.TrustedListsCertificateSource.getAlternativeCRLUrls
(CertificateToken trustAnchor) TrustedListsCertificateSource.getAlternativeOCSPUrls
(CertificateToken trustAnchor) TrustedListsCertificateSource.getTrustServices
(CertificateToken token) Modifier and TypeMethodDescriptionvoid
TrustedListsCertificateSource.setTrustPropertiesByCertificates
(Map<CertificateToken, List<TrustProperties>> trustPropertiesByCerts) -
Uses of CertificateToken in eu.europa.esig.dss.spi.validation
Modifier and TypeMethodDescriptionValidationData.getCertificateTokens()
Gets certificate tokens to be included into the signatureSignatureValidationContext.getProcessedCertificates()
ValidationContext.getProcessedCertificates()
Returns a read only list of all certificates used in the process of the validation of all signatures from the given document.Modifier and TypeMethodDescriptionvoid
SignatureValidationContext.addCertificateTokenForVerification
(CertificateToken certificateToken) void
ValidationContext.addCertificateTokenForVerification
(CertificateToken certificateToken) Adds a new certificate token to the list of tokens to verify.boolean
SignatureValidationContext.checkCertificateNotRevoked
(CertificateToken certificateToken) boolean
ValidationContext.checkCertificateNotRevoked
(CertificateToken certificateToken) This method allows to verify if the certificate is not revoked Additionally, an alert can be handledCertificateVerifier.setAlertOnRevokedCertificate(eu.europa.esig.dss.alert.StatusAlert)
protected RevocationToken
<CRL> RevocationDataLoadingStrategy.checkCRL
(CertificateToken certificateToken, CertificateToken issuerToken) Retrieves and verifies the obtained CRL token NOTE: returns only if a valid entry has been obtained!protected RevocationToken
<OCSP> RevocationDataLoadingStrategy.checkOCSP
(CertificateToken certificateToken, CertificateToken issuerToken) Retrieves and verifies the obtained OCSP token NOTE: returns only if a valid entry has been obtained!CRLFirstRevocationDataLoadingStrategy.getRevocationToken
(CertificateToken certificateToken, CertificateToken issuerToken) OCSPFirstRevocationDataLoadingStrategy.getRevocationToken
(CertificateToken certificateToken, CertificateToken issuerToken) abstract RevocationToken
RevocationDataLoadingStrategy.getRevocationToken
(CertificateToken certificateToken, CertificateToken issuerCertificateToken) This method retrieves aRevocationToken
for the given certificateTokenboolean
RevocationDataVerifier.isAcceptable
(RevocationToken<?> revocationToken, CertificateToken issuerCertificateToken) This method verifies the validity of the givenRevocationToken
boolean
RevocationDataVerifier.isRevocationDataSkip
(CertificateToken certificateToken) Checks and returns whether the revocation check shall be skipped for the given certificateModifier and TypeMethodDescriptionvoid
ValidationData.excludeCertificateTokens
(Collection<CertificateToken> certificateTokensToExclude) Removes all certificate token entries matching the provided collectionboolean
TimestampTokenVerifier.isAcceptable
(TimestampToken timestampToken, List<CertificateToken> certificateChain) This method verifies whether the giventimestampToken
is valid and acceptable, and its POE can be extracted to the validation processprotected boolean
TimestampTokenVerifier.isTrustedTimestampToken
(TimestampToken timestampToken, List<CertificateToken> certificateChain) This method verifies whether thetimestampToken
is trusted to continue the process. -
Uses of CertificateToken in eu.europa.esig.dss.spi.validation.timestamp
Modifier and TypeMethodDescriptionprotected TimestampedReference
AbstractTimestampSource.createReferenceForCertificate
(CertificateToken certificateToken) Creates aTimestampedReference
for the providedCertificateToken
Modifier and TypeMethodDescriptionprotected List
<TimestampedReference> AbstractTimestampSource.createReferencesForCertificates
(Collection<CertificateToken> certificates) Creates a list ofTimestampedReference
s for the provided list ofcertificates
-
Uses of CertificateToken in eu.europa.esig.dss.spi.x509
Modifier and TypeMethodDescriptionCertificateSource.addCertificate
(CertificateToken certificate) This method allows to manually add any certificate to the source.CommonCertificateSource.addCertificate
(CertificateToken certificateToAdd) This method adds an external certificate to the source.KeyStoreCertificateSource.addCertificate
(CertificateToken certificateToAdd) ListCertificateSource.addCertificate
(CertificateToken certificate) KeyStoreCertificateSource.getCertificate
(String alias) This method allows to retrieve a certificate by its aliasCertificateValidity.getCertificateToken()
Gets theCertificateToken
protected CertificateToken
TokenCertificateSource.getCertificateToken
(SignerIdentifier signerIdentifier) Gets aCertificateToken
by the givenSignerIdentifier
TokenIssuerSelector.getIssuer()
FilterscertificateTokens
and returns the best issuer candidate fortoken
Modifier and TypeMethodDescriptionCertificateSource.findTokensFromCertRef
(CertificateRef certificateRef) Returns Set ofCertificateToken
s for the providedCertificateRef
CommonCertificateSource.findTokensFromCertRef
(CertificateRef certificateRef) ListCertificateSource.findTokensFromCertRef
(CertificateRef certificateRef) TokenCertificateSource.findTokensFromRefs
(List<CertificateRef> certificateRefs) Returns Set ofCertificateToken
s for the providedCertificateRef
sCertificateSource.getByCertificateDigest
(Digest digest) This method returns the Set of certificates with theDigest
CommonCertificateSource.getByCertificateDigest
(Digest digest) ListCertificateSource.getByCertificateDigest
(Digest digest) CertificateSource.getByPublicKey
(PublicKey publicKey) This method returns a Set ofCertificateToken
with the givenPublicKey
CommonCertificateSource.getByPublicKey
(PublicKey publicKey) This method returns a list ofCertificateToken
with the givenPublicKey
ListCertificateSource.getByPublicKey
(PublicKey publicKey) CertificateSource.getBySignerIdentifier
(SignerIdentifier signerIdentifier) This method returns the Set of certificates with theCertificateIdentifier
CommonCertificateSource.getBySignerIdentifier
(SignerIdentifier signerIdentifier) ListCertificateSource.getBySignerIdentifier
(SignerIdentifier signerIdentifier) CertificateSource.getBySki
(byte[] ski) This method returns a Set ofCertificateToken
with the given SKI (SubjectKeyIdentifier (SHA-1 of the PublicKey))CommonCertificateSource.getBySki
(byte[] ski) This method returns a list ofCertificateToken
with the given SKI (SubjectKeyIdentifier (SHA-1 of the PublicKey))ListCertificateSource.getBySki
(byte[] ski) This method returns the foundCertificateToken
from allCertificateSource
for the given subject key identifier (SHA-1 of the public key).CertificateSource.getBySubject
(X500PrincipalHelper subject) This method returns the Set of certificates with the same subjectDN.CommonCertificateSource.getBySubject
(X500PrincipalHelper subject) This method returns the Set of certificates with the same subjectDN.ListCertificateSource.getBySubject
(X500PrincipalHelper subject) This method returns the foundCertificateToken
from allCertificateSource
for the givenX500PrincipalHelper
.BaselineBCertificateSelector.getCertificates()
Returns a certificate chain for a B-level signature creationCertificateSource.getCertificates()
Retrieves the unmodifiable list of all certificate tokens from this source.CommonCertificateSource.getCertificates()
Retrieves the unmodifiable list of all certificate tokens from this source.ListCertificateSource.getCertificates()
protected List
<CertificateToken> TokenCertificateSource.getCertificateTokensByOrigin
(CertificateOrigin origin) Gets a list ofCertificateToken
s by the givenCertificateOrigin
CertificateReorderer.getOrderedCertificateChains()
This method is used to order the certificates (signing certificate, CA1, CA2 and Root)CertificateReorderer.getOrderedCertificateChains()
This method is used to order the certificates (signing certificate, CA1, CA2 and Root)CertificateReorderer.getOrderedCertificates()
This method is used to order the certificates (signing certificate, CA1, CA2 and Root)Modifier and TypeMethodDescriptionCertificateSource.addCertificate
(CertificateToken certificate) This method allows to manually add any certificate to the source.CommonCertificateSource.addCertificate
(CertificateToken certificateToAdd) This method adds an external certificate to the source.KeyStoreCertificateSource.addCertificate
(CertificateToken certificateToAdd) ListCertificateSource.addCertificate
(CertificateToken certificate) protected void
TokenCertificateSource.addCertificate
(CertificateToken certificate, CertificateOrigin origin) Adds aCertificateToken
with itsCertificateOrigin
void
KeyStoreCertificateSource.addCertificateToKeyStore
(CertificateToken certificateToken) This method allows to add a certificate in the keystore.protected boolean
CommonCertificateSource.doesCertificateReferenceMatch
(CertificateToken certificateToken, CertificateRef certificateRef) This method verifies whether theCertificateRef
does match to theCertificateToken
CommonTrustedCertificateSource.getAlternativeCRLUrls
(CertificateToken trustAnchor) TrustedCertificateSource.getAlternativeCRLUrls
(CertificateToken trustAnchor) Returns a list of alternative CRL access point Urls for certificates issued by the current trust anchorCommonTrustedCertificateSource.getAlternativeOCSPUrls
(CertificateToken trustAnchor) TrustedCertificateSource.getAlternativeOCSPUrls
(CertificateToken trustAnchor) Returns a list of alternative OCSP access point Urls for certificates issued by the current trust anchorListCertificateSource.getCertificateSourceType
(CertificateToken certificateToken) This method return the differentCertificateSourceType
where the certificate is foundTokenCertificateSource.getReferencesForCertificateToken
(CertificateToken certificateToken) Returns list ofCertificateRef
s found for the givencertificateToken
AlternateUrlsSourceAdapter.getRevocationToken
(CertificateToken certificateToken, CertificateToken issuerCertificateToken) AlternateUrlsSourceAdapter.getRevocationToken
(CertificateToken certificateToken, CertificateToken issuerCertificateToken, List<String> alternativeUrls) CompositeRevocationSource.getRevocationToken
(CertificateToken certificateToken, CertificateToken issuerCertificateToken) CommonTrustedCertificateSource.getTrustServices
(CertificateToken token) Deprecated.since DSS 6.1.boolean
CertificateSource.isKnown
(CertificateToken certificateToken) This method checks if a given certificate is known in the current sourceboolean
CommonCertificateSource.isKnown
(CertificateToken token) boolean
ListCertificateSource.isKnown
(CertificateToken certificateToken) boolean
ResponderId.isRelatedToCertificate
(CertificateToken certificateToken) Checks if the ResponderId is related to a provided certificateTokenboolean
SignerIdentifier.isRelatedToCertificate
(CertificateToken certificateToken) Checks if the current SerialInfo is related to a provided CertificateTokenboolean
CertificateSource.isTrusted
(CertificateToken certificateToken) This method checks if a given certificate is trustedboolean
CommonCertificateSource.isTrusted
(CertificateToken certificateToken) boolean
CommonTrustedCertificateSource.isTrusted
(CertificateToken certificateToken) boolean
ListCertificateSource.isTrusted
(CertificateToken certificateToken) This method checks in all sources in the given certificate is trustedboolean
CertificateTokenRefMatcher.match
(CertificateToken certificateToken, CertificateRef certificateRef) This method verifies if the givenCertificateToken
matches theCertificateRef
boolean
CertificateTokenRefMatcher.matchByDigest
(CertificateToken certificateToken, CertificateRef certificateRef) This method verifies if only digest within thecertificateRef
corresponds tocertificateToken
boolean
CertificateTokenRefMatcher.matchByIssuerName
(CertificateToken certificateToken, CertificateRef certificateRef) This method verifies if only the issuer name within thecertificateRef
corresponds tocertificateToken
boolean
CertificateTokenRefMatcher.matchByResponderId
(CertificateToken certificateToken, CertificateRef certificateRef) This method verifies if only the responder Id within thecertificateRef
corresponds tocertificateToken
boolean
CertificateTokenRefMatcher.matchBySerialNumber
(CertificateToken certificateToken, CertificateRef certificateRef) This method verifies if only the serial number within thecertificateRef
corresponds tocertificateToken
protected void
CommonCertificateSource.removeCertificate
(CertificateToken certificateToRemove) This method removes the corresponding certificate token from the certificate sourceCMSSignedDataBuilder.setSigningCertificate
(CertificateToken signingCertificate) Sets a signing-certificate to be used for CMSSignedData generationModifier and TypeMethodDescriptionvoid
KeyStoreCertificateSource.addAllCertificatesToKeyStore
(List<CertificateToken> certificates) This method allows to add a list of certificates to the keystoreorg.bouncycastle.cms.CMSSignedData
CMSSignedDataBuilder.extendCMSSignedData
(Collection<CertificateToken> certificateTokens, Collection<CRLToken> crlTokens, Collection<OCSPToken> ocspTokens) Extends the providedcmsSignedData
with the required validation dataCMSSignedDataBuilder.setCertificateChain
(Collection<CertificateToken> certificateChain) Sets a collection of certificates to be incorporated within CMSSignedData.certificates fieldModifierConstructorDescriptionBaselineBCertificateSelector
(CertificateToken signingCertificate, Collection<CertificateToken> certificateChain) Constructor to build a certificate chain forsigningCertificate
CertificateReorderer
(CertificateToken signingCertificate, Collection<CertificateToken> certificateChain) Constructor which takes a potential signing certificate and a certificate chainCertificateValidity
(CertificateToken certificateToken) This constructor create an object containing all information concerning the validity of a candidate for the signing certificate.ModifierConstructorDescriptionBaselineBCertificateSelector
(CertificateToken signingCertificate, Collection<CertificateToken> certificateChain) Constructor to build a certificate chain forsigningCertificate
CertificateReorderer
(CertificateToken signingCertificate, Collection<CertificateToken> certificateChain) Constructor which takes a potential signing certificate and a certificate chainCertificateReorderer
(Collection<CertificateToken> certificateChain) Constructor which takes a collection of certificates where DSS needs to find the signing certificateTokenIssuerSelector
(Token token, Collection<CertificateToken> certificateTokens) Default constructor -
Uses of CertificateToken in eu.europa.esig.dss.spi.x509.aia
Modifier and TypeMethodDescriptionAIACertificateSource.getIssuerFromAIA()
Get the issuer's certificate from Authority Information Access through id-ad-caIssuers extension.Modifier and TypeMethodDescriptionprotected abstract Set
<CertificateToken> RepositoryAIASource.findCertificates
(String key) This method returns a set of certificates from a DB with the given keyAIASource.getCertificatesByAIA
(CertificateToken certificateToken) Loads a set ofCertificateToken
s accessed by AIA URIs from the providedcertificateToken
CompositeAIASource.getCertificatesByAIA
(CertificateToken certificateToken) DefaultAIASource.getCertificatesByAIA
(CertificateToken certificateToken) RepositoryAIASource.getCertificatesByAIA
(CertificateToken certificateToken) RepositoryAIASource.getCertificatesByAIA
(CertificateToken certificateToken, boolean forceRefresh) This method allows to populate the source with new AIA certificates obtained from an proxied source, by forcing the refreshModifier and TypeMethodDescriptionDefaultAIASource.getCAIssuersUrls
(CertificateToken certificateToken) Returns a list of caIssuers URLs for the givencertificateToken
AIASource.getCertificatesByAIA
(CertificateToken certificateToken) Loads a set ofCertificateToken
s accessed by AIA URIs from the providedcertificateToken
CompositeAIASource.getCertificatesByAIA
(CertificateToken certificateToken) DefaultAIASource.getCertificatesByAIA
(CertificateToken certificateToken) RepositoryAIASource.getCertificatesByAIA
(CertificateToken certificateToken) RepositoryAIASource.getCertificatesByAIA
(CertificateToken certificateToken, boolean forceRefresh) This method allows to populate the source with new AIA certificates obtained from an proxied source, by forcing the refreshprotected String
RepositoryAIASource.getCertificateTokenAIAUrl
(CertificateToken certificateToken) Returns a caIssuers access URLprotected String
RepositoryAIASource.getUniqueCertificateAiaId
(CertificateToken certificateToken, String aiaUrl) Generates a unique identifier for theCertificateToken
andaiaUrl
pairprotected abstract void
RepositoryAIASource.insertCertificate
(String aiaKey, CertificateToken certificateToken) This method allows inserting of a certificate into the DBModifierConstructorDescriptionAIACertificateSource
(CertificateToken certificate, AIASource aiaSource) Default constructor -
Uses of CertificateToken in eu.europa.esig.dss.spi.x509.revocation
Modifier and TypeFieldDescriptionprotected CertificateToken
RevocationToken.relatedCertificate
RelatedCertificateToken
to this revocation objectModifier and TypeMethodDescriptionabstract CertificateToken
RevocationToken.getIssuerCertificateToken()
Returns issuerCertificateToken
RevocationToken.getRelatedCertificate()
Returns a certificate token the current revocation data has been issued forModifier and TypeMethodDescriptionprotected abstract RevocationToken
<R> JdbcRevocationSource.buildRevocationTokenFromResult
(SqlRecord response, CertificateToken certificateToken, CertificateToken issuerCertificateToken) BuildsRevocationToken
from the obtainedResultSet
protected List
<RevocationToken<R>> JdbcRevocationSource.findRevocations
(String key, CertificateToken certificateToken, CertificateToken issuerCertificateToken) protected abstract List
<RevocationToken<R>> RepositoryRevocationSource.findRevocations
(String key, CertificateToken certificateToken, CertificateToken issuerCertToken) Finds a list of RevocationTokens in the cache for the givencertificateToken
with the correspondingkey
RepositoryRevocationSource.getRevocationAccessUrls
(CertificateToken certificateToken) Returns a revocation access URLs of the given revocation type for the providedCertificateToken
protected String
RepositoryRevocationSource.getRevocationSourceUrl
(CertificateToken certificateToken, RevocationToken<R> revocationToken) Returns a revocation URL for the givenrevocationToken
OfflineRevocationSource.getRevocationToken
(CertificateToken certificateToken, CertificateToken issuerCertificateToken) This method returns the latest issued revocation token from a set of all revocation data found for the givencertificateToken
.RepositoryRevocationSource.getRevocationToken
(CertificateToken certificateToken, CertificateToken issuerCertificateToken) RepositoryRevocationSource.getRevocationToken
(CertificateToken certificateToken, CertificateToken issuerCertificateToken, boolean forceRefresh) Retrieves a revocation token for the givenCertificateToken
RevocationSource.getRevocationToken
(CertificateToken certificateToken, CertificateToken issuerCertificateToken) This method retrieves aRevocationToken
for the certificateTokenRevocationSourceAlternateUrlsSupport.getRevocationToken
(CertificateToken certificateToken, CertificateToken issuerCertificateToken, List<String> alternativeUrls) Gets anRevocationToken
for the given certificate / issuer's certificate couple.protected abstract String
RepositoryRevocationSource.getRevocationTokenKey
(CertificateToken certificateToken, String urlString) Gets a unique revocation token identifier used to store the revocation token for thiscertificateToken
within a repositoryListRevocationSource.getRevocationTokens
(CertificateToken certificateToken, CertificateToken issuerCertificateToken) MultipleRevocationSource.getRevocationTokens
(CertificateToken certificateToken, CertificateToken issuerCertificateToken) This method retrieves a list ofRevocationToken
for the certificateTokenRepositoryRevocationSource.getRevocationTokens
(CertificateToken certificateToken, CertificateToken issuerCertificateToken) RepositoryRevocationSource.getRevocationTokens
(CertificateToken certificateToken, CertificateToken issuerCertificateToken, boolean forceRefresh) Retrieves a list of revocation token for the givenCertificateToken
RepositoryRevocationSource.initRevocationTokenKeys
(CertificateToken certificateToken) Initialize a list of revocation token keysString
from the givenCertificateToken
protected boolean
RepositoryRevocationSource.isNotExpired
(RevocationToken<R> revocationToken, CertificateToken certificateTokenIssuer) Checks if the nextUpdate date is currently valid with respect of nextUpdateDelay and maxNexUpdateDelay parameters. -
Uses of CertificateToken in eu.europa.esig.dss.spi.x509.revocation.crl
Modifier and TypeMethodDescriptionCRLSource.getRevocationToken
(CertificateToken certificateToken, CertificateToken issuerCertificateToken) ExternalResourcesCRLSource.getRevocationTokens
(CertificateToken certificate, CertificateToken issuer) OfflineCRLSource.getRevocationTokens
(CertificateToken certificateToken, CertificateToken issuerToken) ModifierConstructorDescriptionCRLToken
(CertificateToken certificateToken, CRLValidity crlValidity) The constructor to be used with the certificate which is managed by the CRL and theCRLValidity
. -
Uses of CertificateToken in eu.europa.esig.dss.spi.x509.revocation.ocsp
Modifier and TypeMethodDescriptionOCSPCertificateSource.getCandidatesForSigningCertificate
(CertificateToken certificateIssuer) Returns candidates for the OCSP Response's signing certificateOCSPSource.getRevocationToken
(CertificateToken certificateToken, CertificateToken issuerCertificateToken) ExternalResourcesOCSPSource.getRevocationTokens
(CertificateToken certificate, CertificateToken issuer) OfflineOCSPSource.getRevocationTokens
(CertificateToken certificate, CertificateToken issuer) ModifierConstructorDescriptionOCSPToken
(org.bouncycastle.cert.ocsp.BasicOCSPResp basicOCSPResp, org.bouncycastle.cert.ocsp.SingleResp latestSingleResp, CertificateToken certificate, CertificateToken issuer) The default constructor to instantiate an OCSPToken with BasicOCSPResp only -
Uses of CertificateToken in eu.europa.esig.dss.spi.x509.tsp
Modifier and TypeMethodDescriptionTimestampToken.getCertificates()
Returns the list of wrapped certificates.Modifier and TypeMethodDescriptionprotected SignatureValidity
TimestampToken.checkIsSignedBy
(CertificateToken candidate) Checks if timestamp is signed by teh given certificateboolean
TimestampToken.isSignedBy
(CertificateToken certificateToken) Checks if the timestamp token is signed by the given publicKeyModifierConstructorDescriptionKeyEntityTSPSource
(PrivateKey privateKey, CertificateToken certificateToken, List<CertificateToken> certificateChain) Constructor to instantiate KeyEntityTSPSource with the givenPrivateKey
and the correspondingcertificateToken
andcertificateChain
ModifierConstructorDescriptionKeyEntityTSPSource
(PrivateKey privateKey, CertificateToken certificateToken, List<CertificateToken> certificateChain) Constructor to instantiate KeyEntityTSPSource with the givenPrivateKey
and the correspondingcertificateToken
andcertificateChain
-
Uses of CertificateToken in eu.europa.esig.dss.token
Modifier and TypeMethodDescriptionDSSPrivateKeyEntry.getCertificate()
Retrieve the signing certificateKSPrivateKeyEntry.getCertificate()
DSSPrivateKeyEntry.getCertificateChain()
Retrieve the certificate chain linkedKSPrivateKeyEntry.getCertificateChain()
-
Uses of CertificateToken in eu.europa.esig.dss.tsl.dto
Modifier and TypeMethodDescriptionvoid
ValidationCacheDTO.setSigningCertificate
(CertificateToken signingCertificate) Sets the signing certificate tokenModifier and TypeMethodDescriptionvoid
ValidationCacheDTO.setPotentialSigners
(List<CertificateToken> potentialSigners) Sets a list of signing candidates -
Uses of CertificateToken in eu.europa.esig.dss.tsl.dto.condition
Modifier and TypeMethodDescriptionboolean
CertSubjectDNAttributeCondition.check
(CertificateToken certificateToken) boolean
CompositeCondition.check
(CertificateToken certificateToken) Execute the composite condition of the given certificateboolean
ExtendedKeyUsageCondition.check
(CertificateToken certificateToken) boolean
KeyUsageCondition.check
(CertificateToken certificateToken) boolean
PolicyIdCondition.check
(CertificateToken certificateToken) boolean
QCStatementCondition.check
(CertificateToken certificateToken) -
Uses of CertificateToken in eu.europa.esig.dss.tsl.function.converter
Modifier and TypeMethodDescriptionDigitalIdentityListTypeConverter.apply
(DigitalIdentityListType digitalIdentityList) -
Uses of CertificateToken in eu.europa.esig.dss.tsl.validation
Modifier and TypeMethodDescriptionValidationResult.getSigningCertificate()
Gets the signing certificateModifier and TypeMethodDescriptionValidationResult.getPotentialSigners()
Gets a list of signing candidatesModifierConstructorDescriptionValidationResult
(Indication indication, SubIndication subIndication, Date signingTime, CertificateToken signingCertificate, CertificateSource certificateSource) Default constructor -
Uses of CertificateToken in eu.europa.esig.dss.validation
Modifier and TypeMethodDescriptionstatic CertificateValidator
CertificateValidator.fromCertificate
(CertificateToken token) Creates a CertificateValidator from a certificateToken -
Uses of CertificateToken in eu.europa.esig.dss.validation.reports.diagnostic
Modifier and TypeFieldDescriptionprotected Map
<String, CertificateToken> DiagnosticDataBuilder.certificateIdsMap
A map between certificate id Strings and the related CertificateTokensprotected Map
<String, CertificateToken> DiagnosticDataBuilder.signingCertificateMap
A map between certificate id Strings and the related CertificateTokens for signing certificatesprotected Set
<CertificateToken> DiagnosticDataBuilder.usedCertificates
The certificates used during the validation processModifier and TypeMethodDescriptionprotected Collection
<CertificateToken> DiagnosticDataBuilder.getUsedCertificatesByCertificateRef
(CertificateRef certificateRef) Returns used certificate by thecertificateRef
Modifier and TypeMethodDescriptionXmlTrustServiceProviderBuilder.build
(CertificateToken certificateToken, Map<CertificateToken, List<TrustProperties>> relatedTrustServices) This method builds a list ofXmlTrustServiceProvider
s corresponding to the givenCertificateToken
protected XmlCertificate
DiagnosticDataBuilder.buildDetachedXmlCertificate
(CertificateToken certToken) This method builds anXmlCertificate
from the givenCertificateToken
protected XmlOrphanCertificateToken
DiagnosticDataBuilder.buildXmlOrphanCertificateToken
(CertificateToken certificateToken) This method builds anXmlOrphanCertificateToken
from the givenCertificateToken
protected XmlOrphanCertificate
DiagnosticDataBuilder.getXmlOrphanCertificate
(CertificateOrigin origin, CertificateToken certificateToken, TokenCertificateSource certificateSource, CertificateToken signingCertificate) This method builds anXmlOrphanCertificateToken
protected void
DiagnosticDataBuilder.populateOrphanCertificateOriginMap
(Map<String, XmlOrphanCertificate> orphanCertificatesMap, CertificateOrigin origin, List<CertificateToken> certificateTokens, TokenCertificateSource certificateSource, CertificateToken signingCertificate) Fills the orphan certificate map with the given valuesprotected XmlRelatedCertificate
DiagnosticDataBuilder.populateXmlRelatedCertificatesList
(CertificateOrigin origin, CertificateToken cert, TokenCertificateSource certificateSource) Builds anXmlRelatedCertificate
protected void
DiagnosticDataBuilder.populateXmlRelatedCertificatesList
(List<XmlRelatedCertificate> relatesCertificates, TokenCertificateSource certificateSource, CertificateToken cert, CertificateRef certificateRef) Builds anXmlRelatedCertificate
and populates therelatesCertificates
listprotected void
DiagnosticDataBuilder.verifyAgainstCertificateToken
(XmlCertificateRef xmlCertificateRef, CertificateRef ref, CertificateToken signingCertificate) Verifies the reference against a certificate tokenModifier and TypeMethodDescriptionXmlTrustServiceProviderBuilder.build
(CertificateToken certificateToken, Map<CertificateToken, List<TrustProperties>> relatedTrustServices) This method builds a list ofXmlTrustServiceProvider
s corresponding to the givenCertificateToken
protected void
DiagnosticDataBuilder.linkSigningCertificateAndChains
(Set<CertificateToken> certificates) Links the certificates and their certificate chainsprotected void
SignedDocumentDiagnosticDataBuilder.linkSigningCertificateAndChains
(Set<CertificateToken> certificates) protected void
DiagnosticDataBuilder.populateCertificateOriginMap
(Map<String, XmlRelatedCertificate> relatedCertificatesMap, CertificateOrigin origin, List<CertificateToken> certificateTokens, TokenCertificateSource certificateSource) Fills the certificates origins map with the given propertiesprotected void
DiagnosticDataBuilder.populateOrphanCertificateOriginMap
(Map<String, XmlOrphanCertificate> orphanCertificatesMap, CertificateOrigin origin, List<CertificateToken> certificateTokens, TokenCertificateSource certificateSource, CertificateToken signingCertificate) Fills the orphan certificate map with the given valuesCertificateDiagnosticDataBuilder.usedCertificates
(Set<CertificateToken> usedCertificates) DiagnosticDataBuilder.usedCertificates
(Set<CertificateToken> usedCertificates) This method allows to set the used certificatesSignedDocumentDiagnosticDataBuilder.usedCertificates
(Set<CertificateToken> usedCertificates) -
Uses of CertificateToken in eu.europa.esig.dss.ws.converter
Modifier and TypeMethodDescriptionstatic CertificateToken
RemoteCertificateConverter.toCertificateToken
(RemoteCertificate remoteCertificate) Converts the givenremoteCertificate
to aCertificateToken
Modifier and TypeMethodDescriptionstatic List
<CertificateToken> RemoteCertificateConverter.toCertificateTokens
(List<RemoteCertificate> remoteCertificates) Converts the given list ofremoteCertificates
to a list ofCertificateToken
sModifier and TypeMethodDescriptionstatic RemoteCertificate
RemoteCertificateConverter.toRemoteCertificate
(CertificateToken certificate) Converts the givencertificate
to aRemoteCertificate
-
Uses of CertificateToken in eu.europa.esig.dss.xades
ModifierConstructorDescriptionTrustedListSignatureParametersBuilder
(CertificateToken signingCertificate, DSSDocument tlXmlDocument) The constructor to build Signature Parameters for a Trusted List signing with respect to ETSI TS 119 612 -
Uses of CertificateToken in eu.europa.esig.dss.xades.signature
Modifier and TypeMethodDescriptionprotected Element
XAdESBuilder.incorporateCert
(Element parentDom, CertificateToken certificate, DigestAlgorithm digestAlgorithm) Creates Cert DOM object:protected void
XAdESBuilder.incorporateIssuerV1
(Element parentDom, CertificateToken certificate) Incorporates IssuerSerial elementprotected void
XAdESBuilder.incorporateIssuerV2
(Element parentDom, CertificateToken certificate) Incorporates IssuerSerialV2 elementModifier and TypeMethodDescriptionprotected Element
XAdESLevelBaselineT.incorporateCertificateValues
(Element parentDom, Collection<CertificateToken> certificatesToBeAdded) This method incorporates all certificates passed as parameter :protected void
XAdESLevelBaselineT.incorporateCertificateValues
(Element parentDom, Collection<CertificateToken> certificatesToBeAdded, String indent) This method incorporates all certificates passed as parameter, as well as adds missing indents if the parameter is specified