Package eu.europa.esig.dss.pades.validation

Class PAdESSignature

java.lang.Object

eu.europa.esig.dss.spi.signature.DefaultAdvancedSignature

eu.europa.esig.dss.cades.validation.CAdESSignature

eu.europa.esig.dss.pades.validation.PAdESSignature

All Implemented Interfaces:

IdentifierBasedObject, AdvancedSignature, Serializable

public class PAdESSignature
extends CAdESSignature

Implementation of AdvancedSignature for PAdES

See Also:

• Serialized Form

Field Summary

Fields inherited from class eu.europa.esig.dss.spi.signature.DefaultAdvancedSignature

counterSignatures, detachedContents, manifestFile, offlineCertificateSource, referenceValidations, signatureCRLSource, signatureCryptographicVerification, signatureIdentifier, signatureOCSPSource, signaturePolicy, signatureTimestampSource, signingCertificateSource, structureValidationMessages

Constructor Summary

Constructors

Modifier	Constructor	Description
protected	PAdESSignature(PdfSignatureRevision pdfSignatureRevision, List<PdfRevision> documentRevisions)	The default constructor for PAdESSignature.

Method Summary

Modifier and Type	Method	Description
void	addExternalTimestamp(TimestampToken timestamp)	This method allows to add an external timestamp.
protected PAdESBaselineRequirementsChecker	createBaselineRequirementsChecker(CertificateVerifier certificateVerifier)	Instantiates a BaselineRequirementsChecker according to the signature format
protected List<SignatureScope>	findSignatureScopes()	Finds signature scopes
protected PAdESBaselineRequirementsChecker	getBaselineRequirementsChecker()	Returns a cached instance of the BaselineRequirementsChecker
SignatureCertificateSource	getCertificateSource()	Gets a certificate source which contains ALL certificates embedded in the signature.
ListCertificateSource	getCompleteCertificateSource()	Gets a ListCertificateSource representing a merged source from signatureCertificateSource and all included to the signature timestamp objects
ListRevocationSource<CRL>	getCompleteCRLSource()	Gets a ListRevocationSource representing a merged source from signatureCRLSourse and all included to the signature timestamp objects
ListRevocationSource<OCSP>	getCompleteOCSPSource()	Gets a ListRevocationSource representing a merged source from signatureOCSPSourse and all included to the signature timestamp objects
String	getContentHints()	Gets Content Hints
String	getContentIdentifier()	Gets ContentIdentifier String
List<AdvancedSignature>	getCounterSignatures()	Returns a list of counter signatures applied to this signature
OfflineCRLSource	getCRLSource()	Gets a CRL source which contains ALL CRLs embedded in the signature.
SignatureLevel	getDataFoundUpToLevel()	This method returns the signature level
List<TimestampToken>	getDocumentTimestamps()	Returns a list of timestamps defined with the 'DocTimeStamp' type NOTE: applicable only for PAdES
PdfDssDict	getDssDictionary()	Gets the last DSS dictionary for the signature
OfflineOCSPSource	getOCSPSource()	Gets an OCSP source which contains ALL OCSP responses embedded in the signature.
DSSDocument	getOriginalDocument()	Returns the original signed document
PdfSignatureRevision	getPdfRevision()	Retrieves a PdfRevision (PAdES) related to the current signature
PdfSignatureDictionary	getPdfSignatureDictionary()	Gets the PdfSignatureDictionary
SignatureDigestReference	getSignatureDigestReference(DigestAlgorithm digestAlgorithm)	TS 119 442 - V1.1.1 - Electronic Signatures and Infrastructures (ESI), ch. 5.1.4.2.1.3 XML component: In case of PAdES signatures, the input of the digest value computation shall be the result of decoding the hexadecimal string present within the Contents field of the Signature PDF dictionary enclosing one PAdES digital signature.
SignatureForm	getSignatureForm()	Specifies the format of the signature
protected SignatureIdentifierBuilder	getSignatureIdentifierBuilder()	Returns a builder to define and build a signature Id
protected DSSDocument	getSignerDocumentContent()	This method extracts a document content that was signed NOTE: Some differences are possible with PAdES
Date	getSigningTime()	Returns the signing time included within the signature.
PAdESTimestampSource	getTimestampSource()	Gets a Signature Timestamp source which contains ALL timestamps embedded in the signature.
Date	getVRICreationTime()	Returns a VRI creation time defined within 'TU' field of a corresponding /VRI dictionary
String	getVRIKey()	Name of the related to the signature VRI dictionary
List<TimestampToken>	getVRITimestamps()	Returns a list of timestamps enveloped within /VRI dictionary for the current signature
boolean	hasAProfile()	Checks the presence of ArchiveTimeStamp element in the signature, what is the proof -A profile existence
boolean	hasPKCS7LTAProfile()	Checks the presence of an archive-time-stamp
boolean	hasPKCS7LTProfile()	Checks the presence of a validation data
boolean	hasPKCS7Profile()	Checks the presence of PKCS#7 corresponding SubFilter
boolean	hasPKCS7TProfile()	Checks the presence of a signature-time-stamp
void	setDssCertificateSource(ListCertificateSource dssCertificateSource)	Sets a joint DSS/VRI Certificate Source
void	setDssCRLSource(ListRevocationSource<CRL> dssCRLSource)	Sets a joint DSS/VRI CRL Source
void	setDssOCSPSource(ListRevocationSource<OCSP> dssOCSPSource)	Sets a joint DSS/VRI OCSP Source

Methods inherited from class eu.europa.esig.dss.cades.validation.CAdESSignature

buildSignaturePolicy, checkSignatureIntegrity, getCertifiedSignerRoles, getClaimedSignerRoles, getCmsSignedData, getCommitmentTypeIndications, getContentType, getCounterSignatureStore, getDAIdentifier, getDataToBeSignedRepresentation, getDigestAlgorithm, getEncryptionAlgorithm, getMaskGenerationFunction, getMessageDigestAlgorithms, getMessageDigestValue, getMimeType, getReferenceValidations, getReferenceValidations, getSignatureAlgorithm, getSignaturePolicyStore, getSignatureProductionPlace, getSignatureValue, getSignedAssertions, getSignerId, getSignerInformation, getSignerInformationStoreInfos, isCounterSignature

Methods inherited from class eu.europa.esig.dss.spi.signature.DefaultAdvancedSignature

addExternalEvidenceRecord, areAllSelfSignedCertificates, equals, getAllEvidenceRecords, getAllTimestamps, getArchiveTimestamps, getCandidatesForSigningCertificate, getCertificates, getContainerContents, getContentTimestamps, getCounterSignaturesCertificateSource, getCounterSignaturesCRLSource, getCounterSignaturesOCSPSource, getDetachedContents, getDetachedEvidenceRecords, getDetachedTimestamps, getDSSId, getEmbeddedEvidenceRecords, getId, getManifestFile, getMasterSignature, getSignatureCryptographicVerification, getSignatureFilename, getSignaturePolicy, getSignatureScopes, getSignatureTimestamps, getSignerRoles, getSigningCertificateToken, getStructureValidationResult, getTimestampsX1, getTimestampsX2, hasBESProfile, hasBProfile, hasCProfile, hasEPESProfile, hasExtendedTProfile, hashCode, hasLTAProfile, hasLTProfile, hasTProfile, hasXLProfile, hasXProfile, initBaselineRequirementsChecker, isDocHashOnlyValidation, isHashOnlyValidation, resetCertificateSource, resetRevocationSources, resetTimestampSource, setContainerContents, setDetachedContents, setManifestFile, setMasterSignature, setSignatureFilename, setSigningCertificateSource, toString, validateStructure

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Constructor Details

PAdESSignature

protected PAdESSignature(PdfSignatureRevision pdfSignatureRevision,
 List<PdfRevision> documentRevisions)

The default constructor for PAdESSignature.

Parameters:

pdfSignatureRevision - a related PdfSignatureRevision

documentRevisions - a list of PdfRevision extracted from the validating document

Method Details

setDssCertificateSource

public void setDssCertificateSource(ListCertificateSource dssCertificateSource)

Sets a joint DSS/VRI Certificate Source

Parameters:

dssCertificateSource - ListCertificateSource

setDssCRLSource

public void setDssCRLSource(ListRevocationSource<CRL> dssCRLSource)

Sets a joint DSS/VRI CRL Source

Parameters:

dssCRLSource - ListRevocationSource

setDssOCSPSource

public void setDssOCSPSource(ListRevocationSource<OCSP> dssOCSPSource)

Sets a joint DSS/VRI OCSP Source

Parameters:

dssOCSPSource - ListRevocationSource

getSignatureForm

public SignatureForm getSignatureForm()

Description copied from interface: AdvancedSignature

Specifies the format of the signature

Specified by:

getSignatureForm in interface AdvancedSignature

Overrides:

getSignatureForm in class CAdESSignature

Returns:

SignatureForm

getCertificateSource

public SignatureCertificateSource getCertificateSource()

Description copied from interface: AdvancedSignature

Gets a certificate source which contains ALL certificates embedded in the signature.

Specified by:

getCertificateSource in interface AdvancedSignature

Overrides:

getCertificateSource in class CAdESSignature

Returns:

SignatureCertificateSource

getCRLSource

public OfflineCRLSource getCRLSource()

Description copied from interface: AdvancedSignature

Gets a CRL source which contains ALL CRLs embedded in the signature.

Specified by:

getCRLSource in interface AdvancedSignature

Overrides:

getCRLSource in class CAdESSignature

Returns:

OfflineRevocationSource

getOCSPSource

public OfflineOCSPSource getOCSPSource()

Description copied from interface: AdvancedSignature

Gets an OCSP source which contains ALL OCSP responses embedded in the signature.

Specified by:

getOCSPSource in interface AdvancedSignature

Overrides:

getOCSPSource in class CAdESSignature

Returns:

OfflineRevocationSource

getCompleteCertificateSource

public ListCertificateSource getCompleteCertificateSource()

Description copied from interface: AdvancedSignature

Gets a ListCertificateSource representing a merged source from signatureCertificateSource and all included to the signature timestamp objects

Specified by:

getCompleteCertificateSource in interface AdvancedSignature

Overrides:

getCompleteCertificateSource in class DefaultAdvancedSignature

Returns:

ListCertificateSource

getCompleteCRLSource

public ListRevocationSource<CRL> getCompleteCRLSource()

Description copied from interface: AdvancedSignature

Gets a ListRevocationSource representing a merged source from signatureCRLSourse and all included to the signature timestamp objects

Specified by:

getCompleteCRLSource in interface AdvancedSignature

Overrides:

getCompleteCRLSource in class DefaultAdvancedSignature

Returns:

ListRevocationSource

getCompleteOCSPSource

public ListRevocationSource<OCSP> getCompleteOCSPSource()

Description copied from interface: AdvancedSignature

Gets a ListRevocationSource representing a merged source from signatureOCSPSourse and all included to the signature timestamp objects

Specified by:

getCompleteOCSPSource in interface AdvancedSignature

Overrides:

getCompleteOCSPSource in class DefaultAdvancedSignature

Returns:

ListRevocationSource

getTimestampSource

public PAdESTimestampSource getTimestampSource()

Description copied from interface: AdvancedSignature

Gets a Signature Timestamp source which contains ALL timestamps embedded in the signature.

Specified by:

getTimestampSource in interface AdvancedSignature

Overrides:

getTimestampSource in class CAdESSignature

Returns:

SignatureTimestampSource

getDocumentTimestamps

public List<TimestampToken> getDocumentTimestamps()

Description copied from interface: AdvancedSignature

Returns a list of timestamps defined with the 'DocTimeStamp' type NOTE: applicable only for PAdES

Specified by:

getDocumentTimestamps in interface AdvancedSignature

Overrides:

getDocumentTimestamps in class DefaultAdvancedSignature

Returns:

List of TimestampTokens

getVRITimestamps

public List<TimestampToken> getVRITimestamps()

Returns a list of timestamps enveloped within /VRI dictionary for the current signature

Returns:

a list of TimestampTokens

findSignatureScopes

protected List<SignatureScope> findSignatureScopes()

Description copied from class: DefaultAdvancedSignature

Finds signature scopes

Overrides:

findSignatureScopes in class CAdESSignature

Returns:

a list of SignatureScopes

getSigningTime

public Date getSigningTime()

Description copied from interface: AdvancedSignature

Returns the signing time included within the signature.

Specified by:

getSigningTime in interface AdvancedSignature

Overrides:

getSigningTime in class CAdESSignature

Returns:

Date representing the signing time or null

getContentIdentifier

public String getContentIdentifier()

Description copied from class: CAdESSignature

Gets ContentIdentifier String

Overrides:

getContentIdentifier in class CAdESSignature

Returns:

content identifier as String

getContentHints

public String getContentHints()

Description copied from class: CAdESSignature

Gets Content Hints

Overrides:

getContentHints in class CAdESSignature

Returns:

content hints as String

getCounterSignatures

public List<AdvancedSignature> getCounterSignatures()

Description copied from interface: AdvancedSignature

Returns a list of counter signatures applied to this signature

Specified by:

getCounterSignatures in interface AdvancedSignature

Overrides:

getCounterSignatures in class CAdESSignature

Returns:

a List of AdvancedSignatures representing the counter signatures

getOriginalDocument

public DSSDocument getOriginalDocument()

Description copied from class: CAdESSignature

Returns the original signed document

Overrides:

getOriginalDocument in class CAdESSignature

Returns:

DSSDocument

getSignerDocumentContent

protected DSSDocument getSignerDocumentContent()

Description copied from class: CAdESSignature

This method extracts a document content that was signed NOTE: Some differences are possible with PAdES

Overrides:

getSignerDocumentContent in class CAdESSignature

Returns:

DSSDocument

getSignatureIdentifierBuilder

protected SignatureIdentifierBuilder getSignatureIdentifierBuilder()

Description copied from class: DefaultAdvancedSignature

Returns a builder to define and build a signature Id

Overrides:

getSignatureIdentifierBuilder in class CAdESSignature

Returns:

SignatureIdentifierBuilder

getSignatureDigestReference

public SignatureDigestReference getSignatureDigestReference(DigestAlgorithm digestAlgorithm)

TS 119 442 - V1.1.1 - Electronic Signatures and Infrastructures (ESI), ch. 5.1.4.2.1.3 XML component: In case of PAdES signatures, the input of the digest value computation shall be the result of decoding the hexadecimal string present within the Contents field of the Signature PDF dictionary enclosing one PAdES digital signature.

Specified by:

getSignatureDigestReference in interface AdvancedSignature

Overrides:

getSignatureDigestReference in class CAdESSignature

Parameters:

digestAlgorithm - DigestAlgorithm to use

Returns:

SignatureDigestReference

getDataFoundUpToLevel

public SignatureLevel getDataFoundUpToLevel()

Description copied from interface: AdvancedSignature

This method returns the signature level

Specified by:

getDataFoundUpToLevel in interface AdvancedSignature

Overrides:

getDataFoundUpToLevel in class CAdESSignature

Returns:

a value of SignatureLevel

getBaselineRequirementsChecker

protected PAdESBaselineRequirementsChecker getBaselineRequirementsChecker()

Description copied from class: DefaultAdvancedSignature

Returns a cached instance of the BaselineRequirementsChecker

Overrides:

getBaselineRequirementsChecker in class CAdESSignature

Returns:

BaselineRequirementsChecker

createBaselineRequirementsChecker

protected PAdESBaselineRequirementsChecker createBaselineRequirementsChecker(CertificateVerifier certificateVerifier)

Description copied from class: DefaultAdvancedSignature

Instantiates a BaselineRequirementsChecker according to the signature format

Overrides:

createBaselineRequirementsChecker in class CAdESSignature

Parameters:

certificateVerifier - CertificateVerifier to be used

Returns:

BaselineRequirementsChecker

hasPKCS7Profile

public boolean hasPKCS7Profile()

Checks the presence of PKCS#7 corresponding SubFilter

Returns:

true if PKCS#7 Profile is detected

hasPKCS7TProfile

public boolean hasPKCS7TProfile()

Checks the presence of a signature-time-stamp

Returns:

true if PKCS#7-T Profile is detected

hasPKCS7LTProfile

public boolean hasPKCS7LTProfile()

Checks the presence of a validation data

Returns:

true if PKCS#7-LT Profile is detected

hasPKCS7LTAProfile

public boolean hasPKCS7LTAProfile()

Checks the presence of an archive-time-stamp

Returns:

true if PKCS#7-LTA Profile is detected

hasAProfile

public boolean hasAProfile()

Checks the presence of ArchiveTimeStamp element in the signature, what is the proof -A profile existence

Specified by:

hasAProfile in interface AdvancedSignature

Overrides:

hasAProfile in class DefaultAdvancedSignature

Returns:

true if the -A extension is present

getDssDictionary

public PdfDssDict getDssDictionary()

Gets the last DSS dictionary for the signature

Returns:

PdfDssDict

getPdfRevision

public PdfSignatureRevision getPdfRevision()

Retrieves a PdfRevision (PAdES) related to the current signature

Returns:

PdfRevision

getPdfSignatureDictionary

public PdfSignatureDictionary getPdfSignatureDictionary()

Gets the PdfSignatureDictionary

Returns:

PdfSignatureDictionary

getVRIKey

public String getVRIKey()

Name of the related to the signature VRI dictionary

Returns:

related String VRI dictionary name

getVRICreationTime

public Date getVRICreationTime()

Returns a VRI creation time defined within 'TU' field of a corresponding /VRI dictionary

Returns:

Date of VRI dictionary creation, when present

addExternalTimestamp

public void addExternalTimestamp(TimestampToken timestamp)

Description copied from interface: AdvancedSignature

This method allows to add an external timestamp. The given timestamp must be processed before. NOTE: The method is supported only for CAdES signatures

Specified by:

addExternalTimestamp in interface AdvancedSignature

Overrides:

addExternalTimestamp in class CAdESSignature

Parameters:

timestamp - the timestamp token