Class RevocationDataLoadingStrategy
java.lang.Object
eu.europa.esig.dss.spi.validation.RevocationDataLoadingStrategy
- Direct Known Subclasses:
CRLFirstRevocationDataLoadingStrategy,OCSPFirstRevocationDataLoadingStrategy
This class allows retrieving of Revocation data from CRL or OCSP sources, based on the defined strategy
NOTE: The implemented object does not require setting of OCSP/CRL/RevocationDataVerifier sources
on instantiation from the user.
All the values are automatically configured and set in
eu.europa.esig.dss.validation.SignatureValidationContext
based on the parameters defined in the provided eu.europa.esig.dss.validation.CertificateVerifier-
Field Summary
FieldsModifier and TypeFieldDescriptionprotected RevocationSource<CRL> The CRL revocation sourceprotected booleanWhen enabled, returns first obtained revocation token, if both OCSP and CRL requests failedprotected RevocationSource<OCSP> The OCSP revocation sourceprotected RevocationDataVerifierUsed to verify the validity of obtained revocation data -
Constructor Summary
ConstructorsModifierConstructorDescriptionprotectedDefault constructor instantiating object with null values -
Method Summary
Modifier and TypeMethodDescriptionprotected RevocationToken<CRL> checkCRL(CertificateToken certificateToken, CertificateToken issuerToken) Retrieves and verifies the obtained CRL token NOTE: returns only if a valid entry has been obtained!protected RevocationToken<OCSP> checkOCSP(CertificateToken certificateToken, CertificateToken issuerToken) Retrieves and verifies the obtained OCSP token NOTE: returns only if a valid entry has been obtained!abstract RevocationTokengetRevocationToken(CertificateToken certificateToken, CertificateToken issuerCertificateToken) This method retrieves aRevocationTokenfor the given certificateTokenprotected booleanisAcceptableToken(RevocationToken<?> revocationToken) This method verifies whether the obtained revocation token is acceptable
-
Field Details
-
crlSource
The CRL revocation source -
ocspSource
The OCSP revocation source -
revocationDataVerifier
Used to verify the validity of obtained revocation data -
fallbackEnabled
protected boolean fallbackEnabledWhen enabled, returns first obtained revocation token, if both OCSP and CRL requests failed
-
-
Constructor Details
-
RevocationDataLoadingStrategy
protected RevocationDataLoadingStrategy()Default constructor instantiating object with null values
-
-
Method Details
-
getRevocationToken
public abstract RevocationToken getRevocationToken(CertificateToken certificateToken, CertificateToken issuerCertificateToken) This method retrieves aRevocationTokenfor the given certificateToken- Parameters:
certificateToken- TheCertificateTokenfor which the request is madeissuerCertificateToken- TheCertificateTokenwhich is the issuer of the certificateToken- Returns:
- an instance of
RevocationToken
-
checkCRL
protected RevocationToken<CRL> checkCRL(CertificateToken certificateToken, CertificateToken issuerToken) Retrieves and verifies the obtained CRL token NOTE: returns only if a valid entry has been obtained!- Parameters:
certificateToken-CertificateTokento get CRL forissuerToken-CertificateTokenissuer ofcertificateToken- Returns:
RevocationToken
-
checkOCSP
protected RevocationToken<OCSP> checkOCSP(CertificateToken certificateToken, CertificateToken issuerToken) Retrieves and verifies the obtained OCSP token NOTE: returns only if a valid entry has been obtained!- Parameters:
certificateToken-CertificateTokento get OCSP forissuerToken-CertificateTokenissuer ofcertificateToken- Returns:
RevocationToken
-
isAcceptableToken
This method verifies whether the obtained revocation token is acceptable- Parameters:
revocationToken-RevocationTokento be checked- Returns:
- TRUE if the token is acceptable and can be returned, FALSE otherwise
-