Package eu.europa.esig.dss.validation

Class CertificateValidator

java.lang.Object

eu.europa.esig.dss.validation.CertificateValidator

All Implemented Interfaces:

ProcessExecutorProvider<CertificateProcessExecutor>

public class CertificateValidator
extends Object
implements ProcessExecutorProvider<CertificateProcessExecutor>

Validates a CertificateToken

Method Summary

Modifier and Type	Method	Description
protected void	assertConfigurationValid()	Checks if the Validator configuration is valid
protected DiagnosticDataBuilder	createDiagnosticDataBuilder(ValidationContext validationContext)	Creates and fills the DiagnosticDataBuilder with a relevant data
protected ValidationContext	createValidationContext()	This method creates a new instance of ValidationContext performing preparation of validation data, certificate chain building, revocation request, as well as custom validation checks execution.
static CertificateValidator	fromCertificate(CertificateToken token)	Creates a CertificateValidator from a certificateToken
CertificateProcessExecutor	getDefaultProcessExecutor()	Returns a default for a validator process executor
final XmlDiagnosticData	getDiagnosticData()	This method retrieves XmlDiagnosticData containing all information relevant for the validation process, including the certificate and revocation tokens obtained from online resources, e.g.
protected DiagnosticDataBuilder	prepareDiagnosticDataBuilder()	Creates a DiagnosticDataBuilder
protected ValidationContext	prepareValidationContext(CertificateVerifier certificateVerifier)	Initializes and fills ValidationContext for a certificate token validation
CertificateProcessExecutor	provideProcessExecutorInstance()	Gets the CertificateProcessExecutor
void	setCertificateVerifier(CertificateVerifier certificateVerifier)	Sets the CertificateVerifier
void	setDefaultDigestAlgorithm(DigestAlgorithm digestAlgorithm)	This method allows to change the Digest Algorithm that will be used for tokens' digest calculation Default : DigestAlgorithm.SHA256
void	setLocale(Locale locale)	Sets the Locale to use for messages in reports
void	setProcessExecutor(CertificateProcessExecutor processExecutor)	This method provides the possibility to set the specific CustomProcessExecutor
void	setTokenExtractionStrategy(TokenExtractionStrategy tokenExtractionStrategy)	Sets the TokenExtractionStrategy
void	setTokenIdentifierProvider(TokenIdentifierProvider identifierProvider)	Sets the TokenIdentifierProvider
void	setValidationContextExecutor(ValidationContextExecutor validationContextExecutor)	This method sets ValidationContextExecutor for validation of the prepared ValidationContext Default: eu.europa.esig.dss.validation.executor.context.DefaultValidationContextExecutor (performs basic validation of tokens, including certificate chain building and revocation data extraction, without processing of validity checks)
void	setValidationTime(Date validationTime)	Sets the validationTime
CertificateReports	validate()	Validates the certificate with a default validation policy
CertificateReports	validate(ValidationPolicy validationPolicy)	Validated the certificate with a custom validation policy
CertificateReports	validate(InputStream policyDataStream)	This method validates a certificate with the given validation policy InputStream
protected void	validateContext(ValidationContext validationContext)	Process the validation

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Details

fromCertificate

public static CertificateValidator fromCertificate(CertificateToken token)

Creates a CertificateValidator from a certificateToken

Parameters:

token - CertificateToken

Returns:

CertificateValidator

setCertificateVerifier

public void setCertificateVerifier(CertificateVerifier certificateVerifier)

Sets the CertificateVerifier

Parameters:

certificateVerifier - CertificateVerifier

setTokenExtractionStrategy

public void setTokenExtractionStrategy(TokenExtractionStrategy tokenExtractionStrategy)

Sets the TokenExtractionStrategy

Parameters:

tokenExtractionStrategy - TokenExtractionStrategy

setTokenIdentifierProvider

public void setTokenIdentifierProvider(TokenIdentifierProvider identifierProvider)

Sets the TokenIdentifierProvider

Parameters:

identifierProvider - TokenIdentifierProvider

setValidationTime

public void setValidationTime(Date validationTime)

Sets the validationTime

Parameters:

validationTime - Date

setLocale

public void setLocale(Locale locale)

Sets the Locale to use for messages in reports

Parameters:

locale - Locale

setValidationContextExecutor

public void setValidationContextExecutor(ValidationContextExecutor validationContextExecutor)

This method sets ValidationContextExecutor for validation of the prepared ValidationContext Default: eu.europa.esig.dss.validation.executor.context.DefaultValidationContextExecutor (performs basic validation of tokens, including certificate chain building and revocation data extraction, without processing of validity checks)

Parameters:

validationContextExecutor - ValidationContextExecutor

setDefaultDigestAlgorithm

public void setDefaultDigestAlgorithm(DigestAlgorithm digestAlgorithm)

This method allows to change the Digest Algorithm that will be used for tokens' digest calculation Default : DigestAlgorithm.SHA256

Parameters:

digestAlgorithm - DigestAlgorithm to use

validate

public CertificateReports validate()

Validates the certificate with a default validation policy

Returns:

CertificateReports

validate

public CertificateReports validate(InputStream policyDataStream)

This method validates a certificate with the given validation policy InputStream

Parameters:

policyDataStream - InputStream representing the XML Validation Policy file

Returns:

CertificateReports

validate

public CertificateReports validate(ValidationPolicy validationPolicy)

Validated the certificate with a custom validation policy

Parameters:

validationPolicy - ValidationPolicy

Returns:

CertificateReports

assertConfigurationValid

protected void assertConfigurationValid()

Checks if the Validator configuration is valid

getDiagnosticData

public final XmlDiagnosticData getDiagnosticData()

This method retrieves XmlDiagnosticData containing all information relevant for the validation process, including the certificate and revocation tokens obtained from online resources, e.g. AIA, CRL, OCSP (when applicable).

Returns:

XmlDiagnosticData

prepareValidationContext

protected ValidationContext prepareValidationContext(CertificateVerifier certificateVerifier)

Initializes and fills ValidationContext for a certificate token validation

Parameters:

certificateVerifier - CertificateVerifier to be used

Returns:

ValidationContext

createValidationContext

protected ValidationContext createValidationContext()

This method creates a new instance of ValidationContext performing preparation of validation data, certificate chain building, revocation request, as well as custom validation checks execution.

Returns:

ValidationContext

prepareDiagnosticDataBuilder

protected DiagnosticDataBuilder prepareDiagnosticDataBuilder()

Creates a DiagnosticDataBuilder

Returns:

DiagnosticDataBuilder

validateContext

protected void validateContext(ValidationContext validationContext)

Process the validation

Parameters:

validationContext - ValidationContext to process

createDiagnosticDataBuilder

protected DiagnosticDataBuilder createDiagnosticDataBuilder(ValidationContext validationContext)

Creates and fills the DiagnosticDataBuilder with a relevant data

Parameters:

validationContext - ValidationContext used for the validation

Returns:

filled DiagnosticDataBuilder

setProcessExecutor

public void setProcessExecutor(CertificateProcessExecutor processExecutor)

Description copied from interface: ProcessExecutorProvider

This method provides the possibility to set the specific CustomProcessExecutor

Specified by:

setProcessExecutor in interface ProcessExecutorProvider<CertificateProcessExecutor>

Parameters:

processExecutor - ProcessExecutor

provideProcessExecutorInstance

public CertificateProcessExecutor provideProcessExecutorInstance()

Gets the CertificateProcessExecutor

Returns:

CertificateProcessExecutor

getDefaultProcessExecutor

public CertificateProcessExecutor getDefaultProcessExecutor()

Description copied from interface: ProcessExecutorProvider

Returns a default for a validator process executor

Specified by:

getDefaultProcessExecutor in interface ProcessExecutorProvider<CertificateProcessExecutor>

Returns:

Process Executor