Package eu.europa.esig.dss.cades.validation

Class CAdESSignature

java.lang.Object

eu.europa.esig.dss.validation.DefaultAdvancedSignature

eu.europa.esig.dss.cades.validation.CAdESSignature

All Implemented Interfaces:

AdvancedSignature, Serializable

Direct Known Subclasses:

PAdESSignature

public class CAdESSignature
extends DefaultAdvancedSignature

CAdES Signature class helper

See Also:

Serialized Form

Field Summary

Fields inherited from class eu.europa.esig.dss.validation.DefaultAdvancedSignature

detachedContents, manifestFiles, offlineCertificateSource, providedSigningCertificateToken, referenceValidations, signatureCRLSource, signatureCryptographicVerification, signatureIdentifier, signatureOCSPSource, signaturePolicy, signatureTimestampSource, structureValidation

Constructor Summary

Constructors

Constructor	Description
CAdESSignature(org.bouncycastle.cms.CMSSignedData cmsSignedData, org.bouncycastle.cms.SignerInformation signerInformation)	The default constructor for CAdESSignature.

Method Summary

Modifier and Type	Method	Description
protected SignatureIdentifier	buildSignatureIdentifier()	Build and defines signatureIdentifier value
void	checkSignatureIntegrity()	Verifies the signature integrity; checks if the signed content has not been tampered with.
void	checkSignaturePolicy(SignaturePolicyProvider signaturePolicyProvider)
SignatureCertificateSource	getCertificateSource()	Gets a certificate source which contains ALL certificates embedded in the signature.
List<SignerRole>	getCertifiedSignerRoles()	Returns the certified roles of the signer.
List<SignerRole>	getClaimedSignerRoles()	Returns the claimed roles of the signer.
org.bouncycastle.cms.CMSSignedData	getCmsSignedData()
List<CommitmentTypeIndication>	getCommitmentTypeIndications()	This method obtains the information concerning commitment type indication linked to the signature
String	getContentHints()
String	getContentIdentifier()
String	getContentType()	Returns the value of the signed attribute content-type
List<AdvancedSignature>	getCounterSignatures()	Returns a list of counter signatures applied to this signature
OfflineCRLSource	getCRLSource()	Gets a CRL source which contains ALL CRLs embedded in the signature.
String	getDAIdentifier()	This method returns an identifier provided by the Driving Application (DA) Note: used only for XAdES
SignatureLevel	getDataFoundUpToLevel()	This method returns the signature level
DigestAlgorithm	getDigestAlgorithm()	Retrieves the digest algorithm used for generating the signature.
EncryptionAlgorithm	getEncryptionAlgorithm()	Retrieves the encryption algorithm used for generating the signature.
MaskGenerationFunction	getMaskGenerationFunction()	Retrieves the mask generation function used for generating the signature.
Set<DigestAlgorithm>	getMessageDigestAlgorithms()
byte[]	getMessageDigestValue()	Returns a digest value incorporated in an attribute "message-digest" in CMS Signed Data
String	getMimeType()	Returns the value of the signed attribute mime-type
OfflineOCSPSource	getOCSPSource()	Gets an OCSP source which contains ALL OCSP responses embedded in the signature.
DSSDocument	getOriginalDocument()
DigestAlgorithm	getPSSHashAlgorithm()
List<ReferenceValidation>	getReferenceValidations()	Returns individual validation foreach reference (XAdES) or for the message-imprint (CAdES)
List<ReferenceValidation>	getReferenceValidations(org.bouncycastle.cms.SignerInformation signerInformationToCheck)
SignatureAlgorithm	getSignatureAlgorithm()	Retrieves the signature algorithm (or cipher) used for generating the signature.
SignatureDigestReference	getSignatureDigestReference(DigestAlgorithm digestAlgorithm)	TS 119 442 - V1.1.1 - Electronic Signatures and Infrastructures (ESI), ch. 5.1.4.2.1.3 XML component: In case of CAdES signatures, the input to the digest value computation shall be one of the DER-encoded instances of SignedInfo type present within the CMS structure.
SignatureForm	getSignatureForm()	Specifies the format of the signature
SignatureLevel[]	getSignatureLevels()
SignatureProductionPlace	getSignatureProductionPlace()	Returns information about the place where the signature was generated
byte[]	getSignatureValue()	Returns the digital signature value
List<SignerRole>	getSignedAssertions()	Returns the list of embeded signed assertions.
org.bouncycastle.cms.SignerId	getSignerId()	Returns SignerId of the related to the signature signerInformation
org.bouncycastle.cms.SignerInformation	getSignerInformation()
Set<CertificateIdentifier>	getSignerInformationStoreInfos()	Returns a Set of CertificateIdentifier extracted from a SignerInformationStore of CMS Signed Data
Date	getSigningTime()	Returns the signing time included within the signature.
CAdESTimestampSource	getTimestampSource()	Gets a Signature Timestamp source which contains ALL timestamps embedded in the signature.
boolean	hasAProfile()
boolean	hasBProfile()
boolean	hasCProfile()
boolean	hasXProfile()
boolean	isCounterSignature()	Checks if the current signature is a counter signature (i.e. has a Master signature)

Methods inherited from class eu.europa.esig.dss.validation.DefaultAdvancedSignature

addExternalTimestamp, areAllSelfSignedCertificates, equals, findSignatureScope, getAllTimestamps, getArchiveTimestamps, getCandidatesForSigningCertificate, getCertificates, getCertificateSourcesExceptLastArchiveTimestamp, getCompleteCertificateSource, getCompleteCRLSource, getCompleteOCSPSource, getContainerContents, getContentTimestamps, getDetachedContents, getDocumentTimestamps, getDSSId, getId, getManifestedDocuments, getMasterSignature, getPdfRevision, getPolicyId, getProvidedSigningCertificateToken, getSignatureCryptographicVerification, getSignatureFilename, getSignatureScopes, getSignatureTimestamps, getSignatureValidationContext, getSignerRoles, getSigningCertificateToken, getStructureValidationResult, getTimestampsX1, getTimestampsX2, hashCode, hasLTAProfile, hasLTProfile, hasTProfile, isDocHashOnlyValidation, isHashOnlyValidation, prepareOfflineCertificateVerifier, prepareTimestamps, setContainerContents, setDetachedContents, setManifestFiles, setMasterSignature, setProvidedSigningCertificateToken, setSignatureFilename, toString, validateStructure

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Constructor Details

CAdESSignature

public CAdESSignature(org.bouncycastle.cms.CMSSignedData cmsSignedData, org.bouncycastle.cms.SignerInformation signerInformation)

The default constructor for CAdESSignature.

Parameters:

cmsSignedData - CMSSignedData

signerInformation - an expanded SignerInfo block from a CMS Signed message

Method Details

getSignatureForm

public SignatureForm getSignatureForm()

Description copied from interface: AdvancedSignature

Specifies the format of the signature

getCertificateSource

public SignatureCertificateSource getCertificateSource()

Description copied from interface: AdvancedSignature

Gets a certificate source which contains ALL certificates embedded in the signature.

Returns:

getCRLSource

public OfflineCRLSource getCRLSource()

Description copied from interface: AdvancedSignature

Gets a CRL source which contains ALL CRLs embedded in the signature.

Returns:

OfflineRevocationSource

getOCSPSource

public OfflineOCSPSource getOCSPSource()

Description copied from interface: AdvancedSignature

Gets an OCSP source which contains ALL OCSP responses embedded in the signature.

Returns:

OfflineRevocationSource

getTimestampSource

public CAdESTimestampSource getTimestampSource()

Description copied from interface: AdvancedSignature

Gets a Signature Timestamp source which contains ALL timestamps embedded in the signature.

Returns:

SignatureTimestampSource

getSignerId

public org.bouncycastle.cms.SignerId getSignerId()

Returns SignerId of the related to the signature signerInformation

Returns:

SignerId

checkSignaturePolicy

public void checkSignaturePolicy(SignaturePolicyProvider signaturePolicyProvider)

getSigningTime

public Date getSigningTime()

Description copied from interface: AdvancedSignature

Returns the signing time included within the signature.

Returns:

Date representing the signing time or null

getCmsSignedData

public org.bouncycastle.cms.CMSSignedData getCmsSignedData()

Returns:

the cmsSignedData

getSignatureProductionPlace

public SignatureProductionPlace getSignatureProductionPlace()

Description copied from interface: AdvancedSignature

Returns information about the place where the signature was generated

Returns:

SignatureProductionPlace

getCommitmentTypeIndications

public List<CommitmentTypeIndication> getCommitmentTypeIndications()

Description copied from interface: AdvancedSignature

This method obtains the information concerning commitment type indication linked to the signature

Returns:

a list of CommitmentTypeIndications

getSignedAssertions

public List<SignerRole> getSignedAssertions()

Description copied from interface: AdvancedSignature

Returns the list of embeded signed assertions.

Returns:

list of the assertions s

getClaimedSignerRoles

public List<SignerRole> getClaimedSignerRoles()

Description copied from interface: AdvancedSignature

Returns the claimed roles of the signer.

Returns:

list of the SignerRoles

getCertifiedSignerRoles

public List<SignerRole> getCertifiedSignerRoles()

Description copied from interface: AdvancedSignature

Returns the certified roles of the signer.

Returns:

list of the SignerRoles

getEncryptionAlgorithm

public EncryptionAlgorithm getEncryptionAlgorithm()

Description copied from interface: AdvancedSignature

Retrieves the encryption algorithm used for generating the signature.

Returns:

EncryptionAlgorithm

getDigestAlgorithm

public DigestAlgorithm getDigestAlgorithm()

Description copied from interface: AdvancedSignature

Retrieves the digest algorithm used for generating the signature.

Returns:

DigestAlgorithm

getPSSHashAlgorithm

public DigestAlgorithm getPSSHashAlgorithm()

getMaskGenerationFunction

public MaskGenerationFunction getMaskGenerationFunction()

Description copied from interface: AdvancedSignature

Retrieves the mask generation function used for generating the signature.

Returns:

MaskGenerationFunction

getSignatureAlgorithm

public SignatureAlgorithm getSignatureAlgorithm()

Description copied from interface: AdvancedSignature

Retrieves the signature algorithm (or cipher) used for generating the signature.

Returns:

SignatureAlgorithm

checkSignatureIntegrity

public void checkSignatureIntegrity()

Description copied from interface: AdvancedSignature

Verifies the signature integrity; checks if the signed content has not been tampered with. In the case of a non-AdES signature no including the signing certificate then the latter must be provided by calling setProvidedSigningCertificateToken In the case of a detached signature the signed content must be provided by calling setProvidedSigningCertificateToken

getReferenceValidations

public List<ReferenceValidation> getReferenceValidations(org.bouncycastle.cms.SignerInformation signerInformationToCheck)

getReferenceValidations

public List<ReferenceValidation> getReferenceValidations()

Description copied from interface: AdvancedSignature

Returns individual validation foreach reference (XAdES) or for the message-imprint (CAdES)

Returns:

a list with one or more ReferenceValidation

getSignatureDigestReference

public SignatureDigestReference getSignatureDigestReference(DigestAlgorithm digestAlgorithm)

TS 119 442 - V1.1.1 - Electronic Signatures and Infrastructures (ESI), ch. 5.1.4.2.1.3 XML component: In case of CAdES signatures, the input to the digest value computation shall be one of the DER-encoded instances of SignedInfo type present within the CMS structure.

Parameters:

digestAlgorithm - DigestAlgorithm to use

Returns:

SignatureDigestReference

getMessageDigestAlgorithms

public Set<DigestAlgorithm> getMessageDigestAlgorithms()

getMessageDigestValue

public byte[] getMessageDigestValue()

Description copied from interface: AdvancedSignature

Returns a digest value incorporated in an attribute "message-digest" in CMS Signed Data

Specified by:

getMessageDigestValue in interface AdvancedSignature

Overrides:

getMessageDigestValue in class DefaultAdvancedSignature

Returns:

a byte array representing a signed content digest value

getContentType

public String getContentType()

Description copied from interface: AdvancedSignature

Returns the value of the signed attribute content-type

Returns:

content type as String

getMimeType

public String getMimeType()

Description copied from interface: AdvancedSignature

Returns the value of the signed attribute mime-type

Returns:

mime type as String

getContentIdentifier

public String getContentIdentifier()

Returns:

content identifier as String

getContentHints

public String getContentHints()

Returns:

content hints as String

getSignerInformation

public org.bouncycastle.cms.SignerInformation getSignerInformation()

Returns:

the signerInformation

getSignatureValue

public byte[] getSignatureValue()

Description copied from interface: AdvancedSignature

Returns the digital signature value

Returns:

digital signature value byte array

isCounterSignature

public boolean isCounterSignature()

Description copied from interface: AdvancedSignature

Checks if the current signature is a counter signature (i.e. has a Master signature)

Specified by:

isCounterSignature in interface AdvancedSignature

Overrides:

isCounterSignature in class DefaultAdvancedSignature

Returns:

TRUE if it is a counter signature, FALSE otherwise

getCounterSignatures

public List<AdvancedSignature> getCounterSignatures()

Description copied from interface: AdvancedSignature

Returns a list of counter signatures applied to this signature

Returns:

a List of AdvancedSignatures representing the counter signatures

getOriginalDocument

public DSSDocument getOriginalDocument() throws DSSException

Throws:

DSSException

buildSignatureIdentifier

protected SignatureIdentifier buildSignatureIdentifier()

Description copied from class: DefaultAdvancedSignature

Build and defines signatureIdentifier value

Specified by:

buildSignatureIdentifier in class DefaultAdvancedSignature

getDAIdentifier

public String getDAIdentifier()

Description copied from interface: AdvancedSignature

This method returns an identifier provided by the Driving Application (DA) Note: used only for XAdES

Returns:

The signature identifier

getSignerInformationStoreInfos

public Set<CertificateIdentifier> getSignerInformationStoreInfos()

Description copied from interface: AdvancedSignature

Returns a Set of CertificateIdentifier extracted from a SignerInformationStore of CMS Signed Data

Specified by:

getSignerInformationStoreInfos in interface AdvancedSignature

Overrides:

getSignerInformationStoreInfos in class DefaultAdvancedSignature

Returns:

a Set of CertificateIdentifiers

getDataFoundUpToLevel

public SignatureLevel getDataFoundUpToLevel()

Description copied from interface: AdvancedSignature

This method returns the signature level

Returns:

a value of SignatureLevel

hasBProfile

public boolean hasBProfile()

hasCProfile

public boolean hasCProfile()

hasXProfile

public boolean hasXProfile()

hasAProfile

public boolean hasAProfile()

getSignatureLevels

public SignatureLevel[] getSignatureLevels()

Returns:

the list of signature levels for this type of signature, in the simple to complete order. Example: B,T,LT,LTA