All Superinterfaces:: Serializable

All Known Implementing Classes:: CAdESSignature, DefaultAdvancedSignature, PAdESSignature, XAdESSignature

public interface AdvancedSignature
extends Serializable

Provides an abstraction for an Advanced Electronic Signature. This ease the validation process. Every signature format : XAdES, CAdES and PAdES are treated the same.

Method Summary

Modifier and Type	Method	Description
`void`	`addExternalTimestamp(TimestampToken timestamp)`	This method allows to add an external timestamp.
`boolean`	`areAllSelfSignedCertificates()`	Checks if all certificate chains present in the signature are self-signed
`void`	`checkSignatureIntegrity()`	Verifies the signature integrity; checks if the signed content has not been tampered with.
`void`	`checkSignaturePolicy(SignaturePolicyProvider signaturePolicyDetector)`
`void`	`findSignatureScope(SignatureScopeFinder signatureScopeFinder)`
`List<TimestampToken>`	`getAllTimestamps()`	Returns a list of all timestamps found in the signature
`List<TimestampToken>`	`getArchiveTimestamps()`	Returns the archive Timestamps
`CandidatesForSigningCertificate`	`getCandidatesForSigningCertificate()`	Gets an object containing the signing certificate or information indicating why it is impossible to extract it from the signature.
`List<CertificateToken>`	`getCertificates()`	Get certificates embedded in the signature
`SignatureCertificateSource`	`getCertificateSource()`	Gets a certificate source which contains ALL certificates embedded in the signature.
`List<SignerRole>`	`getCertifiedSignerRoles()`	Returns the certified roles of the signer.
`List<SignerRole>`	`getClaimedSignerRoles()`	Returns the claimed roles of the signer.
`List<CommitmentTypeIndication>`	`getCommitmentTypeIndications()`	This method obtains the information concerning commitment type indication linked to the signature
`ListCertificateSource`	`getCompleteCertificateSource()`	Gets a ListCertificateSource representing a merged source from `signatureCertificateSource` and all included to the signature timestamp objects
`ListRevocationSource<CRL>`	`getCompleteCRLSource()`	Gets a ListRevocationSource representing a merged source from `signatureCRLSourse` and all included to the signature timestamp objects
`ListRevocationSource<OCSP>`	`getCompleteOCSPSource()`	Gets a ListRevocationSource representing a merged source from `signatureOCSPSourse` and all included to the signature timestamp objects
`List<DSSDocument>`	`getContainerContents()`
`String`	`getContentHints()`
`String`	`getContentIdentifier()`
`List<TimestampToken>`	`getContentTimestamps()`	Returns the content timestamps
`String`	`getContentType()`	Returns the value of the signed attribute content-type
`List<AdvancedSignature>`	`getCounterSignatures()`	Returns a list of counter signatures applied to this signature
`OfflineRevocationSource<CRL>`	`getCRLSource()`	Gets a CRL source which contains ALL CRLs embedded in the signature.
`String`	`getDAIdentifier()`	This method returns an identifier provided by the Driving Application (DA) Note: used only for XAdES
`SignatureLevel`	`getDataFoundUpToLevel()`	This method returns the signature level
`List<DSSDocument>`	`getDetachedContents()`
`DigestAlgorithm`	`getDigestAlgorithm()`	Retrieves the digest algorithm used for generating the signature.
`List<TimestampToken>`	`getDocumentTimestamps()`	Returns a list of timestamps defined with the 'DocTimeStamp' type NOTE: applicable only for PAdES
`SignatureIdentifier`	`getDSSId()`	This method returns the `SignatureIdentifier`.
`EncryptionAlgorithm`	`getEncryptionAlgorithm()`	Retrieves the encryption algorithm used for generating the signature.
`String`	`getId()`	This method returns the DSS unique signature id.
`List<DSSDocument>`	`getManifestedDocuments()`
`MaskGenerationFunction`	`getMaskGenerationFunction()`	Retrieves the mask generation function used for generating the signature.
`AdvancedSignature`	`getMasterSignature()`
`byte[]`	`getMessageDigestValue()`	Returns a digest value incorporated in an attribute "message-digest" in CMS Signed Data
`String`	`getMimeType()`	Returns the value of the signed attribute mime-type
`OfflineRevocationSource<OCSP>`	`getOCSPSource()`	Gets an OCSP source which contains ALL OCSP responses embedded in the signature.
`PdfRevision`	`getPdfRevision()`	Retrieves a PdfRevision (PAdES) related to the current signature
`SignaturePolicy`	`getPolicyId()`	Returns the Signature Policy OID from the signature.
`CertificateToken`	`getProvidedSigningCertificateToken()`
`List<ReferenceValidation>`	`getReferenceValidations()`	Returns individual validation foreach reference (XAdES) or for the message-imprint (CAdES)
`SignatureAlgorithm`	`getSignatureAlgorithm()`	Retrieves the signature algorithm (or cipher) used for generating the signature.
`SignatureCryptographicVerification`	`getSignatureCryptographicVerification()`
`SignatureDigestReference`	`getSignatureDigestReference(DigestAlgorithm digestAlgorithm)`	Returns a signature reference element as defined in TS 119 442 - V1.1.1 - Electronic Signatures and Infrastructures (ESI), ch. 5.1.4.2.1.3 XML component
`String`	`getSignatureFilename()`	This method returns the signature filename (useful for ASiC and multiple signature files)
`SignatureForm`	`getSignatureForm()`	Specifies the format of the signature
`SignatureLevel[]`	`getSignatureLevels()`
`SignatureProductionPlace`	`getSignatureProductionPlace()`	Returns information about the place where the signature was generated
`List<SignatureScope>`	`getSignatureScopes()`
`List<TimestampToken>`	`getSignatureTimestamps()`	Returns the signature timestamps
`byte[]`	`getSignatureValue()`	Returns the digital signature value
`List<SignerRole>`	`getSignedAssertions()`	Returns the list of embeded signed assertions.
`Set<CertificateIdentifier>`	`getSignerInformationStoreInfos()`	Returns a Set of CertificateIdentifier extracted from a SignerInformationStore of CMS Signed Data
`List<SignerRole>`	`getSignerRoles()`	Returns the list of roles of the signer.
`CertificateToken`	`getSigningCertificateToken()`	This method returns the signing certificate token or null if there is no valid signing certificate.
`Date`	`getSigningTime()`	Returns the signing time included within the signature.
`String`	`getStructureValidationResult()`
`TimestampSource`	`getTimestampSource()`	Gets a Signature Timestamp source which contains ALL timestamps embedded in the signature.
`List<TimestampToken>`	`getTimestampsX1()`	Returns the time-stamp which is placed on the digital signature (XAdES example: ds:SignatureValue element), the signature time-stamp(s) present in the AdES-T form, the certification path references and the revocation status references.
`List<TimestampToken>`	`getTimestampsX2()`	Returns the time-stamp which is computed over the concatenation of CompleteCertificateRefs and CompleteRevocationRefs elements (XAdES example).
`boolean`	`isCounterSignature()`	Checks if the current signature is a counter signature (i.e. has a Master signature)
`boolean`	`isDocHashOnlyValidation()`	Returns true if the validation of the signature has been performed only on Signer's Document Representation (SDR).
`boolean`	`isHashOnlyValidation()`	Returns true if the validation of the signature has been performed only on Data To Be Signed Representation (DTBSR).
`void`	`prepareTimestamps(ValidationContext validationContext)`
`void`	`setContainerContents(List<DSSDocument> containerContents)`	This method allows to set the container contents in the case of ASiC signature.
`void`	`setDetachedContents(List<DSSDocument> detachedContents)`	This method allows to set the signed contents in the case of the detached signature.
`void`	`setManifestFiles(List<ManifestFile> manifestFiles)`	This method allows to set the manifest files in the case of ASiC-E signature.
`void`	`setMasterSignature(AdvancedSignature masterSignature)`	This setter allows to indicate the master signature.
`void`	`setProvidedSigningCertificateToken(CertificateToken certificateToken)`	This method allows to provide a signing certificate to be used in the validation process.
`void`	`setSignatureFilename(String signatureFilename)`	This method allows to set the signature filename (useful in case of ASiC)
`void`	`validateStructure()`	This method allows the structure validation of the signature.

Method Details
- getSignatureFilename
  
  String getSignatureFilename()
  
  This method returns the signature filename (useful for ASiC and multiple signature files)
  
  Returns:
  
  the signature filename
- setSignatureFilename
  
  void setSignatureFilename(String signatureFilename)
  
  This method allows to set the signature filename (useful in case of ASiC)
- getDetachedContents
  
  List<DSSDocument> getDetachedContents()
  
  Returns:
  
  in the case of the detached signature this is the List of signed contents.
- setDetachedContents
  
  void setDetachedContents(List<DSSDocument> detachedContents)
  
  This method allows to set the signed contents in the case of the detached signature.
  
  Parameters:
  
  detachedContents - List of DSSDocument representing the signed detached contents.
- getContainerContents
  
  List<DSSDocument> getContainerContents()
  
  Returns:
  
  in case of ASiC signature returns a list of container documents
- setContainerContents
  
  void setContainerContents(List<DSSDocument> containerContents)
  
  This method allows to set the container contents in the case of ASiC signature.
  
  Parameters:
  
  containerContents - List of DSSDocument representing the container contents.
- setManifestFiles
  
  void setManifestFiles(List<ManifestFile> manifestFiles)
  
  This method allows to set the manifest files in the case of ASiC-E signature.
  
  Parameters:
  
  manifestFiles - List of ManifestFiles
- getManifestedDocuments
  
  List<DSSDocument> getManifestedDocuments()
  
  Returns:
  
  in case of ASiC-E signature returns a list of DSSDocuments contained in the related signature manifest
- getProvidedSigningCertificateToken
  
  CertificateToken getProvidedSigningCertificateToken()
  
  Returns:
  
  This method returns the provided signing certificate or null
- setProvidedSigningCertificateToken
  
  void setProvidedSigningCertificateToken(CertificateToken certificateToken)
  
  This method allows to provide a signing certificate to be used in the validation process. It can happen in the case of a non-AdES signature without the signing certificate within the signature.
  
  Parameters:
  
  certificateToken - CertificateToken representing the signing certificate token.
- getSignatureForm
  
  SignatureForm getSignatureForm()
  
  Specifies the format of the signature
- getSignatureAlgorithm
  
  SignatureAlgorithm getSignatureAlgorithm()
  
  Retrieves the signature algorithm (or cipher) used for generating the signature.
  
  Returns:
  
  SignatureAlgorithm
- getEncryptionAlgorithm
  
  EncryptionAlgorithm getEncryptionAlgorithm()
  
  Retrieves the encryption algorithm used for generating the signature.
  
  Returns:
  
  EncryptionAlgorithm
- getDigestAlgorithm
  
  DigestAlgorithm getDigestAlgorithm()
  
  Retrieves the digest algorithm used for generating the signature.
  
  Returns:
  
  DigestAlgorithm
- getMaskGenerationFunction
  
  MaskGenerationFunction getMaskGenerationFunction()
  
  Retrieves the mask generation function used for generating the signature.
  
  Returns:
  
  MaskGenerationFunction
- getSigningTime
  
  Date getSigningTime()
  
  Returns the signing time included within the signature.
  
  Returns:
  
  Date representing the signing time or null
- getCertificateSource
  
  SignatureCertificateSource getCertificateSource()
  
  Gets a certificate source which contains ALL certificates embedded in the signature.
  
  Returns:
- getCompleteCertificateSource
  
  ListCertificateSource getCompleteCertificateSource()
  
  Gets a ListCertificateSource representing a merged source from signatureCertificateSource and all included to the signature timestamp objects
  
  Returns:
  
  ListCertificateSource
- getCRLSource
  
  OfflineRevocationSource<CRL> getCRLSource()
  
  Gets a CRL source which contains ALL CRLs embedded in the signature.
  
  Returns:
  
  OfflineRevocationSource
- getOCSPSource
  
  OfflineRevocationSource<OCSP> getOCSPSource()
  
  Gets an OCSP source which contains ALL OCSP responses embedded in the signature.
  
  Returns:
  
  OfflineRevocationSource
- getCompleteCRLSource
  
  ListRevocationSource<CRL> getCompleteCRLSource()
  
  Gets a ListRevocationSource representing a merged source from signatureCRLSourse and all included to the signature timestamp objects
  
  Returns:
  
  ListRevocationSource
- getCompleteOCSPSource
  
  ListRevocationSource<OCSP> getCompleteOCSPSource()
  
  Gets a ListRevocationSource representing a merged source from signatureOCSPSourse and all included to the signature timestamp objects
  
  Returns:
  
  ListRevocationSource
- getTimestampSource
  
  TimestampSource getTimestampSource()
  
  Gets a Signature Timestamp source which contains ALL timestamps embedded in the signature.
  
  Returns:
  
  SignatureTimestampSource
- getCandidatesForSigningCertificate
  
  CandidatesForSigningCertificate getCandidatesForSigningCertificate()
  
  Gets an object containing the signing certificate or information indicating why it is impossible to extract it from the signature. If the signing certificate is identified then it is cached and the subsequent calls to this method will return this cached value. This method never returns null.
  
  Returns:
- setMasterSignature
  
  void setMasterSignature(AdvancedSignature masterSignature)
  
  This setter allows to indicate the master signature. It means that this is a countersignature.
  
  Parameters:
  
  masterSignature - AdvancedSignature
- getMasterSignature
  
  AdvancedSignature getMasterSignature()
  
  Returns:
  
  AdvancedSignature
- isCounterSignature
  
  boolean isCounterSignature()
  
  Checks if the current signature is a counter signature (i.e. has a Master signature)
  
  Returns:
  
  TRUE if it is a counter signature, FALSE otherwise
- getSigningCertificateToken
  
  CertificateToken getSigningCertificateToken()
  
  This method returns the signing certificate token or null if there is no valid signing certificate. Note that to determinate the signing certificate the signature must be validated: the method checkSignatureIntegrity must be called.
  
  Returns:
- checkSignatureIntegrity
  
  void checkSignatureIntegrity()
  
  Verifies the signature integrity; checks if the signed content has not been tampered with. In the case of a non-AdES signature no including the signing certificate then the latter must be provided by calling setProvidedSigningCertificateToken In the case of a detached signature the signed content must be provided by calling setProvidedSigningCertificateToken
- getSignatureCryptographicVerification
  
  SignatureCryptographicVerification getSignatureCryptographicVerification()
  
  Returns:
  
  SignatureCryptographicVerification with all the information collected during the validation process.
- getPolicyId
  
  SignaturePolicy getPolicyId()
  
  Returns the Signature Policy OID from the signature.
  
  Returns:
  
  SignaturePolicy
- getSignatureProductionPlace
  
  SignatureProductionPlace getSignatureProductionPlace()
  
  Returns information about the place where the signature was generated
  
  Returns:
  
  SignatureProductionPlace
- getCommitmentTypeIndications
  
  List<CommitmentTypeIndication> getCommitmentTypeIndications()
  
  This method obtains the information concerning commitment type indication linked to the signature
  
  Returns:
  
  a list of CommitmentTypeIndications
- getContentType
  
  String getContentType()
  
  Returns the value of the signed attribute content-type
  
  Returns:
  
  content type as String
- getMimeType
  
  String getMimeType()
  
  Returns the value of the signed attribute mime-type
  
  Returns:
  
  mime type as String
- getContentIdentifier
  
  String getContentIdentifier()
  
  Returns:
  
  content identifier as String
- getContentHints
  
  String getContentHints()
  
  Returns:
  
  content hints as String
- getSignerRoles
  
  List<SignerRole> getSignerRoles()
  
  Returns the list of roles of the signer.
  
  Returns:
  
  list of the SignerRoles
- getSignedAssertions
  
  List<SignerRole> getSignedAssertions()
  
  Returns the list of embeded signed assertions.
  
  Returns:
  
  list of the assertions s
- getClaimedSignerRoles
  
  List<SignerRole> getClaimedSignerRoles()
  
  Returns the claimed roles of the signer.
  
  Returns:
  
  list of the SignerRoles
- getCertifiedSignerRoles
  
  List<SignerRole> getCertifiedSignerRoles()
  
  Returns the certified roles of the signer.
  
  Returns:
  
  list of the SignerRoles
- getCertificates
  
  List<CertificateToken> getCertificates()
  
  Get certificates embedded in the signature
  
  Returns:
  
  a list of certificate contained within the signature
- getContentTimestamps
  
  List<TimestampToken> getContentTimestamps()
  
  Returns the content timestamps
  
  Returns:
  
  List of TimestampToken
- getSignatureTimestamps
  
  List<TimestampToken> getSignatureTimestamps()
  
  Returns the signature timestamps
  
  Returns:
  
  List of TimestampToken
- getTimestampsX1
  
  List<TimestampToken> getTimestampsX1()
  
  Returns the time-stamp which is placed on the digital signature (XAdES example: ds:SignatureValue element), the signature time-stamp(s) present in the AdES-T form, the certification path references and the revocation status references.
  
  Returns:
  
  List of TimestampToken
- getTimestampsX2
  
  List<TimestampToken> getTimestampsX2()
  
  Returns the time-stamp which is computed over the concatenation of CompleteCertificateRefs and CompleteRevocationRefs elements (XAdES example).
  
  Returns:
  
  List of TimestampToken
- getArchiveTimestamps
  
  List<TimestampToken> getArchiveTimestamps()
  
  Returns the archive Timestamps
  
  Returns:
  
  List of TimestampTokens
- getDocumentTimestamps
  
  List<TimestampToken> getDocumentTimestamps()
  
  Returns a list of timestamps defined with the 'DocTimeStamp' type NOTE: applicable only for PAdES
  
  Returns:
  
  List of TimestampTokens
- getAllTimestamps
  
  List<TimestampToken> getAllTimestamps()
  
  Returns a list of all timestamps found in the signature
  
  Returns:
  
  List of TimestampTokens
- addExternalTimestamp
  
  void addExternalTimestamp(TimestampToken timestamp)
  
  This method allows to add an external timestamp. The given timestamp must be processed before.
  
  Parameters:
  
  timestamp - the timestamp token
- getCounterSignatures
  
  List<AdvancedSignature> getCounterSignatures()
  
  Returns a list of counter signatures applied to this signature
  
  Returns:
  
  a List of AdvancedSignatures representing the counter signatures
- getDSSId
  
  SignatureIdentifier getDSSId()
  
  This method returns the SignatureIdentifier.
  
  Returns:
  
  unique SignatureIdentifier
- getId
  
  String getId()
  
  This method returns the DSS unique signature id. It allows to unambiguously identify each signature.
  
  Returns:
  
  The signature unique Id
- getDAIdentifier
  
  String getDAIdentifier()
  
  This method returns an identifier provided by the Driving Application (DA) Note: used only for XAdES
  
  Returns:
  
  The signature identifier
- getDataFoundUpToLevel
  
  SignatureLevel getDataFoundUpToLevel()
  
  This method returns the signature level
  
  Returns:
  
  a value of SignatureLevel
- getSignatureLevels
  
  SignatureLevel[] getSignatureLevels()
  
  Returns:
  
  the list of signature levels for this type of signature, in the simple to complete order. Example: B,T,LT,LTA
- areAllSelfSignedCertificates
  
  boolean areAllSelfSignedCertificates()
  
  Checks if all certificate chains present in the signature are self-signed
  
  Returns:
  
  TRUE if all certificates are self-signed, false otherwise
- prepareTimestamps
  
  void prepareTimestamps(ValidationContext validationContext)
- validateStructure
  
  void validateStructure()
  
  This method allows the structure validation of the signature.
- getStructureValidationResult
  
  String getStructureValidationResult()
- checkSignaturePolicy
  
  void checkSignaturePolicy(SignaturePolicyProvider signaturePolicyDetector)
- findSignatureScope
  
  void findSignatureScope(SignatureScopeFinder signatureScopeFinder)
- getSignatureScopes
  
  List<SignatureScope> getSignatureScopes()
- isDocHashOnlyValidation
  
  boolean isDocHashOnlyValidation()
  
  Returns true if the validation of the signature has been performed only on Signer's Document Representation (SDR). (An SDR typically is built on a cryptographic hash of the Signer's Document)
  
  Returns:
  
  true of it is DocHashOnly validation, false otherwise
- isHashOnlyValidation
  
  boolean isHashOnlyValidation()
  
  Returns true if the validation of the signature has been performed only on Data To Be Signed Representation (DTBSR). EN 319 102-1 v1.1.1 (4.2.8 Data to be signed representation (DTBSR)): The DTBS preparation component shall take the DTBSF and hash it according to the hash algorithm specified in the cryptographic suite. The result of this process is the DTBSR, which is then used to create the signature. NOTE: In order for the produced hash to be representative of the DTBSF, the hashing function has the property that it is computationally infeasible to find collisions for the expected signature lifetime. Should the hash function become weak in the future, additional security measures, such as applying time-stamp tokens, can be taken.
  
  Returns:
  
  true of it is HashOnly validation, false otherwise
- getSignatureValue
  
  byte[] getSignatureValue()
  
  Returns the digital signature value
  
  Returns:
  
  digital signature value byte array
- getReferenceValidations
  
  List<ReferenceValidation> getReferenceValidations()
  
  Returns individual validation foreach reference (XAdES) or for the message-imprint (CAdES)
  
  Returns:
  
  a list with one or more ReferenceValidation
- getSignatureDigestReference
  
  SignatureDigestReference getSignatureDigestReference(DigestAlgorithm digestAlgorithm)
  
  Returns a signature reference element as defined in TS 119 442 - V1.1.1 - Electronic Signatures and Infrastructures (ESI), ch. 5.1.4.2.1.3 XML component
  
  Parameters:
  
  digestAlgorithm - DigestAlgorithm to use
  
  Returns:
  
  SignatureDigestReference
- getMessageDigestValue
  
  byte[] getMessageDigestValue()
  
  Returns a digest value incorporated in an attribute "message-digest" in CMS Signed Data
  
  Returns:
  
  a byte array representing a signed content digest value
- getSignerInformationStoreInfos
  
  Set<CertificateIdentifier> getSignerInformationStoreInfos()
  
  Returns a Set of CertificateIdentifier extracted from a SignerInformationStore of CMS Signed Data
  
  Returns:
  
  a Set of CertificateIdentifiers
- getPdfRevision
  
  PdfRevision getPdfRevision()
  
  Retrieves a PdfRevision (PAdES) related to the current signature
  
  Returns:
  
  PdfRevision

Interface AdvancedSignature

Method Summary

Method Details