public class Configuration extends Object implements Serializable
Container
implementations.
It is possible to get the default Configuration object used in all containers by using
getInstance()
. This will return a singelton Configuration object used by default
if no configuration is provided.
Configuration.Mode.TEST
or Configuration.Mode.PROD
configuration. Default is Configuration.Mode.PROD
.
It is a good idea to use only a single configuration object for all the containers so the operation times would be faster.
It is also possible to set the mode using the System property. Setting the property "digidoc4j.mode" to "TEST" forces the default mode toConfiguration.Mode.TEST
mode
Configurations will be loaded from a file. The file must be in yaml format.
DIGIDOC_CAS: - DIGIDOC_CA: NAME: CA name TRADENAME: Tradename CERTS: - jar://certs/cert1.crt - jar://certs/cert2.crt OCSPS:Each DIGIDOC_CA entry must contain one or more OCSP certificates under the heading "OCSPS" similar to following format (values are examples only):
- OCSP: CA_CN: your certificate authority common name CA_CERT: jar://your ca_cn.crt CN: your common name CERTS: - jar://certs/Your first OCSP Certifications file.crt - jar://certs/Your second OCSP Certifications file.crt URL: http://ocsp.test.test
All entries must exist and be valid. Under CERTS must be at least one entry.
https://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf.
NB! Strict Validation applied by default.Modifier and Type | Class and Description |
---|---|
static class |
Configuration.Mode
Application mode
|
Constructor and Description |
---|
Configuration()
Create new configuration
|
Configuration(Configuration.Mode mode)
Create new configuration with application mode specified
|
Modifier and Type | Method and Description |
---|---|
Configuration |
copy()
Clones configuration
|
void |
enableBigFilesSupport(long maxFileSizeCachedInMB)
Deprecated.
obnoxious naming. Use
setMaxFileSizeCachedInMemoryInMB(long) instead. |
Integer |
getAllowedTimestampAndOCSPResponseDeltaInMinutes()
Returns allowed delay between timestamp and OCSP response in minutes.
|
int |
getConnectionTimeout()
Get HTTP connection timeout
|
String |
getHttpProxyHost()
Get http proxy host.
|
String |
getHttpProxyPassword()
Get http proxy password.
|
Integer |
getHttpProxyPort()
Get http proxy port.
|
String |
getHttpProxyUser()
Get http proxy user.
|
String |
getHttpsProxyHost() |
Integer |
getHttpsProxyPort() |
static Configuration |
getInstance()
Getting the default Configuration object.
|
Hashtable<String,String> |
getJDigiDocConfiguration()
Returns configuration needed for JDigiDoc library.
|
long |
getMaxDataFileCachedInBytes()
Get the maximum size of data files to be cached.
|
long |
getMaxDataFileCachedInMB()
Get the maximum size of data files to be cached.
|
String |
getOCSPAccessCertificateFileName()
Get OCSP access certificate filename
|
char[] |
getOCSPAccessCertificatePassword()
Get OSCP access certificate password
|
String |
getOCSPAccessCertificatePasswordAsString()
Get OSCP access certificate password As String
|
String |
getOcspSource()
Get the OCSP Source
|
boolean |
getPrintValidationReport() |
int |
getRevocationAndTimestampDeltaInMinutes()
Revocation and timestamp delta in minutes.
|
DigestAlgorithm |
getSignatureDigestAlgorithm()
Signature digest algorithm.
|
SignatureProfile |
getSignatureProfile()
Signature profile.
|
int |
getSocketTimeout()
Get HTTP socket timeout
|
String |
getSslKeystorePassword()
Get Ssl keystore password.
|
String |
getSslKeystorePath()
Get SSL KeyStore path.
|
String |
getSslKeystoreType()
Get SSL KeyStore type.
|
String |
getSslTruststorePassword()
Get Ssl truststore password.
|
String |
getSslTruststorePath()
Get SSL TrustStore path
|
String |
getSslTruststoreType()
Get SSL TrustStore type.
|
ExecutorService |
getThreadExecutor()
Get thread executor.
|
List<String> |
getTrustedTerritories()
Get trusted territories.
|
TSLCertificateSource |
getTSL()
Loads TSL certificates
If configuration mode is TEST then TSL signature is not checked.
|
long |
getTslCacheExpirationTime()
Returns TSL cache expiration time in milliseconds.
|
String |
getTslKeyStoreLocation()
Get the Location to Keystore that holds potential TSL Signing certificates
|
String |
getTslKeyStorePassword()
Get the password for Keystore that holds potential TSL Signing certificates
|
String |
getTslLocation()
Get TSL location.
|
String |
getTspSource()
Get the TSP Source
|
String |
getTspSourceByCountry(String country)
Get the TSP source by country
|
String |
getValidationPolicy()
Get the validation policy
|
boolean |
hasToBeOCSPRequestSigned()
Returns configuration item must be OCSP request signed.
|
boolean |
isASN1UnsafeIntegerAllowed()
Get flag if ASN1 Unsafe Integer is Allowed.
|
boolean |
isBigFilesSupportEnabled()
Deprecated.
obnoxious naming. Use
storeDataFilesOnlyInMemory() instead. |
boolean |
isFullReportNeeded()
Get flag if full report needed.
|
boolean |
isNetworkProxyEnabled()
Is network proxy enabled?
|
boolean |
isOCSPSigningConfigurationAvailable()
Are requirements met for signing OCSP certificate?
|
boolean |
isProxyOfType(eu.europa.esig.dss.client.http.Protocol protocol) |
boolean |
isSslConfigurationEnabled()
Is ssl configuration enabled?
|
boolean |
isTest() |
Hashtable<String,String> |
loadConfiguration(InputStream stream)
Add configuration settings from a stream.
|
Hashtable<String,String> |
loadConfiguration(String file)
Add configuration settings from a file
|
Hashtable<String,String> |
loadConfiguration(String file,
boolean isReloadFromYaml)
Add configuration settings from a file
|
static Configuration |
of(Configuration.Mode mode)
Create new configuration in static context with application mode specified
|
void |
setAllowASN1UnsafeInteger(boolean isAllowed)
Set flag if ASN1 Unsafe Integer is Allowed.
|
void |
setAllowedTimestampAndOCSPResponseDeltaInMinutes(int timeInMinutes)
Set allowed delay between timestamp and OCSP response in minutes.
|
void |
setConnectionTimeout(int connectionTimeout)
Set HTTP connection timeout
|
void |
setFullReportNeeded(boolean isFullReport)
Set flag if full report needed.
|
void |
setHttpProxyHost(String httpProxyHost)
Set HTTP network proxy host.
|
void |
setHttpProxyPassword(String httpProxyPassword)
Set HTTP network proxy password.
|
void |
setHttpProxyPort(int httpProxyPort)
Set HTTP network proxy port.
|
void |
setHttpProxyUser(String httpProxyUser)
Set HTTP network proxy user name.
|
void |
setHttpsProxyHost(String httpsProxyHost)
Set HTTPS network proxy host.
|
void |
setHttpsProxyPort(int httpsProxyPort)
Set HTTPS network proxy port.
|
void |
setMaxFileSizeCachedInMemoryInMB(long maxFileSizeCachedInMB)
Sets limit in MB when handling files are creating temporary file for streaming in
container creation and adding data files.
|
void |
setOCSPAccessCertificateFileName(String fileName)
Set OCSP access certificate filename
|
void |
setOCSPAccessCertificatePassword(char[] password)
Set OCSP access certificate password
|
void |
setOcspSource(String ocspSource)
Set the OCSP source
|
void |
setPrintValidationReport(Boolean printValidationReport) |
void |
setRevocationAndTimestampDeltaInMinutes(int timeInMinutes)
Set Revocation and timestamp delta in minutes.
|
void |
setSignOCSPRequests(boolean shouldSignOcspRequests)
Set flag if OCSP requests should be signed
|
void |
setSocketTimeout(int socketTimeoutMilliseconds)
Set HTTP socket timeout
|
void |
setSslKeystorePassword(String sslKeystorePassword)
Set SSL KeyStore password.
|
void |
setSslKeystorePath(String sslKeystorePath)
Set SSL KeyStore path.
|
void |
setSslKeystoreType(String sslKeystoreType)
Set SSL KeyStore type.
|
void |
setSslTruststorePassword(String sslTruststorePassword)
Set SSL TrustStore password.
|
void |
setSslTruststorePath(String sslTruststorePath)
Set SSL TrustStore path.
|
void |
setSslTruststoreType(String sslTruststoreType)
Set SSL TrustStore type.
|
void |
setThreadExecutor(ExecutorService threadExecutor)
Set thread executor service.
|
void |
setTrustedTerritories(String... trustedTerritories)
Set countries and territories (2 letter country codes) whom to trust and accept certificates.
|
void |
setTSL(TSLCertificateSource certificateSource)
Set the TSL certificate source.
|
void |
setTslCacheExpirationTime(long cacheExpirationTimeInMilliseconds)
Sets the expiration time for TSL cache in milliseconds.
|
void |
setTslKeyStoreLocation(String tslKeyStoreLocation)
Set the KeyStore Location that holds potential TSL Signing certificates
|
void |
setTslKeyStorePassword(String tslKeyStorePassword)
Set the password for Keystore that holds potential TSL Signing certificates
|
void |
setTslLocation(String tslLocation)
Set the TSL location.
|
void |
setTspSource(String tspSource)
Set the TSP Source
|
void |
setValidationPolicy(String validationPolicy)
Set the validation policy
|
boolean |
shouldValidateTslSignature()
Flags that TSL signature should be validated.
|
boolean |
storeDataFilesOnlyInMemory()
If all the data files should be stored in memory.
|
public Configuration()
public Configuration(Configuration.Mode mode)
mode
- Application modepublic static Configuration getInstance()
The default configuration object is a singelton, meaning that all the containers will use the same registry object. It is a good idea to use only a single configuration object for all the containers so the operation times would be faster.
public static Configuration of(Configuration.Mode mode)
mode
- Application modepublic boolean isOCSPSigningConfigurationAvailable()
public String getOCSPAccessCertificateFileName()
public char[] getOCSPAccessCertificatePassword()
public String getOCSPAccessCertificatePasswordAsString()
public void setOCSPAccessCertificateFileName(String fileName)
fileName
- filename for the OCSP access certficatepublic void setOCSPAccessCertificatePassword(char[] password)
password
- password to setpublic void setSignOCSPRequests(boolean shouldSignOcspRequests)
shouldSignOcspRequests
- True if should sign, False otherwisepublic Hashtable<String,String> loadConfiguration(InputStream stream)
stream
- Input streampublic Hashtable<String,String> loadConfiguration(String file)
file
- File namepublic Hashtable<String,String> loadConfiguration(String file, boolean isReloadFromYaml)
file
- File nameisReloadFromYaml
- True if this is reloading callpublic Hashtable<String,String> getJDigiDocConfiguration()
@Deprecated public void enableBigFilesSupport(long maxFileSizeCachedInMB)
setMaxFileSizeCachedInMemoryInMB(long)
instead.maxFileSizeCachedInMB
- Maximum size in MB.public void setMaxFileSizeCachedInMemoryInMB(long maxFileSizeCachedInMB)
maxFileSizeCachedInMB
- maximum data file size in MB stored in memory.@Deprecated public boolean isBigFilesSupportEnabled()
storeDataFilesOnlyInMemory()
instead.public boolean storeDataFilesOnlyInMemory()
public boolean hasToBeOCSPRequestSigned()
Configuration.Mode.PROD
and false for Configuration.Mode.TEST
public long getMaxDataFileCachedInMB()
public long getMaxDataFileCachedInBytes()
public String getTslLocation()
public void setTSL(TSLCertificateSource certificateSource)
certificateSource
- TSL certificate source
When certificateSource equals null then getTSL() will load the TSL according to the TSL
location specified .public TSLCertificateSource getTSL()
public boolean shouldValidateTslSignature()
public void setTslLocation(String tslLocation)
tslLocation
- TSL Location to be usedpublic String getTspSource()
public String getTspSourceByCountry(String country)
country
- to use tsp sourcepublic void setConnectionTimeout(int connectionTimeout)
connectionTimeout
- connection timeout in millisecondspublic void setSocketTimeout(int socketTimeoutMilliseconds)
socketTimeoutMilliseconds
- socket timeout in millisecondspublic int getConnectionTimeout()
public int getSocketTimeout()
public void setTspSource(String tspSource)
tspSource
- TSPSource to be usedpublic String getOcspSource()
public void setTslKeyStoreLocation(String tslKeyStoreLocation)
tslKeyStoreLocation
- KeyStore location to usepublic String getTslKeyStoreLocation()
public void setTslKeyStorePassword(String tslKeyStorePassword)
tslKeyStorePassword
- Keystore passwordpublic String getTslKeyStorePassword()
public void setTslCacheExpirationTime(long cacheExpirationTimeInMilliseconds)
cacheExpirationTimeInMilliseconds
- cache expiration time in millisecondspublic long getTslCacheExpirationTime()
public Integer getAllowedTimestampAndOCSPResponseDeltaInMinutes()
public void setAllowedTimestampAndOCSPResponseDeltaInMinutes(int timeInMinutes)
timeInMinutes
- Allowed delay between timestamp and OCSP response in minutespublic void setOcspSource(String ocspSource)
ocspSource
- OCSP Source to be usedpublic String getValidationPolicy()
public void setValidationPolicy(String validationPolicy)
validationPolicy
- Policy to be usedpublic boolean getPrintValidationReport()
public void setPrintValidationReport(Boolean printValidationReport)
printValidationReport
- whether to print validation reportpublic int getRevocationAndTimestampDeltaInMinutes()
public void setRevocationAndTimestampDeltaInMinutes(int timeInMinutes)
timeInMinutes
- delta in minutes.public SignatureProfile getSignatureProfile()
public DigestAlgorithm getSignatureDigestAlgorithm()
public String getHttpsProxyHost()
public void setHttpsProxyHost(String httpsProxyHost)
httpsProxyHost
- https proxy host.public Integer getHttpsProxyPort()
public void setHttpsProxyPort(int httpsProxyPort)
httpsProxyPort
- https proxy port.public String getHttpProxyHost()
public void setHttpProxyHost(String httpProxyHost)
httpProxyHost
- http proxy host.public Integer getHttpProxyPort()
public void setHttpProxyPort(int httpProxyPort)
httpProxyPort
- Port number.public void setHttpProxyUser(String httpProxyUser)
httpProxyUser
- username.public String getHttpProxyUser()
public void setHttpProxyPassword(String httpProxyPassword)
httpProxyPassword
- password.public String getHttpProxyPassword()
public boolean isNetworkProxyEnabled()
public boolean isProxyOfType(eu.europa.esig.dss.client.http.Protocol protocol)
protocol
- protocolpublic boolean isSslConfigurationEnabled()
public void setSslKeystorePath(String sslKeystorePath)
sslKeystorePath
- path to a filepublic String getSslKeystorePath()
public void setSslKeystoreType(String sslKeystoreType)
sslKeystoreType
- type.public String getSslKeystoreType()
public void setSslKeystorePassword(String sslKeystorePassword)
sslKeystorePassword
- password.public String getSslKeystorePassword()
public void setSslTruststorePath(String sslTruststorePath)
sslTruststorePath
- path to a file.public String getSslTruststorePath()
public void setSslTruststoreType(String sslTruststoreType)
sslTruststoreType
- type.public String getSslTruststoreType()
public void setSslTruststorePassword(String sslTruststorePassword)
sslTruststorePassword
- password.public String getSslTruststorePassword()
public void setFullReportNeeded(boolean isFullReport)
isFullReport
- needed value.public boolean isFullReportNeeded()
public void setAllowASN1UnsafeInteger(boolean isAllowed)
isAllowed
- - True when ASN1 Unsafe Integer is Allowed.public boolean isASN1UnsafeIntegerAllowed()
public void setThreadExecutor(ExecutorService threadExecutor)
threadExecutor
- Thread executor service object.public ExecutorService getThreadExecutor()
public void setTrustedTerritories(String... trustedTerritories)
trustedTerritories
- list of 2 letter country codes.public List<String> getTrustedTerritories()
public boolean isTest()
Configuration.Mode.TEST
public Configuration copy()
Copyright © 2018. All rights reserved.