public class Configuration extends Object implements Serializable
Container
implementations.
It is possible to get the default Configuration object used in all containers by using
getInstance()
. This will return a singelton Configuration object used by default
if no configuration is provided.
Configuration.Mode.TEST
or Configuration.Mode.PROD
configuration. Default is Configuration.Mode.PROD
.
It is a good idea to use only a single configuration object for all the containers so the operation times would be faster.
It is also possible to set the mode using the System property. Setting the property "digidoc4j.mode" to "TEST" forces the default mode toConfiguration.Mode.TEST
mode
Configurations will be loaded from a file. The file must be in yaml format.
DIGIDOC_CAS: - DIGIDOC_CA: NAME: CA name TRADENAME: Tradename CERTS: - jar://certs/cert1.crt - jar://certs/cert2.crt OCSPS:Each DIGIDOC_CA entry must contain one or more OCSP certificates under the heading "OCSPS" similar to following format (values are examples only):
- OCSP: CA_CN: your certificate authority common name CA_CERT: jar://your ca_cn.crt CN: your common name CERTS: - jar://certs/Your first OCSP Certifications file.crt - jar://certs/Your second OCSP Certifications file.crt URL: http://ocsp.test.test
All entries must exist and be valid. Under CERTS must be at least one entry.
https://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf.
NB! Strict Validation applied by default.Modifier and Type | Class and Description |
---|---|
static class |
Configuration.Mode
Application mode
|
Constructor and Description |
---|
Configuration()
Create new configuration
|
Configuration(Configuration.Mode mode)
Create new configuration with application mode specified
|
Modifier and Type | Method and Description |
---|---|
Configuration |
copy()
Clones configuration
|
DataLoaderFactory |
getAiaDataLoaderFactory()
Deprecated.
Prefer to use
setAiaSourceFactory(AIASourceFactory) and
getAiaSourceFactory() instead.
If a custom AIA source factory is configured, then a custom AIA data loader factory has no effect. |
String |
getAiaOcspSourceByCN(String cn)
Get the AIA OCSP source by issuer's CN
|
AIASourceFactory |
getAiaSourceFactory()
Returns the currently set AIA source factory or
null if no custom AIA source factory is set. |
List<String> |
getAllowedOcspRespondersForTM()
Get allowed OCSP responders for timemark validation.
|
Integer |
getAllowedTimestampAndOCSPResponseDeltaInMinutes()
Returns allowed delay between timestamp and OCSP response in minutes.
|
int |
getConnectionTimeout()
Get HTTP connection timeout
|
DigestAlgorithm |
getDataFileDigestAlgorithm()
Datafile digest algorithm.
|
Hashtable<String,String> |
getDDoc4JConfiguration()
Returns configuration needed for DDoc4J library.
|
String |
getHttpProxyHost()
Get http proxy host.
|
String |
getHttpProxyHostFor(ExternalConnectionType connectionType)
Get http proxy host for specific external connection type.
|
String |
getHttpProxyPassword()
Get http proxy password.
|
String |
getHttpProxyPasswordFor(ExternalConnectionType connectionType)
Get http proxy password for specific type of external connections.
|
Integer |
getHttpProxyPort()
Get http proxy port.
|
Integer |
getHttpProxyPortFor(ExternalConnectionType connectionType)
Get http proxy port for specific type of external connections.
|
String |
getHttpProxyUser()
Get http proxy user.
|
String |
getHttpProxyUserFor(ExternalConnectionType connectionType)
Get http proxy user for specific type of external connections.
|
String |
getHttpsProxyHost() |
String |
getHttpsProxyHostFor(ExternalConnectionType connectionType) |
String |
getHttpsProxyPassword()
Get HTTPS proxy password.
|
String |
getHttpsProxyPasswordFor(ExternalConnectionType connectionType)
Get HTTPS proxy password for specific type of external connections.
|
Integer |
getHttpsProxyPort() |
Integer |
getHttpsProxyPortFor(ExternalConnectionType connectionType) |
String |
getHttpsProxyUser()
Get HTTPS proxy user.
|
String |
getHttpsProxyUserFor(ExternalConnectionType connectionType)
Get HTTPS proxy user for specific type of external connections.
|
static Configuration |
getInstance()
Getting the default Configuration object.
|
String |
getLotlLocation()
Get LOTL (List of Trusted Lists) location.
|
String |
getLotlTruststorePassword()
Get the password for the trust-store that holds potential LOTL signing certificates.
|
String |
getLotlTruststorePath()
Get the path to the trust-store that holds potential LOTL signing certificates.
|
String |
getLotlTruststoreType()
Get the type of the trust-store that holds potential LOTL signing certificates.
|
int |
getMaxAllowedZipCompressionRatio()
Get the maximum ratio of how much are the contents of a ZIP-based container allowed to expand on unpacking before
the container is considered harmful.
|
long |
getMaxDataFileCachedInBytes()
Get the maximum size of data files to be cached.
|
long |
getMaxDataFileCachedInMB()
Get the maximum size of data files to be cached.
|
String |
getOCSPAccessCertificateFileName()
Get OCSP access certificate filename
|
char[] |
getOCSPAccessCertificatePassword()
Get OSCP access certificate password
|
String |
getOCSPAccessCertificatePasswordAsString()
Get OSCP access certificate password As String
|
DataLoaderFactory |
getOcspDataLoaderFactory()
Returns the currently set OCSP data loader factory or
null if no custom data loader factory is set. |
String |
getOcspSource()
Get the OCSP Source
|
boolean |
getPrintValidationReport() |
List<String> |
getRequiredTerritories()
Get required territories.
|
int |
getRevocationAndTimestampDeltaInMinutes()
Revocation and timestamp delta in minutes.
|
DigestAlgorithm |
getSignatureDigestAlgorithm()
Signature digest algorithm.
|
SignatureProfile |
getSignatureProfile()
Signature profile.
|
int |
getSocketTimeout()
Get HTTP socket timeout
|
String |
getSslKeystorePassword()
Get Ssl keystore password.
|
String |
getSslKeystorePasswordFor(ExternalConnectionType connectionType)
Get Ssl keystore password for specific type of external connections.
|
String |
getSslKeystorePath()
Get SSL KeyStore path.
|
String |
getSslKeystorePathFor(ExternalConnectionType connectionType)
Get SSL KeyStore path for specific type of external connections.
|
String |
getSslKeystoreType()
Get SSL KeyStore type.
|
String |
getSslKeystoreTypeFor(ExternalConnectionType connectionType)
Get SSL KeyStore type for specific type of external connections.
|
String |
getSslProtocol()
Get SSL protocol.
|
String |
getSslProtocolFor(ExternalConnectionType connectionType)
Get SSL protocol for specific type of external connections.
|
String |
getSslTruststorePassword()
Get Ssl truststore password.
|
String |
getSslTruststorePasswordFor(ExternalConnectionType connectionType)
Get Ssl truststore password for specific type of external connections.
|
String |
getSslTruststorePath()
Get SSL TrustStore path
|
String |
getSslTruststorePathFor(ExternalConnectionType connectionType)
Get SSL TrustStore path for specific type of external connections.
|
String |
getSslTruststoreType()
Get SSL TrustStore type.
|
String |
getSslTruststoreTypeFor(ExternalConnectionType connectionType)
Get SSL TrustStore type for specific type of external connections.
|
List<String> |
getSupportedSslCipherSuites()
Get supported SSL cipher suites.
|
List<String> |
getSupportedSslCipherSuitesFor(ExternalConnectionType connectionType)
Get supported SSL cipher suites for specific type of external connections.
|
List<String> |
getSupportedSslProtocols()
Get supported SSL protocols.
|
List<String> |
getSupportedSslProtocolsFor(ExternalConnectionType connectionType)
Get supported SSL protocols for specific type of external connections.
|
long |
getTempFileMaxAge()
Get temp file max age
|
ExecutorService |
getThreadExecutor()
Get thread executor.
|
List<String> |
getTrustedTerritories()
Get trusted territories.
|
TSLCertificateSource |
getTSL()
Loads TSL certificates
If configuration mode is TEST then TSL signature is not checked.
|
long |
getTslCacheExpirationTime()
Returns TSL cache expiration time in milliseconds.
|
DataLoaderFactory |
getTslDataLoaderFactory()
Deprecated.
Prefer to use
setTslFileLoaderFactory(DSSFileLoaderFactory)
and getTslFileLoaderFactory() instead.
If a custom TSL file loader factory is configured, then a custom TSL data loader factory has no effect.
If a data loader created by a custom TSL data loader factory does not implement
DSSFileLoader , then it is wrapped into a
FileCacheDataLoader . |
DSSFileLoaderFactory |
getTslFileLoaderFactory()
Returns the currently set TSL file loader factory or
null if no custom file loader factory is set. |
String |
getTslKeyStoreLocation()
Deprecated.
Use
getLotlTruststorePath() instead. |
String |
getTslKeyStorePassword()
Deprecated.
Use
getLotlTruststorePassword() instead. |
String |
getTslLocation()
Deprecated.
Use
getLotlLocation() instead. |
TSLRefreshCallback |
getTslRefreshCallback()
Returns the currently configured TSL refresh callback or
null if no custom callback is configured. |
DataLoaderFactory |
getTspDataLoaderFactory()
Returns the currently set TSP data loader factory or
null if no custom data loader factory is set. |
String |
getTspSource()
Get the TSP Source
|
String |
getTspSourceByCountry(String country)
Get the TSP source by country
|
boolean |
getUseNonceForAiaOcspByCN(String cn)
Get the AIA OCSP source by issuer's CN
|
String |
getValidationPolicy()
Get the validation policy
|
long |
getZipCompressionRatioCheckThresholdInBytes()
Get the threshold of how much memory (in bytes) are the unpacked contents of a ZIP-based container allowed to
consume before ZIP compression ratio check kicks in.
|
boolean |
hasToBeOCSPRequestSigned()
Returns configuration item must be OCSP request signed.
|
boolean |
isAiaOcspPreferred()
Get flag if AIA OCSP is preferred.
|
boolean |
isASN1UnsafeIntegerAllowed()
Get flag if ASN1 Unsafe Integer is Allowed.
|
boolean |
isFullReportNeeded()
Deprecated.
Deprecated for removal. Enabling this feature can, in some cases, produce false negative validation results.
|
boolean |
isLotlPivotSupportEnabled()
Get whether LOTL pivot support is enabled
|
boolean |
isNetworkProxyEnabled()
Is network proxy enabled?
|
boolean |
isNetworkProxyEnabledFor(ExternalConnectionType connectionType)
Is network proxy enabled for specific type of external connections?
|
boolean |
isOcspNonceUsed()
Get if OCSP nonce should be used
|
boolean |
isOCSPSigningConfigurationAvailable()
Are requirements met for signing OCSP certificate?
|
boolean |
isProxyOfType(eu.europa.esig.dss.spi.client.http.Protocol protocol) |
boolean |
isProxyOfTypeFor(ExternalConnectionType connectionType,
eu.europa.esig.dss.spi.client.http.Protocol protocol) |
boolean |
isSslConfigurationEnabled()
Is ssl configuration enabled?
|
boolean |
isSslConfigurationEnabledFor(ExternalConnectionType connectionType)
Is ssl configuration enabled for specific type of external connections?
|
boolean |
isTest() |
Hashtable<String,String> |
loadConfiguration(InputStream stream)
Add configuration settings from a stream.
|
Hashtable<String,String> |
loadConfiguration(String file)
Add configuration settings from a file
|
Hashtable<String,String> |
loadConfiguration(String file,
boolean isReloadFromYaml)
Add configuration settings from a file
|
static Configuration |
of(Configuration.Mode mode)
Create new configuration in static context with application mode specified
|
void |
setAiaDataLoaderFactory(DataLoaderFactory aiaDataLoaderFactory)
Deprecated.
Prefer to use
setAiaSourceFactory(AIASourceFactory) and
getAiaSourceFactory() instead.
If a custom AIA source factory is configured, then a custom AIA data loader factory has no effect. |
void |
setAiaSourceFactory(AIASourceFactory aiaSourceFactory)
Set an AIA source factory that manages the creation of custom AIA sources.
|
void |
setAllowASN1UnsafeInteger(boolean isAllowed)
Set flag if ASN1 Unsafe Integer is Allowed.
|
void |
setAllowedOcspRespondersForTM(String... allowedOcspRespondersForTM)
Set allowed OCSP responders common names for timemark validation.
|
void |
setAllowedTimestampAndOCSPResponseDeltaInMinutes(int timeInMinutes)
Set allowed delay between timestamp and OCSP response in minutes.
|
void |
setConnectionTimeout(int connectionTimeout)
Set HTTP connection timeout
|
void |
setDataFileDigestAlgorithm(DigestAlgorithm digestAlgorithm)
Set datafile digest algorithm.
|
void |
setFullReportNeeded(boolean isFullReport)
Deprecated.
Deprecated for removal. Enabling this feature can, in some cases, produce false negative validation results.
|
void |
setHttpProxyHost(String httpProxyHost)
Set HTTP network proxy host.
|
void |
setHttpProxyHostFor(ExternalConnectionType connectionType,
String httpProxyHost)
Set HTTP network proxy host for specific type of external connections.
|
void |
setHttpProxyPassword(String httpProxyPassword)
Set HTTP network proxy password.
|
void |
setHttpProxyPasswordFor(ExternalConnectionType connectionType,
String httpProxyPassword)
Set HTTP network proxy password for specific type of external connections.
|
void |
setHttpProxyPort(int httpProxyPort)
Set HTTP network proxy port.
|
void |
setHttpProxyPortFor(ExternalConnectionType connectionType,
int httpProxyPort)
Set HTTP network proxy port for specific type of external connections.
|
void |
setHttpProxyUser(String httpProxyUser)
Set HTTP network proxy user name.
|
void |
setHttpProxyUserFor(ExternalConnectionType connectionType,
String httpProxyUser)
Set HTTP network proxy user name for specific type of external connections.
|
void |
setHttpsProxyHost(String httpsProxyHost)
Set HTTPS network proxy host.
|
void |
setHttpsProxyHostFor(ExternalConnectionType connectionType,
String httpsProxyHost)
Set HTTPS network proxy host for specific type of external connections.
|
void |
setHttpsProxyPassword(String httpsProxyPassword)
Set HTTPS network proxy password.
|
void |
setHttpsProxyPasswordFor(ExternalConnectionType connectionType,
String httpsProxyPassword)
Set HTTPS network proxy password for specific type of external connections.
|
void |
setHttpsProxyPort(int httpsProxyPort)
Set HTTPS network proxy port.
|
void |
setHttpsProxyPortFor(ExternalConnectionType connectionType,
int httpsProxyPort)
Set HTTPS network proxy port for specific type of external connections.
|
void |
setHttpsProxyUser(String httpsProxyUser)
Set HTTPS network proxy user name.
|
void |
setHttpsProxyUserFor(ExternalConnectionType connectionType,
String httpsProxyUser)
Set HTTPS network proxy user name for specific type of external connections.
|
void |
setLotlLocation(String lotlLocation)
Set LOTL (List of Trusted Lists) location.
|
void |
setLotlPivotSupportEnabled(boolean lotlPivotSupport)
Set whether LOTL pivot support should be enabled
|
void |
setLotlTruststorePassword(String lotlTruststorePassword)
Set the password for the trust-store that holds potential LOTL signing certificates.
|
void |
setLotlTruststorePath(String lotlTruststorePath)
Set the path to the trust-store that holds potential LOTL signing certificates.
|
void |
setLotlTruststoreType(String lotlTruststoreType)
Set the type of the trust-store that holds potential LOTL signing certificates.
|
void |
setMaxAllowedZipCompressionRatio(int maxAllowedZipCompressionRatio)
Set the maximum ratio of how much are the contents of a ZIP-based container allowed to expand on unpacking before
the container is considered harmful.
|
void |
setMaxFileSizeCachedInMemoryInMB(long maxFileSizeCachedInMB)
Sets limit in MB when handling files are creating temporary file for streaming in
container creation and adding data files.
|
void |
setOCSPAccessCertificateFileName(String fileName)
Set OCSP access certificate filename
|
void |
setOCSPAccessCertificatePassword(char[] password)
Set OCSP access certificate password
|
void |
setOcspDataLoaderFactory(DataLoaderFactory ocspDataLoaderFactory)
Set a data loader factory that manages the creation of custom data loaders for creating OCSP requests.
|
void |
setOcspSource(String ocspSource)
Set the OCSP source
|
void |
setPreferAiaOcsp(boolean preferAiaOcsp)
Set flag if AIA OCSP is preferred.
|
void |
setPrintValidationReport(Boolean printValidationReport) |
void |
setRequiredTerritories(String... requiredTerritories)
Set countries and territories (alpha-2 country codes) whose trusted lists must always be successfully
loaded into the TSL.
|
void |
setRevocationAndTimestampDeltaInMinutes(int timeInMinutes)
Set Revocation and timestamp delta in minutes.
|
void |
setSignatureDigestAlgorithm(DigestAlgorithm digestAlgorithm)
Set signature digest algorithm.
|
void |
setSignatureProfile(SignatureProfile signatureProfile)
Set signature profile.
|
void |
setSignOCSPRequests(boolean shouldSignOcspRequests)
Set flag if OCSP requests should be signed
|
void |
setSocketTimeout(int socketTimeoutMilliseconds)
Set HTTP socket timeout
|
void |
setSslKeystorePassword(String sslKeystorePassword)
Set SSL KeyStore password.
|
void |
setSslKeystorePasswordFor(ExternalConnectionType connectionType,
String sslKeystorePassword)
Set SSL KeyStore password for specific type of external connections.
|
void |
setSslKeystorePath(String sslKeystorePath)
Set SSL KeyStore path.
|
void |
setSslKeystorePathFor(ExternalConnectionType connectionType,
String sslKeystorePath)
Set SSL KeyStore path for specific type of external connections.
|
void |
setSslKeystoreType(String sslKeystoreType)
Set SSL KeyStore type.
|
void |
setSslKeystoreTypeFor(ExternalConnectionType connectionType,
String sslKeystoreType)
Set SSL KeyStore type for specific type of external connections.
|
void |
setSslProtocol(String sslProtocol)
Set SSL protocol.
|
void |
setSslProtocolFor(ExternalConnectionType connectionType,
String sslProtocol)
Set SSL protocol for specific type of external connections.
|
void |
setSslTruststorePassword(String sslTruststorePassword)
Set SSL TrustStore password.
|
void |
setSslTruststorePasswordFor(ExternalConnectionType connectionType,
String sslTruststorePassword)
Set SSL TrustStore password for specific type of external connections.
|
void |
setSslTruststorePath(String sslTruststorePath)
Set SSL TrustStore path.
|
void |
setSslTruststorePathFor(ExternalConnectionType connectionType,
String sslTruststorePath)
Set SSL TrustStore path for specific type of external connections.
|
void |
setSslTruststoreType(String sslTruststoreType)
Set SSL TrustStore type.
|
void |
setSslTruststoreTypeFor(ExternalConnectionType connectionType,
String sslTruststoreType)
Set SSL TrustStore type for specific type of external connections.
|
void |
setSupportedSslCipherSuites(List<String> supportedSslCipherSuites)
Set supported SSL cipher suites.
|
void |
setSupportedSslCipherSuitesFor(ExternalConnectionType connectionType,
List<String> supportedSslCipherSuites)
Set supported SSL cipher suites for specific type of external connections.
|
void |
setSupportedSslProtocols(List<String> supportedSslProtocols)
Set supported SSL protocols.
|
void |
setSupportedSslProtocolsFor(ExternalConnectionType connectionType,
List<String> supportedSslProtocols)
Set supported SSL protocols for specific type of external connections.
|
void |
setTempFileMaxAge(long tempFileMaxAgeInMillis)
Set temp file max age in millis
|
void |
setThreadExecutor(ExecutorService threadExecutor)
Set thread executor service.
|
void |
setTrustedTerritories(String... trustedTerritories)
Set countries and territories (alpha-2 country codes) whom to trust and accept certificates.
|
void |
setTSL(TSLCertificateSource certificateSource)
Set the TSL certificate source.
|
void |
setTslCacheExpirationTime(long cacheExpirationTimeInMilliseconds)
Sets the expiration time for TSL cache in milliseconds.
|
void |
setTslDataLoaderFactory(DataLoaderFactory tslDataLoaderFactory)
Deprecated.
Prefer to use
setTslFileLoaderFactory(DSSFileLoaderFactory)
and getTslFileLoaderFactory() instead.
If a custom TSL file loader factory is configured, then a custom TSL data loader factory has no effect.
If a data loader created by a custom TSL data loader factory does not implement
DSSFileLoader , then it is wrapped into a
FileCacheDataLoader . |
void |
setTslFileLoaderFactory(DSSFileLoaderFactory tslFileLoaderFactory)
Set a file loader factory that manages the creation of custom file loaders for downloading TSL.
|
void |
setTslKeyStoreLocation(String tslKeyStoreLocation)
Deprecated.
Use
setLotlTruststorePath(String) instead. |
void |
setTslKeyStorePassword(String tslKeyStorePassword)
Deprecated.
Use
setLotlTruststorePassword(String) instead. |
void |
setTslLocation(String tslLocation)
Deprecated.
Use
setLotlLocation(String) instead. |
void |
setTslRefreshCallback(TSLRefreshCallback tslRefreshCallback)
Sets a callback that validates the state of the TSL after each TSL refresh.
|
void |
setTspDataLoaderFactory(DataLoaderFactory tspDataLoaderFactory)
Set a data loader factory that manages the creation of custom data loaders for creating TSP requests.
|
void |
setTspSource(String tspSource)
Set the TSP Source
|
void |
setUseOcspNonce(Boolean useOcspNonce)
Set if nonce should be used in case of OCSP request
PS! Does not affect TM signature profiles in which occasion nonce is always used.
|
void |
setValidationPolicy(String validationPolicy)
Set the validation policy
|
void |
setZipCompressionRatioCheckThresholdInBytes(long zipCompressionRatioCheckThresholdInBytes)
Set the threshold of how much memory (in bytes) are the unpacked contents of a ZIP-based container allowed to
consume before ZIP compression ratio check kicks in.
|
boolean |
storeDataFilesOnlyInMemory()
If all the data files should be stored in memory.
|
public Configuration()
public Configuration(Configuration.Mode mode)
mode
- Application modepublic static Configuration getInstance()
The default configuration object is a singelton, meaning that all the containers will use the same registry object. It is a good idea to use only a single configuration object for all the containers so the operation times would be faster.
public static Configuration of(Configuration.Mode mode)
mode
- Application modepublic boolean isOCSPSigningConfigurationAvailable()
public String getOCSPAccessCertificateFileName()
public char[] getOCSPAccessCertificatePassword()
public String getOCSPAccessCertificatePasswordAsString()
public void setOCSPAccessCertificateFileName(String fileName)
fileName
- filename for the OCSP access certficatepublic void setOCSPAccessCertificatePassword(char[] password)
password
- password to setpublic void setSignOCSPRequests(boolean shouldSignOcspRequests)
shouldSignOcspRequests
- True if should sign, False otherwisepublic void setOcspDataLoaderFactory(DataLoaderFactory ocspDataLoaderFactory)
ocspDataLoaderFactory
- OCSP data loader factory.public DataLoaderFactory getOcspDataLoaderFactory()
null
if no custom data loader factory is set.public Hashtable<String,String> loadConfiguration(InputStream stream)
stream
- Input streampublic Hashtable<String,String> loadConfiguration(String file)
file
- File namepublic Hashtable<String,String> loadConfiguration(String file, boolean isReloadFromYaml)
file
- File nameisReloadFromYaml
- True if this is reloading callpublic Hashtable<String,String> getDDoc4JConfiguration()
public void setMaxFileSizeCachedInMemoryInMB(long maxFileSizeCachedInMB)
maxFileSizeCachedInMB
- maximum data file size in MB stored in memory.public boolean storeDataFilesOnlyInMemory()
public boolean hasToBeOCSPRequestSigned()
Configuration.Mode.PROD
and false for Configuration.Mode.TEST
public long getMaxDataFileCachedInMB()
public long getMaxDataFileCachedInBytes()
public void setLotlLocation(String lotlLocation)
lotlLocation
- LOTL location to be usedpublic String getLotlLocation()
@Deprecated public String getTslLocation()
getLotlLocation()
instead.public void setTSL(TSLCertificateSource certificateSource)
certificateSource
- TSL certificate source
When certificateSource equals null then getTSL() will load the TSL according to the TSL
location specified .public TSLCertificateSource getTSL()
@Deprecated public void setTslLocation(String tslLocation)
setLotlLocation(String)
instead.tslLocation
- TSL Location to be usedpublic void setTslFileLoaderFactory(DSSFileLoaderFactory tslFileLoaderFactory)
tslFileLoaderFactory
- TSL file loader factory.public DSSFileLoaderFactory getTslFileLoaderFactory()
null
if no custom file loader factory is set.public void setTslRefreshCallback(TSLRefreshCallback tslRefreshCallback)
tslRefreshCallback
- a callback to validate TSL after a refreshpublic TSLRefreshCallback getTslRefreshCallback()
null
if no custom callback is configured.null
@Deprecated public void setTslDataLoaderFactory(DataLoaderFactory tslDataLoaderFactory)
setTslFileLoaderFactory(DSSFileLoaderFactory)
and getTslFileLoaderFactory()
instead.
If a custom TSL file loader factory is configured, then a custom TSL data loader factory has no effect.
If a data loader created by a custom TSL data loader factory does not implement
DSSFileLoader
, then it is wrapped into a
FileCacheDataLoader
.tslDataLoaderFactory
- TSL data loader factory.@Deprecated public DataLoaderFactory getTslDataLoaderFactory()
setTslFileLoaderFactory(DSSFileLoaderFactory)
and getTslFileLoaderFactory()
instead.
If a custom TSL file loader factory is configured, then a custom TSL data loader factory has no effect.
If a data loader created by a custom TSL data loader factory does not implement
DSSFileLoader
, then it is wrapped into a
FileCacheDataLoader
.null
if no custom data loader factory is set.@Deprecated public void setAiaDataLoaderFactory(DataLoaderFactory aiaDataLoaderFactory)
setAiaSourceFactory(AIASourceFactory)
and
getAiaSourceFactory()
instead.
If a custom AIA source factory is configured, then a custom AIA data loader factory has no effect.aiaDataLoaderFactory
- AIA data loader factory.@Deprecated public DataLoaderFactory getAiaDataLoaderFactory()
setAiaSourceFactory(AIASourceFactory)
and
getAiaSourceFactory()
instead.
If a custom AIA source factory is configured, then a custom AIA data loader factory has no effect.null
if no custom data loader factory is set.public void setAiaSourceFactory(AIASourceFactory aiaSourceFactory)
aiaSourceFactory
- AIA source factorypublic AIASourceFactory getAiaSourceFactory()
null
if no custom AIA source factory is set.public String getTspSource()
public String getTspSourceByCountry(String country)
country
- to use tsp sourcepublic void setTspDataLoaderFactory(DataLoaderFactory tspDataLoaderFactory)
tspDataLoaderFactory
- TSP data loader factory.public DataLoaderFactory getTspDataLoaderFactory()
null
if no custom data loader factory is set.public void setPreferAiaOcsp(boolean preferAiaOcsp)
preferAiaOcsp
- - True when AIA OCSP is preferredpublic boolean isAiaOcspPreferred()
public String getAiaOcspSourceByCN(String cn)
cn
- to use AIA OCSP sourcepublic boolean getUseNonceForAiaOcspByCN(String cn)
cn
- to use AIA OCSP sourcepublic void setTempFileMaxAge(long tempFileMaxAgeInMillis)
tempFileMaxAgeInMillis
- max age in millispublic long getTempFileMaxAge()
public void setConnectionTimeout(int connectionTimeout)
connectionTimeout
- connection timeout in millisecondspublic void setSocketTimeout(int socketTimeoutMilliseconds)
socketTimeoutMilliseconds
- socket timeout in millisecondspublic int getConnectionTimeout()
public int getSocketTimeout()
public void setTspSource(String tspSource)
tspSource
- TSPSource to be usedpublic String getOcspSource()
public void setUseOcspNonce(Boolean useOcspNonce)
useOcspNonce
- public boolean isOcspNonceUsed()
@Deprecated public void setTslKeyStoreLocation(String tslKeyStoreLocation)
setLotlTruststorePath(String)
instead.tslKeyStoreLocation
- KeyStore location to use@Deprecated public String getTslKeyStoreLocation()
getLotlTruststorePath()
instead.@Deprecated public void setTslKeyStorePassword(String tslKeyStorePassword)
setLotlTruststorePassword(String)
instead.tslKeyStorePassword
- Keystore password@Deprecated public String getTslKeyStorePassword()
getLotlTruststorePassword()
instead.public void setLotlTruststorePath(String lotlTruststorePath)
lotlTruststorePath
- LOTL trust-store path to usepublic String getLotlTruststorePath()
public void setLotlTruststoreType(String lotlTruststoreType)
PKCS12
.lotlTruststoreType
- LOTL trust-store type to usepublic String getLotlTruststoreType()
public void setLotlTruststorePassword(String lotlTruststorePassword)
lotlTruststorePassword
- LOTL trust-store passwordpublic String getLotlTruststorePassword()
public void setLotlPivotSupportEnabled(boolean lotlPivotSupport)
lotlPivotSupport
- whether LOTL pivot support should be enabledpublic boolean isLotlPivotSupportEnabled()
public void setTslCacheExpirationTime(long cacheExpirationTimeInMilliseconds)
cacheExpirationTimeInMilliseconds
- cache expiration time in millisecondspublic long getTslCacheExpirationTime()
public Integer getAllowedTimestampAndOCSPResponseDeltaInMinutes()
public void setAllowedTimestampAndOCSPResponseDeltaInMinutes(int timeInMinutes)
timeInMinutes
- Allowed delay between timestamp and OCSP response in minutespublic void setOcspSource(String ocspSource)
ocspSource
- OCSP Source to be usedpublic String getValidationPolicy()
public void setValidationPolicy(String validationPolicy)
validationPolicy
- Policy to be usedpublic boolean getPrintValidationReport()
public void setPrintValidationReport(Boolean printValidationReport)
printValidationReport
- whether to print validation reportpublic int getRevocationAndTimestampDeltaInMinutes()
public void setRevocationAndTimestampDeltaInMinutes(int timeInMinutes)
timeInMinutes
- delta in minutes.public SignatureProfile getSignatureProfile()
public void setSignatureProfile(SignatureProfile signatureProfile)
signatureProfile
- profile of the signaturepublic DigestAlgorithm getSignatureDigestAlgorithm()
public void setSignatureDigestAlgorithm(DigestAlgorithm digestAlgorithm)
digestAlgorithm
- digest algorithm of signaturepublic DigestAlgorithm getDataFileDigestAlgorithm()
public void setDataFileDigestAlgorithm(DigestAlgorithm digestAlgorithm)
digestAlgorithm
- digest algorithm of datafilepublic String getHttpsProxyHost()
public String getHttpsProxyHostFor(ExternalConnectionType connectionType)
connectionType
- type of external connections.public void setHttpsProxyHost(String httpsProxyHost)
httpsProxyHost
- https proxy host.public void setHttpsProxyHostFor(ExternalConnectionType connectionType, String httpsProxyHost)
setHttpsProxyHost(String)
connectionType
- type of external connections.httpsProxyHost
- https proxy host.public Integer getHttpsProxyPort()
public Integer getHttpsProxyPortFor(ExternalConnectionType connectionType)
connectionType
- type of external connectionpublic void setHttpsProxyPort(int httpsProxyPort)
httpsProxyPort
- https proxy port.public void setHttpsProxyPortFor(ExternalConnectionType connectionType, int httpsProxyPort)
setHttpsProxyPort(int)
connectionType
- type of external connections.httpsProxyPort
- https proxy port.public void setHttpsProxyUser(String httpsProxyUser)
httpsProxyUser
- username.public void setHttpsProxyUserFor(ExternalConnectionType connectionType, String httpsProxyUser)
setHttpsProxyUser(String)
connectionType
- type of external connections.httpsProxyUser
- username.public String getHttpsProxyUser()
public String getHttpsProxyUserFor(ExternalConnectionType connectionType)
connectionType
- type of external connections.public void setHttpsProxyPassword(String httpsProxyPassword)
httpsProxyPassword
- password.public void setHttpsProxyPasswordFor(ExternalConnectionType connectionType, String httpsProxyPassword)
setHttpsProxyPassword(String)
connectionType
- type of external connections.httpsProxyPassword
- password.public String getHttpsProxyPassword()
public String getHttpsProxyPasswordFor(ExternalConnectionType connectionType)
connectionType
- type of external connections.public String getHttpProxyHost()
public String getHttpProxyHostFor(ExternalConnectionType connectionType)
connectionType
- type of external connections.public void setHttpProxyHost(String httpProxyHost)
httpProxyHost
- http proxy host.public void setHttpProxyHostFor(ExternalConnectionType connectionType, String httpProxyHost)
setHttpProxyHost(String)
connectionType
- type of external connections.httpProxyHost
- http proxy host.public Integer getHttpProxyPort()
public Integer getHttpProxyPortFor(ExternalConnectionType connectionType)
connectionType
- type of external connections.public void setHttpProxyPort(int httpProxyPort)
httpProxyPort
- Port number.public void setHttpProxyPortFor(ExternalConnectionType connectionType, int httpProxyPort)
setHttpProxyPort(int)
connectionType
- type of external connections.httpProxyPort
- Port number.public void setHttpProxyUser(String httpProxyUser)
httpProxyUser
- username.public void setHttpProxyUserFor(ExternalConnectionType connectionType, String httpProxyUser)
setHttpProxyUser(String)
connectionType
- type of external connections.httpProxyUser
- username.public String getHttpProxyUser()
public String getHttpProxyUserFor(ExternalConnectionType connectionType)
connectionType
- type of external connections.public void setHttpProxyPassword(String httpProxyPassword)
httpProxyPassword
- password.public void setHttpProxyPasswordFor(ExternalConnectionType connectionType, String httpProxyPassword)
setHttpProxyPassword(String)
connectionType
- type of external connections.httpProxyPassword
- password.public String getHttpProxyPassword()
public String getHttpProxyPasswordFor(ExternalConnectionType connectionType)
connectionType
- type of external connections.public boolean isNetworkProxyEnabled()
public boolean isNetworkProxyEnabledFor(ExternalConnectionType connectionType)
connectionType
- type of external connections.public boolean isProxyOfType(eu.europa.esig.dss.spi.client.http.Protocol protocol)
protocol
- protocolpublic boolean isProxyOfTypeFor(ExternalConnectionType connectionType, eu.europa.esig.dss.spi.client.http.Protocol protocol)
connectionType
- type of external connectionsprotocol
- protocolpublic boolean isSslConfigurationEnabled()
public boolean isSslConfigurationEnabledFor(ExternalConnectionType connectionType)
connectionType
- type of external connections.public void setSslKeystorePath(String sslKeystorePath)
sslKeystorePath
- path to SSL keystore.public void setSslKeystorePathFor(ExternalConnectionType connectionType, String sslKeystorePath)
setSslKeystorePath(String)
connectionType
- type of external connections.sslKeystorePath
- path to SSL keystore.public String getSslKeystorePath()
public String getSslKeystorePathFor(ExternalConnectionType connectionType)
connectionType
- type of external connections.public void setSslKeystoreType(String sslKeystoreType)
sslKeystoreType
- type of SSL keystore.public void setSslKeystoreTypeFor(ExternalConnectionType connectionType, String sslKeystoreType)
setSslKeystoreType(String)
connectionType
- type of external connections.sslKeystoreType
- type of SSL keystore.public String getSslKeystoreType()
public String getSslKeystoreTypeFor(ExternalConnectionType connectionType)
connectionType
- type of external connections.public void setSslKeystorePassword(String sslKeystorePassword)
sslKeystorePassword
- SSL keystore password.public void setSslKeystorePasswordFor(ExternalConnectionType connectionType, String sslKeystorePassword)
setSslKeystorePassword(String)
connectionType
- type of external connections.sslKeystorePassword
- SSL keystore password.public String getSslKeystorePassword()
public String getSslKeystorePasswordFor(ExternalConnectionType connectionType)
connectionType
- type of external connections.public void setSslTruststorePath(String sslTruststorePath)
sslTruststorePath
- path to SSL truststore.public void setSslTruststorePathFor(ExternalConnectionType connectionType, String sslTruststorePath)
setSslTruststorePath(String)
connectionType
- type of external connections.sslTruststorePath
- path to SSL truststore.public String getSslTruststorePath()
public String getSslTruststorePathFor(ExternalConnectionType connectionType)
connectionType
- type of external connections.public void setSslTruststoreType(String sslTruststoreType)
sslTruststoreType
- type of SSL truststore.public void setSslTruststoreTypeFor(ExternalConnectionType connectionType, String sslTruststoreType)
setSslTruststoreType(String)
connectionType
- type of external connections.sslTruststoreType
- type of SSL truststore.public String getSslTruststoreType()
public String getSslTruststoreTypeFor(ExternalConnectionType connectionType)
connectionType
- type of external connections.public void setSslTruststorePassword(String sslTruststorePassword)
sslTruststorePassword
- SSL truststore password.public void setSslTruststorePasswordFor(ExternalConnectionType connectionType, String sslTruststorePassword)
setSslTruststorePassword(String)
connectionType
- type of external connections.sslTruststorePassword
- SSL truststore password.public String getSslTruststorePassword()
public String getSslTruststorePasswordFor(ExternalConnectionType connectionType)
connectionType
- type of external connections.public void setSslProtocol(String sslProtocol)
sslProtocol
- SSL protocol.public void setSslProtocolFor(ExternalConnectionType connectionType, String sslProtocol)
setSslProtocol(String)
connectionType
- type of external connections.sslProtocol
- SSL protocol.public String getSslProtocol()
public String getSslProtocolFor(ExternalConnectionType connectionType)
connectionType
- type of external connections.public void setSupportedSslProtocols(List<String> supportedSslProtocols)
supportedSslProtocols
- list of supported SSL protocols.public void setSupportedSslProtocolsFor(ExternalConnectionType connectionType, List<String> supportedSslProtocols)
setSupportedSslProtocols(List)
connectionType
- type of external connections.supportedSslProtocols
- list of supported SSL protocols.public List<String> getSupportedSslProtocols()
public List<String> getSupportedSslProtocolsFor(ExternalConnectionType connectionType)
connectionType
- type of external connections.public void setSupportedSslCipherSuites(List<String> supportedSslCipherSuites)
supportedSslCipherSuites
- list of supported SSL cipher suites.public void setSupportedSslCipherSuitesFor(ExternalConnectionType connectionType, List<String> supportedSslCipherSuites)
setSupportedSslCipherSuites(List)
connectionType
- type of external connections.supportedSslCipherSuites
- list of supported SSL cipher suites.public List<String> getSupportedSslCipherSuites()
public List<String> getSupportedSslCipherSuitesFor(ExternalConnectionType connectionType)
connectionType
- type of external connections.@Deprecated public void setFullReportNeeded(boolean isFullReport)
isFullReport
- needed value.@Deprecated public boolean isFullReportNeeded()
public void setAllowASN1UnsafeInteger(boolean isAllowed)
isAllowed
- - True when ASN1 Unsafe Integer is Allowed.public boolean isASN1UnsafeIntegerAllowed()
public void setThreadExecutor(ExecutorService threadExecutor)
threadExecutor
- Thread executor service object.public ExecutorService getThreadExecutor()
public void setTrustedTerritories(String... trustedTerritories)
trustedTerritories
- list of alpha-2 country codes.public List<String> getTrustedTerritories()
public void setRequiredTerritories(String... requiredTerritories)
This list is used by the default TSL refresh callback. If the trusted list of any of these territories fails to load, then the TSL refresh is considered to have been failed.
requiredTerritories
- list of alpha-2 country codes.setTslRefreshCallback(TSLRefreshCallback)
,
getTslRefreshCallback()
public List<String> getRequiredTerritories()
setRequiredTerritories(String...)
public void setAllowedOcspRespondersForTM(String... allowedOcspRespondersForTM)
allowedOcspRespondersForTM
- list of OCSP responders.public List<String> getAllowedOcspRespondersForTM()
public void setMaxAllowedZipCompressionRatio(int maxAllowedZipCompressionRatio)
maxAllowedZipCompressionRatio
- maximum ratio of how much are the contents of a ZIP-based container allowed to expandsetZipCompressionRatioCheckThresholdInBytes(long)
,
getZipCompressionRatioCheckThresholdInBytes()
public int getMaxAllowedZipCompressionRatio()
setZipCompressionRatioCheckThresholdInBytes(long)
,
getZipCompressionRatioCheckThresholdInBytes()
public void setZipCompressionRatioCheckThresholdInBytes(long zipCompressionRatioCheckThresholdInBytes)
zipCompressionRatioCheckThresholdInBytes
- threshold of how much memory are the unpacked contents of
a ZIP-based container allowed to consumesetMaxAllowedZipCompressionRatio(int)
,
getMaxAllowedZipCompressionRatio()
public long getZipCompressionRatioCheckThresholdInBytes()
setMaxAllowedZipCompressionRatio(int)
,
getMaxAllowedZipCompressionRatio()
public boolean isTest()
Configuration.Mode.TEST
public Configuration copy()
Copyright © 2023. All rights reserved.