org.digidoc4j

Class Configuration

java.lang.Object

org.digidoc4j.Configuration

All Implemented Interfaces:

Serializable

public class Configuration
extends Object
implements Serializable

Possibility to create custom configurations for Container implementations.

It is possible to get the default Configuration object used in all containers by using getInstance(). This will return a singelton Configuration object used by default if no configuration is provided.

You can specify the configuration mode, either Configuration.Mode.TEST or Configuration.Mode.PROD configuration. Default is Configuration.Mode.PROD.

It is a good idea to use only a single configuration object for all the containers so the operation times would be faster.

It is also possible to set the mode using the System property. Setting the property "digidoc4j.mode" to "TEST" forces the default mode to Configuration.Mode.TEST mode

Configurations will be loaded from a file. The file must be in yaml format.

Required entries of the configuration file:

The configuration file must contain one or more Certificate Authorities under the heading DIGIDOC_CAS similar to following format (values are examples only):

 DIGIDOC_CAS:
 - DIGIDOC_CA:
     NAME: CA name
     TRADENAME: Tradename
     CERTS:
       - jar://certs/cert1.crt
       - jar://certs/cert2.crt
     OCSPS:
 

Each DIGIDOC_CA entry must contain one or more OCSP certificates under the heading "OCSPS" similar to following format (values are examples only):

       - OCSP:
         CA_CN: your certificate authority common name
         CA_CERT: jar://your ca_cn.crt
         CN: your common name
         CERTS:
         - jar://certs/Your first OCSP Certifications file.crt
         - jar://certs/Your second OCSP Certifications file.crt
         URL: http://ocsp.test.test
 

All entries must exist and be valid. Under CERTS must be at least one entry.

Optional entries of the configuration file:

• CANONICALIZATION_FACTORY_IMPL: Canonicalization factory implementation.
  Default value: "ee.sk.digidoc.c14n.TinyXMLCanonicalizer"
• CONNECTION_TIMEOUT: TSL HTTP Connection timeout (milliseconds).
  Default value: 1000
• DIGIDOC_FACTORY_IMPL: Factory implementation.
  Default value: "ee.sk.digidoc.factory.SAXDigiDocFactory"
• DIGIDOC_DF_CACHE_DIR: Temporary directory to use. Default: uses system's default temporary directory
• DIGIDOC_MAX_DATAFILE_CACHED: Maximum datafile size that will be cached in MB. Must be numeric. Set to -1 to cache all files. Set to 0 to prevent caching for all files
  Default value: "-1"
• DIGIDOC_NOTARY_IMPL: Notary implementation.
  Default value: "ee.sk.digidoc.factory.BouncyCastleNotaryFactory"
• DIGIDOC_OCSP_SIGN_CERT_SERIAL: OCSP Signing certificate serial number
• DIGIDOC_SECURITY_PROVIDER: Security provider.
  Default value: "org.bouncycastle.jce.provider.BouncyCastleProvider"
• DIGIDOC_SECURITY_PROVIDER_NAME: Name of the security provider.
  Default value: "BC"
• DIGIDOC_TSLFAC_IMPL: TSL Factory implementation.
  Default value: "ee.sk.digidoc.tsl.DigiDocTrustServiceFactory"
• DIGIDOC_USE_LOCAL_TSL: Use local TSL? Allowed values: true, false
  Default value: "true"
• KEY_USAGE_CHECK: Should key usage be checked? Allowed values: true, false.
  Default value: "false"
• DIGIDOC_PKCS12_CONTAINER: OCSP access certificate file
• DIGIDOC_PKCS12_PASSWD: OCSP access certificate password
• OCSP_SOURCE: Online Certificate Service Protocol source
• SIGN_OCSP_REQUESTS: Should OCSP requests be signed? Allowed values: true, false
• TSL_LOCATION: TSL Location
• TSP_SOURCE: Time Stamp Protocol source address
• VALIDATION_POLICY: Validation policy source file
• TSL_KEYSTORE_LOCATION: keystore location for tsl signing certificates
• TSL_KEYSTORE_PASSWORD: keystore password for the keystore in TSL_KEYSTORE_LOCATION
• TSL_CACHE_EXPIRATION_TIME: TSL cache expiration time in milliseconds
• TRUSTED_TERRITORIES: list of countries and territories to trust and load TSL certificates (for example, EE, LV, FR)
• HTTP_PROXY_HOST: network proxy host name
• HTTP_PROXY_PORT: network proxy port
• HTTP_PROXY_USER: network proxy user (for basic auth proxy)
• HTTP_PROXY_PASSWORD: network proxy password (for basic auth proxy)
• HTTPS_PROXY_HOST: https network proxy host name
• HTTPS_PROXY_PORT: https network proxy port
• SSL_KEYSTORE_PATH: SSL KeyStore path
• SSL_KEYSTORE_TYPE: SSL KeyStore type (default is "jks")
• SSL_KEYSTORE_PASSWORD: SSL KeyStore password (default is an empty string)
• SSL_TRUSTSTORE_PATH: SSL TrustStore path
• SSL_TRUSTSTORE_TYPE: SSL TrustStore type (default is "jks")
• SSL_TRUSTSTORE_PASSWORD: SSL TrustStore password (default is an empty string)
• ALLOWED_TS_AND_OCSP_RESPONSE_DELTA_IN_MINUTES: Allowed delay between timestamp and OCSP response in minutes.
• ALLOW_UNSAFE_INTEGER: Allows to use unsafe Integer because of few applications still struggle with the ASN.1 BER encoding rules for an INTEGER as described in: https://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf. NB! Strict Validation applied by default.

See Also:

Serialized Form

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	Configuration.Mode Application mode

Constructor Summary

Constructors

Constructor and Description
Configuration() Create new configuration
Configuration(Configuration.Mode mode) Create new configuration with application mode specified

Method Summary

Methods

Modifier and Type	Method and Description
Configuration	copy() Clones configuration
void	enableBigFilesSupport(long maxFileSizeCachedInMB) Deprecated. obnoxious naming. Use setMaxFileSizeCachedInMemoryInMB(long) instead.
Integer	getAllowedTimestampAndOCSPResponseDeltaInMinutes() Returns allowed delay between timestamp and OCSP response in minutes.
int	getConnectionTimeout() Get HTTP connection timeout
String	getHttpProxyHost() Get http proxy host.
String	getHttpProxyPassword() Get http proxy password.
Integer	getHttpProxyPort() Get http proxy port.
String	getHttpProxyUser() Get http proxy user.
String	getHttpsProxyHost()
Integer	getHttpsProxyPort()
static Configuration	getInstance() Getting the default Configuration object.
Hashtable<String,String>	getJDigiDocConfiguration() Returns configuration needed for JDigiDoc library.
long	getMaxDataFileCachedInBytes() Get the maximum size of data files to be cached.
long	getMaxDataFileCachedInMB() Get the maximum size of data files to be cached.
String	getOCSPAccessCertificateFileName() Get OCSP access certificate filename
char[]	getOCSPAccessCertificatePassword() Get OSCP access certificate password
String	getOCSPAccessCertificatePasswordAsString() Get OSCP access certificate password As String
String	getOcspSource() Get the OCSP Source
boolean	getPrintValidationReport()
int	getRevocationAndTimestampDeltaInMinutes() Revocation and timestamp delta in minutes.
DigestAlgorithm	getSignatureDigestAlgorithm() Signature digest algorithm.
SignatureProfile	getSignatureProfile() Signature profile.
int	getSocketTimeout() Get HTTP socket timeout
String	getSslKeystorePassword() Get Ssl keystore password.
String	getSslKeystorePath() Get SSL KeyStore path.
String	getSslKeystoreType() Get SSL KeyStore type.
String	getSslTruststorePassword() Get Ssl truststore password.
String	getSslTruststorePath() Get SSL TrustStore path
String	getSslTruststoreType() Get SSL TrustStore type.
ExecutorService	getThreadExecutor() Get thread executor.
List<String>	getTrustedTerritories() Get trusted territories.
TSLCertificateSource	getTSL() Loads TSL certificates If configuration mode is TEST then TSL signature is not checked.
long	getTslCacheExpirationTime() Returns TSL cache expiration time in milliseconds.
String	getTslKeyStoreLocation() Get the Location to Keystore that holds potential TSL Signing certificates
String	getTslKeyStorePassword() Get the password for Keystore that holds potential TSL Signing certificates
String	getTslLocation() Get TSL location.
String	getTspSource() Get the TSP Source
String	getTspSourceByCountry(String country) Get the TSP source by country
String	getValidationPolicy() Get the validation policy
boolean	hasToBeOCSPRequestSigned() Returns configuration item must be OCSP request signed.
boolean	isASN1UnsafeIntegerAllowed() Get flag if ASN1 Unsafe Integer is Allowed.
boolean	isBigFilesSupportEnabled() Deprecated. obnoxious naming. Use storeDataFilesOnlyInMemory() instead.
boolean	isFullReportNeeded() Get flag if full report needed.
boolean	isNetworkProxyEnabled() Is network proxy enabled?
boolean	isOCSPSigningConfigurationAvailable() Are requirements met for signing OCSP certificate?
boolean	isProxyOfType(eu.europa.esig.dss.client.http.Protocol protocol)
boolean	isSslConfigurationEnabled() Is ssl configuration enabled?
boolean	isTest()
Hashtable<String,String>	loadConfiguration(InputStream stream) Add configuration settings from a stream.
Hashtable<String,String>	loadConfiguration(String file) Add configuration settings from a file
Hashtable<String,String>	loadConfiguration(String file, boolean isReloadFromYaml) Add configuration settings from a file
static Configuration	of(Configuration.Mode mode) Create new configuration in static context with application mode specified
void	setAllowASN1UnsafeInteger(boolean isAllowed) Set flag if ASN1 Unsafe Integer is Allowed.
void	setAllowedTimestampAndOCSPResponseDeltaInMinutes(int timeInMinutes) Set allowed delay between timestamp and OCSP response in minutes.
void	setConnectionTimeout(int connectionTimeout) Set HTTP connection timeout
void	setFullReportNeeded(boolean isFullReport) Set flag if full report needed.
void	setHttpProxyHost(String httpProxyHost) Set HTTP network proxy host.
void	setHttpProxyPassword(String httpProxyPassword) Set HTTP network proxy password.
void	setHttpProxyPort(int httpProxyPort) Set HTTP network proxy port.
void	setHttpProxyUser(String httpProxyUser) Set HTTP network proxy user name.
void	setHttpsProxyHost(String httpsProxyHost) Set HTTPS network proxy host.
void	setHttpsProxyPort(int httpsProxyPort) Set HTTPS network proxy port.
void	setMaxFileSizeCachedInMemoryInMB(long maxFileSizeCachedInMB) Sets limit in MB when handling files are creating temporary file for streaming in container creation and adding data files.
void	setOCSPAccessCertificateFileName(String fileName) Set OCSP access certificate filename
void	setOCSPAccessCertificatePassword(char[] password) Set OCSP access certificate password
void	setOcspSource(String ocspSource) Set the OCSP source
void	setPrintValidationReport(Boolean printValidationReport)
void	setRevocationAndTimestampDeltaInMinutes(int timeInMinutes) Set Revocation and timestamp delta in minutes.
void	setSignOCSPRequests(boolean shouldSignOcspRequests) Set flag if OCSP requests should be signed
void	setSocketTimeout(int socketTimeoutMilliseconds) Set HTTP socket timeout
void	setSslKeystorePassword(String sslKeystorePassword) Set SSL KeyStore password.
void	setSslKeystorePath(String sslKeystorePath) Set SSL KeyStore path.
void	setSslKeystoreType(String sslKeystoreType) Set SSL KeyStore type.
void	setSslTruststorePassword(String sslTruststorePassword) Set SSL TrustStore password.
void	setSslTruststorePath(String sslTruststorePath) Set SSL TrustStore path.
void	setSslTruststoreType(String sslTruststoreType) Set SSL TrustStore type.
void	setThreadExecutor(ExecutorService threadExecutor) Set thread executor service.
void	setTrustedTerritories(String... trustedTerritories) Set countries and territories (2 letter country codes) whom to trust and accept certificates.
void	setTSL(TSLCertificateSource certificateSource) Set the TSL certificate source.
void	setTslCacheExpirationTime(long cacheExpirationTimeInMilliseconds) Sets the expiration time for TSL cache in milliseconds.
void	setTslKeyStoreLocation(String tslKeyStoreLocation) Set the KeyStore Location that holds potential TSL Signing certificates
void	setTslKeyStorePassword(String tslKeyStorePassword) Set the password for Keystore that holds potential TSL Signing certificates
void	setTslLocation(String tslLocation) Set the TSL location.
void	setTspSource(String tspSource) Set the TSP Source
void	setValidationPolicy(String validationPolicy) Set the validation policy
boolean	shouldValidateTslSignature() Flags that TSL signature should be validated.
boolean	storeDataFilesOnlyInMemory() If all the data files should be stored in memory.

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

Configuration

public Configuration()

Create new configuration

Configuration

public Configuration(Configuration.Mode mode)

Create new configuration with application mode specified

Parameters:

mode - Application mode

Method Detail

getInstance

public static Configuration getInstance()

Getting the default Configuration object.

The default configuration object is a singelton, meaning that all the containers will use the same registry object. It is a good idea to use only a single configuration object for all the containers so the operation times would be faster.

Returns:

default configuration.

of

public static Configuration of(Configuration.Mode mode)

Create new configuration in static context with application mode specified

Parameters:

mode - Application mode

isOCSPSigningConfigurationAvailable

public boolean isOCSPSigningConfigurationAvailable()

Are requirements met for signing OCSP certificate?

Returns:

value indicating if requirements are met

getOCSPAccessCertificateFileName

public String getOCSPAccessCertificateFileName()

Get OCSP access certificate filename

Returns:

filename for the OCSP access certificate

getOCSPAccessCertificatePassword

public char[] getOCSPAccessCertificatePassword()

Get OSCP access certificate password

Returns:

password

getOCSPAccessCertificatePasswordAsString

public String getOCSPAccessCertificatePasswordAsString()

Get OSCP access certificate password As String

Returns:

password

setOCSPAccessCertificateFileName

public void setOCSPAccessCertificateFileName(String fileName)

Set OCSP access certificate filename

Parameters:

fileName - filename for the OCSP access certficate

setOCSPAccessCertificatePassword

public void setOCSPAccessCertificatePassword(char[] password)

Set OCSP access certificate password

Parameters:

password - password to set

setSignOCSPRequests

public void setSignOCSPRequests(boolean shouldSignOcspRequests)

Set flag if OCSP requests should be signed

Parameters:

shouldSignOcspRequests - True if should sign, False otherwise

loadConfiguration

public Hashtable<String,String> loadConfiguration(InputStream stream)

Add configuration settings from a stream. After loading closes stream.

Parameters:

stream - Input stream

Returns:

configuration hashtable

loadConfiguration

public Hashtable<String,String> loadConfiguration(String file)

Add configuration settings from a file

Parameters:

file - File name

Returns:

configuration hashtable

loadConfiguration

public Hashtable<String,String> loadConfiguration(String file,
                                         boolean isReloadFromYaml)

Add configuration settings from a file

Parameters:

file - File name

isReloadFromYaml - True if this is reloading call

Returns:

configuration hashtable

getJDigiDocConfiguration

public Hashtable<String,String> getJDigiDocConfiguration()

Returns configuration needed for JDigiDoc library.

Returns:

configuration values.

enableBigFilesSupport

@Deprecated
public void enableBigFilesSupport(long maxFileSizeCachedInMB)

Deprecated. obnoxious naming. Use setMaxFileSizeCachedInMemoryInMB(long) instead.

Enables big files support. Sets limit in MB when handling files are creating temporary file for streaming in container creation and adding data files.

Used by DigiDoc4J and by JDigiDoc.

Parameters:

maxFileSizeCachedInMB - Maximum size in MB.

setMaxFileSizeCachedInMemoryInMB

public void setMaxFileSizeCachedInMemoryInMB(long maxFileSizeCachedInMB)

Sets limit in MB when handling files are creating temporary file for streaming in container creation and adding data files.

Used by DigiDoc4J and by JDigiDoc.

Parameters:

maxFileSizeCachedInMB - maximum data file size in MB stored in memory.

isBigFilesSupportEnabled

@Deprecated
public boolean isBigFilesSupportEnabled()

Deprecated. obnoxious naming. Use storeDataFilesOnlyInMemory() instead.

Returns:

is big file support enabled

storeDataFilesOnlyInMemory

public boolean storeDataFilesOnlyInMemory()

If all the data files should be stored in memory. Default is true (data files are temporarily stored only in memory).

Returns:

true if everything is stored in memory, and false if data is temporarily stored on disk.

hasToBeOCSPRequestSigned

public boolean hasToBeOCSPRequestSigned()

Returns configuration item must be OCSP request signed. Reads it from registry parameter SIGN_OCSP_REQUESTS. Default value is false for Configuration.Mode.PROD and false for Configuration.Mode.TEST

Returns:

must be OCSP request signed

getMaxDataFileCachedInMB

public long getMaxDataFileCachedInMB()

Get the maximum size of data files to be cached. Used by DigiDoc4J and by JDigiDoc.

Returns:

Size in MB. if size < 0 no caching is used

getMaxDataFileCachedInBytes

public long getMaxDataFileCachedInBytes()

Get the maximum size of data files to be cached. Used by DigiDoc4J and by JDigiDoc.

Returns:

Size in MB. if size < 0 no caching is used

getTslLocation

public String getTslLocation()

Get TSL location.

Returns:

url

setTSL

public void setTSL(TSLCertificateSource certificateSource)

Set the TSL certificate source.

Parameters:

certificateSource - TSL certificate source When certificateSource equals null then getTSL() will load the TSL according to the TSL location specified .

getTSL

public TSLCertificateSource getTSL()

Loads TSL certificates If configuration mode is TEST then TSL signature is not checked.

Returns:

TSL source

shouldValidateTslSignature

public boolean shouldValidateTslSignature()

Flags that TSL signature should be validated.

Returns:

True if TSL signature should be validated, False otherwise.

setTslLocation

public void setTslLocation(String tslLocation)

Set the TSL location. TSL can be loaded from file (file://) or from web (http://). If file protocol is used then first try is to locate file from this location if file does not exist then it tries to load relatively from classpath.

Setting new location clears old values

Windows wants it in file:DRIVE:/directories/tsl-file.xml format

Parameters:

tslLocation - TSL Location to be used

getTspSource

public String getTspSource()

Get the TSP Source

Returns:

TSP Source

getTspSourceByCountry

public String getTspSourceByCountry(String country)

Get the TSP source by country

Parameters:

country - to use tsp source

Returns:

tspSource

setConnectionTimeout

public void setConnectionTimeout(int connectionTimeout)

Set HTTP connection timeout

Parameters:

connectionTimeout - connection timeout in milliseconds

setSocketTimeout

public void setSocketTimeout(int socketTimeoutMilliseconds)

Set HTTP socket timeout

Parameters:

socketTimeoutMilliseconds - socket timeout in milliseconds

getConnectionTimeout

public int getConnectionTimeout()

Get HTTP connection timeout

Returns:

connection timeout in milliseconds

getSocketTimeout

public int getSocketTimeout()

Get HTTP socket timeout

Returns:

socket timeout in milliseconds

setTspSource

public void setTspSource(String tspSource)

Set the TSP Source

Parameters:

tspSource - TSPSource to be used

getOcspSource

public String getOcspSource()

Get the OCSP Source

Returns:

OCSP Source

setTslKeyStoreLocation

public void setTslKeyStoreLocation(String tslKeyStoreLocation)

Set the KeyStore Location that holds potential TSL Signing certificates

Parameters:

tslKeyStoreLocation - KeyStore location to use

getTslKeyStoreLocation

public String getTslKeyStoreLocation()

Get the Location to Keystore that holds potential TSL Signing certificates

Returns:

KeyStore Location

setTslKeyStorePassword

public void setTslKeyStorePassword(String tslKeyStorePassword)

Set the password for Keystore that holds potential TSL Signing certificates

Parameters:

tslKeyStorePassword - Keystore password

getTslKeyStorePassword

public String getTslKeyStorePassword()

Get the password for Keystore that holds potential TSL Signing certificates

Returns:

Tsl Keystore password

setTslCacheExpirationTime

public void setTslCacheExpirationTime(long cacheExpirationTimeInMilliseconds)

Sets the expiration time for TSL cache in milliseconds. If more time has passed from the cache's creation time time, then a fresh TSL is downloaded and cached, otherwise a cached copy is used.

Parameters:

cacheExpirationTimeInMilliseconds - cache expiration time in milliseconds

getTslCacheExpirationTime

public long getTslCacheExpirationTime()

Returns TSL cache expiration time in milliseconds.

Returns:

TSL cache expiration time in milliseconds.

getAllowedTimestampAndOCSPResponseDeltaInMinutes

public Integer getAllowedTimestampAndOCSPResponseDeltaInMinutes()

Returns allowed delay between timestamp and OCSP response in minutes.

Returns:

Allowed delay between timestamp and OCSP response in minutes.

setAllowedTimestampAndOCSPResponseDeltaInMinutes

public void setAllowedTimestampAndOCSPResponseDeltaInMinutes(int timeInMinutes)

Set allowed delay between timestamp and OCSP response in minutes.

Parameters:

timeInMinutes - Allowed delay between timestamp and OCSP response in minutes

setOcspSource

public void setOcspSource(String ocspSource)

Set the OCSP source

Parameters:

ocspSource - OCSP Source to be used

getValidationPolicy

public String getValidationPolicy()

Get the validation policy

Returns:

Validation policy

setValidationPolicy

public void setValidationPolicy(String validationPolicy)

Set the validation policy

Parameters:

validationPolicy - Policy to be used

getPrintValidationReport

public boolean getPrintValidationReport()

Returns:

whether to print validation report

setPrintValidationReport

public void setPrintValidationReport(Boolean printValidationReport)

Parameters:

printValidationReport - whether to print validation report

getRevocationAndTimestampDeltaInMinutes

public int getRevocationAndTimestampDeltaInMinutes()

Revocation and timestamp delta in minutes.

Returns:

timestamp delta in minutes.

setRevocationAndTimestampDeltaInMinutes

public void setRevocationAndTimestampDeltaInMinutes(int timeInMinutes)

Set Revocation and timestamp delta in minutes.

Parameters:

timeInMinutes - delta in minutes.

getSignatureProfile

public SignatureProfile getSignatureProfile()

Signature profile.

Returns:

SignatureProfile.

getSignatureDigestAlgorithm

public DigestAlgorithm getSignatureDigestAlgorithm()

Signature digest algorithm.

Returns:

DigestAlgorithm.

getHttpsProxyHost

public String getHttpsProxyHost()

Returns:

HTTPS proxy host

setHttpsProxyHost

public void setHttpsProxyHost(String httpsProxyHost)

Set HTTPS network proxy host.

Parameters:

httpsProxyHost - https proxy host.

getHttpsProxyPort

public Integer getHttpsProxyPort()

Returns:

HTTPS proxy port

setHttpsProxyPort

public void setHttpsProxyPort(int httpsProxyPort)

Set HTTPS network proxy port.

Parameters:

httpsProxyPort - https proxy port.

getHttpProxyHost

public String getHttpProxyHost()

Get http proxy host.

Returns:

http proxy host.

setHttpProxyHost

public void setHttpProxyHost(String httpProxyHost)

Set HTTP network proxy host.

Parameters:

httpProxyHost - http proxy host.

getHttpProxyPort

public Integer getHttpProxyPort()

Get http proxy port.

Returns:

http proxy port.

setHttpProxyPort

public void setHttpProxyPort(int httpProxyPort)

Set HTTP network proxy port.

Parameters:

httpProxyPort - Port number.

setHttpProxyUser

public void setHttpProxyUser(String httpProxyUser)

Set HTTP network proxy user name.

Parameters:

httpProxyUser - username.

getHttpProxyUser

public String getHttpProxyUser()

Get http proxy user.

Returns:

http proxy user.

setHttpProxyPassword

public void setHttpProxyPassword(String httpProxyPassword)

Set HTTP network proxy password.

Parameters:

httpProxyPassword - password.

getHttpProxyPassword

public String getHttpProxyPassword()

Get http proxy password.

Returns:

http proxy password.

isNetworkProxyEnabled

public boolean isNetworkProxyEnabled()

Is network proxy enabled?

Returns:

True if network proxy is enabled, otherwise False.

isProxyOfType

public boolean isProxyOfType(eu.europa.esig.dss.client.http.Protocol protocol)

Parameters:

protocol - protocol

Returns:

boolean

isSslConfigurationEnabled

public boolean isSslConfigurationEnabled()

Is ssl configuration enabled?

Returns:

True if SSL configuration is enabled, otherwise False.

setSslKeystorePath

public void setSslKeystorePath(String sslKeystorePath)

Set SSL KeyStore path.

Parameters:

sslKeystorePath - path to a file

getSslKeystorePath

public String getSslKeystorePath()

Get SSL KeyStore path.

Returns:

path to a file

setSslKeystoreType

public void setSslKeystoreType(String sslKeystoreType)

Set SSL KeyStore type. Default is "jks".

Parameters:

sslKeystoreType - type.

getSslKeystoreType

public String getSslKeystoreType()

Get SSL KeyStore type.

Returns:

type.

setSslKeystorePassword

public void setSslKeystorePassword(String sslKeystorePassword)

Set SSL KeyStore password. Default is an empty string.

Parameters:

sslKeystorePassword - password.

getSslKeystorePassword

public String getSslKeystorePassword()

Get Ssl keystore password.

Returns:

password.

setSslTruststorePath

public void setSslTruststorePath(String sslTruststorePath)

Set SSL TrustStore path.

Parameters:

sslTruststorePath - path to a file.

getSslTruststorePath

public String getSslTruststorePath()

Get SSL TrustStore path

Returns:

path to a file.

setSslTruststoreType

public void setSslTruststoreType(String sslTruststoreType)

Set SSL TrustStore type. Default is "jks".

Parameters:

sslTruststoreType - type.

getSslTruststoreType

public String getSslTruststoreType()

Get SSL TrustStore type.

Returns:

type.

setSslTruststorePassword

public void setSslTruststorePassword(String sslTruststorePassword)

Set SSL TrustStore password. Default is an empty string.

Parameters:

sslTruststorePassword - password.

getSslTruststorePassword

public String getSslTruststorePassword()

Get Ssl truststore password.

Returns:

password.

setFullReportNeeded

public void setFullReportNeeded(boolean isFullReport)

Set flag if full report needed.

Parameters:

isFullReport - needed value.

isFullReportNeeded

public boolean isFullReportNeeded()

Get flag if full report needed.

Returns:

isFullReport needed boolean value.

setAllowASN1UnsafeInteger

public void setAllowASN1UnsafeInteger(boolean isAllowed)

Set flag if ASN1 Unsafe Integer is Allowed.

Parameters:

isAllowed - - True when ASN1 Unsafe Integer is Allowed.

isASN1UnsafeIntegerAllowed

public boolean isASN1UnsafeIntegerAllowed()

Get flag if ASN1 Unsafe Integer is Allowed.

Returns:

isASN1UnsafeIntegerAllowed boolean value.

setThreadExecutor

public void setThreadExecutor(ExecutorService threadExecutor)

Set thread executor service.

Parameters:

threadExecutor - Thread executor service object.

getThreadExecutor

public ExecutorService getThreadExecutor()

Get thread executor. It can be mull.

Returns:

thread executor.

setTrustedTerritories

public void setTrustedTerritories(String... trustedTerritories)

Set countries and territories (2 letter country codes) whom to trust and accept certificates.

It is possible accept signatures (and certificates) only from particular countries by filtering trusted territories. Only the TSL (and certificates) from those countries are then downloaded and others are skipped.

For example, it is possible to trust signatures only from these three countries: Estonia, Latvia and France, and skip all other countries: "EE", "LV", "FR".

Parameters:

trustedTerritories - list of 2 letter country codes.

getTrustedTerritories

public List<String> getTrustedTerritories()

Get trusted territories.

Returns:

trusted territories list.

isTest

public boolean isTest()

Returns:

true when configuration is Configuration.Mode.TEST

See Also:

Configuration.Mode.TEST

copy

public Configuration copy()

Clones configuration

Returns:

new configuration object