Package org.digidoc4j

Class SignatureBuilder

java.lang.Object
org.digidoc4j.SignatureBuilder
All Implemented Interfaces:
Serializable
Direct Known Subclasses:
AsicSignatureBuilder
public abstract class SignatureBuilder extends Object implements Serializable

Creating signatures on a container.

Here's an example of creating a signature:

Signature signature = SignatureBuilder.
   aSignature(container).
   withCity("San Pedro").
   withStateOrProvince("California").
   withPostalCode("11111").
   withCountry("Val Verde").
   withRoles("Manager", "Suspicious Fisherman").
   withSignatureDigestAlgorithm(DigestAlgorithm.SHA256). // Digest algorithm is SHA-256
   withSignatureProfile(SignatureProfile.LT). // Signature profile is Time Stamp
   withSigningCertificate(x509Certificate).
   withSignatureId("1").
   withSignatureToken(signatureToken). // Use signature token
   withEncryptionAlgorithm(EncryptionAlgorithm.RSA). // Encryption algorithm is RSA
   withOwnSignaturePolicy(policy).
   invokeSigning(); // Creates a signature using signature token

Use SignatureBuilder.aSignature(container) to create a new signature builder, populate the builder with data and then call invokeSigning() to create a signature on the container using SignatureToken. Signature token must be provided with withSignatureToken(SignatureToken).

Use buildDataToSign() to create DataToSign object that can be used in external signing (e.g. signing in the Web). To build DataToSign object, signer certificate must be provided with withSigningCertificate(X509Certificate).

See Also:

  • Constructor Details

    • SignatureBuilder

      public SignatureBuilder()

  • Method Details

    • aSignature

      public static SignatureBuilder aSignature(Container container)
      Create a new signature builder based on a container. Container is used to determine which type of signature should be created.
      Parameters:
      container - container to be signed.
      Returns:
      builder for creating a signature.

    • setSignatureBuilderForContainerType

      public static <T extends SignatureBuilder> void setSignatureBuilderForContainerType(String containerType, Class<T> signatureBuilderClass)
      Setting custom signature builder implementation used when creating signatures for the particular container type.
      Type Parameters:
      T - signature builder class extending SignatureBuilder.
      Parameters:
      containerType - container type corresponding to the signature builder.
      signatureBuilderClass - signature builder class used for creating signatures for the container type.

    • removeCustomSignatureBuilders

      public static void removeCustomSignatureBuilders()
      Clears all custom signature builders to use only default signature builders.

    • invokeSigning

      public Signature invokeSigning() throws SignatureTokenMissingException
      Invokes a signing process on the container with a signature token (See SignatureToken). Signature token must be provided with withSignatureToken(org.digidoc4j.SignatureToken).
      Returns:
      a new signature on the container.
      Throws:
      SignatureTokenMissingException - if signature token is not provided with withSignatureToken(org.digidoc4j.SignatureToken)
      See Also:

    • buildDataToSign

      public abstract DataToSign buildDataToSign() throws SignerCertificateRequiredException, ContainerWithoutFilesException
      Creates data to be signed externally.

      If the signing process involves signing the container externally (e.g. signing in the Web by a browser plugin), then DataToSign provides necessary data for creating a signature externally.

      Returns:
      data to be signed externally.
      Throws:
      SignerCertificateRequiredException - signer certificate must be provided using withSigningCertificate(X509Certificate)
      ContainerWithoutFilesException - container must have at least one data file to be signed. Signature cannot be given on an empty container.

    • openAdESSignature

      public abstract Signature openAdESSignature(byte[] signatureDocument)
      Open signature from an existing signature document (XAdES, PAdES, CAdES etc.)

      The signature document must be complete, containing all the necessary data (e.g. Signer's certificate, OCSP responses, Timestamps, signature values etc). An example would be a signature document in XAdES format which is an XML document transformed into a byte array.

      Parameters:
      signatureDocument - complete signature document in bytes.
      Returns:
      a signature object representing the signatureDocument.

    • withCity

      public SignatureBuilder withCity(String cityName)
      Set a city to the signature production place.
      Parameters:
      cityName - city to use on the signature production place.
      Returns:
      builder for creating a signature

    • withStateOrProvince

      public SignatureBuilder withStateOrProvince(String stateOrProvince)
      Set a state or province to the signature production place.
      Parameters:
      stateOrProvince - name of the state or province on the signature production place.
      Returns:
      builder for creating a signature

    • withPostalCode

      public SignatureBuilder withPostalCode(String postalCode)
      Set a postal code to the signature production place.
      Parameters:
      postalCode - postal code on the signature production place.
      Returns:
      builder for creating a signature.

    • withCountry

      public SignatureBuilder withCountry(String country)
      Set a country name to the signature production place.
      Parameters:
      country - name of the country on the signature production place.
      Returns:
      builder for creating a signature.

    • withRoles

      public SignatureBuilder withRoles(String... roles)
      Set roles to the signer.
      Parameters:
      roles - list of roles of a signer.
      Returns:
      builder for creating a signature.

    • withSignatureDigestAlgorithm

      public SignatureBuilder withSignatureDigestAlgorithm(DigestAlgorithm digestAlgorithm)
      Set signature digest algorithm used to generate a signature.
      Parameters:
      digestAlgorithm - signature digest algorithm.
      Returns:
      builder for creating a signature.

    • withDataFileDigestAlgorithm

      public SignatureBuilder withDataFileDigestAlgorithm(DigestAlgorithm digestAlgorithm)
      Set data file digest algorithm.
      Parameters:
      digestAlgorithm - datafile digest algorithm.
      Returns:
      builder for creating a signature.

    • withSignatureProfile

      public SignatureBuilder withSignatureProfile(SignatureProfile signatureProfile)
      Set a signature profile: Time Stamp, Archive Time Stamp or no profile. Default is Time Stamp.
      Parameters:
      signatureProfile - signature profile.
      Returns:
      builder for creating a signature.

    • withSigningCertificate

      public SignatureBuilder withSigningCertificate(X509Certificate certificate)
      Set a signing certificate to be used when creating data to be signed.
      Parameters:
      certificate - X509 signer's certificate.
      Returns:
      builder for creating a signature.

    • withSignatureId

      public SignatureBuilder withSignatureId(String signatureId)
      Set signature ID.
      Parameters:
      signatureId - signature id.
      Returns:
      builder for creating a signature.

    • withSignatureToken

      public SignatureBuilder withSignatureToken(SignatureToken signatureToken)
      Set signature token to be used in the signing process.
      Parameters:
      signatureToken - signature token.
      Returns:
      builder for creating a signature.

    • withEncryptionAlgorithm

      public SignatureBuilder withEncryptionAlgorithm(EncryptionAlgorithm encryptionAlgorithm)
      Set encryption algorithm to be used in the signing process.
      Parameters:
      encryptionAlgorithm - encryption algorithm.
      Returns:
      builder for creating a signature.

    • withOwnSignaturePolicy

      public SignatureBuilder withOwnSignaturePolicy(eu.europa.esig.dss.model.Policy signaturePolicy)
      Set signature policy parameters.

      The default implementation throws NotSupportedException.

      Parameters:
      signaturePolicy - with defined parameters.
      Returns:
      SignatureBuilder