Package org.digidoc4j

Interface TSLCertificateSource

All Superinterfaces:
eu.europa.esig.dss.spi.x509.CertificateSource, Serializable
All Known Implementing Classes:
LazyTslCertificateSource, TSLCertificateSourceImpl
public interface TSLCertificateSource extends eu.europa.esig.dss.spi.x509.CertificateSource
Trusted List certificates

  • Method Summary

    Modifier and Type
    Method
    Description
    void
    addCertificate(eu.europa.esig.dss.model.x509.CertificateToken certificate, List<eu.europa.esig.dss.spi.tsl.TrustProperties> trustProperties)
    This method allows to define (to add) any certificate as trusted.
    void
    addTSLCertificate(X509Certificate certificate)
    This method allows to define (to add) any certificate as trusted.
    List<eu.europa.esig.dss.model.x509.CertificateToken>
    getCertificates()
    Retrieves the list of all certificate tokens from this source.
    int
    getNumberOfCertificates()
    This method returns the number of stored certificates in this source
    int
    getNumberOfTrustedPublicKeys()
     
    eu.europa.esig.dss.spi.tsl.TLValidationJobSummary
    getSummary()
     
    List<eu.europa.esig.dss.spi.tsl.TrustProperties>
    getTrustServices(eu.europa.esig.dss.model.x509.CertificateToken token)
    Retrieves the list of trust properties for the gifen certificate token.
    void
    invalidateCache()
    Invalidates cache Only applicable when cache is used.
    void
    refresh()
     

    Methods inherited from interface eu.europa.esig.dss.spi.x509.CertificateSource

    addCertificate, findTokensFromCertRef, getByCertificateDigest, getByPublicKey, getBySignerIdentifier, getBySki, getBySubject, getCertificateSourceType, getEntities, isAllSelfSigned, isCertificateSourceEqual, isCertificateSourceEquivalent, isKnown, isTrusted

  • Method Details

    • addTSLCertificate

      void addTSLCertificate(X509Certificate certificate)
      This method allows to define (to add) any certificate as trusted.

      Use with caution: the default Trust Service Provider settings used in this method may not correspond with the actual properties of this Trust Service, specified in the official European Commission Trust List.

      This method uses a set of default settings to add a CA service issuing Qualified Certificates to the library's trust store.

      ServiceName will be the certificate's CN field value
      ServiceTypeIdentifier will be:
      http://uri.etsi.org/TrstSvc/Svctype/Certstatus/OCSP/QC - if certificate contains "OCSPSigning" extended key usage
      http://uri.etsi.org/TrstSvc/Svctype/TSA/QTST - if certificate contains "timeStamping" extended key usage http://uri.etsi.org/TrstSvc/Svctype/CA/QC - otherwise
      Qualifier will be http://uri.etsi.org/TrstSvc/TrustedList/SvcInfoExt/QCWithSSCD with nonRepudiation
      ServiceStatus will be:
      Certificate's NotBefore pre Eidas -> http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/undersupervision
      Certificate's NotBefore post Eidas -> http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/granted
      CountryCode will be EU
      TLInfo for EU will be added automatically when it does not exist

      Parameters:
      certificate - X509 certificate to be added to the list, a certificate you have to trust.

    • addCertificate

      void addCertificate(eu.europa.esig.dss.model.x509.CertificateToken certificate, List<eu.europa.esig.dss.spi.tsl.TrustProperties> trustProperties)
      This method allows to define (to add) any certificate as trusted. Service information is associated to this certificate.
      Parameters:
      certificate - the certificate you have to trust
      trustProperties - list of the service information associated to the service

    • getCertificates

      List<eu.europa.esig.dss.model.x509.CertificateToken> getCertificates()
      Retrieves the list of all certificate tokens from this source.
      Specified by:
      getCertificates in interface eu.europa.esig.dss.spi.x509.CertificateSource
      Returns:
      all the TSL certificates.

    • getTrustServices

      List<eu.europa.esig.dss.spi.tsl.TrustProperties> getTrustServices(eu.europa.esig.dss.model.x509.CertificateToken token)
      Retrieves the list of trust properties for the gifen certificate token.
      Parameters:
      token -
      Returns:
      all the Trust Properties associated with the certificate token.

    • getNumberOfCertificates

      int getNumberOfCertificates()
      This method returns the number of stored certificates in this source
      Returns:
      number of certificates in this instance

    • getSummary

      eu.europa.esig.dss.spi.tsl.TLValidationJobSummary getSummary()

    • getNumberOfTrustedPublicKeys

      int getNumberOfTrustedPublicKeys()

    • invalidateCache

      void invalidateCache()
      Invalidates cache Only applicable when cache is used.

    • refresh

      void refresh()