Package org.digidoc4j
Interface TSLCertificateSource
- All Superinterfaces:
eu.europa.esig.dss.spi.x509.CertificateSource
,Serializable
- All Known Implementing Classes:
LazyTslCertificateSource
,TSLCertificateSourceImpl
public interface TSLCertificateSource
extends eu.europa.esig.dss.spi.x509.CertificateSource
Trusted List certificates
-
Method Summary
Modifier and TypeMethodDescriptionvoid
addCertificate
(eu.europa.esig.dss.model.x509.CertificateToken certificate, List<eu.europa.esig.dss.spi.tsl.TrustProperties> trustProperties) This method allows to define (to add) any certificate as trusted.void
addTSLCertificate
(X509Certificate certificate) This method allows to define (to add) any certificate as trusted.List
<eu.europa.esig.dss.model.x509.CertificateToken> Retrieves the list of all certificate tokens from this source.int
This method returns the number of stored certificates in this sourceint
eu.europa.esig.dss.spi.tsl.TLValidationJobSummary
List
<eu.europa.esig.dss.spi.tsl.TrustProperties> getTrustServices
(eu.europa.esig.dss.model.x509.CertificateToken token) Retrieves the list of trust properties for the gifen certificate token.void
Invalidates cache Only applicable when cache is used.void
refresh()
Methods inherited from interface eu.europa.esig.dss.spi.x509.CertificateSource
addCertificate, findTokensFromCertRef, getByCertificateDigest, getByPublicKey, getBySignerIdentifier, getBySki, getBySubject, getCertificateSourceType, getEntities, isAllSelfSigned, isCertificateSourceEqual, isCertificateSourceEquivalent, isKnown, isTrusted
-
Method Details
-
addTSLCertificate
This method allows to define (to add) any certificate as trusted. Use with caution: the default Trust Service Provider settings used in this method may not correspond with the actual properties of this Trust Service, specified in the official European Commission Trust List. This method uses a set of default settings to add a CA service issuing Qualified Certificates to the library's trust store. ServiceName will be the certificate's CN field value
ServiceTypeIdentifier will be:
http://uri.etsi.org/TrstSvc/Svctype/Certstatus/OCSP/QC - if certificate contains "OCSPSigning" extended key usage
http://uri.etsi.org/TrstSvc/Svctype/TSA/QTST - if certificate contains "timeStamping" extended key usage http://uri.etsi.org/TrstSvc/Svctype/CA/QC - otherwise
Qualifier will be http://uri.etsi.org/TrstSvc/TrustedList/SvcInfoExt/QCWithSSCD with nonRepudiation
ServiceStatus will be:
Certificate's NotBefore pre Eidas -> http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/undersupervision
Certificate's NotBefore post Eidas -> http://uri.etsi.org/TrstSvc/TrustedList/Svcstatus/granted
CountryCode will be EU
TLInfo for EU will be added automatically when it does not exist- Parameters:
certificate
- X509 certificate to be added to the list, a certificate you have to trust.
-
addCertificate
void addCertificate(eu.europa.esig.dss.model.x509.CertificateToken certificate, List<eu.europa.esig.dss.spi.tsl.TrustProperties> trustProperties) This method allows to define (to add) any certificate as trusted. Service information is associated to this certificate.- Parameters:
certificate
- the certificate you have to trusttrustProperties
- list of the service information associated to the service
-
getCertificates
List<eu.europa.esig.dss.model.x509.CertificateToken> getCertificates()Retrieves the list of all certificate tokens from this source.- Specified by:
getCertificates
in interfaceeu.europa.esig.dss.spi.x509.CertificateSource
- Returns:
- all the TSL certificates.
-
getTrustServices
List<eu.europa.esig.dss.spi.tsl.TrustProperties> getTrustServices(eu.europa.esig.dss.model.x509.CertificateToken token) Retrieves the list of trust properties for the gifen certificate token.- Parameters:
token
-- Returns:
- all the Trust Properties associated with the certificate token.
-
getNumberOfCertificates
int getNumberOfCertificates()This method returns the number of stored certificates in this source- Returns:
- number of certificates in this instance
-
getSummary
eu.europa.esig.dss.spi.tsl.TLValidationJobSummary getSummary() -
getNumberOfTrustedPublicKeys
int getNumberOfTrustedPublicKeys() -
invalidateCache
void invalidateCache()Invalidates cache Only applicable when cache is used. -
refresh
void refresh()
-