Module jpms_dss_cades
Package eu.europa.esig.dss.cades.validation

Class CAdESSignature

java.lang.Object
eu.europa.esig.dss.validation.DefaultAdvancedSignature
eu.europa.esig.dss.cades.validation.CAdESSignature
All Implemented Interfaces:
eu.europa.esig.dss.model.identifier.IdentifierBasedObject, eu.europa.esig.dss.validation.AdvancedSignature, Serializable
public class CAdESSignature extends eu.europa.esig.dss.validation.DefaultAdvancedSignature
CAdES Signature class helper
See Also:

  • Field Summary

    Fields inherited from class eu.europa.esig.dss.validation.DefaultAdvancedSignature

    counterSignatures, detachedContents, manifestFile, offlineCertificateSource, offlineCertificateVerifier, referenceValidations, signatureCRLSource, signatureCryptographicVerification, signatureIdentifier, signatureOCSPSource, signaturePolicy, signatureTimestampSource, signingCertificateSource, structureValidationMessages

  • Constructor Summary

    Constructors
    Constructor
    Description
    CAdESSignature(org.bouncycastle.cms.CMSSignedData cmsSignedData, org.bouncycastle.cms.SignerInformation signerInformation)
    The default constructor for CAdESSignature.

  • Method Summary

    Modifier and Type
    Method
    Description
    void
    addExternalTimestamp(eu.europa.esig.dss.spi.x509.tsp.TimestampToken timestamp)
     
    protected eu.europa.esig.dss.validation.SignaturePolicy
    buildSignaturePolicy()
     
    void
    checkSignatureIntegrity()
     
    protected CAdESBaselineRequirementsChecker
    createBaselineRequirementsChecker()
     
    protected List<eu.europa.esig.dss.model.scope.SignatureScope>
    findSignatureScopes()
     
    protected CAdESBaselineRequirementsChecker
    getBaselineRequirementsChecker()
     
    eu.europa.esig.dss.spi.SignatureCertificateSource
    getCertificateSource()
     
    List<eu.europa.esig.dss.validation.SignerRole>
    getCertifiedSignerRoles()
     
    List<eu.europa.esig.dss.validation.SignerRole>
    getClaimedSignerRoles()
     
    org.bouncycastle.cms.CMSSignedData
    getCmsSignedData()
    Gets CMSSignedData
    List<eu.europa.esig.dss.validation.CommitmentTypeIndication>
    getCommitmentTypeIndications()
     
    String
    getContentHints()
    Gets Content Hints
    String
    getContentIdentifier()
    Gets ContentIdentifier String
    String
    getContentType()
     
    List<eu.europa.esig.dss.validation.AdvancedSignature>
    getCounterSignatures()
     
    protected org.bouncycastle.cms.SignerInformationStore
    getCounterSignatureStore()
    Returns a SignerInformationStore containing counter signatures
    eu.europa.esig.dss.spi.x509.revocation.crl.OfflineCRLSource
    getCRLSource()
     
    String
    getDAIdentifier()
     
    eu.europa.esig.dss.enumerations.SignatureLevel
    getDataFoundUpToLevel()
     
    eu.europa.esig.dss.model.Digest
    getDataToBeSignedRepresentation()
     
    eu.europa.esig.dss.enumerations.DigestAlgorithm
    getDigestAlgorithm()
     
    eu.europa.esig.dss.enumerations.EncryptionAlgorithm
    getEncryptionAlgorithm()
     
    eu.europa.esig.dss.enumerations.MaskGenerationFunction
    getMaskGenerationFunction()
     
    Set<eu.europa.esig.dss.enumerations.DigestAlgorithm>
    getMessageDigestAlgorithms()
    Returns a set of used DigestAlgorithms incorporated into the CMSSignedData
    byte[]
    getMessageDigestValue()
    Returns a digest value incorporated in an attribute "message-digest" in CMS Signed Data
    String
    getMimeType()
     
    eu.europa.esig.dss.spi.x509.revocation.ocsp.OfflineOCSPSource
    getOCSPSource()
     
    eu.europa.esig.dss.model.DSSDocument
    getOriginalDocument()
    Returns the original signed document
    List<eu.europa.esig.dss.model.ReferenceValidation>
    getReferenceValidations()
     
    List<eu.europa.esig.dss.model.ReferenceValidation>
    getReferenceValidations(org.bouncycastle.cms.SignerInformation signerInformationToCheck)
    Returns the reference validation
    eu.europa.esig.dss.enumerations.SignatureAlgorithm
    getSignatureAlgorithm()
     
    eu.europa.esig.dss.validation.SignatureDigestReference
    getSignatureDigestReference(eu.europa.esig.dss.enumerations.DigestAlgorithm digestAlgorithm)
    TS 119 442 - V1.1.1 - Electronic Signatures and Infrastructures (ESI), ch.
    eu.europa.esig.dss.enumerations.SignatureForm
    getSignatureForm()
     
    protected eu.europa.esig.dss.validation.SignatureIdentifierBuilder
    getSignatureIdentifierBuilder()
     
    eu.europa.esig.dss.model.SignaturePolicyStore
    getSignaturePolicyStore()
     
    eu.europa.esig.dss.validation.SignatureProductionPlace
    getSignatureProductionPlace()
     
    byte[]
    getSignatureValue()
     
    List<eu.europa.esig.dss.validation.SignerRole>
    getSignedAssertions()
     
    protected eu.europa.esig.dss.model.DSSDocument
    getSignerDocumentContent()
    This method extracts a document content that was signed NOTE: Some differences are possible with PAdES
    org.bouncycastle.cms.SignerId
    getSignerId()
    Returns SignerId of the related to the signature signerInformation
    org.bouncycastle.cms.SignerInformation
    getSignerInformation()
    Gets a SignedInformation
    Set<eu.europa.esig.dss.spi.x509.SignerIdentifier>
    getSignerInformationStoreInfos()
    Returns a Set of CertificateIdentifier extracted from a SignerInformationStore of CMS Signed Data
    Date
    getSigningTime()
     
    CAdESTimestampSource
    getTimestampSource()
     
    boolean
    hasAProfile()
    Checks if the signature has the 101733-A profile
    boolean
    hasBESProfile()
    Checks the presence of signing certificate covered by the signature, what is the proof -BES profile existence
    boolean
    hasCProfile()
    Checks if the signature has the 101733-C profile
    boolean
    hasEPESProfile()
    Checks the presence of signature-policy-identifier element in the signature, what is the proof -EPES profile existence
    boolean
    hasExtendedTProfile()
    Checks the presence of signature-time-stamp element in the signature, what is the proof -T profile existence
    boolean
    hasXLProfile()
    Checks if the signature has the 101733-XL profile
    boolean
    hasXProfile()
    Checks if the signature has the 101733-X profile
    boolean
    isCounterSignature()
     

    Methods inherited from class eu.europa.esig.dss.validation.DefaultAdvancedSignature

    addExternalEvidenceRecord, areAllSelfSignedCertificates, equals, findSignatureScope, getAllEvidenceRecords, getAllTimestamps, getArchiveTimestamps, getCandidatesForSigningCertificate, getCertificates, getCompleteCertificateSource, getCompleteCRLSource, getCompleteOCSPSource, getContainerContents, getContentTimestamps, getCounterSignaturesCertificateSource, getCounterSignaturesCRLSource, getCounterSignaturesOCSPSource, getDetachedContents, getDetachedEvidenceRecords, getDetachedTimestamps, getDocumentTimestamps, getDSSId, getEmbeddedEvidenceRecords, getId, getManifestFile, getMasterSignature, getSignatureCryptographicVerification, getSignatureFilename, getSignaturePolicy, getSignatureScopes, getSignatureTimestamps, getSignerRoles, getSigningCertificateToken, getStructureValidationResult, getTimestampsX1, getTimestampsX2, hasBProfile, hashCode, hasLTAProfile, hasLTProfile, hasTProfile, isDocHashOnlyValidation, isHashOnlyValidation, prepareOfflineCertificateVerifier, resetCertificateSource, resetRevocationSources, resetTimestampSource, setContainerContents, setDetachedContents, setManifestFile, setMasterSignature, setSignatureFilename, setSigningCertificateSource, toString, validateStructure

    Methods inherited from class java.lang.Object

    clone, finalize, getClass, notify, notifyAll, wait, wait, wait

  • Constructor Details

    • CAdESSignature

      public CAdESSignature(org.bouncycastle.cms.CMSSignedData cmsSignedData, org.bouncycastle.cms.SignerInformation signerInformation)
      The default constructor for CAdESSignature.
      Parameters:
      cmsSignedData - CMSSignedData
      signerInformation - an expanded SignerInfo block from a CMS Signed message

  • Method Details

    • getSignatureForm

      public eu.europa.esig.dss.enumerations.SignatureForm getSignatureForm()

    • getCertificateSource

      public eu.europa.esig.dss.spi.SignatureCertificateSource getCertificateSource()

    • getCRLSource

      public eu.europa.esig.dss.spi.x509.revocation.crl.OfflineCRLSource getCRLSource()

    • getOCSPSource

      public eu.europa.esig.dss.spi.x509.revocation.ocsp.OfflineOCSPSource getOCSPSource()

    • getTimestampSource

      public CAdESTimestampSource getTimestampSource()

    • getSignerId

      public org.bouncycastle.cms.SignerId getSignerId()
      Returns SignerId of the related to the signature signerInformation
      Returns:
      SignerId

    • findSignatureScopes

      protected List<eu.europa.esig.dss.model.scope.SignatureScope> findSignatureScopes()
      Specified by:
      findSignatureScopes in class eu.europa.esig.dss.validation.DefaultAdvancedSignature

    • buildSignaturePolicy

      protected eu.europa.esig.dss.validation.SignaturePolicy buildSignaturePolicy()
      Specified by:
      buildSignaturePolicy in class eu.europa.esig.dss.validation.DefaultAdvancedSignature

    • getSignaturePolicyStore

      public eu.europa.esig.dss.model.SignaturePolicyStore getSignaturePolicyStore()

    • getSigningTime

      public Date getSigningTime()

    • getCmsSignedData

      public org.bouncycastle.cms.CMSSignedData getCmsSignedData()
      Gets CMSSignedData
      Returns:
      CMSSignedData the cmsSignedData

    • getSignatureProductionPlace

      public eu.europa.esig.dss.validation.SignatureProductionPlace getSignatureProductionPlace()

    • getCommitmentTypeIndications

      public List<eu.europa.esig.dss.validation.CommitmentTypeIndication> getCommitmentTypeIndications()

    • getSignedAssertions

      public List<eu.europa.esig.dss.validation.SignerRole> getSignedAssertions()

    • getClaimedSignerRoles

      public List<eu.europa.esig.dss.validation.SignerRole> getClaimedSignerRoles()

    • getCertifiedSignerRoles

      public List<eu.europa.esig.dss.validation.SignerRole> getCertifiedSignerRoles()

    • getEncryptionAlgorithm

      public eu.europa.esig.dss.enumerations.EncryptionAlgorithm getEncryptionAlgorithm()

    • getDigestAlgorithm

      public eu.europa.esig.dss.enumerations.DigestAlgorithm getDigestAlgorithm()

    • getMaskGenerationFunction

      public eu.europa.esig.dss.enumerations.MaskGenerationFunction getMaskGenerationFunction()

    • getSignatureAlgorithm

      public eu.europa.esig.dss.enumerations.SignatureAlgorithm getSignatureAlgorithm()

    • checkSignatureIntegrity

      public void checkSignatureIntegrity()

    • getReferenceValidations

      public List<eu.europa.esig.dss.model.ReferenceValidation> getReferenceValidations(org.bouncycastle.cms.SignerInformation signerInformationToCheck)
      Returns the reference validation
      Parameters:
      signerInformationToCheck - SignerInformation
      Returns:
      a list of ReferenceValidations

    • getSignerDocumentContent

      protected eu.europa.esig.dss.model.DSSDocument getSignerDocumentContent()
      This method extracts a document content that was signed NOTE: Some differences are possible with PAdES
      Returns:
      DSSDocument

    • getReferenceValidations

      public List<eu.europa.esig.dss.model.ReferenceValidation> getReferenceValidations()

    • getSignatureDigestReference

      public eu.europa.esig.dss.validation.SignatureDigestReference getSignatureDigestReference(eu.europa.esig.dss.enumerations.DigestAlgorithm digestAlgorithm)
      TS 119 442 - V1.1.1 - Electronic Signatures and Infrastructures (ESI), ch. 5.1.4.2.1.3 XML component: In case of CAdES signatures, the input to the digest value computation shall be one of the DER-encoded instances of SignedInfo type present within the CMS structure.

    • getDataToBeSignedRepresentation

      public eu.europa.esig.dss.model.Digest getDataToBeSignedRepresentation()

    • getMessageDigestAlgorithms

      public Set<eu.europa.esig.dss.enumerations.DigestAlgorithm> getMessageDigestAlgorithms()
      Returns a set of used DigestAlgorithms incorporated into the CMSSignedData
      Returns:
      a set of DigestAlgorithms

    • getMessageDigestValue

      public byte[] getMessageDigestValue()
      Returns a digest value incorporated in an attribute "message-digest" in CMS Signed Data
      Returns:
      a byte array representing a signed content digest value

    • getContentType

      public String getContentType()

    • getMimeType

      public String getMimeType()

    • getContentIdentifier

      public String getContentIdentifier()
      Gets ContentIdentifier String
      Returns:
      content identifier as String

    • getContentHints

      public String getContentHints()
      Gets Content Hints
      Returns:
      content hints as String

    • getSignerInformation

      public org.bouncycastle.cms.SignerInformation getSignerInformation()
      Gets a SignedInformation
      Returns:
      SignerInformation the signerInformation

    • getSignatureValue

      public byte[] getSignatureValue()

    • isCounterSignature

      public boolean isCounterSignature()
      Specified by:
      isCounterSignature in interface eu.europa.esig.dss.validation.AdvancedSignature
      Overrides:
      isCounterSignature in class eu.europa.esig.dss.validation.DefaultAdvancedSignature

    • getCounterSignatures

      public List<eu.europa.esig.dss.validation.AdvancedSignature> getCounterSignatures()

    • getCounterSignatureStore

      protected org.bouncycastle.cms.SignerInformationStore getCounterSignatureStore()
      Returns a SignerInformationStore containing counter signatures
      Returns:
      SignerInformationStore

    • getOriginalDocument

      public eu.europa.esig.dss.model.DSSDocument getOriginalDocument()
      Returns the original signed document
      Returns:
      DSSDocument

    • getSignatureIdentifierBuilder

      protected eu.europa.esig.dss.validation.SignatureIdentifierBuilder getSignatureIdentifierBuilder()
      Specified by:
      getSignatureIdentifierBuilder in class eu.europa.esig.dss.validation.DefaultAdvancedSignature

    • getDAIdentifier

      public String getDAIdentifier()

    • getSignerInformationStoreInfos

      public Set<eu.europa.esig.dss.spi.x509.SignerIdentifier> getSignerInformationStoreInfos()
      Returns a Set of CertificateIdentifier extracted from a SignerInformationStore of CMS Signed Data
      Returns:
      a Set of SignerIdentifiers

    • addExternalTimestamp

      public void addExternalTimestamp(eu.europa.esig.dss.spi.x509.tsp.TimestampToken timestamp)

    • getDataFoundUpToLevel

      public eu.europa.esig.dss.enumerations.SignatureLevel getDataFoundUpToLevel()

    • getBaselineRequirementsChecker

      protected CAdESBaselineRequirementsChecker getBaselineRequirementsChecker()
      Overrides:
      getBaselineRequirementsChecker in class eu.europa.esig.dss.validation.DefaultAdvancedSignature

    • createBaselineRequirementsChecker

      protected CAdESBaselineRequirementsChecker createBaselineRequirementsChecker()
      Specified by:
      createBaselineRequirementsChecker in class eu.europa.esig.dss.validation.DefaultAdvancedSignature

    • hasBESProfile

      public boolean hasBESProfile()
      Checks the presence of signing certificate covered by the signature, what is the proof -BES profile existence
      Returns:
      true if BES Profile is detected

    • hasEPESProfile

      public boolean hasEPESProfile()
      Checks the presence of signature-policy-identifier element in the signature, what is the proof -EPES profile existence
      Returns:
      true if EPES Profile is detected

    • hasExtendedTProfile

      public boolean hasExtendedTProfile()
      Checks the presence of signature-time-stamp element in the signature, what is the proof -T profile existence
      Returns:
      true if T Profile is detected

    • hasCProfile

      public boolean hasCProfile()
      Checks if the signature has the 101733-C profile
      Returns:
      TRUE if the signature has a 101733-C profile, FALSE otherwise

    • hasXProfile

      public boolean hasXProfile()
      Checks if the signature has the 101733-X profile
      Returns:
      TRUE if the signature has a 101733-X profile, FALSE otherwise

    • hasXLProfile

      public boolean hasXLProfile()
      Checks if the signature has the 101733-XL profile
      Returns:
      TRUE if the signature has a 101733-XL profile, FALSE otherwise

    • hasAProfile

      public boolean hasAProfile()
      Checks if the signature has the 101733-A profile
      Returns:
      TRUE if the signature has a 101733-A profile, FALSE otherwise