Package xades4j.production
Class BasicSignatureOptions
java.lang.Object
xades4j.production.BasicSignatureOptions
Configuration of basic signature options such as whether
ds:KeyInfo
elements should be included.- Author:
- luis
- See Also:
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptioncheckCertificateValidity
(boolean enabled) Configures whether to check that an invalid (time) signing certificate is allowed for signing before creating a signature.checkKeyUsage
(boolean enabled) Configures whether to check that the keyUsage of the signing certificate allows use for signing before creating a signature.includeIssuerSerial
(boolean includeIssuerSerial) Configures whether the issuer/serial should be included inds:KeyInfo
.includePublicKey
(boolean includePublicKey) Configures whether ads:KeyValue
element containing the public key's value should be included inds:KeyInfo
.includeSigningCertificate
(SigningCertificateMode includeSigningCertificateMode) Configures whether the signing certificate / chain should be included inds:KeyInfo
.includeSubjectName
(boolean includeSubjectName) Configures whether the subject name should be included inds:KeyInfo
.signKeyInfo
(boolean signKeyInfo) Configures whether the signature should cover theds:KeyInfo
element.
-
Constructor Details
-
BasicSignatureOptions
public BasicSignatureOptions()
-
-
Method Details
-
checkKeyUsage
Configures whether to check that the keyUsage of the signing certificate allows use for signing before creating a signature. If enabled (the default) signing will fail if the keyUsage of the certificate does not allow signing. You should only disable this for testing.- Parameters:
enabled
-true
to enable the check,false
to disable- Returns:
- the current instance
-
checkCertificateValidity
Configures whether to check that an invalid (time) signing certificate is allowed for signing before creating a signature. If enabled (the default) signing will fail if the certificate is invalid in time (expired or not yet valid). You should only disable this for testing.- Parameters:
enabled
-true
to enable the check,false
to disable- Returns:
- the current instance
-
includeSigningCertificate
public BasicSignatureOptions includeSigningCertificate(SigningCertificateMode includeSigningCertificateMode) Configures whether the signing certificate / chain should be included inds:KeyInfo
. Defauls toSigningCertificateMode.SIGNING_CERTIFICATE
.- Parameters:
includeSigningCertificateMode
- the include mode- Returns:
- the current instance
-
includeSubjectName
Configures whether the subject name should be included inds:KeyInfo
. Defaults to false.- Parameters:
includeSubjectName
-true
if the subject name should be included; false otherwise- Returns:
- the current instance
-
includeIssuerSerial
Configures whether the issuer/serial should be included inds:KeyInfo
. Defaults to false.- Parameters:
includeIssuerSerial
-true
if the issuer/serial should be included; false otherwise- Returns:
- the current instance
-
includePublicKey
Configures whether ads:KeyValue
element containing the public key's value should be included inds:KeyInfo
. Defaults to false.- Parameters:
includePublicKey
-true
if the public key should be included; false otherwise- Returns:
- the current instance
-
signKeyInfo
Configures whether the signature should cover theds:KeyInfo
element. Defaults to false.- Parameters:
signKeyInfo
-true
if theds:KeyInfo
should be signed; false otherwise- Returns:
- the current instance
-