Package xades4j.production
Class BasicSignatureOptions
java.lang.Object
xades4j.production.BasicSignatureOptions
Configuration of basic signature options such as whether
ds:KeyInfo
elements should be included.- Author:
- luis
- See Also:
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptioncheckCertificateValidity(boolean enabled) Configures whether to check that an invalid (time) signing certificate is allowed for signing before creating a signature.checkKeyUsage(boolean enabled) Configures whether to check that the keyUsage of the signing certificate allows use for signing before creating a signature.includeIssuerSerial(boolean includeIssuerSerial) Configures whether the issuer/serial should be included inds:KeyInfo.includePublicKey(boolean includePublicKey) Configures whether ads:KeyValueelement containing the public key's value should be included inds:KeyInfo.includeSigningCertificate(SigningCertificateMode includeSigningCertificateMode) Configures whether the signing certificate / chain should be included inds:KeyInfo.includeSubjectName(boolean includeSubjectName) Configures whether the subject name should be included inds:KeyInfo.signKeyInfo(boolean signKeyInfo) Configures whether the signature should cover theds:KeyInfoelement.
-
Constructor Details
-
BasicSignatureOptions
public BasicSignatureOptions()
-
-
Method Details
-
checkKeyUsage
Configures whether to check that the keyUsage of the signing certificate allows use for signing before creating a signature. If enabled (the default) signing will fail if the keyUsage of the certificate does not allow signing. You should only disable this for testing.- Parameters:
enabled-trueto enable the check,falseto disable- Returns:
- the current instance
-
checkCertificateValidity
Configures whether to check that an invalid (time) signing certificate is allowed for signing before creating a signature. If enabled (the default) signing will fail if the certificate is invalid in time (expired or not yet valid). You should only disable this for testing.- Parameters:
enabled-trueto enable the check,falseto disable- Returns:
- the current instance
-
includeSigningCertificate
public BasicSignatureOptions includeSigningCertificate(SigningCertificateMode includeSigningCertificateMode) Configures whether the signing certificate / chain should be included inds:KeyInfo. Defauls toSigningCertificateMode.SIGNING_CERTIFICATE.- Parameters:
includeSigningCertificateMode- the include mode- Returns:
- the current instance
-
includeSubjectName
Configures whether the subject name should be included inds:KeyInfo. Defaults to false.- Parameters:
includeSubjectName-trueif the subject name should be included; false otherwise- Returns:
- the current instance
-
includeIssuerSerial
Configures whether the issuer/serial should be included inds:KeyInfo. Defaults to false.- Parameters:
includeIssuerSerial-trueif the issuer/serial should be included; false otherwise- Returns:
- the current instance
-
includePublicKey
Configures whether ads:KeyValueelement containing the public key's value should be included inds:KeyInfo. Defaults to false.- Parameters:
includePublicKey-trueif the public key should be included; false otherwise- Returns:
- the current instance
-
signKeyInfo
Configures whether the signature should cover theds:KeyInfoelement. Defaults to false.- Parameters:
signKeyInfo-trueif theds:KeyInfoshould be signed; false otherwise- Returns:
- the current instance
-