Package xades4j.verification
Class SignatureSpecificVerificationOptions
java.lang.Object
xades4j.verification.SignatureSpecificVerificationOptions
Represents verification options that are specific to a signature, i.e.,
options that are not profile-wide.
It includes base URI, data for anonymous references or resource resolvers
- Author:
- Luís
- See Also:
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionprotected boolean
checkKeyUsage
(boolean enabled) Configures whether to check that the keyUsage of the signer certificate allows use for signing.followManifests
(boolean followManifests) Defines whetherds:Manifest
s referenced by the main signatureReference
s should be automatically validated.setDefaultVerificationDate
(Date verificationDate) Allow to specify a verification date for the signatures that are not covered by timestamps.useBaseUri
(String baseUri) Sets the base URI to be used when resolving all the relative references.useDataForAnonymousReference
(byte[] data) Sets the data to be used to resolve and verify anull
URIds:Reference
, if present.Sets the input stream to be used to resolve and verify anull
URIds:Reference
, if present.useResourceResolver
(org.apache.xml.security.utils.resolver.ResourceResolverSpi resolver) Registers aResourceResolverSpi
to be used when verifying the signature The resolvers are considered in the same order they are added and have priority over the globally registered resolvers.
-
Constructor Details
-
SignatureSpecificVerificationOptions
public SignatureSpecificVerificationOptions()
-
-
Method Details
-
useBaseUri
Sets the base URI to be used when resolving all the relative references. Fragment references (starting with '#') are not affected.- Parameters:
baseUri
- the references' base URI- Returns:
- the current instance
-
checkKeyUsage
protected boolean checkKeyUsage() -
checkKeyUsage
Configures whether to check that the keyUsage of the signer certificate allows use for signing. If enabled (the default) signature validation will fail if the keyUsage of the certificate does not allow signing.- Parameters:
enabled
-true
to enable the check,false
to disable- Returns:
- the current instance
-
useDataForAnonymousReference
Sets the input stream to be used to resolve and verify anull
URIds:Reference
, if present. The stream is not closed.- Parameters:
data
- the input stream- Returns:
- the current instance
-
useDataForAnonymousReference
Sets the data to be used to resolve and verify anull
URIds:Reference
, if present.- Parameters:
data
- the data- Returns:
- the current instance
-
useResourceResolver
public SignatureSpecificVerificationOptions useResourceResolver(org.apache.xml.security.utils.resolver.ResourceResolverSpi resolver) Registers aResourceResolverSpi
to be used when verifying the signature The resolvers are considered in the same order they are added and have priority over the globally registered resolvers.- Parameters:
resolver
- the resolver- Returns:
- the current instance
- Throws:
NullPointerException
- ifresolver
isnull
-
setDefaultVerificationDate
Allow to specify a verification date for the signatures that are not covered by timestamps.By default signatures not covered by timestamps are verified at the current date ("now").
- Parameters:
verificationDate
- the default verification date. If nullSystem.currentTime()
will be used- Returns:
- the current instance
-
followManifests
Defines whetherds:Manifest
s referenced by the main signatureReference
s should be automatically validated.- Parameters:
followManifests
- whether to follow manifests- Returns:
- the current instance
-