Package xades4j.verification

Class SignatureSpecificVerificationOptions

java.lang.Object
xades4j.verification.SignatureSpecificVerificationOptions
public class SignatureSpecificVerificationOptions extends Object
Represents verification options that are specific to a signature, i.e., options that are not profile-wide.

It includes base URI, data for anonymous references or resource resolvers

Author:
Luís
See Also:

  • Constructor Details

    • SignatureSpecificVerificationOptions

      public SignatureSpecificVerificationOptions()

  • Method Details

    • useBaseUri

      public SignatureSpecificVerificationOptions useBaseUri(String baseUri)
      Sets the base URI to be used when resolving all the relative references. Fragment references (starting with '#') are not affected.
      Parameters:
      baseUri - the references' base URI
      Returns:
      the current instance

    • checkKeyUsage

      protected boolean checkKeyUsage()

    • checkKeyUsage

      public SignatureSpecificVerificationOptions checkKeyUsage(boolean enabled)
      Configures whether to check that the keyUsage of the signer certificate allows use for signing. If enabled (the default) signature validation will fail if the keyUsage of the certificate does not allow signing.
      Parameters:
      enabled - true to enable the check, false to disable
      Returns:
      the current instance

    • useDataForAnonymousReference

      public SignatureSpecificVerificationOptions useDataForAnonymousReference(InputStream data)
      Sets the input stream to be used to resolve and verify a null URI ds:Reference, if present. The stream is not closed.
      Parameters:
      data - the input stream
      Returns:
      the current instance

    • useDataForAnonymousReference

      public SignatureSpecificVerificationOptions useDataForAnonymousReference(byte[] data)
      Sets the data to be used to resolve and verify a null URI ds:Reference, if present.
      Parameters:
      data - the data
      Returns:
      the current instance

    • useResourceResolver

      public SignatureSpecificVerificationOptions useResourceResolver(org.apache.xml.security.utils.resolver.ResourceResolverSpi resolver)
      Registers a ResourceResolverSpi to be used when verifying the signature The resolvers are considered in the same order they are added and have priority over the globally registered resolvers.
      Parameters:
      resolver - the resolver
      Returns:
      the current instance
      Throws:
      NullPointerException - if resolver is null

    • setDefaultVerificationDate

      public SignatureSpecificVerificationOptions setDefaultVerificationDate(Date verificationDate)
      Allow to specify a verification date for the signatures that are not covered by timestamps.

      By default signatures not covered by timestamps are verified at the current date ("now").

      Parameters:
      verificationDate - the default verification date. If null System.currentTime() will be used
      Returns:
      the current instance

    • followManifests

      public SignatureSpecificVerificationOptions followManifests(boolean followManifests)
      Defines whether ds:Manifests referenced by the main signature References should be automatically validated.
      Parameters:
      followManifests - whether to follow manifests
      Returns:
      the current instance