Package eu.europa.esig.dss.spi.x509.revocation

Class RevocationToken<R extends Revocation>

java.lang.Object
eu.europa.esig.dss.model.x509.Token
eu.europa.esig.dss.spi.x509.revocation.RevocationToken<R>
All Implemented Interfaces:
Serializable
Direct Known Subclasses:
CRLToken, OCSPToken
public abstract class RevocationToken<R extends Revocation>
extends Token
See Also:
Serialized Form

  • Field Details

    • relatedCertificate

      protected CertificateToken relatedCertificate
      Related CertificateToken to this revocation object

    • sourceURL

      protected String sourceURL
      The URL which was used to obtain the revocation data (online).

    • externalOrigin

      protected eu.europa.esig.dss.enumerations.RevocationOrigin externalOrigin
      The external origin (ONLINE or CACHED)

    • status

      protected eu.europa.esig.dss.enumerations.CertificateStatus status
      Contains the revocation status of the token.

    • productionDate

      protected Date productionDate
      Represents the production date of the OCSP response or the thisUpdate in case of CRL.

    • thisUpdate

      protected Date thisUpdate
      Represents the this update date of the CRL.

    • nextUpdate

      protected Date nextUpdate
      Represents the next update date of the CRL or null for OCSP response.

    • revocationDate

      protected Date revocationDate
      Represents the revocation date from an X509CRLEntry or from an BasicOCSPResp (if the related certificate is revoked)

    • expiredCertsOnCRL

      protected Date expiredCertsOnCRL

    • archiveCutOff

      protected Date archiveCutOff

    • certHashPresent

      protected boolean certHashPresent
      Represents if the certHash extension from an OCSP Response is present (optional)

    • certHashMatch

      protected boolean certHashMatch
      Represents if the certHash extension from an OCSP Response is match with the related certificate's hash (optional)

    • reason

      protected eu.europa.esig.dss.enumerations.RevocationReason reason
      The reason of the revocation.

    • revocationTokenKey

      protected String revocationTokenKey
      Revocation Token Key, used for RevocationToken identification (i.e. id in DB)

  • Constructor Details

  • Method Details

    • getRevocationType

      public abstract eu.europa.esig.dss.enumerations.RevocationType getRevocationType()
      Returns the Revocation Token type (CRL or OCSP)
      Returns:
      RevocationType of the token

    • getRelatedCertificateID

      public String getRelatedCertificateID()

    • setRelatedCertificate

      public void setRelatedCertificate​(CertificateToken relatedCertificate)

    • getIssuerCertificateToken

      public abstract CertificateToken getIssuerCertificateToken()
      Returns issuer CertificateToken
      Returns:
      issuer CertificateToken

    • getSourceURL

      public String getSourceURL()
      Returns the URL of the source (if available)
      Returns:
      URL of the CRL/OCSP Server (if available)

    • setSourceURL

      public void setSourceURL​(String sourceURL)
      This sets the revocation data source URL. It is only used in case of OnlineSource.
      Parameters:
      sourceURL - the URL which was used to retrieve this CRL

    • getStatus

      public eu.europa.esig.dss.enumerations.CertificateStatus getStatus()
      Returns the certificate status
      Returns:
      the certificate status

    • getProductionDate

      public Date getProductionDate()
      Returns the generation time of the current revocation data (when it was signed)
      Returns:
      the production time of the current revocation data

    • getCreationDate

      public Date getCreationDate()
      Specified by:
      getCreationDate in class Token

    • getThisUpdate

      public Date getThisUpdate()

    • getNextUpdate

      public Date getNextUpdate()
      Returns the date of the next update
      Returns:
      the next update date

    • getRevocationDate

      public Date getRevocationDate()
      Returns the revocation date (if the token has been revoked)
      Returns:
      the revocation date or null

    • getExpiredCertsOnCRL

      public Date getExpiredCertsOnCRL()
      Returns the expiredCertsOnCRL date (from CRL)
      Returns:
      the expiredCertsOnCRL date value from a CRL or null

    • getArchiveCutOff

      public Date getArchiveCutOff()
      Returns the archiveCutOff date (from an OCSP Response)
      Returns:
      the archiveCutOff date or null

    • isCertHashPresent

      public boolean isCertHashPresent()
      Returns TRUE if the certHash extension (from an OCSP Response) is present
      Returns:
      the TRUE if certHash is present, FALSE otherwise

    • isCertHashMatch

      public boolean isCertHashMatch()
      Returns TRUE if the certHash extension (from an OCSP Response) is match to the hash of related certificate token
      Returns:
      the TRUE if certHash is match, FALSE otherwise

    • getReason

      public eu.europa.esig.dss.enumerations.RevocationReason getReason()
      Returns the revocation reason (if the token has been revoked)
      Returns:
      the revocation reason or null

    • getRevocationTokenKey

      public String getRevocationTokenKey()
      Returns compiled revocation token key
      Returns:
      String key

    • setRevocationTokenKey

      public void setRevocationTokenKey​(String key)
      Sets the value for revocationTokenKey
      Parameters:
      key - String

    • getCertificateSource

      public abstract RevocationCertificateSource getCertificateSource()
      Returns a source of embedded into a revocation token certificates
      Returns:
      RevocationCertificateSource

    • setExternalOrigin

      public void setExternalOrigin​(eu.europa.esig.dss.enumerations.RevocationOrigin origin)

    • getExternalOrigin

      public eu.europa.esig.dss.enumerations.RevocationOrigin getExternalOrigin()

    • isInternal

      public boolean isInternal()
      This method returns true if the token was not collected from an external resource (online or jdbc)
      Returns:
      true if the token comes from a signature/timestamp

    • isValid

      public abstract boolean isValid()
      Indicates if the token signature is intact and the signing certificate matches with the signature and if the extended key usage is present.
      Returns:
      true if the conditions are meet

    • buildTokenIdentifier

      protected TokenIdentifier buildTokenIdentifier()
      Specified by:
      buildTokenIdentifier in class Token

    • hashCode

      public int hashCode()
      Overrides:
      hashCode in class Token

    • equals

      public boolean equals​(Object obj)
      Overrides:
      equals in class Token