Package eu.europa.esig.dss.model.x509

Class Token

java.lang.Object
eu.europa.esig.dss.model.x509.Token
All Implemented Interfaces:
IdentifierBasedObject, Serializable
Direct Known Subclasses:
CertificateToken, RevocationToken, TimestampToken
public abstract class Token extends Object implements IdentifierBasedObject, Serializable
This is the base class for the different types of tokens (certificate, OCSP, CRL, Timestamp) used in the process of signature validation.
See Also:

  • Field Details

    • publicKeyOfTheSigner

      protected PublicKey publicKeyOfTheSigner
      The publicKey of the signed certificate(s)

    • signatureValidity

      protected SignatureValidity signatureValidity
      Indicates a status of token's signature Method isSignedBy(CertificateToken) must be called in order to obtain a signature validity Default: NOT_EVALUATED

    • signatureInvalidityReason

      protected String signatureInvalidityReason
      Indicates the token signature invalidity reason.

    • signatureAlgorithm

      protected SignatureAlgorithm signatureAlgorithm
      The algorithm that was used to sign the token.

  • Constructor Details

    • Token

      protected Token()
      Default constructor instantiating object with null values

  • Method Details

    • hashCode

      public int hashCode()
      Overrides:
      hashCode in class Object

    • equals

      public boolean equals(Object obj)
      Overrides:
      equals in class Object

    • isSelfSigned

      public boolean isSelfSigned()
      Checks if the certificate is self-signed. For all tokens different from CertificateToken this method always returns false. This method was introduced in order to manage in a uniform manner the different tokens.
      Returns:
      true if the token is self-signed

    • getDSSId

      public TokenIdentifier getDSSId()
      Returns a DSS unique token identifier.
      Specified by:
      getDSSId in interface IdentifierBasedObject
      Returns:
      an instance of TokenIdentifier

    • buildTokenIdentifier

      protected abstract TokenIdentifier buildTokenIdentifier()
      Builds a token unique identifier
      Returns:
      TokenIdentifier

    • getDSSIdAsString

      public String getDSSIdAsString()
      Returns a string representation of the unique DSS token identifier.
      Returns:
      the unique string for the token

    • isSignedBy

      public boolean isSignedBy(CertificateToken token)
      Checks if the token is signed by the given token in the parameter.
      Parameters:
      token - the candidate to be tested
      Returns:
      true if this token is signed by the given certificate token

    • isSignedBy

      public boolean isSignedBy(PublicKey publicKey)
      Checks if the OCSP token is signed by the given publicKey
      Parameters:
      publicKey - the candidate to be tested
      Returns:
      true if this token is signed by the given public key

    • checkIsSignedBy

      protected abstract SignatureValidity checkIsSignedBy(PublicKey publicKey)
      Verifies if the current token has been signed by the specified publicKey
      Parameters:
      publicKey - PublicKey of a signing candidate
      Returns:
      SignatureValidity

    • getIssuerX500Principal

      public abstract X500Principal getIssuerX500Principal()
      Returns the X500Principal of the certificate which was used to sign this token.
      Returns:
      the issuer's X500Principal

    • getCreationDate

      public abstract Date getCreationDate()
      Returns the creation date of this token. This date is mainly used to retrieve the correct issuer within a collection of renewed certificates (new certificate with the same key pair).
      Returns:
      the creation date of the token (notBefore for a certificate, productionDate for revocation data,...)

    • getAbbreviation

      public String getAbbreviation()
      This method returns the DSS abbreviation of the token. It is used for debugging purpose.
      Returns:
      an abbreviation for the certificate

    • getSignatureAlgorithm

      public SignatureAlgorithm getSignatureAlgorithm()
      Returns the algorithm that was used to sign the token (ex: SHA1WithRSAEncryption, SHA1withRSA...).
      Returns:
      the used signature algorithm to sign this token

    • isSignatureIntact

      public boolean isSignatureIntact()
      Indicates if the token's signature is intact. NOTE: The method isSignedBy(CertificateToken) must be called to set this flag. Return false if the check isSignedBy() was not performed or the signer's public key does not much. In order to check if the validation has been performed, use the method getSignatureValidity() that returns a three-state value.
      Returns:
      whether the token's signature is intact

    • isValid

      public boolean isValid()
      Indicates if the token's signature is intact and the token is valid (e.g. token's structure, message-imprint, etc.). NOTE: method isSignedBy(CertificateToken) shall be called before.
      Returns:
      true if the conditions corresponding to the token validity are met

    • getSignatureValidity

      public SignatureValidity getSignatureValidity()
      Indicates a status of the token's signature validity. For each kind of token the method isSignedBy(CertificateToken) must be called to set this flag.
      Returns:
      SignatureValidity

    • getInvalidityReason

      public String getInvalidityReason()
      Returns the token invalidity reason when applicable. NOTE: method isSignedBy(CertificateToken) shall be called before.
      Returns:
      String containing the reason of token invalidity, empty string when token is valid

    • getPublicKeyOfTheSigner

      public PublicKey getPublicKeyOfTheSigner()
      This method returns the public key of the token signer
      Returns:
      the public key which signed this token

    • toString

      public abstract String toString(String indentStr)
      Returns a string representation of the token.
      Parameters:
      indentStr - the indentation to use
      Returns:
      string representation of the token

    • toString

      public String toString()
      Overrides:
      toString in class Object

    • getEncoded

      public abstract byte[] getEncoded()
      Returns the encoded form of the wrapped token.
      Returns:
      the encoded form of the wrapped token

    • getDigest

      public byte[] getDigest(DigestAlgorithm digestAlgorithm)
      Returns the digest value of the wrapped token
      Parameters:
      digestAlgorithm - the requested digest algorithm
      Returns:
      the digest value in binaries