Package eu.europa.esig.dss.validation

Class RevocationDataLoadingStrategy

java.lang.Object
eu.europa.esig.dss.validation.RevocationDataLoadingStrategy
Direct Known Subclasses:
CRLFirstRevocationDataLoadingStrategy, OCSPFirstRevocationDataLoadingStrategy
public abstract class RevocationDataLoadingStrategy extends Object
This class allows retrieving of Revocation data from CRL or OCSP sources, based on the defined strategy NOTE: The implemented object does not require setting of OCSP/CRL/RevocationDataVerifier sources on instantiation from the user. All the values are automatically configured and set in eu.europa.esig.dss.validation.SignatureValidationContext based on the parameters defined in the provided eu.europa.esig.dss.validation.CertificateVerifier

  • Field Details

    • crlSource

      protected RevocationSource<CRL> crlSource
      The CRL revocation source

    • ocspSource

      protected RevocationSource<OCSP> ocspSource
      The OCSP revocation source

    • revocationDataVerifier

      protected RevocationDataVerifier revocationDataVerifier
      Used to verify the validity of obtained revocation data

    • fallbackEnabled

      protected boolean fallbackEnabled
      When enabled, returns first obtained revocation token, if both OCSP and CRL requests failed

  • Constructor Details

    • RevocationDataLoadingStrategy

      protected RevocationDataLoadingStrategy()
      Default constructor instantiating object with null values

  • Method Details

    • getRevocationToken

      public abstract RevocationToken getRevocationToken(CertificateToken certificateToken, CertificateToken issuerCertificateToken)
      This method retrieves a RevocationToken for the given certificateToken
      Parameters:
      certificateToken - The CertificateToken for which the request is made
      issuerCertificateToken - The CertificateToken which is the issuer of the certificateToken
      Returns:
      an instance of RevocationToken

    • checkCRL

      protected RevocationToken<CRL> checkCRL(CertificateToken certificateToken, CertificateToken issuerToken)
      Retrieves and verifies the obtained CRL token NOTE: returns only if a valid entry has been obtained!
      Parameters:
      certificateToken - CertificateToken to get CRL for
      issuerToken - CertificateToken issuer of certificateToken
      Returns:
      RevocationToken

    • checkOCSP

      protected RevocationToken<OCSP> checkOCSP(CertificateToken certificateToken, CertificateToken issuerToken)
      Retrieves and verifies the obtained OCSP token NOTE: returns only if a valid entry has been obtained!
      Parameters:
      certificateToken - CertificateToken to get OCSP for
      issuerToken - CertificateToken issuer of certificateToken
      Returns:
      RevocationToken

    • isAcceptableToken

      protected boolean isAcceptableToken(RevocationToken<?> revocationToken)
      This method verifies whether the obtained revocation token is acceptable
      Parameters:
      revocationToken - RevocationToken to be checked
      Returns:
      TRUE if the token is acceptable and can be returned, FALSE otherwise