Package eu.europa.esig.dss.validation.process

Class ValidationProcessUtils

java.lang.Object
eu.europa.esig.dss.validation.process.ValidationProcessUtils
public class ValidationProcessUtils extends Object
Contains utils for a validation process

  • Method Details

    • isRevocationCheckRequired

      public static boolean isRevocationCheckRequired(CertificateWrapper certificate)
      Verifies if the revocation check is required for the OCSP Responder's certificate RFC 2560 : 4.2.2.2.1 Revocation Checking of an Authorized Responder A CA may specify that an OCSP client can trust a responder for the lifetime of the responder's certificate. The CA does so by including the extension id-pkix-ocsp-nocheck.
      Parameters:
      certificate - CertificateWrapper to check
      Returns:
      TRUE if the revocation check is required for the OCSP Responder certificate, FALSE otherwise

    • isAllowedBasicSignatureValidation

      public static boolean isAllowedBasicSignatureValidation(XmlConclusion conclusion)
      Checks if the given conclusion is allowed as a basic signature validation in order to continue the validation process with Long-Term Validation Data
      Parameters:
      conclusion - XmlConclusion to validate
      Returns:
      TRUE if the result is allowed to continue the validation process, FALSE otherwise

    • isAllowedBasicRevocationDataValidation

      public static boolean isAllowedBasicRevocationDataValidation(XmlConclusion conclusion)
      Checks if the given conclusion is allowed as a basic revocation validation in order to continue the validation process with Long-Term Validation Data
      Parameters:
      conclusion - XmlConclusion to validate
      Returns:
      TRUE if the result is allowed to continue the validation process, FALSE otherwise

    • isAllowedBasicTimestampValidation

      public static boolean isAllowedBasicTimestampValidation(XmlConclusion conclusion)
      Checks if the given conclusion is allowed as a basic timestamp validation in order to continue the validation process with Archival Data
      Parameters:
      conclusion - XmlConclusion to validate
      Returns:
      TRUE if the result is allowed to continue the validation process, FALSE otherwise

    • isAllowedValidationWithLongTermData

      public static boolean isAllowedValidationWithLongTermData(XmlConclusion conclusion)
      Checks if the given conclusion is allowed as a validation process with a long-term validation data in order to continue the validation process with Archival Data
      Parameters:
      conclusion - XmlConclusion to validate
      Returns:
      TRUE if the result is allowed to continue the validation process, FALSE otherwise

    • getLatestAcceptableRevocationData

      public static CertificateRevocationWrapper getLatestAcceptableRevocationData(TokenProxy token, CertificateWrapper certificate, Collection<CertificateRevocationWrapper> revocationData, Date controlTime, Map<String,XmlBasicBuildingBlocks> bbbs, POEExtraction poe)
      Returns a revocation data used for basic signature validation
      Parameters:
      token - TokenProxy used in the validation process
      certificate - CertificateWrapper to get a latest applicable revocation data for
      revocationData - a collection of CertificateRevocationWrapper to return revocation from
      controlTime - Date validation time
      bbbs - a map of executed Basic Building Blocks
      poe - POEExtraction a set of POEs
      Returns:
      CertificateRevocationWrapper

    • getAcceptableRevocationDataForPSVIfExistOrReturnAll

      public static List<CertificateRevocationWrapper> getAcceptableRevocationDataForPSVIfExistOrReturnAll(TokenProxy token, CertificateWrapper certificate, Map<String,XmlBasicBuildingBlocks> bbbs, POEExtraction poe)
      This method verifies if there is an acceptable revocation data according to rules defined in 5.6.2.4 step 1) and returns a list of the revocation data. If none of the revocation data found, the method returns all the available revocation data
      Parameters:
      token - TokenProxy used in the validation process
      certificate - CertificateWrapper to get acceptable revocation data for
      bbbs - a map of XmlBasicBuildingBlocks
      poe - POEExtraction
      Returns:
      a list of CertificateRevocationWrappers

    • isRevocationDataAcceptable

      public static boolean isRevocationDataAcceptable(XmlBasicBuildingBlocks bbb, CertificateWrapper certificate, RevocationWrapper revocationData)
      This method verifies if a revocation data is acceptable for the given certificate according to the validation performed within bbb
      Parameters:
      bbb - XmlBasicBuildingBlocks of the validating token
      certificate - CertificateWrapper concerned certificate
      revocationData - RevocationWrapper to check
      Returns:
      TRUE if the revocation data is acceptable, FALSE otherwise

    • getRevocationAcceptanceCheckerResult

      public static XmlRAC getRevocationAcceptanceCheckerResult(XmlBasicBuildingBlocks bbb, String certificateId, String revocationDataId)
      Return a corresponding XmlRAC result for the given certificate and revocationData
      Parameters:
      bbb - XmlBasicBuildingBlocks of the validating token
      certificateId - String concerned certificate id
      revocationDataId - String revocation data id to check
      Returns:
      XmlRAC

    • getFormattedDate

      public static String getFormattedDate(Date date)
      Returns a formatted String representation of a given Date
      Parameters:
      date - Date to be pretty-printed
      Returns:
      String formatted date

    • buildStringMessage

      public static String buildStringMessage(I18nProvider i18nProvider, MessageTag messageTag, Object... args)
      Builds a String message from the provided messageTag
      Parameters:
      i18nProvider - I18nProvider to build a message
      messageTag - MessageTag defining the message to be build
      args - the arguments to fill the message
      Returns:
      final message String

    • getCryptoPosition

      public static MessageTag getCryptoPosition(Context context)
      Returns the message tag for the given context (signature creation,...)
      Parameters:
      context - the context
      Returns:
      the related message tag

    • getCertificateChainCryptoPosition

      public static MessageTag getCertificateChainCryptoPosition(Context context)
      Returns the message tag for the certificate chain of the given context
      Parameters:
      context - the context
      Returns:
      the related message tag

    • getDigestMatcherCryptoPosition

      public static MessageTag getDigestMatcherCryptoPosition(XmlDigestMatcher digestMatcher)
      Returns crypto position MessageTag for the given XmlDigestMatcher
      Parameters:
      digestMatcher - XmlDigestMatcher to get crypto position for
      Returns:
      MessageTag position

    • getTimestampTypeMessageTag

      public static MessageTag getTimestampTypeMessageTag(TimestampType timestampType)
      Returns MessageTag associated with the given timestamp type
      Parameters:
      timestampType - TimestampType to get related MessageTag for
      Returns:
      MessageTag

    • getContextPosition

      public static MessageTag getContextPosition(Context context)
      Returns the message tag for the given context
      Parameters:
      context - Context
      Returns:
      MessageTag

    • getSubContextPosition

      public static MessageTag getSubContextPosition(SubContext subContext)
      Returns the message tag for the given subContext
      Parameters:
      subContext - SubContext
      Returns:
      MessageTag

    • getValidationTimeMessageTag

      public static MessageTag getValidationTimeMessageTag(ValidationTime validationTime)
      Returns a MessageTag corresponding to the given ValidationTime type
      Parameters:
      validationTime - ValidationTime
      Returns:
      MessageTag

    • toUrnOid

      public static String toUrnOid(String oid)
      Transforms the given OID to a URN format as per RFC 3061 e.g. "1.2.3" to "urn:oid:1.2.3"
      Parameters:
      oid - String
      Returns:
      String urn