/** * This method returns signing certificate dss id for the first signature. * * @return signing certificate dss id. */ public String getFirstSigningCertificateId() { SignatureWrapper signature = getFirstSignatureNullSafe(); return signature.getSigningCertificateId(); }
/** * This method returns signing certificate dss id for the given signature. * * @param signatureId * The identifier of the signature, for which the signing certificate is sought. * @return signing certificate dss id for the given signature. */ public String getSigningCertificateId(final String signatureId) { SignatureWrapper signature = getSignatureByIdNullSafe(signatureId); return signature.getSigningCertificateId(); }
private String getSignedBy(final SignatureWrapper signature) { return getReadableCertificateName(signature.getSigningCertificateId()); }
private Date getExpirationDateForSigningCertificate(SignatureWrapper currentSignature) { CertificateWrapper signingCertificate = diagnosticData.getUsedCertificateById(currentSignature.getSigningCertificateId()); if (signingCertificate != null) { return signingCertificate.getNotAfter(); } return null; }
private ChainItem<XmlValidationProcessLongTermData> revocationDateAfterBestSignatureDate(Date bestSignatureTime) { LevelConstraint constraint = policy.getRevocationTimeAgainstBestSignatureTime(); CertificateWrapper signingCertificate = diagnosticData.getUsedCertificateById(currentSignature.getSigningCertificateId()); return new RevocationDateAfterBestSignatureTimeCheck(result, signingCertificate, bestSignatureTime, constraint); }
private ChainItem<XmlValidationProcessLongTermData> bestSignatureTimeNotBeforeCertificateIssuance(Date bestSignatureTime) { CertificateWrapper signingCertificate = diagnosticData.getUsedCertificateById(currentSignature.getSigningCertificateId()); return new BestSignatureTimeNotBeforeCertificateIssuanceCheck(result, bestSignatureTime, signingCertificate, policy.getBestSignatureTimeBeforeIssuanceDateOfSigningCertificateConstraint()); }
private Date getRevocationDateForSigningCertificate(SignatureWrapper currentSignature) { CertificateWrapper signingCertificate = diagnosticData.getUsedCertificateById(currentSignature.getSigningCertificateId()); if (signingCertificate != null && signingCertificate.getRevocationData() != null) { return signingCertificate.getLatestRevocationData().getRevocationDate(); } return null; }
void validateRevocationFreshness(eu.europa.esig.dss.validation.reports.Reports reports) { DiagnosticData diagnosticData = reports.getDiagnosticData(); if (diagnosticData.getUsedCertificates() != null && diagnosticData.getSigningCertificateId() != null) { for (CertificateWrapper certificateWrapper : diagnosticData.getUsedCertificates()) { for (SignatureWrapper signatureWrapper : diagnosticData.getSignatures()) { if (certificateWrapper.getId().equals(signatureWrapper.getSigningCertificateId()) && !signatureWrapper.getTimestampList().isEmpty()) { TimestampWrapper timeStampWrapper = getFirstTimestamp(signatureWrapper.getTimestampList()); if (timeStampWrapper.getProductionTime() == null) return; boolean revocationFreshnessCheckInvokeError = isRevocationFreshnessCheckInvalid(certificateWrapper, timeStampWrapper); if (revocationFreshnessCheckInvokeError) { reports.getSimpleReport().getErrors(signatureWrapper.getId()).add(REVOCATION_FRESHNESS_FAULT); } else { boolean revocationFreshnessCheckInvokeWarning = certificateWrapper.getRevocationData().stream().anyMatch( r -> !CRL_REVOCATION_SOURCE.equals(r.getSource()) && isInRangeMillis(r.getProductionDate(), timeStampWrapper.getProductionTime(), REVOCATION_FRESHNESS_FIFTEEN_MINUTES_DIFFERENCE)); if (revocationFreshnessCheckInvokeWarning) { reports.getSimpleReport().getWarnings(signatureWrapper.getId()).add(REVOCATION_FRESHNESS_FAULT); } } } } } } }
CertificateWrapper signingCertificate = diagnosticData.getUsedCertificateById(signature.getSigningCertificateId()); if (signingCertificate != null) { CertificateWrapper rootCertificate = diagnosticData.getUsedCertificateById(signingCertificate.getLastChainCertificateId());