Package eu.europa.esig.dss.spi.x509

Class CommonCertificateSource

java.lang.Object
eu.europa.esig.dss.spi.x509.CommonCertificateSource
All Implemented Interfaces:
CertificateSource, Serializable
Direct Known Subclasses:
AIACertificateSource, CommonTrustedCertificateSource, CommonX509URLCertificateSource, KeyStoreCertificateSource, KidCertificateSource, TokenCertificateSource
public class CommonCertificateSource extends Object implements CertificateSource
This class is the common class for all CertificateSource. It stores added certificates and allows to retrieve them with several methods
See Also:

  • Field Details

    • certificateMatcher

      protected final transient CertificateTokenRefMatcher certificateMatcher
      This object is used to match CertificateTokens and CertificateRefs

  • Constructor Details

    • CommonCertificateSource

      public CommonCertificateSource()
      The default constructor

  • Method Details

    • addCertificate

      public CertificateToken addCertificate(CertificateToken certificateToAdd)
      This method adds an external certificate to the source. If the public is already known, the certificate is merged in the CertificateSourceEntity
      Specified by:
      addCertificate in interface CertificateSource
      Parameters:
      certificateToAdd - the certificate to be added
      Returns:
      the corresponding certificate token

    • removeCertificate

      protected void removeCertificate(CertificateToken certificateToRemove)
      This method removes the corresponding certificate token from the certificate source
      Parameters:
      certificateToRemove - CertificateToken to remove

    • reset

      protected void reset()
      This method removes all certificates from the source

    • isKnown

      public boolean isKnown(CertificateToken token)
      Description copied from interface: CertificateSource
      This method checks if a given certificate is known in the current source
      Specified by:
      isKnown in interface CertificateSource
      Parameters:
      token - the certificate to be tested
      Returns:
      true if the certificate is part of the current source

    • getCertificates

      public List<CertificateToken> getCertificates()
      Retrieves the unmodifiable list of all certificate tokens from this source.
      Specified by:
      getCertificates in interface CertificateSource
      Returns:
      all certificates from this source

    • getEntities

      public List<eu.europa.esig.dss.spi.x509.CertificateSourceEntity> getEntities()
      Description copied from interface: CertificateSource
      Returns a list of certificates grouped by their public keys
      Specified by:
      getEntities in interface CertificateSource
      Returns:
      a list of CertificateSourceEntitys

    • getByPublicKey

      public Set<CertificateToken> getByPublicKey(PublicKey publicKey)
      This method returns a list of CertificateToken with the given PublicKey
      Specified by:
      getByPublicKey in interface CertificateSource
      Parameters:
      publicKey - the public key to find
      Returns:
      a list of CertificateToken which have the given public key

    • getBySki

      public Set<CertificateToken> getBySki(byte[] ski)
      This method returns a list of CertificateToken with the given SKI (SubjectKeyIdentifier (SHA-1 of the PublicKey))
      Specified by:
      getBySki in interface CertificateSource
      Parameters:
      ski - the Subject Key Identifier
      Returns:
      a list of CertificateToken which have the given ski

    • getBySubject

      public Set<CertificateToken> getBySubject(X500PrincipalHelper subject)
      This method returns the Set of certificates with the same subjectDN.
      Specified by:
      getBySubject in interface CertificateSource
      Parameters:
      subject - the subject to match
      Returns:
      If no match is found then an empty list is returned.

    • getBySignerIdentifier

      public Set<CertificateToken> getBySignerIdentifier(SignerIdentifier signerIdentifier)
      Description copied from interface: CertificateSource
      This method returns the Set of certificates with the CertificateIdentifier
      Specified by:
      getBySignerIdentifier in interface CertificateSource
      Parameters:
      signerIdentifier - the certificate identifier to match
      Returns:
      If no match is found then an empty set is returned.

    • getByCertificateDigest

      public Set<CertificateToken> getByCertificateDigest(Digest digest)
      Description copied from interface: CertificateSource
      This method returns the Set of certificates with the Digest
      Specified by:
      getByCertificateDigest in interface CertificateSource
      Parameters:
      digest - the certificate digest to be found
      Returns:
      the found certificates or an empty Set

    • findTokensFromCertRef

      public Set<CertificateToken> findTokensFromCertRef(CertificateRef certificateRef)
      Description copied from interface: CertificateSource
      Returns Set of CertificateTokens for the provided CertificateRef
      Specified by:
      findTokensFromCertRef in interface CertificateSource
      Parameters:
      certificateRef - a CertificateRef
      Returns:
      Set of CertificateTokens

    • doesCertificateReferenceMatch

      protected boolean doesCertificateReferenceMatch(CertificateToken certificateToken, CertificateRef certificateRef)
      This method verifies whether the CertificateRef does match to the CertificateToken
      Parameters:
      certificateToken - CertificateToken to be verified
      certificateRef - CertificateRef to be used to
      Returns:
      TRUE if the certificate reference matches the certificate token, FALSE otherwise

    • getNumberOfCertificates

      public int getNumberOfCertificates()
      This method returns the number of stored certificates in this source
      Returns:
      number of certificates in this instance

    • getNumberOfEntities

      public int getNumberOfEntities()
      This method returns the number of stored entities (unique public key) in this source
      Returns:
      number of entities in this instance

    • getCertificateSourceType

      public CertificateSourceType getCertificateSourceType()
      Description copied from interface: CertificateSource
      This method returns the certificate source type associated to the implementation class.
      Specified by:
      getCertificateSourceType in interface CertificateSource
      Returns:
      the certificate origin

    • isTrusted

      public boolean isTrusted(CertificateToken certificateToken)
      Description copied from interface: CertificateSource
      This method checks if a given certificate is trusted
      Specified by:
      isTrusted in interface CertificateSource
      Parameters:
      certificateToken - the certificate to be tested
      Returns:
      true if the certificate is trusted

    • isAllSelfSigned

      public boolean isAllSelfSigned()
      Description copied from interface: CertificateSource
      This method checks if all certificates are self-signed
      Specified by:
      isAllSelfSigned in interface CertificateSource
      Returns:
      true if all certificates are self-signed

    • isCertificateSourceEqual

      public boolean isCertificateSourceEqual(CertificateSource certificateSource)
      Description copied from interface: CertificateSource
      This method checks if the current and the given CertificateSources contain the same certificate tokens
      Specified by:
      isCertificateSourceEqual in interface CertificateSource
      Parameters:
      certificateSource - CertificateSource to compare
      Returns:
      TRUE if both certificate sources contains the same certificate tokens, FALSE otherwise

    • isCertificateSourceEquivalent

      public boolean isCertificateSourceEquivalent(CertificateSource certificateSource)
      Description copied from interface: CertificateSource
      This method checks if the current and the given CertificateSources contain the same public keys
      Specified by:
      isCertificateSourceEquivalent in interface CertificateSource
      Parameters:
      certificateSource - CertificateSource to compare
      Returns:
      TRUE if both certificate sources contains the same public keys, FALSE otherwise