Package eu.europa.esig.dss.spi.x509.revocation

Class RevocationToken

java.lang.Object
eu.europa.esig.dss.model.x509.Token
eu.europa.esig.dss.spi.x509.revocation.RevocationToken
All Implemented Interfaces:
Serializable
Direct Known Subclasses:
CRLToken, OCSPToken
public abstract class RevocationToken
extends Token
See Also:
Serialized Form

  • Field Details

    • relatedCertificate

      protected CertificateToken relatedCertificate
      Related CertificateToken to this revocation object

    • revocationType

      protected RevocationType revocationType
      An identifier referencing a CRL or OCSP response has been used for determining the revocation status.

    • sourceURL

      protected String sourceURL
      The URL which was used to obtain the revocation data (online).

    • available

      protected boolean available
      This boolean shows if the online resource is available

    • status

      protected Boolean status
      Contains the revocation status of the token. True if is not revoked, false if is revoked or null if unknown.

    • productionDate

      protected Date productionDate
      Represents the production date of the OCSP response or the thisUpdate in case of CRL.

    • thisUpdate

      protected Date thisUpdate
      Represents the this update date of the CRL.

    • nextUpdate

      protected Date nextUpdate
      Represents the next update date of the CRL or null for OCSP response.

    • revocationDate

      protected Date revocationDate
      Represents the revocation date from an X509CRLEntry or from an BasicOCSPResp (if the related certificate is revoked)

    • expiredCertsOnCRL

      protected Date expiredCertsOnCRL

    • archiveCutOff

      protected Date archiveCutOff

    • certHashPresent

      protected boolean certHashPresent
      Represents if the certHash extension from an OCSP Response is present (optional)

    • certHashMatch

      protected boolean certHashMatch
      Represents if the certHash extension from an OCSP Response is match with the related certificate's hash (optional)

    • reason

      protected RevocationReason reason
      The reason of the revocation.

    • revocationTokenKey

      protected String revocationTokenKey
      Revocation Token Key, used for RevocationToken identification (i.e. id in DB)

  • Constructor Details

  • Method Details

    • getRevocationType

      public RevocationType getRevocationType()

    • getRelatedCertificateID

      public String getRelatedCertificateID()

    • setRelatedCertificate

      public void setRelatedCertificate​(CertificateToken relatedCertificate)

    • getSourceURL

      public String getSourceURL()
      Returns the URL of the source (if available)
      Returns:
      URL of the CRL/OCSP Server (if available)

    • setSourceURL

      public void setSourceURL​(String sourceURL)
      This sets the revocation data source URL. It is only used in case of OnlineSource.
      Parameters:
      sourceURL - the URL which was used to retrieve this CRL

    • getOrigins

      public Set<RevocationOrigin> getOrigins()
      Returns the revocation origin (the signature itself or else)
      Returns:
      the origin of this revocation data

    • getFirstOrigin

      public RevocationOrigin getFirstOrigin()
      Returns first found origin from the set of RevocationOrigins
      Returns:
      RevocationOrigin

    • setOrigins

      public void setOrigins​(Set<RevocationOrigin> origins)

    • isAvailable

      public boolean isAvailable()
      Returns the online resource availability status
      Returns:
      true if the online resource was available

    • setAvailable

      public void setAvailable​(boolean available)

    • getStatus

      public Boolean getStatus()
      Returns the revocation status
      Returns:
      true if valid, false if revoked/onhold, null if not available

    • getProductionDate

      public Date getProductionDate()
      Returns the generation time of the current revocation data (when it was signed)
      Returns:
      the production time of the current revocation data

    • getCreationDate

      public Date getCreationDate()
      Description copied from class: Token
      Returns the creation date of this token. This date is mainly used to retrieve the correct issuer within a collection of renewed certificates (new certificate with the same key pair).
      Specified by:
      getCreationDate in class Token
      Returns:
      the creation date of the token (notBefore for a certificate, productionDate for revocation data,...)

    • getThisUpdate

      public Date getThisUpdate()

    • getNextUpdate

      public Date getNextUpdate()
      Returns the date of the next update
      Returns:
      the next update date

    • getRevocationDate

      public Date getRevocationDate()
      Returns the revocation date (if the token has been revoked)
      Returns:
      the revocation date or null

    • getExpiredCertsOnCRL

      public Date getExpiredCertsOnCRL()
      Returns the expiredCertsOnCRL date (from CRL)
      Returns:
      the expiredCertsOnCRL date value from a CRL or null

    • getArchiveCutOff

      public Date getArchiveCutOff()
      Returns the archiveCutOff date (from an OCSP Response)
      Returns:
      the archiveCutOff date or null

    • isCertHashPresent

      public boolean isCertHashPresent()
      Returns TRUE if the certHash extension (from an OCSP Response) is present
      Returns:
      the TRUE if certHash is present, FALSE otherwise

    • isCertHashMatch

      public boolean isCertHashMatch()
      Returns TRUE if the certHash extension (from an OCSP Response) is match to the hash of related certificate token
      Returns:
      the TRUE if certHash is match, FALSE otherwise

    • getReason

      public RevocationReason getReason()
      Returns the revocation reason (if the token has been revoked)
      Returns:
      the revocation reason or null

    • getRevocationTokenKey

      public String getRevocationTokenKey()
      Returns compiled revocation token key
      Returns:
      String key

    • setRevocationTokenKey

      public void setRevocationTokenKey​(String key)
      Sets the value for revocationTokenKey
      Parameters:
      key - String

    • initInfo

      public abstract void initInfo()
      Initialize inner attributes

    • isValid

      public abstract boolean isValid()
      Indicates if the token signature is intact and the signing certificate matches with the signature and if the extended key usage is present.
      Returns:
      true if the conditions are meet

    • getDSSIdAsString

      public String getDSSIdAsString()
      Description copied from class: Token
      Returns a string representation of the unique DSS token identifier.
      Overrides:
      getDSSIdAsString in class Token
      Returns:
      the unique string for the token

    • hashCode

      public int hashCode()
      Overrides:
      hashCode in class Token

    • equals

      public boolean equals​(Object obj)
      Overrides:
      equals in class Token