Java TrustStatusList.setWellSigned Examples

Programming Language: Java

Class/Type: TrustStatusList

Method/Function: setWellSigned

Examples at hotexamples.com: 1

Java TrustStatusList.setWellSigned - 1 examples found. These are the top rated real world Java examples of TrustStatusList.setWellSigned extracted from open source projects. You can rate examples to help us improve the quality of examples.

Frequently Used Methods

Show Hide

getOtherTSLPointers(1)

getTrustServicesProvider(1)

isWellSigned(1)

setWellSigned(1)

Example #1

Show file

File: TrustedListsCertificateSource.java Project: bouil/sd-dss

  /**
   * Load a trusted list for the specified URL
   *
   * @param url
   * @param signingCertList
   * @return
   * @throws java.io.IOException
   */
  private TrustStatusList getTrustStatusList(
      final String url, final List<X509Certificate> signingCertList) {

    byte[] bytes = dataLoader.get(url);
    if (bytes == null) {

      throw new DSSNullReturnedException(url);
    }
    final Document doc = DSSXMLUtils.buildDOM(bytes);

    boolean coreValidity = true;
    if (checkSignature) {

      coreValidity = false;
      if (signingCertList != null) {

        final CommonTrustedCertificateSource commonTrustedCertificateSource =
            new CommonTrustedCertificateSource();
        for (final X509Certificate x509Certificate : signingCertList) {

          commonTrustedCertificateSource.addCertificate(x509Certificate);
        }
        final CertificateVerifier certificateVerifier = new CommonCertificateVerifier(true);
        certificateVerifier.setTrustedCertSource(commonTrustedCertificateSource);

        final DSSDocument dssDocument = new InMemoryDocument(bytes);
        final XMLDocumentValidator xmlDocumentValidator = new XMLDocumentValidator(dssDocument);
        xmlDocumentValidator.setCertificateVerifier(certificateVerifier);
        // To increase the security: the default {@code XPathQueryHolder} is used.
        final List<XPathQueryHolder> xPathQueryHolders = xmlDocumentValidator.getXPathQueryHolder();
        xPathQueryHolders.clear();
        final XPathQueryHolder xPathQueryHolder = new XPathQueryHolder();
        xPathQueryHolders.add(xPathQueryHolder);

        final List<AdvancedSignature> signatures = xmlDocumentValidator.getSignatures();
        if (signatures.size() == 0) {

          throw new DSSException("Not ETSI compliant signature. The Xml is not signed.");
        }

        xmlDocumentValidator.validateDocument();
        final SimpleReport simpleReport = xmlDocumentValidator.getSimpleReport();
        final List<String> signatureIdList = simpleReport.getSignatureIds();
        final String signatureId = signatureIdList.get(0);
        final String indication = simpleReport.getIndication(signatureId);
        coreValidity = Indication.VALID.equals(indication);
        LOG.info("The TSL signature validity: " + coreValidity);
        if (!coreValidity) {

          LOG.info("The TSL signature validity details:\n" + simpleReport);
          System.out.println(xmlDocumentValidator.getDiagnosticData());
          throw new DSSException("Not ETSI compliant signature. The signature is not valid.");
        }
      }
    }
    final TrustStatusList tsl = TrustServiceListFactory.newInstance(doc);
    tsl.setWellSigned(coreValidity);
    return tsl;
  }