Package eu.europa.esig.dss.jades

Class JAdESSignatureParameters

java.lang.Object
eu.europa.esig.dss.model.AbstractSerializableSignatureParameters<JAdESTimestampParameters>
eu.europa.esig.dss.signature.AbstractSignatureParameters<JAdESTimestampParameters>
eu.europa.esig.dss.jades.JAdESSignatureParameters
All Implemented Interfaces:
SerializableSignatureParameters, Serializable
Direct Known Subclasses:
JAdESCounterSignatureParameters
public class JAdESSignatureParameters extends AbstractSignatureParameters<JAdESTimestampParameters>
The parameters to create/extend a JAdES signature
See Also:

  • Constructor Details

    • JAdESSignatureParameters

      public JAdESSignatureParameters()
      Default constructor instantiating object with default parameters

  • Method Details

    • setSignatureLevel

      public void setSignatureLevel(SignatureLevel signatureLevel)
      Description copied from class: AbstractSerializableSignatureParameters
      Set signature level. This field cannot be null.
      Overrides:
      setSignatureLevel in class AbstractSerializableSignatureParameters<JAdESTimestampParameters>
      Parameters:
      signatureLevel - the expected signature level

    • getContentTimestampParameters

      public JAdESTimestampParameters getContentTimestampParameters()
      Description copied from class: AbstractSerializableSignatureParameters
      Get the parameters for content timestamp (Baseline-B)
      Overrides:
      getContentTimestampParameters in class AbstractSerializableSignatureParameters<JAdESTimestampParameters>
      Returns:
      the parameters to produce a content timestamp

    • getSignatureTimestampParameters

      public JAdESTimestampParameters getSignatureTimestampParameters()
      Description copied from class: AbstractSerializableSignatureParameters
      Get the parameters for signature timestamp (Baseline-T)
      Overrides:
      getSignatureTimestampParameters in class AbstractSerializableSignatureParameters<JAdESTimestampParameters>
      Returns:
      the parameters to produce a signature timestamp

    • getArchiveTimestampParameters

      public JAdESTimestampParameters getArchiveTimestampParameters()
      Description copied from class: AbstractSerializableSignatureParameters
      Get the parameters for archive timestamp (Baseline-LTA)
      Overrides:
      getArchiveTimestampParameters in class AbstractSerializableSignatureParameters<JAdESTimestampParameters>
      Returns:
      the parameters to produce an archive timestamp

    • isIncludeCertificateChain

      public boolean isIncludeCertificateChain()
      Defines if complete certificate chain binaries must be included into the signed header ('x5c' attribute)
      Returns:
      TRUE if the certificate chain must be included, FALSE otherwise

    • setIncludeCertificateChain

      public void setIncludeCertificateChain(boolean includeCertificateChain)
      Sets if complete certificate chain binaries must be included into the signed header Default: TRUE (the complete binaries will be included into the signed header)
      Parameters:
      includeCertificateChain - if the certificate chain binaries must be included into the signed header

    • isIncludeSignatureType

      public boolean isIncludeSignatureType()
      Defines if the signature MimeType string must be included into the signed header ('typ' attribute)
      Returns:
      TRUE if the MimeType string of the produced signature must be included, FALSE otherwise

    • setIncludeSignatureType

      public void setIncludeSignatureType(boolean includeSignatureType)
      Sets if the signature MimeType string must be included into the signed header ('typ' attribute) Default: TRUE (the signature MimeType will be included into the signed header)
      Parameters:
      includeSignatureType - if the signature MimeType be included into the signed header

    • isIncludeKeyIdentifier

      public boolean isIncludeKeyIdentifier()
      Returns whether a 'kid' (key identifier) header parameter should be created
      Returns:
      TRUE if the 'kid' should be created, FALSE otherwise

    • setIncludeKeyIdentifier

      public void setIncludeKeyIdentifier(boolean includeKeyIdentifier)
      Sets whether a 'kid' (key identifier) header parameter should be created within a protected header, provided that a signing-certificate is defined within the signature parameters. DEFAULT : TRUE (the 'kid' header parameter is created)
      Parameters:
      includeKeyIdentifier - identifies whether 'kid' should be created (when a signing-certificate is provided)

    • getX509Url

      public String getX509Url()
      Returns the value of the 'x5u' header parameter if present
      Returns:
      String

    • setX509Url

      public void setX509Url(String x509Url)
      Sets the value for the 'x5u' signed header parameter. The value shall refer to a URI where the X.509 public key certificate or certificate chain corresponding to the key used to digitally sign the JWS can be retrieved from.

      NOTE: use methods #setSigningCertificate and #includeCertificateChain to disable encapsulation of the signing certificate and certificate chain binaries (included by default).

      DEFAULT: NULL (the 'x5u' header parameter is not included)

      Parameters:
      x509Url - String value of 'x5u' header parameter

    • getSigningCertificateDigestMethod

      public DigestAlgorithm getSigningCertificateDigestMethod()
      See setSigningCertificateDigestMethod(DigestAlgorithm).
      Returns:
      DigestAlgorithm to be used for signing certificate digest representation

    • setSigningCertificateDigestMethod

      public void setSigningCertificateDigestMethod(DigestAlgorithm signingCertificateDigestMethod)
      The digest method indicates the digest algorithm to be used to calculate the certificate digest to define a signing certificate ('x5t#256' for SHA256 or 'x5t#o' for other algorithms) Default: DigestAlgorithm.SHA256 ('x5t#256' attribute will be created)
      Parameters:
      signingCertificateDigestMethod - DigestAlgorithm to be used

    • getJwsSerializationType

      public JWSSerializationType getJwsSerializationType()
      Gets JWSSerializationType
      Returns:
      JWSSerializationType

    • setJwsSerializationType

      public void setJwsSerializationType(JWSSerializationType jwsSerializationType)
      Sets the JWSSerializationType Default: JWSSerializationType.COMPACT_SERIALIZATION
      Parameters:
      jwsSerializationType - JWSSerializationType

    • getSigDMechanism

      public SigDMechanism getSigDMechanism()
      Returns a SigDMechanism to use
      Returns:
      SigDMechanism

    • setSigDMechanism

      public void setSigDMechanism(SigDMechanism sigDMechanism)
      Sets SigDMechanism to use for a Detached signature
      Parameters:
      sigDMechanism - SigDMechanism

    • getJadesSigningTimeType

      public JAdESSigningTimeType getJadesSigningTimeType()
      Returns the JAdES claimed signing-time header parameters to be used
      Returns:
      JAdESSigningTimeType

    • setJadesSigningTimeType

      public void setJadesSigningTimeType(JAdESSigningTimeType jadesSigningTimeType)
      Sets the claimed signing-time header parameters to be used.

      Requirements ETSI TS 119 182-1, clause 6.3, for iat and sigT: Before 2025-07-15T00:00:00Z the generator should include the iat header parameter for indicating the claimed signing time in new JAdES signatures and should not include the iat header parameter for indicating the claimed signing time in new JAdES signatures. Starting at 2025-07-15T00:00:00Z the generator shall include the iat header parameter for indicating the claimed signing time in new JAdES signatures.

      Default : IAT ('iat' header parameter will be used)

      Parameters:
      jadesSigningTimeType - JAdESSigningTimeType

    • isBase64UrlEncodedPayload

      public boolean isBase64UrlEncodedPayload()
      Gets if base64Url encoded payload shall be used
      Returns:
      TRUE if to use base64url encoded payload, FALSE otherwise

    • setBase64UrlEncodedPayload

      public void setBase64UrlEncodedPayload(boolean base64EncodedPayload)
      Sets if base64Url encoded payload shall be used If FALSE, the unencoded (original) payload will be used according to RFC 7797 NOTE: some restrictions for payload content can apply when dealing with unencoded payload. For more information please see RFC 7797. The parameter is independent from base64UrlEncodedEtsiUComponents Default : TRUE (base64Url encoded payload will be used)
      Parameters:
      base64EncodedPayload - true if the payload shall be present in its corresponding base64url encoding, FALSE otherwise

    • isBase64UrlEncodedEtsiUComponents

      public boolean isBase64UrlEncodedEtsiUComponents()
      Gets if the instances of the 'etsiU' unprotected header shall appear in their corresponding base64url encoding Default : TRUE (base64Url encoded etsiU components will be used)
      Returns:
      TRUE if the components of 'etsiU' header shall appear in their corresponding base64url encoding, otherwise in their clear JSON incorporation

    • setBase64UrlEncodedEtsiUComponents

      public void setBase64UrlEncodedEtsiUComponents(boolean base64UrlEncodedEtsiUComponents)
      Sets if the instances of the 'etsiU' header shall appear in their corresponding base64url encoding. If FALSE the components of 'etsiU' will appear in their clear JSON incorporation. The parameter is used for Serialization (or Flattened) format only with unsigned properties. NOTE: the parameter is independent from base64UrlEncodedPayload Default : TRUE (base64url encoded etsiU components)
      Parameters:
      base64UrlEncodedEtsiUComponents - if the components of 'etsiU' unsigned header shall appear in their corresponding base64url encoding, if FALSE the components will appear in their clear JSON incorporation

    • toString

      public String toString()
      Overrides:
      toString in class AbstractSignatureParameters<JAdESTimestampParameters>

    • equals

      public boolean equals(Object o)
      Overrides:
      equals in class AbstractSignatureParameters<JAdESTimestampParameters>

    • hashCode

      public int hashCode()
      Overrides:
      hashCode in class AbstractSignatureParameters<JAdESTimestampParameters>