public class SignatureConfig
extends java.lang.Object
Modifier and Type | Field and Description |
---|---|
static java.lang.String |
SIGNATURE_TIME_FORMAT |
Constructor and Description |
---|
SignatureConfig() |
Modifier and Type | Method and Description |
---|---|
void |
addSignatureFacet(SignatureFacet signatureFacet) |
java.lang.String |
formatExecutionTime() |
java.lang.String |
getCanonicalizationMethod() |
HashAlgorithm |
getDigestAlgo() |
java.lang.String |
getDigestMethodUri() |
static java.lang.String |
getDigestMethodUri(HashAlgorithm digestAlgo)
Converts the digest algorithm - currently only sha* and ripemd160 is supported.
(转换摘要算法 - 目前仅支持 sha* 和ripemd160。)
|
java.util.Date |
getExecutionTime() |
java.security.PrivateKey |
getKey() |
javax.xml.crypto.dsig.keyinfo.KeyInfoFactory |
getKeyInfoFactory()
Deprecated.
in POI 5.0.0 - will be handled by SignatureInfo internally
(已弃用。在 POI 5.0.0 中 - 将由 SignatureInfo 在内部处理)
|
java.util.Map<java.lang.String,java.lang.String> |
getNamespacePrefixes() |
OPCPackage |
getOpcPackage()
Deprecated.
in POI 5.0.0 - use
(已弃用。在 POI 5.0.0 中 - 改用 SignatureInfo.setOpcPackage(OPCPackage))
SignatureInfo.setOpcPackage(OPCPackage) instead
|
java.lang.String |
getPackageSignatureId() |
java.security.Provider |
getProvider()
Deprecated.
in POI 5.0.0 - will be handled by SignatureInfo internally
(已弃用。在 POI 5.0.0 中 - 将由 SignatureInfo 在内部处理)
|
static java.lang.String[] |
getProviderNames()
Determine the possible classes for XMLSEC.
(确定 XMLSEC 的可能类。)
|
java.lang.String |
getProxyUrl() |
RevocationDataService |
getRevocationDataService() |
java.lang.String |
getSignatureDescription() |
java.util.List<SignatureFacet> |
getSignatureFacets() |
javax.xml.crypto.dsig.XMLSignatureFactory |
getSignatureFactory()
Deprecated.
in POI 5.0.0 - will be handled by SignatureInfo internally
(已弃用。在 POI 5.0.0 中 - 将由 SignatureInfo 在内部处理)
|
byte[] |
getSignatureImage() |
byte[] |
getSignatureImageInvalid() |
ClassID |
getSignatureImageSetupId() |
byte[] |
getSignatureImageValid() |
SignatureMarshalListener |
getSignatureMarshalListener() |
java.lang.String |
getSignatureMethodUri() |
SignaturePolicyService |
getSignaturePolicyService() |
java.util.List<java.security.cert.X509Certificate> |
getSigningCertificateChain() |
HashAlgorithm |
getTspDigestAlgo() |
java.lang.String |
getTspPass() |
java.lang.String |
getTspRequestPolicy() |
TimeStampService |
getTspService() |
java.lang.String |
getTspUrl() |
java.lang.String |
getTspUser() |
TimeStampServiceValidator |
getTspValidator() |
javax.xml.crypto.URIDereferencer |
getUriDereferencer()
Deprecated.
in POI 5.0.0 - use
(已弃用。在 POI 5.0.0 - 改用 SignatureInfo.getUriDereferencer())
SignatureInfo.getUriDereferencer() instead
|
java.lang.String |
getUserAgent() |
java.lang.String |
getXadesCanonicalizationMethod() |
HashAlgorithm |
getXadesDigestAlgo() |
java.lang.String |
getXadesRole() |
java.lang.String |
getXadesSignatureId() |
boolean |
isAllowMultipleSignatures() |
boolean |
isIncludeEntireCertificateChain() |
boolean |
isIncludeIssuerSerial() |
boolean |
isIncludeKeyValue() |
boolean |
isTspOldProtocol() |
boolean |
isUpdateConfigOnValidate() |
boolean |
isXadesIssuerNameNoReverseOrder()
Make sure the DN is encoded using the same order as present within the certificate.
(确保使用与证书中相同的顺序对 DN 进行编码。)
|
boolean |
isXadesSignaturePolicyImplied() |
void |
setAllowMultipleSignatures(boolean allowMultipleSignatures)
Activate multiple signatures
(激活多个签名)
|
void |
setCanonicalizationMethod(java.lang.String canonicalizationMethod) |
void |
setDigestAlgo(HashAlgorithm digestAlgo) |
void |
setExecutionTime(java.util.Date executionTime) |
void |
setExecutionTime(java.lang.String executionTime)
Sets the executionTime which is in standard format (
SIGNATURE_TIME_FORMAT )
(设置标准格式的执行时间(SIGNATURE_TIME_FORMAT))
|
void |
setIncludeEntireCertificateChain(boolean includeEntireCertificateChain) |
void |
setIncludeIssuerSerial(boolean includeIssuerSerial) |
void |
setIncludeKeyValue(boolean includeKeyValue) |
void |
setKey(java.security.PrivateKey key) |
void |
setKeyInfoFactory(javax.xml.crypto.dsig.keyinfo.KeyInfoFactory keyInfoFactory)
Deprecated.
in POI 5.0.0 - use
(已弃用。在 POI 5.0.0 - 使用 SignatureInfo.setKeyInfoFactory(KeyInfoFactory))
SignatureInfo.setKeyInfoFactory(KeyInfoFactory)
|
void |
setNamespacePrefixes(java.util.Map<java.lang.String,java.lang.String> namespacePrefixes) |
void |
setOpcPackage(OPCPackage opcPackage)
Deprecated.
in POI 5.0.0 - use
(已弃用。在 POI 5.0.0 中 - 改用 SignatureInfo.setOpcPackage(OPCPackage))
SignatureInfo.setOpcPackage(OPCPackage) instead
|
void |
setPackageSignatureId(java.lang.String packageSignatureId) |
void |
setProvider(java.security.Provider provider)
Deprecated.
in POI 5.0.0 - use
(已弃用。在 POI 5.0.0 - 使用 SignatureInfo.setProvider(Provider))
SignatureInfo.setProvider(Provider)
|
void |
setProxyUrl(java.lang.String proxyUrl) |
void |
setRevocationDataService(RevocationDataService revocationDataService) |
void |
setSignatureDescription(java.lang.String signatureDescription) |
void |
setSignatureFacets(java.util.List<SignatureFacet> signatureFacets) |
void |
setSignatureFactory(javax.xml.crypto.dsig.XMLSignatureFactory signatureFactory)
Deprecated.
in POI 5.0.0 - use
(已弃用。在 POI 5.0.0 中 - 使用 SignatureInfo.setSignatureFactory(XMLSignatureFactory))
SignatureInfo.setSignatureFactory(XMLSignatureFactory)
|
void |
setSignatureImage(byte[] signatureImage) |
void |
setSignatureImageInvalid(byte[] signatureImageInvalid) |
void |
setSignatureImageSetupId(ClassID signatureImageSetupId) |
void |
setSignatureImageValid(byte[] signatureImageValid) |
void |
setSignatureMarshalListener(SignatureMarshalListener signatureMarshalListener) |
void |
setSignatureMethodFromUri(java.lang.String signatureMethodUri)
Set the digest algorithm based on the method uri.
(根据方法 uri 设置摘要算法。)
|
void |
setSignaturePolicyService(SignaturePolicyService signaturePolicyService) |
void |
setSigningCertificateChain(java.util.List<java.security.cert.X509Certificate> signingCertificateChain) |
void |
setTspDigestAlgo(HashAlgorithm tspDigestAlgo) |
void |
setTspOldProtocol(boolean tspOldProtocol) |
void |
setTspPass(java.lang.String tspPass) |
void |
setTspRequestPolicy(java.lang.String tspRequestPolicy) |
void |
setTspService(TimeStampService tspService) |
void |
setTspUrl(java.lang.String tspUrl) |
void |
setTspUser(java.lang.String tspUser) |
void |
setTspValidator(TimeStampServiceValidator tspValidator) |
void |
setUpdateConfigOnValidate(boolean updateConfigOnValidate)
The signature config can be updated if a document is succesful validated.
(如果文档成功验证,则可以更新签名配置。)
|
void |
setUriDereferencer(javax.xml.crypto.URIDereferencer uriDereferencer)
Deprecated.
in POI 5.0.0 - use
(已弃用。在 POI 5.0.0 中 - 改用 SignatureInfo.setUriDereferencer(URIDereferencer))
SignatureInfo.setUriDereferencer(URIDereferencer) instead
|
void |
setUserAgent(java.lang.String userAgent) |
void |
setXadesCanonicalizationMethod(java.lang.String xadesCanonicalizationMethod) |
void |
setXadesDigestAlgo(HashAlgorithm xadesDigestAlgo) |
void |
setXadesDigestAlgo(java.lang.String xadesDigestAlgo) |
void |
setXadesIssuerNameNoReverseOrder(boolean xadesIssuerNameNoReverseOrder) |
void |
setXadesRole(java.lang.String xadesRole) |
void |
setXadesSignatureId(java.lang.String xadesSignatureId) |
void |
setXadesSignaturePolicyImplied(boolean xadesSignaturePolicyImplied) |
public static final java.lang.String SIGNATURE_TIME_FORMAT
public void addSignatureFacet(SignatureFacet signatureFacet)
signatureFacet
- the signature facet is appended to facet list
(signatureFacet - 签名构面附加到构面列表)
public java.util.List<SignatureFacet> getSignatureFacets()
public void setSignatureFacets(java.util.List<SignatureFacet> signatureFacets)
signatureFacets
- the new list of facets
(signatureFacets - 新的构面列表)
public HashAlgorithm getDigestAlgo()
public void setDigestAlgo(HashAlgorithm digestAlgo)
digestAlgo
- the main digest algorithm
(digestAlgo - 主要的摘要算法)
@Deprecated @Removal(version="5.0.0") public OPCPackage getOpcPackage()
SignatureInfo.setOpcPackage(OPCPackage)
instead
(已弃用。在 POI 5.0.0 中 - 改用 SignatureInfo.setOpcPackage(OPCPackage))
@Deprecated @Removal(version="5.0.0") public void setOpcPackage(OPCPackage opcPackage)
SignatureInfo.setOpcPackage(OPCPackage)
instead
(已弃用。在 POI 5.0.0 中 - 改用 SignatureInfo.setOpcPackage(OPCPackage))
opcPackage
- the opc package to be handled by this thread, stored as thread-local
(opcPackage - 此线程要处理的 opc 包,存储为 thread-local)
public java.security.PrivateKey getKey()
public void setKey(java.security.PrivateKey key)
key
- the private key
(key - 私钥)
public java.util.List<java.security.cert.X509Certificate> getSigningCertificateChain()
public void setSigningCertificateChain(java.util.List<java.security.cert.X509Certificate> signingCertificateChain)
signingCertificateChain
- the certificate chain, index 0 should be the certificate matching the private key
(signingCertificateChain - 证书链,索引 0 应该是匹配私钥的证书)
public java.util.Date getExecutionTime()
public void setExecutionTime(java.util.Date executionTime)
executionTime
- sets the time at which the document ought to be signed
(executionTime - 设置应该签署文档的时间)
public java.lang.String formatExecutionTime()
SIGNATURE_TIME_FORMAT
)
(格式化的执行时间 (SIGNATURE_TIME_FORMAT))
public void setExecutionTime(java.lang.String executionTime)
SIGNATURE_TIME_FORMAT
)
(设置标准格式的执行时间(SIGNATURE_TIME_FORMAT))
executionTime
- the execution time
(executionTime - 执行时间)
public SignaturePolicyService getSignaturePolicyService()
public void setSignaturePolicyService(SignaturePolicyService signaturePolicyService)
signaturePolicyService
- the service to be used for XAdES-EPES properties
(signaturePolicyService - 用于 XAdES-EPES 属性的服务)
@Deprecated @Removal(version="5.0.0") public javax.xml.crypto.URIDereferencer getUriDereferencer()
SignatureInfo.getUriDereferencer()
instead
(已弃用。在 POI 5.0.0 - 改用 SignatureInfo.getUriDereferencer())
OOXMLURIDereferencer
(用于 Reference/@URI 属性的解引用器,默认为 OOXMLURIDereferencer)
@Deprecated @Removal(version="5.0.0") public void setUriDereferencer(javax.xml.crypto.URIDereferencer uriDereferencer)
SignatureInfo.setUriDereferencer(URIDereferencer)
instead
(已弃用。在 POI 5.0.0 中 - 改用 SignatureInfo.setUriDereferencer(URIDereferencer))
uriDereferencer
- the dereferencer used for Reference/@URI attributes
(uriDereferencer - 用于 Reference/@URI 属性的解引用器)
public java.lang.String getSignatureDescription()
public void setSignatureDescription(java.lang.String signatureDescription)
signatureDescription
- the human-readable description of what the citizen will be signing.
(signatureDescription - 对公民将要签署的内容的可读描述。)
public byte[] getSignatureImage()
public byte[] getSignatureImageValid()
public byte[] getSignatureImageInvalid()
public ClassID getSignatureImageSetupId()
public void setSignatureImageSetupId(ClassID signatureImageSetupId)
public void setSignatureImage(byte[] signatureImage)
public void setSignatureImageValid(byte[] signatureImageValid)
public void setSignatureImageInvalid(byte[] signatureImageInvalid)
public java.lang.String getCanonicalizationMethod()
public void setCanonicalizationMethod(java.lang.String canonicalizationMethod)
canonicalizationMethod
- the default canonicalization method
(canonicalizationMethod - 默认的规范化方法)
public java.lang.String getPackageSignatureId()
public void setPackageSignatureId(java.lang.String packageSignatureId)
packageSignatureId
- The signature Id attribute value used to create the XML signature. A
null
value will trigger an automatically generated signature Id.
(packageSignatureId - 用于创建 XML 签名的签名 Id 属性值。空值将触发自动生成的签名 ID。)
public java.lang.String getTspUrl()
public void setTspUrl(java.lang.String tspUrl)
tspUrl
- the url of the timestamp provider (TSP)
(tspUrl - 时间戳提供程序 (TSP) 的 url)
public boolean isTspOldProtocol()
public void setTspOldProtocol(boolean tspOldProtocol)
tspOldProtocol
- defines the timestamp-protocol mimetype
(tspOldProtocol - 定义时间戳协议 mimetype)
isTspOldProtocol()
public HashAlgorithm getTspDigestAlgo()
public void setTspDigestAlgo(HashAlgorithm tspDigestAlgo)
tspDigestAlgo
- the algorithm to be used for the timestamp entry. if
null
, the hash algorithm of the main entry
(tspDigestAlgo - 用于时间戳条目的算法。如果为null,则主条目的哈希算法)
public java.lang.String getProxyUrl()
public void setProxyUrl(java.lang.String proxyUrl)
proxyUrl
- the proxy url to be used for all communications. Currently this affects the timestamp service
(proxyUrl - 用于所有通信的代理 url。目前这会影响时间戳服务)
public TimeStampService getTspService()
TSPTimeStampService
(时间戳服务。默认为 TSPTimeStampService)
public void setTspService(TimeStampService tspService)
tspService
- the timestamp service
(tspService - 时间戳服务)
public java.lang.String getTspUser()
public void setTspUser(java.lang.String tspUser)
tspUser
- the user id for the timestamp service - currently only basic authorization is supported
(tspUser - 时间戳服务的用户 ID - 目前仅支持基本授权)
public java.lang.String getTspPass()
public void setTspPass(java.lang.String tspPass)
tspPass
- the password for the timestamp service
(tspPass - 时间戳服务的密码)
public TimeStampServiceValidator getTspValidator()
public void setTspValidator(TimeStampServiceValidator tspValidator)
tspValidator
- the validator for the timestamp service (certificate)
(tspValidator - 时间戳服务(证书)的验证器)
public RevocationDataService getRevocationDataService()
null
the signature will be limited to XAdES-T only.
(用于 XAdES-C 和 XAdES-XL 的可选撤销数据服务。当为 null 时,签名将仅限于 XAdES-T。)
public void setRevocationDataService(RevocationDataService revocationDataService)
revocationDataService
- the optional revocation data service used for XAdES-C and XAdES-X-L. When
null
the signature will be limited to XAdES-T only.
(revocationDataService - 用于 XAdES-C 和 XAdES-XL 的可选撤销数据服务。当为 null 时,签名将仅限于 XAdES-T。)
public HashAlgorithm getXadesDigestAlgo()
getDigestAlgo()
(用于 XAdES 的哈希算法。默认为 getDigestAlgo())
public void setXadesDigestAlgo(HashAlgorithm xadesDigestAlgo)
xadesDigestAlgo
- hash algorithm used for XAdES. When
null
, defaults to
getDigestAlgo()
(xadesDigestAlgo - 用于 XAdES 的哈希算法。为 null 时,默认为 getDigestAlgo())
public void setXadesDigestAlgo(java.lang.String xadesDigestAlgo)
xadesDigestAlgo
- hash algorithm used for XAdES. When
null
, defaults to
getDigestAlgo()
(xadesDigestAlgo - 用于 XAdES 的哈希算法。为 null 时,默认为 getDigestAlgo())
public java.lang.String getUserAgent()
public void setUserAgent(java.lang.String userAgent)
userAgent
- the user agent used for http communication (e.g. to the TSP)
(userAgent - 用于 http 通信的用户代理(例如到 TSP))
public java.lang.String getTspRequestPolicy()
1.3.6.1.4.1.13762.3
(tsp 请求策略的 asn.1 对象 ID。默认为 1.3.6.1.4.1.13762.3)
public void setTspRequestPolicy(java.lang.String tspRequestPolicy)
tspRequestPolicy
- the asn.1 object id for the tsp request policy.
(tspRequestPolicy - tsp 请求策略的 asn.1 对象 ID。)
public boolean isIncludeEntireCertificateChain()
public void setIncludeEntireCertificateChain(boolean includeEntireCertificateChain)
includeEntireCertificateChain
- if true, include the whole certificate chain. If false, only include the signer cert
(includeEntireCertificateChain - 如果为 true,则包括整个证书链。如果为 false,则仅包含签名者证书)
public boolean isIncludeIssuerSerial()
public void setIncludeIssuerSerial(boolean includeIssuerSerial)
includeIssuerSerial
- if true, issuer serial number is included
(includeIssuerSerial - 如果为真,则包含发行者序列号)
public boolean isIncludeKeyValue()
public void setIncludeKeyValue(boolean includeKeyValue)
includeKeyValue
- if true, the key value of the public key (certificate) is included
(includeKeyValue - 如果为 true,则包含公钥(证书)的密钥值)
public java.lang.String getXadesRole()
null
the claimed role element is omitted. Defaults to
null
(xades 角色元素。如果为 null,则省略声明的角色元素。默认为空)
public void setXadesRole(java.lang.String xadesRole)
xadesRole
- the xades role element. If
null
the claimed role element is omitted.
(xadesRole - xades 角色元素。如果为 null,则省略声明的角色元素。)
public java.lang.String getXadesSignatureId()
idSignedProperties
(XAdES SignedProperties 元素的 Id。默认为 idSignedProperties)
public void setXadesSignatureId(java.lang.String xadesSignatureId)
xadesSignatureId
- the Id for the XAdES SignedProperties element. When
null
defaults to
idSignedProperties
(xadesSignatureId - XAdES SignedProperties 元素的 Id。当 null 默认为 idSignedProperties)
public boolean isXadesSignaturePolicyImplied()
true
(如果为真,则包含策略隐含块。默认为真)
public void setXadesSignaturePolicyImplied(boolean xadesSignaturePolicyImplied)
xadesSignaturePolicyImplied
- when true, include the policy-implied block
(xadesSignaturePolicyImplied - 当为真时,包括策略隐含块)
public boolean isXadesIssuerNameNoReverseOrder()
public void setXadesIssuerNameNoReverseOrder(boolean xadesIssuerNameNoReverseOrder)
xadesIssuerNameNoReverseOrder
- when true, the issuer DN instead of the issuer X500 prinicpal is used
(xadesIssuerNameNoReverseOrder - 当为 true 时,使用发行者 DN 而不是发行者 X500 主体)
public SignatureMarshalListener getSignatureMarshalListener()
SignatureMarshalListener
(在创建签名的 xml 结构时处于活动状态的事件侦听器。默认为 SignatureMarshalListener)
public void setSignatureMarshalListener(SignatureMarshalListener signatureMarshalListener)
signatureMarshalListener
- the event listener watching the xml structure generation for the signature
(signatureMarshalListener - 监听签名的 xml 结构生成的事件监听器)
public java.util.Map<java.lang.String,java.lang.String> getNamespacePrefixes()
public void setNamespacePrefixes(java.util.Map<java.lang.String,java.lang.String> namespacePrefixes)
namespacePrefixes
- the map of namespace uri (key) to prefix (value)
(namespacePrefixes - 命名空间 uri(键)到前缀(值)的映射)
public java.lang.String getSignatureMethodUri()
public java.lang.String getDigestMethodUri()
public static java.lang.String getDigestMethodUri(HashAlgorithm digestAlgo)
digestAlgo
- the digest algorithm
(digestAlgo - 摘要算法)
public void setSignatureMethodFromUri(java.lang.String signatureMethodUri)
signatureMethodUri
- the method uri
(signatureMethodUri - 方法 uri)
@Deprecated @Removal(version="5.0.0") public void setSignatureFactory(javax.xml.crypto.dsig.XMLSignatureFactory signatureFactory)
SignatureInfo.setSignatureFactory(XMLSignatureFactory)
(已弃用。在 POI 5.0.0 中 - 使用 SignatureInfo.setSignatureFactory(XMLSignatureFactory))
signatureFactory
- the xml signature factory, saved as thread-local
(signatureFactory - xml 签名工厂,保存为线程本地)
@Deprecated @Removal(version="5.0.0") public javax.xml.crypto.dsig.XMLSignatureFactory getSignatureFactory()
@Deprecated @Removal(version="5.0.0") public void setKeyInfoFactory(javax.xml.crypto.dsig.keyinfo.KeyInfoFactory keyInfoFactory)
SignatureInfo.setKeyInfoFactory(KeyInfoFactory)
(已弃用。在 POI 5.0.0 - 使用 SignatureInfo.setKeyInfoFactory(KeyInfoFactory))
keyInfoFactory
- the key factory, saved as thread-local
(keyInfoFactory - 密钥工厂,保存为线程本地)
@Deprecated @Removal(version="5.0.0") public javax.xml.crypto.dsig.keyinfo.KeyInfoFactory getKeyInfoFactory()
@Internal @Deprecated @Removal(version="5.0.0") public void setProvider(java.security.Provider provider)
SignatureInfo.setProvider(Provider)
provider
- the provider
(提供者 - 提供者)
@Deprecated @Removal(version="5.0.0") public java.security.Provider getProvider()
public static java.lang.String[] getProviderNames()
public java.lang.String getXadesCanonicalizationMethod()
EXCLUSIVE
(XAdES-XL 签名的规范化方法。默认为独家)
public void setXadesCanonicalizationMethod(java.lang.String xadesCanonicalizationMethod)
xadesCanonicalizationMethod
- the cannonicalization method for XAdES-XL signing
(xadesCanonicalizationMethod - XAdES-XL 签名的规范化方法)
public boolean isUpdateConfigOnValidate()
public void setUpdateConfigOnValidate(boolean updateConfigOnValidate)
false
(如果文档成功验证,则可以更新签名配置。此标志用于激活此修改。默认为假)
updateConfigOnValidate
- if true, update config on validate
(updateConfigOnValidate - 如果为真,则在验证时更新配置)
public boolean isAllowMultipleSignatures()
public void setAllowMultipleSignatures(boolean allowMultipleSignatures)
allowMultipleSignatures
- if true, the signature will be added, otherwise all existing signatures will be replaced by the current
(allowMultipleSignatures - 如果为 true,将添加签名,否则所有现有签名将替换为当前签名)
Copyright 2021 The Apache Software Foundation or its licensors, as applicable.