1 package es.caib.signatura.api;
2
3 import java.io.IOException;
4 import java.io.InputStream;
5 import java.security.cert.X509Certificate;
6 import java.util.Date;
7
8
9 /**
10 * Interface to acces to the digital signature of a document. It provides the necessary methods to get
11 * the digital signature and information associated to the certificate used to sign the document.
12 *
13 * @author Jesús Reyes (3dígits)
14 * @see Signature
15 *
16 */
17
18 public interface Signature {
19
20 /**
21 * Gets the name of the certification authority of the certificate used to sign.
22 *
23 * @return the name of the certification authority.
24 */
25 public String getCertCaName();
26
27 /**
28 * Gets the subject's Common Name of the certificate used to sign.
29 *
30 * @return the subject common name.
31 */
32 public String getCertSubjectCommonName();
33
34 /**
35 * Gets the concatenation of the subject's alternate name of the certificate used to sign
36 * as follows: name0 = value, name1 = value, ...
37 *
38 * @return a string containing the subject's alternate name of the certificate.
39 */
40 public String getCertSubjectAlternativeNames();
41
42
43 /**
44 * Gets the date of the signature timestamp.
45 *
46 * @return the date of the signature timestamp or <code>null</code> if the signature doesn't include timestamp.
47 */
48 public Date getDate() throws SignatureTimestampException;
49
50 /**
51 * Determinate the certificate validity of the signature.
52 *
53 * @see Signer#verify
54 * @return <code>true</code> if the certificate is valid; <code>false</code> otherwise.
55 */
56 public boolean verify() throws SignatureVerifyException;
57
58 /**
59 * Returns the signature in PKCS#7 format.
60 *
61 * @return a byte array containing the signature in PKCS#7 format.
62 */
63 public byte[] getPkcs7();
64
65 /**
66 * Returns the content type of the signature.
67 *
68 * @return the content type of the signature.
69 */
70 public String getContentType();
71
72 /**
73 * Returns the X509 certificate used to sign.
74 *
75 * @return the X509Certificate used to sign.
76 */
77 public X509Certificate getCert();
78
79 /**
80 * Returns the certificate chain.
81 *
82 * @return the certificate chain.
83 */
84 public X509Certificate[] getCertificateChain() throws Exception;
85
86 /**
87 * Gets a ParsedCertificate object with the subject's credentials.
88 *
89 * @return a ParsedCertificate object with the subject's credentials.
90 */
91 public ParsedCertificate getParsedCertificate();
92
93 /**
94 * Verifies the digital signature of a document. The verification process is independent of signature timestamp.
95 *
96 * @param contentStream byte stream of the document.
97 * @return <code>true</code> if the verification process is correct; <code>false</code> otherwise.
98 * @throws SignatureProviderException If the API provider cannot be accessed.
99 * @throws IOException If the document or the timestamp server is not available.
100 * @throws SignatureVerifyException If failed the verification process.
101 */
102 public boolean verify(InputStream contentStream)
103 throws SignatureProviderException, IOException, SignatureVerifyException;
104
105 /**
106 * Verifies the digital signature of a document. If the digital signature requires a timestamp
107 * and don't have it then a timestamp is added (if possible).
108 *
109 * @param contentStream byte stream of the document.
110 * @return <code>true</code> if the verification process is correct; <code>false</code> otherwise.
111 * @throws SignatureProviderException If the API provider cannot be accessed.
112 * @throws IOException If the document or the timestamp server is not available.
113 * @throws SignatureVerifyException If failed the verification process.
114 */
115 public boolean verifyAPosterioriTimestamp(InputStream contentStream)
116 throws SignatureProviderException, IOException, SignatureVerifyException;
117
118 }