be.fgov.ehealth.etee.crypto.decrypt.DataSealCheckerBuilder
|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||
java.lang.Object
public final class DataSealCheckerBuilder
This builder will create and configure an instance of DataSealChecker. When building DataSealChecker you will be guided
in small and easy steps:
1. First step: Choose an OCSP-policy (defaults to NONE). This policy determines if it's required to do an OCSP-check on the certificate when sealing a message. During this step you can also configure how the OCSP-check will be done by providing a map with OCSPOptions.
These options will default to the following options:
OCSPOption.OCSP_URI - Defaults to the URL to be found in the certificate.OCSPOption.TRUST_STORE - Defaults to given trust store for unsealing messages.OCSPOption.INJECT_RESPONSE - Defaults to false OCSPOption.CLOCK_SKEW - Defaults to 300000 (5 minutes in milliseconds) OCSPOption.CONNECTION_TIMEOUT - Defaults to 3000 (3 seconds in milliseconds) OCSPOption.READ_TIMEOUT - Defaults to 3000 (3 seconds in milliseconds) OCSPOption.CONNECTION_USER_INTERACTION - Defaults to true OCSPOption for more details on the options.
More information on the OCSPOptions can be found on the documentation of OCSPOption.
2. Second step: Choose the signing policies that you want to accept. You will also need to provide a KeyStore with
certificates that you trust. You can pass some SigningOption as well. Acceptable policies are:
SigningPolicy.EHEALTH_CERT: This policy is used to sign the message with an eHealth certificateSigningPolicy.EID: This policy is used to sign the message with a Belgian eID-card
These options will default to the following options:
SigningOption.CLOCK_SKEW - Defaults to 300000 (5 minutes in milliseconds) SigningOption.TSA_TRUST_STORE - Defaults to given trust store for unsealing messages.SigningOption.SIGNING_TIME_TRUST_IMPLICIT - Defaults to falseSigningOption.SIGNING_TIME_EXPIRATION - Defaults to 5 minutesSigningOption for more details on the options.
3. The build step: The final step, this step will create and configure your DataSealChecker
Notes: This builder will make sure that your security configuration is set up properly, view SecurityConfiguration for
more information.
| Nested Class Summary | |
|---|---|
static interface |
DataSealCheckerBuilder.BuildStep
Build the DataSealChecker |
static interface |
DataSealCheckerBuilder.OCSPPolicyStep
First step: Choose an OCSP-policy. |
static interface |
DataSealCheckerBuilder.SigningPolicyStep
Second step: Choose the signing policies that you want to accept. |
| Method Summary | |
|---|---|
static DataSealCheckerBuilder.OCSPPolicyStep |
newBuilder()
You will be guided in the steps to create a DataSealChecker. |
| Methods inherited from class java.lang.Object |
|---|
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Method Detail |
|---|
public static DataSealCheckerBuilder.OCSPPolicyStep newBuilder()
DataSealChecker.
|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||