1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
|
/*******************************************************************************
* Copyright (c) 2005, 2008 IBM Corporation and others.
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the Eclipse Public License v1.0
* which accompanies this distribution, and is available at
* http://www.eclipse.org/legal/epl-v10.html
*
* Contributors:
* IBM Corporation - initial API and implementation
*******************************************************************************/
package org.eclipse.osgi.signedcontent;
import java.security.cert.Certificate;
/**
* A <code>SignerInfo</code> object represents a single signer chain.
* <p>
* This interface is not intended to be implemented by clients.
* </p>
* @since 3.4
* @noimplement This interface is not intended to be implemented by clients.
*/
public interface SignerInfo {
/**
* Returns the certificate chain
* @return the certificate chain
*/
public Certificate[] getCertificateChain();
/**
* Returns the certificate trust anchor used to establish authenticity.
* If authenticity cannot be established then <code>null</code> is returned.
* @return the trust anchor
*/
public Certificate getTrustAnchor();
/**
* Returns true if the trust anchor has been authenticated. This is a convenience
* method equivalent to calling <code>{@link #getTrustAnchor()} != null</code>
* @return true if the the signer info is trusted
*/
public boolean isTrusted();
/**
* Returns the <code>MessageDigest</code> algorithm used to verify content signed by this
* signer info.
* @return the algorithm
*/
public String getMessageDigestAlgorithm();
// TODO need more thought here, TrustEngines could get stale since they are services, leaving off for now unless until we understand the usecase for this.
//public TrustEngine getTrustEngine();
}
|
