Package eu.europa.esig.dss.policy

Class EtsiValidationPolicy

java.lang.Object

eu.europa.esig.dss.policy.EtsiValidationPolicy

All Implemented Interfaces:

ValidationPolicy

public class EtsiValidationPolicy
extends Object
implements ValidationPolicy

This class encapsulates the constraint file that controls the policy to be used during the validation process. It adds the functions to direct access to the file data. It is the implementation of the ETSI 102853 standard.

Constructor Summary

Constructors

Constructor	Description
EtsiValidationPolicy(ConstraintsParameters policy)	Default constructor

Method Summary

Modifier and Type	Method	Description
MultiValuesConstraint	getAcceptablePDFAProfilesConstraint()	Returns AcceptablePDFAProfiles constraint if present in the policy, null otherwise
LevelConstraint	getAcceptableRevocationDataFoundConstraint(Context context, SubContext subContext)	Returns acceptable revocation data available constraint
MultiValuesConstraint	getAcceptedContainerTypesConstraint()	Returns AcceptedContainerTypes constraint if present in the policy, null otherwise
MultiValuesConstraint	getAcceptedMimeTypeContentsConstraint()	Returns AcceptedMimeTypeContents constraint if present in the policy, null otherwise
MultiValuesConstraint	getAcceptedZipCommentsConstraint()	Returns AcceptedZipComments constraint if present in the policy, null otherwise
LevelConstraint	getAllFilesSignedConstraint()	Returns AllFilesSigned constraint if present in the policy, null otherwise
LevelConstraint	getAnnotationChangesConstraint(Context context)	This constraint checks whether a PDF document contains annotation creation, modification or deletion modifications after the current signature's revisions
LevelConstraint	getArchiveTimeStampConstraint(Context context)	Indicates if the presence of unsigned property: archive-time-stamp should be checked.
LevelConstraint	getBestSignatureTimeBeforeExpirationDateOfSigningCertificateConstraint()	This constraint checks if the certificate is not expired on best-signature-time
LevelConstraint	getByteRangeAllDocumentConstraint(Context context)	This constraint checks if ByteRange is valid for all signatures and document timestamps within PDF NOTE: applicable only for PAdES
LevelConstraint	getByteRangeCollisionConstraint(Context context)	This constraint checks if ByteRange does not collide with other signature byte ranges NOTE: applicable only for PAdES
LevelConstraint	getByteRangeConstraint(Context context)	This constraint checks if ByteRange dictionary is valid NOTE: applicable only for PAdES
LevelConstraint	getCertificateAuthorityInfoAccessPresentConstraint(Context context, SubContext subContext)	Returns CertificateAuthorityInfoAccessPresent constraint if present in the policy, null otherwise
LevelConstraint	getCertificateCAConstraint(Context context, SubContext subContext)	Returns certificate CA constraint
MultiValuesConstraint	getCertificateCommonNameConstraint(Context context, SubContext subContext)	Returns CertificateCommonName constraint if present in the policy, null otherwise
MultiValuesConstraint	getCertificateCountryConstraint(Context context, SubContext subContext)	Returns CertificateCountry constraint if present in the policy, null otherwise
CryptographicConstraint	getCertificateCryptographicConstraint(Context context, SubContext subContext)	This method creates the SignatureCryptographicConstraint corresponding to the context parameter.
MultiValuesConstraint	getCertificateEmailConstraint(Context context, SubContext subContext)	Returns CertificateEmail constraint if present in the policy, null otherwise
MultiValuesConstraint	getCertificateExtendedKeyUsageConstraint(Context context, SubContext subContext)	Returns certificate extended key usage constraint
MultiValuesConstraint	getCertificateForbiddenExtensionsConstraint(Context context, SubContext subContext)	Returns certificate forbidden extensions constraint
MultiValuesConstraint	getCertificateGivenNameConstraint(Context context, SubContext subContext)	Returns CertificateGivenName constraint if present in the policy, null otherwise
LevelConstraint	getCertificateIssuedToLegalPersonConstraint(Context context, SubContext subContext)	Indicates if the end user certificate used in validating the signature is issued to a legal person.
LevelConstraint	getCertificateIssuedToNaturalPersonConstraint(Context context, SubContext subContext)	Indicates if the end user certificate used in validating the signature is issued to a natural person.
LevelConstraint	getCertificateIssuerNameConstraint(Context context, SubContext subContext)	Returns certificate IssuerName constraint
MultiValuesConstraint	getCertificateKeyUsageConstraint(Context context, SubContext subContext)	Returns certificate key usage constraint
MultiValuesConstraint	getCertificateLocalityConstraint(Context context, SubContext subContext)	Returns CertificateLocality constraint if present in the policy, null otherwise
LevelConstraint	getCertificateMaxPathLengthConstraint(Context context, SubContext subContext)	Returns certificate MaxPathLength constraint
IntValueConstraint	getCertificateMinQcEuLimitValueConstraint(Context context, SubContext subContext)	Indicates the minimal allowed QcEuLimitValue transaction limit for which the end user certificate used for the signature can be used.
IntValueConstraint	getCertificateMinQcEuRetentionPeriodConstraint(Context context, SubContext subContext)	Indicates the minimal allowed QC retention period for material information relevant to the use of the end user certificate used for the signature.
LevelConstraint	getCertificateNameConstraintsConstraint(Context context, SubContext subContext)	Returns certificate NameConstraints constraint
LevelConstraint	getCertificateNotExpiredConstraint(Context context, SubContext subContext)	Returns certificate's validity range constraint
LevelConstraint	getCertificateNotOnHoldConstraint(Context context, SubContext subContext)	Returns certificate's not onHold constraint
LevelConstraint	getCertificateNotRevokedConstraint(Context context, SubContext subContext)	Returns certificate's not revoked constraint
LevelConstraint	getCertificateNotSelfSignedConstraint(Context context, SubContext subContext)	Returns certificate's not self-signed constraint
MultiValuesConstraint	getCertificateOrganizationIdentifierConstraint(Context context, SubContext subContext)	Returns CertificateOrganizationIdentifier constraint if present in the policy, null otherwise
MultiValuesConstraint	getCertificateOrganizationNameConstraint(Context context, SubContext subContext)	Returns CertificateOrganizationName constraint if present in the policy, null otherwise
MultiValuesConstraint	getCertificateOrganizationUnitConstraint(Context context, SubContext subContext)	Returns CertificateOrganizationUnit constraint if present in the policy, null otherwise
MultiValuesConstraint	getCertificatePolicyIdsConstraint(Context context, SubContext subContext)	Returns CertificatePolicyIds constraint if present in the policy, null otherwise
LevelConstraint	getCertificatePolicyQualificationIdsConstraint(Context context, SubContext subContext)	Indicates if the CertificatePolicyIds declare the certificate as qualified.
LevelConstraint	getCertificatePolicySupportedByQSCDIdsConstraint(Context context, SubContext subContext)	Indicates if the CertificatePolicyIds mandate the certificate as to be supported by a secure signature creation device (QSCD).
LevelConstraint	getCertificatePolicyTreeConstraint(Context context, SubContext subContext)	Returns certificate PolicyTree constraint
MultiValuesConstraint	getCertificatePS2DQcCompetentAuthorityIdConstraint(Context context, SubContext subContext)	Indicates the acceptable QC PS2D ids for the certificate used for a signature.
MultiValuesConstraint	getCertificatePS2DQcCompetentAuthorityNameConstraint(Context context, SubContext subContext)	Indicates the acceptable QC PS2D names for the certificate used for a signature.
MultiValuesConstraint	getCertificatePS2DQcTypeRolesOfPSPConstraint(Context context, SubContext subContext)	Indicates the acceptable QC PS2D roles for the certificate used for a signature.
MultiValuesConstraint	getCertificatePseudonymConstraint(Context context, SubContext subContext)	Returns CertificatePseudonym constraint if present in the policy, null otherwise
LevelConstraint	getCertificatePseudoUsageConstraint(Context context, SubContext subContext)	Returns CertificatePseudoUsage constraint if present in the policy, null otherwise
MultiValuesConstraint	getCertificateQcCCLegislationConstraint(Context context, SubContext subContext)	Indicates the country or set of countries under the legislation of which the certificate is issued as a qualified certificate is present.
LevelConstraint	getCertificateQCComplianceConstraint(Context context, SubContext subContext)	Indicates if the end user certificate used in validating the signature is QC Compliant.
ValueConstraint	getCertificateQcEuLimitValueCurrencyConstraint(Context context, SubContext subContext)	Indicates the allowed currency used to specify certificate's QCLimitValue statement.
MultiValuesConstraint	getCertificateQcEuPDSLocationConstraint(Context context, SubContext subContext)	Indicates the location or set of locations of PKI Disclosure Statements.
LevelConstraint	getCertificateQcSSCDConstraint(Context context, SubContext subContext)	Indicates if the end user certificate used in validating the signature is mandated to be supported by a secure signature creation device (QSCD).
MultiValuesConstraint	getCertificateQcTypeConstraint(Context context, SubContext subContext)	Indicates the certificate is claimed as a certificate of a particular type.
LevelConstraint	getCertificateRevocationInfoAccessPresentConstraint(Context context, SubContext subContext)	Returns CertificateRevocationInfoAccessPresent constraint if present in the policy, null otherwise
LevelConstraint	getCertificateSelfSignedConstraint(Context context, SubContext subContext)	Returns certificate's self-signed constraint
MultiValuesConstraint	getCertificateSemanticsIdentifierConstraint(Context context, SubContext subContext)	Indicates the certificate's QCStatement contains an acceptable semantics identifier.
LevelConstraint	getCertificateSerialNumberConstraint(Context context, SubContext subContext)	Returns CertificateSerialNumber constraint if present in the policy, null otherwise
LevelConstraint	getCertificateSignatureConstraint(Context context, SubContext subContext)	Returns certificate's signature constraint
MultiValuesConstraint	getCertificateStateConstraint(Context context, SubContext subContext)	Returns CertificateState constraint if present in the policy, null otherwise
MultiValuesConstraint	getCertificateSupportedCriticalExtensionsConstraint(Context context, SubContext subContext)	Returns certificate supported critical extensions constraint
MultiValuesConstraint	getCertificateSurnameConstraint(Context context, SubContext subContext)	Returns CertificateSurname constraint if present in the policy, null otherwise
MultiValuesConstraint	getCertificateTitleConstraint(Context context, SubContext subContext)	Returns CertificateTitle constraint if present in the policy, null otherwise
MultiValuesConstraint	getCertifiedRolesConstraint(Context context)	Return the mandated signer role.
MultiValuesConstraint	getClaimedRoleConstraint(Context context)	Indicates if the unsigned property: claimed-role should be checked.
MultiValuesConstraint	getCommitmentTypeIndicationConstraint(Context context)	Indicates if the signed property: commitment-type-indication should be checked.
ContainerConstraints	getContainerConstraints()	Returns the constraint used for ASiC Container validation
ValueConstraint	getContentHintsConstraint(Context context)	Indicates if the signed property: content-hints should be checked.
ValueConstraint	getContentIdentifierConstraint(Context context)	Indicates if the signed property: content-identifier should be checked.
LevelConstraint	getContentTimeStampConstraint(Context context)	Indicates if the signed property: content-time-stamp should be checked.
LevelConstraint	getContentTimeStampMessageImprintConstraint(Context context)	Indicates if the signed property: content-time-stamp message-imprint should be checked.
ValueConstraint	getContentTypeConstraint(Context context)	Indicates if the signed property: content-type should be checked.
LevelConstraint	getCounterSignatureConstraint(Context context)	Returns CounterSignature constraint if present in the policy, null otherwise
SignatureConstraints	getCounterSignatureConstraints()	Returns the constraint used for Counter Signature validation
LevelConstraint	getCRLNextUpdatePresentConstraint(Context context, SubContext subContext)	Returns CRL's nextUpdate present constraint
CryptographicConstraint	getCryptographic()	Returns the common constraint used for cryptographic validation
CryptographicConstraint	getDefaultCryptographicConstraint()	Gets the global cryptographic constraints
LevelConstraint	getDocMDPConstraint(Context context)	This constraint checks if a document contains changes after a signature, against permission rules identified within a /DocMDP dictionary
LevelConstraint	getDocumentTimeStampConstraint(Context context)	Indicates if the presence of unsigned property: document timestamp should be checked.
EIDAS	getEIDASConstraints()	Returns the constraint used for qualification validation
LevelConstraint	getEllipticCurveKeySizeConstraint(Context context)	This constraint checks whether a JWA signature has a valid elliptic curve key size
EvidenceRecordConstraints	getEvidenceRecordConstraints()	Returns the constraint used for Evidence Record validation
CryptographicConstraint	getEvidenceRecordCryptographicConstraint()	This method returns cryptographic constraints for validation of Evidence Record
LevelConstraint	getEvidenceRecordDataObjectExistenceConstraint()	Returns DataObjectExistence constraint if present in the policy, null otherwise
LevelConstraint	getEvidenceRecordDataObjectFoundConstraint()	Returns DataObjectFound constraint if present in the policy, null otherwise
LevelConstraint	getEvidenceRecordDataObjectGroupConstraint()	Returns DataObjectGroup constraint if present in the policy, null otherwise
LevelConstraint	getEvidenceRecordDataObjectIntactConstraint()	Returns DataObjectIntact constraint if present in the policy, null otherwise
LevelConstraint	getEvidenceRecordHashTreeRenewalConstraint()	Returns HashTreeRenewal constraint if present in the policy, null otherwise
LevelConstraint	getEvidenceRecordValidConstraint()	Returns whether the evidence record is valid (passed a complete evidence record validation process).
LevelConstraint	getFieldMDPConstraint(Context context)	This constraint checks if a document contains changes after a signature, against permission rules identified within a /FieldMDP dictionary
LevelConstraint	getFormFillChangesConstraint(Context context)	This constraint checks whether a PDF document contains form fill or signing modifications after the current signature's revisions
LevelConstraint	getFullScopeConstraint()	Returns FullScope constraint if present in the policy, null otherwise
LevelConstraint	getKeyIdentifierMatch(Context context)	Indicates if the value of 'kid' (key identifier) header parameter matches the signing-certificate used to create the signature
LevelConstraint	getKeyIdentifierPresent(Context context)	Indicates if the 'kid' (key identifier) header parameter is present within the protected header of the signature
LevelConstraint	getLTALevelTimeStampConstraint(Context context)	Indicates if the presence of unsigned property: archive-time-stamp or document timestamp covering the validation data If LTALevelTimeStamp element is absent within the constraint file then null is returned.
LevelConstraint	getManifestEntryNameMatchConstraint(Context context)	Indicates if names of all matching documents match to the manifest entry names
LevelConstraint	getManifestEntryObjectExistenceConstraint(Context context)	Indicates if the manifested document is found
LevelConstraint	getManifestEntryObjectGroupConstraint(Context context)	Indicates if all manifest entries have been found
LevelConstraint	getManifestEntryObjectIntactConstraint(Context context)	Indicates if the manifested document is intact
LevelConstraint	getManifestFilePresentConstraint()	Returns ManifestFilePresent constraint if present in the policy, null otherwise
LevelConstraint	getMessageDigestOrSignedPropertiesConstraint(Context context)	Indicates if the signed property: message-digest (for CAdES) or SignedProperties (for XAdES) should be checked.
LevelConstraint	getMimeTypeFilePresentConstraint()	Returns MimeTypeFilePresent constraint if present in the policy, null otherwise
LevelConstraint	getOCSPNextUpdatePresentConstraint(Context context, SubContext subContext)	Returns OCSP's nextUpdate present constraint
LevelConstraint	getOCSPResponseCertHashMatchConstraint()	The method returns OCSPCertHashMatch constraint
LevelConstraint	getOCSPResponseCertHashPresentConstraint()	The method returns OCSPCertHashPresent constraint
LevelConstraint	getOCSPResponseResponderIdMatchConstraint()	The method returns OCSPResponderIdMatch constraint
LevelConstraint	getPDFACompliantConstraint()	Returns PDFACompliant constraint if present in the policy, null otherwise
PDFAConstraints	getPDFAConstraints()	Returns the constraint used for ASiC Container validation
LevelConstraint	getPdfAnnotationOverlapConstraint(Context context)	Indicates if a PDF annotation overlapping check should be proceeded.
LevelConstraint	getPdfPageDifferenceConstraint(Context context)	Indicates if a PDF page difference check should be proceeded.
LevelConstraint	getPdfSignatureDictionaryConstraint(Context context)	This constraint checks if signature dictionary is consistent across PDF revisions.
LevelConstraint	getPdfVisualDifferenceConstraint(Context context)	Indicates if a PDF visual difference check should be proceeded.
String	getPolicyDescription()	Returns the policy description.
String	getPolicyName()	Returns the name of the policy.
LevelConstraint	getProspectiveCertificateChainConstraint(Context context)	This constraint requests the presence of the trust anchor in the certificate chain.
LevelConstraint	getReferenceDataExistenceConstraint(Context context)	Indicates if the referenced data is found
LevelConstraint	getReferenceDataIntactConstraint(Context context)	Indicates if the referenced data is intact
LevelConstraint	getReferenceDataNameMatchConstraint(Context context)	Indicates if the referenced document names match the manifest entry references
LevelConstraint	getReferencesToAllCertificateChainPresentConstraint(Context context)	Indicates if the whole certificate chain is covered by the Signing Certificate attribute.
RevocationConstraints	getRevocationConstraints()	Returns the constraint used for Revocation validation
LevelConstraint	getRevocationDataAvailableConstraint(Context context, SubContext subContext)	Returns revocation data available constraint
CertificateValuesConstraint	getRevocationDataSkipConstraint(Context context, SubContext subContext)	Returns RevocationDataSkip constraint if present in the policy, null otherwise
TimeConstraint	getRevocationFreshnessConstraint(Context context, SubContext subContext)	Returns revocation data's freshness constraint
LevelConstraint	getRevocationFreshnessNextUpdateConstraint(Context context, SubContext subContext)	Returns revocation data's freshness for nextUpdate check constraint
LevelConstraint	getRevocationIssuerNotExpiredConstraint(Context context, SubContext subContext)	Returns revocation issuer's validity range constraint
LevelConstraint	getRevocationTimeAgainstBestSignatureTimeConstraint()	Returns RevocationTimeAgainstBestSignatureTime constraint if present in the policy, null otherwise
LevelConstraint	getSelfIssuedOCSPConstraint()	The method returns SelfIssuedOCSP constraint
LevelConstraint	getSigFieldLockConstraint(Context context)	This constraint checks if a document contains changes after a signature, against permission rules identified within a /SigFieldLock dictionary
SignatureConstraints	getSignatureConstraints()	Returns the constraint used for Signature validation
CryptographicConstraint	getSignatureCryptographicConstraint(Context context)	This method creates the SignatureCryptographicConstraint corresponding to the context parameter.
LevelConstraint	getSignatureDuplicatedConstraint(Context context)	Indicates if the signature is not ambiguous
MultiValuesConstraint	getSignatureFormatConstraint(Context context)	Returns SignatureFormat constraint if present in the policy, null otherwise
LevelConstraint	getSignatureIntactConstraint(Context context)	Indicates if the signature is intact
MultiValuesConstraint	getSignaturePolicyConstraint(Context context)	Indicates if the signature policy should be checked.
LevelConstraint	getSignaturePolicyIdentifiedConstraint(Context context)	Indicates if the signature policy validation should be processed.
LevelConstraint	getSignaturePolicyPolicyHashValid(Context context)	Indicates if digest present in a SignaturePolicyIdentifier shall match to the extracted policy content
LevelConstraint	getSignaturePolicyStorePresentConstraint(Context context)	Indicates if a SignaturePolicyStore unsigned attribute, containing a used policy binaries, presence shall be checked
LevelConstraint	getSignatureTimeStampConstraint(Context context)	Indicates if the presence of unsigned property: signature-time-stamp should be checked.
LevelConstraint	getSignedFilesPresentConstraint()	Returns SignedFilesPresent constraint if present in the policy, null otherwise
LevelConstraint	getSignerInformationStoreConstraint(Context context)	This constraint checks if only one SignerInfo is present into a SignerInformationStore NOTE: applicable only for PAdES
LevelConstraint	getSignerLocationConstraint(Context context)	Indicates if the signed property: signer-location should be checked.
LevelConstraint	getSigningCertificateAttributePresentConstraint(Context context)	Indicates if the signing certificate attribute is present
LevelConstraint	getSigningCertificateDigestAlgorithmConstraint(Context context)	Checks if a used DigestAlgorithm in signing-certificate-reference creation matches the corresponding cryptographic constraint
LevelConstraint	getSigningCertificateDigestValueMatchConstraint(Context context)	Indicates if the signing certificate reference's digest value matches
LevelConstraint	getSigningCertificateDigestValuePresentConstraint(Context context)	Indicates if the signing certificate reference's digest value is present
LevelConstraint	getSigningCertificateIssuerSerialMatchConstraint(Context context)	Indicates if the signing certificate reference's issuer serial matches
LevelConstraint	getSigningCertificateRecognitionConstraint(Context context)	Indicates if signing-certificate has been identified.
LevelConstraint	getSigningCertificateRefersCertificateChainConstraint(Context context)	Indicates if the Signing Certificate attribute should be checked against the certificate chain.
LevelConstraint	getSigningTimeConstraint(Context context)	Indicates if the signed property: signing-time should be checked.
LevelConstraint	getStructuralValidationConstraint(Context context)	Indicates if the structural validation should be checked.
LevelConstraint	getTimestampCoherenceConstraint()	This constraint checks if the timestamp order is coherent
TimestampConstraints	getTimestampConstraints()	Returns the constraint used for Timestamp validation
TimeConstraint	getTimestampDelayConstraint()	Returns TimestampDelay constraint if present in the policy, null otherwise
LevelConstraint	getTimestampTSAGeneralNameContentMatch()	Indicates if the timestamp's TSTInfo.tsa field's value matches the timestamp's issuer distinguishing name when present
LevelConstraint	getTimestampTSAGeneralNameOrderMatch()	Indicates if the timestamp's TSTInfo.tsa field's value and order match the timestamp's issuer distinguishing name when present
LevelConstraint	getTimestampTSAGeneralNamePresent()	Indicates if the timestamp's TSTInfo.tsa field is present
LevelConstraint	getTimestampValidConstraint()	Returns whether the time-stamp is valid (passed either basic signature validation process or past signature validation).
LevelConstraint	getTLevelTimeStampConstraint(Context context)	Indicates if the presence of unsigned property: signature-time-stamp or document timestamp If TLevelTimeStamp element is absent within the constraint file then null is returned.
TimeConstraint	getTLFreshnessConstraint()	Returns TLFreshness constraint if present in the policy, null otherwise
LevelConstraint	getTLNotExpiredConstraint()	Returns TLNotExpired constraint if present in the policy, null otherwise
ValueConstraint	getTLVersionConstraint()	Returns TLVersion constraint if present in the policy, null otherwise
LevelConstraint	getTLWellSignedConstraint()	Returns TLWellSigned constraint if present in the policy, null otherwise
MultiValuesConstraint	getTrustServiceStatusConstraint(Context context)	Returns trusted service status constraint
MultiValuesConstraint	getTrustServiceTypeIdentifierConstraint(Context context)	Returns trusted service type identifier constraint
LevelConstraint	getUndefinedChangesConstraint(Context context)	This constraint checks whether a PDF document contains undefined object modifications after the current signature's revisions
LevelConstraint	getUnicitySigningCertificateAttributeConstraint(Context context)	Indicates if the signing certificate is not ambiguously determines
LevelConstraint	getUnknownStatusConstraint()	The method returns UnknownStatus constraint
LevelConstraint	getValidationDataRefsOnlyTimeStampConstraint(Context context)	Indicates if the presence of unsigned property: validation data references only timestamp should be checked.
LevelConstraint	getValidationDataTimeStampConstraint(Context context)	Indicates if the presence of unsigned property: validation data timestamp should be checked.
Model	getValidationModel()	Returns the used validation model (default is SHELL).
LevelConstraint	getZipCommentPresentConstraint()	Returns ZipCommentPresent constraint if present in the policy, null otherwise
boolean	isEIDASConstraintPresent()	Returns if EIDAS constraints present (qualification check shall be performed)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

EtsiValidationPolicy

public EtsiValidationPolicy(ConstraintsParameters policy)

Default constructor

Parameters:

policy - ConstraintsParameters

Method Details

getSignaturePolicyConstraint

public MultiValuesConstraint getSignaturePolicyConstraint(Context context)

Description copied from interface: ValidationPolicy

Indicates if the signature policy should be checked. If AcceptablePolicies element is absent within the constraint file then null is returned, otherwise the list of identifiers is initialised.

Specified by:

getSignaturePolicyConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

LevelConstraint if SigningTime element is present in the constraint file, null otherwise.

getSignaturePolicyIdentifiedConstraint

public LevelConstraint getSignaturePolicyIdentifiedConstraint(Context context)

Description copied from interface: ValidationPolicy

Indicates if the signature policy validation should be processed. If SignaturePolicyIdentifier found, but not relevant SignaturePolicy is retrieved, the check fails.

Specified by:

getSignaturePolicyIdentifiedConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

LevelConstraint if SignaturePolicy shall be identified

getSignaturePolicyStorePresentConstraint

public LevelConstraint getSignaturePolicyStorePresentConstraint(Context context)

Description copied from interface: ValidationPolicy

Indicates if a SignaturePolicyStore unsigned attribute, containing a used policy binaries, presence shall be checked

Specified by:

getSignaturePolicyStorePresentConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

LevelConstraint if SignaturePolicyStore presence shall be checked

getSignaturePolicyPolicyHashValid

public LevelConstraint getSignaturePolicyPolicyHashValid(Context context)

Description copied from interface: ValidationPolicy

Indicates if digest present in a SignaturePolicyIdentifier shall match to the extracted policy content

Specified by:

getSignaturePolicyPolicyHashValid in interface ValidationPolicy

Parameters:

context - Context

Returns:

LevelConstraint if SignaturePolicyIdentifier digest shall match

getSignatureFormatConstraint

public MultiValuesConstraint getSignatureFormatConstraint(Context context)

Description copied from interface: ValidationPolicy

Returns SignatureFormat constraint if present in the policy, null otherwise

Specified by:

getSignatureFormatConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

MultiValuesConstraint if SignatureFormat element is present in the constraint file, null otherwise.

getSignerInformationStoreConstraint

public LevelConstraint getSignerInformationStoreConstraint(Context context)

Description copied from interface: ValidationPolicy

This constraint checks if only one SignerInfo is present into a SignerInformationStore NOTE: applicable only for PAdES

Specified by:

getSignerInformationStoreConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

LevelConstraint if SignerInformationStore element for a given context element is present in the constraint file, null otherwise.

getByteRangeConstraint

public LevelConstraint getByteRangeConstraint(Context context)

Description copied from interface: ValidationPolicy

This constraint checks if ByteRange dictionary is valid NOTE: applicable only for PAdES

Specified by:

getByteRangeConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

LevelConstraint if ByteRange element for a given context element is present in the constraint file, null otherwise.

getByteRangeCollisionConstraint

public LevelConstraint getByteRangeCollisionConstraint(Context context)

Description copied from interface: ValidationPolicy

This constraint checks if ByteRange does not collide with other signature byte ranges NOTE: applicable only for PAdES

Specified by:

getByteRangeCollisionConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

LevelConstraint if ByteRangeCollision element for a given context element is present in the constraint file, null otherwise.

getByteRangeAllDocumentConstraint

public LevelConstraint getByteRangeAllDocumentConstraint(Context context)

Description copied from interface: ValidationPolicy

This constraint checks if ByteRange is valid for all signatures and document timestamps within PDF NOTE: applicable only for PAdES

Specified by:

getByteRangeAllDocumentConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

LevelConstraint if ByteRangeAllDocument element for a given context element is present in the constraint file, null otherwise.

getPdfSignatureDictionaryConstraint

public LevelConstraint getPdfSignatureDictionaryConstraint(Context context)

Description copied from interface: ValidationPolicy

This constraint checks if signature dictionary is consistent across PDF revisions. NOTE: applicable only for PAdES

Specified by:

getPdfSignatureDictionaryConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

LevelConstraint if PdfSignatureDictionary element for a given context element is present in the constraint file, null otherwise.

getPdfPageDifferenceConstraint

public LevelConstraint getPdfPageDifferenceConstraint(Context context)

Description copied from interface: ValidationPolicy

Indicates if a PDF page difference check should be proceeded. If PdfPageDifference element is absent within the constraint file then null is returned.

Specified by:

getPdfPageDifferenceConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

LevelConstraint if PdfPageDifference element is present in the constraint file, null otherwise.

getPdfAnnotationOverlapConstraint

public LevelConstraint getPdfAnnotationOverlapConstraint(Context context)

Description copied from interface: ValidationPolicy

Indicates if a PDF annotation overlapping check should be proceeded. If PdfAnnotationOverlap element is absent within the constraint file then null is returned.

Specified by:

getPdfAnnotationOverlapConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

LevelConstraint if PdfAnnotationOverlap element is present in the constraint file, null otherwise.

getPdfVisualDifferenceConstraint

public LevelConstraint getPdfVisualDifferenceConstraint(Context context)

Description copied from interface: ValidationPolicy

Indicates if a PDF visual difference check should be proceeded. If PdfVisualDifference element is absent within the constraint file then null is returned.

Specified by:

getPdfVisualDifferenceConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

LevelConstraint if PdfVisualDifference element is present in the constraint file, null otherwise.

getDocMDPConstraint

public LevelConstraint getDocMDPConstraint(Context context)

Description copied from interface: ValidationPolicy

This constraint checks if a document contains changes after a signature, against permission rules identified within a /DocMDP dictionary

Specified by:

getDocMDPConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

LevelConstraint if DocMDP element is present in the constraint file, null otherwise.

getFieldMDPConstraint

public LevelConstraint getFieldMDPConstraint(Context context)

Description copied from interface: ValidationPolicy

This constraint checks if a document contains changes after a signature, against permission rules identified within a /FieldMDP dictionary

Specified by:

getFieldMDPConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

LevelConstraint if FieldMDP element is present in the constraint file, null otherwise.

getSigFieldLockConstraint

public LevelConstraint getSigFieldLockConstraint(Context context)

Description copied from interface: ValidationPolicy

This constraint checks if a document contains changes after a signature, against permission rules identified within a /SigFieldLock dictionary

Specified by:

getSigFieldLockConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

LevelConstraint if SigFieldLock element is present in the constraint file, null otherwise.

getFormFillChangesConstraint

public LevelConstraint getFormFillChangesConstraint(Context context)

Description copied from interface: ValidationPolicy

This constraint checks whether a PDF document contains form fill or signing modifications after the current signature's revisions

Specified by:

getFormFillChangesConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

LevelConstraint if FormFillChanges element is present in the constraint file, null otherwise.

getAnnotationChangesConstraint

public LevelConstraint getAnnotationChangesConstraint(Context context)

Description copied from interface: ValidationPolicy

This constraint checks whether a PDF document contains annotation creation, modification or deletion modifications after the current signature's revisions

Specified by:

getAnnotationChangesConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

LevelConstraint if AnnotationChanges element is present in the constraint file, null otherwise.

getUndefinedChangesConstraint

public LevelConstraint getUndefinedChangesConstraint(Context context)

Description copied from interface: ValidationPolicy

This constraint checks whether a PDF document contains undefined object modifications after the current signature's revisions

Specified by:

getUndefinedChangesConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

LevelConstraint if UndefinedChanges element is present in the constraint file, null otherwise.

getStructuralValidationConstraint

public LevelConstraint getStructuralValidationConstraint(Context context)

Description copied from interface: ValidationPolicy

Indicates if the structural validation should be checked. If StructuralValidation element is absent within the constraint file then null is returned.

Specified by:

getStructuralValidationConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

LevelConstraint if StructuralValidation element is present in the constraint file, null otherwise.

getSigningCertificateRefersCertificateChainConstraint

public LevelConstraint getSigningCertificateRefersCertificateChainConstraint(Context context)

Description copied from interface: ValidationPolicy

Indicates if the Signing Certificate attribute should be checked against the certificate chain. If SigningCertificateRefersCertificateChain element is absent within the constraint file then null is returned.

Specified by:

getSigningCertificateRefersCertificateChainConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

LevelConstraint if SigningCertificateRefersCertificateChain element is present in the constraint file, null otherwise.

getReferencesToAllCertificateChainPresentConstraint

public LevelConstraint getReferencesToAllCertificateChainPresentConstraint(Context context)

Description copied from interface: ValidationPolicy

Indicates if the whole certificate chain is covered by the Signing Certificate attribute. If ReferencesToAllCertificateChainPresent element is absent within the constraint file then null is returned.

Specified by:

getReferencesToAllCertificateChainPresentConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

LevelConstraint if ReferencesToAllCertificateChainPresent element is present in the constraint file, null otherwise.

getSigningCertificateDigestAlgorithmConstraint

public LevelConstraint getSigningCertificateDigestAlgorithmConstraint(Context context)

Description copied from interface: ValidationPolicy

Checks if a used DigestAlgorithm in signing-certificate-reference creation matches the corresponding cryptographic constraint

Specified by:

getSigningCertificateDigestAlgorithmConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

LevelConstraint if SigningCertificateDigestAlgorithm for a given context element is present in the constraint file, null otherwise.

getSigningTimeConstraint

public LevelConstraint getSigningTimeConstraint(Context context)

Description copied from interface: ValidationPolicy

Indicates if the signed property: signing-time should be checked. If SigningTime element is absent within the constraint file then null is returned.

Specified by:

getSigningTimeConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

LevelConstraint if SigningTime element is present in the constraint file, null otherwise.

getContentTypeConstraint

public ValueConstraint getContentTypeConstraint(Context context)

Description copied from interface: ValidationPolicy

Indicates if the signed property: content-type should be checked. If ContentType element is absent within the constraint file then null is returned.

Specified by:

getContentTypeConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

ValueConstraint if ContentType element is present in the constraint file, null otherwise.

getCounterSignatureConstraint

public LevelConstraint getCounterSignatureConstraint(Context context)

Description copied from interface: ValidationPolicy

Returns CounterSignature constraint if present in the policy, null otherwise

Specified by:

getCounterSignatureConstraint in interface ValidationPolicy

Parameters:

context - ContextDiagnosticDataFacade

Returns:

LevelConstraint if CounterSignature element is present in the constraint file, null otherwise.

getSignatureTimeStampConstraint

public LevelConstraint getSignatureTimeStampConstraint(Context context)

Description copied from interface: ValidationPolicy

Indicates if the presence of unsigned property: signature-time-stamp should be checked. If SignatureTimeStamp element is absent within the constraint file then null is returned.

Specified by:

getSignatureTimeStampConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

LevelConstraint if SignatureTimeStamp element is present in the constraint file, null otherwise.

getValidationDataTimeStampConstraint

public LevelConstraint getValidationDataTimeStampConstraint(Context context)

Description copied from interface: ValidationPolicy

Indicates if the presence of unsigned property: validation data timestamp should be checked. If ValidationDataTimeStamp element is absent within the constraint file then null is returned.

Specified by:

getValidationDataTimeStampConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

LevelConstraint if ValidationDataTimeStamp element is present in the constraint file, null otherwise.

getValidationDataRefsOnlyTimeStampConstraint

public LevelConstraint getValidationDataRefsOnlyTimeStampConstraint(Context context)

Description copied from interface: ValidationPolicy

Indicates if the presence of unsigned property: validation data references only timestamp should be checked. If ValidationDataRefsOnlyTimeStamp element is absent within the constraint file then null is returned.

Specified by:

getValidationDataRefsOnlyTimeStampConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

LevelConstraint if ValidationDataRefsOnlyTimeStamp element is present in the constraint file, null otherwise.

getArchiveTimeStampConstraint

public LevelConstraint getArchiveTimeStampConstraint(Context context)

Description copied from interface: ValidationPolicy

Indicates if the presence of unsigned property: archive-time-stamp should be checked. If ArchiveTimeStamp element is absent within the constraint file then null is returned.

Specified by:

getArchiveTimeStampConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

LevelConstraint if ArchiveTimeStamp element is present in the constraint file, null otherwise.

getDocumentTimeStampConstraint

public LevelConstraint getDocumentTimeStampConstraint(Context context)

Description copied from interface: ValidationPolicy

Indicates if the presence of unsigned property: document timestamp should be checked. If DocumentTimeStamp element is absent within the constraint file then null is returned.

Specified by:

getDocumentTimeStampConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

LevelConstraint if DocumentTimeStamp element is present in the constraint file, null otherwise.

getTLevelTimeStampConstraint

public LevelConstraint getTLevelTimeStampConstraint(Context context)

Description copied from interface: ValidationPolicy

Indicates if the presence of unsigned property: signature-time-stamp or document timestamp If TLevelTimeStamp element is absent within the constraint file then null is returned.

Specified by:

getTLevelTimeStampConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

LevelConstraint if TLevelTimeStamp element is present in the constraint file, null otherwise.

getLTALevelTimeStampConstraint

public LevelConstraint getLTALevelTimeStampConstraint(Context context)

Description copied from interface: ValidationPolicy

Indicates if the presence of unsigned property: archive-time-stamp or document timestamp covering the validation data If LTALevelTimeStamp element is absent within the constraint file then null is returned.

Specified by:

getLTALevelTimeStampConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

LevelConstraint if LTALevelTimeStamp element is present in the constraint file, null otherwise.

getContentHintsConstraint

public ValueConstraint getContentHintsConstraint(Context context)

Description copied from interface: ValidationPolicy

Indicates if the signed property: content-hints should be checked. If ContentHints element is absent within the constraint file then null is returned.

Specified by:

getContentHintsConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

ValueConstraint if ContentHints element is present in the constraint file, null otherwise.

getContentIdentifierConstraint

public ValueConstraint getContentIdentifierConstraint(Context context)

Description copied from interface: ValidationPolicy

Indicates if the signed property: content-identifier should be checked. If ContentIdentifier element is absent within the constraint file then null is returned.

Specified by:

getContentIdentifierConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

ValueConstraint if ContentIdentifier element is present in the constraint file, null otherwise.

getMessageDigestOrSignedPropertiesConstraint

public LevelConstraint getMessageDigestOrSignedPropertiesConstraint(Context context)

Description copied from interface: ValidationPolicy

Indicates if the signed property: message-digest (for CAdES) or SignedProperties (for XAdES) should be checked. If the relative element is absent within the constraint file then null is returned.

Specified by:

getMessageDigestOrSignedPropertiesConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

LevelConstraint if message-digests/SignedProperties element is present in the constraint file, null otherwise.

getEllipticCurveKeySizeConstraint

public LevelConstraint getEllipticCurveKeySizeConstraint(Context context)

Description copied from interface: ValidationPolicy

This constraint checks whether a JWA signature has a valid elliptic curve key size

Specified by:

getEllipticCurveKeySizeConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

LevelConstraint if EllipticCurveKeySize element is present in the constraint file, null otherwise.

getCommitmentTypeIndicationConstraint

public MultiValuesConstraint getCommitmentTypeIndicationConstraint(Context context)

Description copied from interface: ValidationPolicy

Indicates if the signed property: commitment-type-indication should be checked. If CommitmentTypeIndication element is absent within the constraint file then null is returned, otherwise the list of identifiers is initialised.

Specified by:

getCommitmentTypeIndicationConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

MultiValuesConstraint if CommitmentTypeIndication element is present in the constraint file, null otherwise.

getSignerLocationConstraint

public LevelConstraint getSignerLocationConstraint(Context context)

Description copied from interface: ValidationPolicy

Indicates if the signed property: signer-location should be checked. If SignerLocation element is absent within the constraint file then null is returned.

Specified by:

getSignerLocationConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

LevelConstraint if SignerLocation element is present in the constraint file, null otherwise.

getClaimedRoleConstraint

public MultiValuesConstraint getClaimedRoleConstraint(Context context)

Description copied from interface: ValidationPolicy

Indicates if the unsigned property: claimed-role should be checked. If ClaimedRoles element is absent within the constraint file then null is returned.

Specified by:

getClaimedRoleConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

MultiValuesConstraint if ClaimedRoles element is present in the constraint file, null otherwise.

getCertifiedRolesConstraint

public MultiValuesConstraint getCertifiedRolesConstraint(Context context)

Description copied from interface: ValidationPolicy

Return the mandated signer role.

Specified by:

getCertifiedRolesConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

MultiValuesConstraint

getPolicyName

public String getPolicyName()

Description copied from interface: ValidationPolicy

Returns the name of the policy.

Specified by:

getPolicyName in interface ValidationPolicy

Returns:

String

getPolicyDescription

public String getPolicyDescription()

Description copied from interface: ValidationPolicy

Returns the policy description.

Specified by:

getPolicyDescription in interface ValidationPolicy

Returns:

String

getSignatureCryptographicConstraint

public CryptographicConstraint getSignatureCryptographicConstraint(Context context)

Description copied from interface: ValidationPolicy

This method creates the SignatureCryptographicConstraint corresponding to the context parameter. If AcceptableEncryptionAlgo is not present in the constraint file the null is returned.

Specified by:

getSignatureCryptographicConstraint in interface ValidationPolicy

Parameters:

context - The context of the signature cryptographic constraints: MainSignature, Timestamp, Revocation

Returns:

SignatureCryptographicConstraint if AcceptableEncryptionAlgo for a given context element is present in the constraint file, null otherwise.

getCertificateCryptographicConstraint

public CryptographicConstraint getCertificateCryptographicConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

This method creates the SignatureCryptographicConstraint corresponding to the context parameter. If AcceptableEncryptionAlgo is not present in the constraint file the null is returned.

Specified by:

getCertificateCryptographicConstraint in interface ValidationPolicy

Parameters:

context - The context of the signature cryptographic constraints: MainSignature, Timestamp, Revocation

subContext - the sub context of the signature cryptographic constraints: EMPTY (signature itself), SigningCertificate, CACertificate

Returns:

SignatureCryptographicConstraint if AcceptableEncryptionAlgo for a given context element is present in the constraint file, null otherwise.

getDefaultCryptographicConstraint

public CryptographicConstraint getDefaultCryptographicConstraint()

Gets the global cryptographic constraints

Returns:

CryptographicConstraint

getCertificateCAConstraint

public LevelConstraint getCertificateCAConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Returns certificate CA constraint

Specified by:

getCertificateCAConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

LevelConstraint if CA for a given context element is present in the constraint file, null otherwise.

getCertificateIssuerNameConstraint

public LevelConstraint getCertificateIssuerNameConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Returns certificate IssuerName constraint

Specified by:

getCertificateIssuerNameConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

LevelConstraint if IssuerName for a given context element is present in the constraint file, null otherwise.

getCertificateMaxPathLengthConstraint

public LevelConstraint getCertificateMaxPathLengthConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Returns certificate MaxPathLength constraint

Specified by:

getCertificateMaxPathLengthConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

LevelConstraint if MaxPathLength for a given context element is present in the constraint file, null otherwise.

getCertificateKeyUsageConstraint

public MultiValuesConstraint getCertificateKeyUsageConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Returns certificate key usage constraint

Specified by:

getCertificateKeyUsageConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

LevelConstraint if key-usage for a given context element is present in the constraint file, null otherwise.

getCertificateExtendedKeyUsageConstraint

public MultiValuesConstraint getCertificateExtendedKeyUsageConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Returns certificate extended key usage constraint

Specified by:

getCertificateExtendedKeyUsageConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

LevelConstraint if extended key-usage for a given context element is present in the constraint file, null otherwise.

getCertificatePolicyTreeConstraint

public LevelConstraint getCertificatePolicyTreeConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Returns certificate PolicyTree constraint

Specified by:

getCertificatePolicyTreeConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

LevelConstraint if PolicyTree for a given context element is present in the constraint file, null otherwise.

getCertificateNameConstraintsConstraint

public LevelConstraint getCertificateNameConstraintsConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Returns certificate NameConstraints constraint

Specified by:

getCertificateNameConstraintsConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

LevelConstraint if NameConstraints for a given context element is present in the constraint file, null otherwise.

getCertificateSupportedCriticalExtensionsConstraint

public MultiValuesConstraint getCertificateSupportedCriticalExtensionsConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Returns certificate supported critical extensions constraint

Specified by:

getCertificateSupportedCriticalExtensionsConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

LevelConstraint if SupportedCriticalExtensions constraint for a given context element is present in the constraint file,null otherwise.

getCertificateForbiddenExtensionsConstraint

public MultiValuesConstraint getCertificateForbiddenExtensionsConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Returns certificate forbidden extensions constraint

Specified by:

getCertificateForbiddenExtensionsConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

LevelConstraint if ForbiddenExtensions constraint for a given context element is present in the constraint file,null otherwise.

getCertificateSurnameConstraint

public MultiValuesConstraint getCertificateSurnameConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Returns CertificateSurname constraint if present in the policy, null otherwise

Specified by:

getCertificateSurnameConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

MultiValuesConstraint if CertificateSurname element is present in the constraint file, null otherwise.

getCertificateGivenNameConstraint

public MultiValuesConstraint getCertificateGivenNameConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Returns CertificateGivenName constraint if present in the policy, null otherwise

Specified by:

getCertificateGivenNameConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

MultiValuesConstraint if CertificateGivenName element is present in the constraint file, null otherwise.

getCertificateCommonNameConstraint

public MultiValuesConstraint getCertificateCommonNameConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Returns CertificateCommonName constraint if present in the policy, null otherwise

Specified by:

getCertificateCommonNameConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

MultiValuesConstraint if CertificateCommonName element is present in the constraint file, null otherwise.

getCertificatePseudonymConstraint

public MultiValuesConstraint getCertificatePseudonymConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Returns CertificatePseudonym constraint if present in the policy, null otherwise

Specified by:

getCertificatePseudonymConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

MultiValuesConstraint if CertificatePseudonym element is present in the constraint file, null otherwise.

getCertificateTitleConstraint

public MultiValuesConstraint getCertificateTitleConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Returns CertificateTitle constraint if present in the policy, null otherwise

Specified by:

getCertificateTitleConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

MultiValuesConstraint if CertificateTitle element is present in the constraint file, null otherwise.

getCertificateEmailConstraint

public MultiValuesConstraint getCertificateEmailConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Returns CertificateEmail constraint if present in the policy, null otherwise

Specified by:

getCertificateEmailConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

MultiValuesConstraint if CertificateEmail element is present in the constraint file, null otherwise.

getCertificateCountryConstraint

public MultiValuesConstraint getCertificateCountryConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Returns CertificateCountry constraint if present in the policy, null otherwise

Specified by:

getCertificateCountryConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

MultiValuesConstraint if CertificateCountry element is present in the constraint file, null otherwise.

getCertificateLocalityConstraint

public MultiValuesConstraint getCertificateLocalityConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Returns CertificateLocality constraint if present in the policy, null otherwise

Specified by:

getCertificateLocalityConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

MultiValuesConstraint if CertificateLocality element is present in the constraint file, null otherwise.

getCertificateStateConstraint

public MultiValuesConstraint getCertificateStateConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Returns CertificateState constraint if present in the policy, null otherwise

Specified by:

getCertificateStateConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

MultiValuesConstraint if CertificateState element is present in the constraint file, null otherwise.

getCertificateOrganizationIdentifierConstraint

public MultiValuesConstraint getCertificateOrganizationIdentifierConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Returns CertificateOrganizationIdentifier constraint if present in the policy, null otherwise

Specified by:

getCertificateOrganizationIdentifierConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

MultiValuesConstraint if CertificateOrganizationIdentifier element is present in the constraint file, null otherwise.

getCertificateOrganizationNameConstraint

public MultiValuesConstraint getCertificateOrganizationNameConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Returns CertificateOrganizationName constraint if present in the policy, null otherwise

Specified by:

getCertificateOrganizationNameConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

MultiValuesConstraint if CertificateOrganizationName element is present in the constraint file, null otherwise.

getCertificateOrganizationUnitConstraint

public MultiValuesConstraint getCertificateOrganizationUnitConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Returns CertificateOrganizationUnit constraint if present in the policy, null otherwise

Specified by:

getCertificateOrganizationUnitConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

MultiValuesConstraint if CertificateOrganizationUnit element is present in the constraint file, null otherwise.

getCertificatePseudoUsageConstraint

public LevelConstraint getCertificatePseudoUsageConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Returns CertificatePseudoUsage constraint if present in the policy, null otherwise

Specified by:

getCertificatePseudoUsageConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

LevelConstraint if CertificatePseudoUsage element is present in the constraint file, null otherwise.

getCertificateSerialNumberConstraint

public LevelConstraint getCertificateSerialNumberConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Returns CertificateSerialNumber constraint if present in the policy, null otherwise

Specified by:

getCertificateSerialNumberConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

LevelConstraint if CertificateSerialNumber element is present in the constraint file, null otherwise.

getCertificateNotExpiredConstraint

public LevelConstraint getCertificateNotExpiredConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Returns certificate's validity range constraint

Specified by:

getCertificateNotExpiredConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

LevelConstraint if NotExpired constraint for a given certificate context is present in the constraint file, null otherwise.

getProspectiveCertificateChainConstraint

public LevelConstraint getProspectiveCertificateChainConstraint(Context context)

Description copied from interface: ValidationPolicy

This constraint requests the presence of the trust anchor in the certificate chain.

Specified by:

getProspectiveCertificateChainConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

LevelConstraint if ProspectiveCertificateChain element for a given context element is present in the constraint file, null otherwise.

getCertificateAuthorityInfoAccessPresentConstraint

public LevelConstraint getCertificateAuthorityInfoAccessPresentConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Returns CertificateAuthorityInfoAccessPresent constraint if present in the policy, null otherwise

Specified by:

getCertificateAuthorityInfoAccessPresentConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

LevelConstraint if CertificateAuthorityInfoAccessPresent element is present in the constraint file, null otherwise.

getRevocationDataSkipConstraint

public CertificateValuesConstraint getRevocationDataSkipConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Returns RevocationDataSkip constraint if present in the policy, null otherwise

Specified by:

getRevocationDataSkipConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

LevelConstraint if RevocationDataSkip element is present in the constraint file, null otherwise.

getCertificateRevocationInfoAccessPresentConstraint

public LevelConstraint getCertificateRevocationInfoAccessPresentConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Returns CertificateRevocationInfoAccessPresent constraint if present in the policy, null otherwise

Specified by:

getCertificateRevocationInfoAccessPresentConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

LevelConstraint if CertificateRevocationInfoAccessPresent element is present in the constraint file, null otherwise.

getCertificateSignatureConstraint

public LevelConstraint getCertificateSignatureConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Returns certificate's signature constraint

Specified by:

getCertificateSignatureConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

LevelConstraint if Signature for a given context element is present in the constraint file, null otherwise.

getUnknownStatusConstraint

public LevelConstraint getUnknownStatusConstraint()

Description copied from interface: ValidationPolicy

The method returns UnknownStatus constraint

Specified by:

getUnknownStatusConstraint in interface ValidationPolicy

Returns:

LevelConstraint

getOCSPResponseResponderIdMatchConstraint

public LevelConstraint getOCSPResponseResponderIdMatchConstraint()

Description copied from interface: ValidationPolicy

The method returns OCSPResponderIdMatch constraint

Specified by:

getOCSPResponseResponderIdMatchConstraint in interface ValidationPolicy

Returns:

LevelConstraint

getOCSPResponseCertHashPresentConstraint

public LevelConstraint getOCSPResponseCertHashPresentConstraint()

Description copied from interface: ValidationPolicy

The method returns OCSPCertHashPresent constraint

Specified by:

getOCSPResponseCertHashPresentConstraint in interface ValidationPolicy

Returns:

LevelConstraint

getOCSPResponseCertHashMatchConstraint

public LevelConstraint getOCSPResponseCertHashMatchConstraint()

Description copied from interface: ValidationPolicy

The method returns OCSPCertHashMatch constraint

Specified by:

getOCSPResponseCertHashMatchConstraint in interface ValidationPolicy

Returns:

LevelConstraint

getSelfIssuedOCSPConstraint

public LevelConstraint getSelfIssuedOCSPConstraint()

Description copied from interface: ValidationPolicy

The method returns SelfIssuedOCSP constraint

Specified by:

getSelfIssuedOCSPConstraint in interface ValidationPolicy

Returns:

LevelConstraint

getRevocationDataAvailableConstraint

public LevelConstraint getRevocationDataAvailableConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Returns revocation data available constraint

Specified by:

getRevocationDataAvailableConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

LevelConstraint if RevocationDataAvailable for a given context element is present in the constraint file, null otherwise.

getAcceptableRevocationDataFoundConstraint

public LevelConstraint getAcceptableRevocationDataFoundConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Returns acceptable revocation data available constraint

Specified by:

getAcceptableRevocationDataFoundConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

LevelConstraint if AcceptableRevocationDataFound for a given context element is present in the constraint file, null otherwise.

getCRLNextUpdatePresentConstraint

public LevelConstraint getCRLNextUpdatePresentConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Returns CRL's nextUpdate present constraint

Specified by:

getCRLNextUpdatePresentConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

LevelConstraint if CRLNextUpdatePresent for a given context element is present in the constraint file, null otherwise.

getOCSPNextUpdatePresentConstraint

public LevelConstraint getOCSPNextUpdatePresentConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Returns OCSP's nextUpdate present constraint

Specified by:

getOCSPNextUpdatePresentConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

LevelConstraint if OCSPNextUpdatePresent for a given context element is present in the constraint file, null otherwise.

getRevocationFreshnessConstraint

public TimeConstraint getRevocationFreshnessConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Returns revocation data's freshness constraint

Specified by:

getRevocationFreshnessConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

TimeConstraint if RevocationFreshness for a given context element is present in the constraint file, null otherwise.

getRevocationFreshnessNextUpdateConstraint

public LevelConstraint getRevocationFreshnessNextUpdateConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Returns revocation data's freshness for nextUpdate check constraint

Specified by:

getRevocationFreshnessNextUpdateConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

LevelConstraint if RevocationFreshnessNextUpdate for a given context element is present in the constraint file, null otherwise.

getCertificateNotRevokedConstraint

public LevelConstraint getCertificateNotRevokedConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Returns certificate's not revoked constraint

Specified by:

getCertificateNotRevokedConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

LevelConstraint if Revoked for a given context element is present in the constraint file, null otherwise.

getCertificateNotOnHoldConstraint

public LevelConstraint getCertificateNotOnHoldConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Returns certificate's not onHold constraint

Specified by:

getCertificateNotOnHoldConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

LevelConstraint if OnHold for a given context element is present in the constraint file, null otherwise.

getRevocationIssuerNotExpiredConstraint

public LevelConstraint getRevocationIssuerNotExpiredConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Returns revocation issuer's validity range constraint

Specified by:

getRevocationIssuerNotExpiredConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

LevelConstraint if RevocationIssuerNotExpired constraint for a given certificate context is present in the constraint file, null otherwise.

getCertificateNotSelfSignedConstraint

public LevelConstraint getCertificateNotSelfSignedConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Returns certificate's not self-signed constraint

Specified by:

getCertificateNotSelfSignedConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

LevelConstraint if not self-signed for a given context element is present in the constraint file, null otherwise.

getCertificateSelfSignedConstraint

public LevelConstraint getCertificateSelfSignedConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Returns certificate's self-signed constraint

Specified by:

getCertificateSelfSignedConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

LevelConstraint if self-signed for a given context element is present in the constraint file, null otherwise.

getTrustServiceStatusConstraint

public MultiValuesConstraint getTrustServiceStatusConstraint(Context context)

Description copied from interface: ValidationPolicy

Returns trusted service status constraint

Specified by:

getTrustServiceStatusConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

LevelConstraint if trusted service status for a given context element is present in the constraint file, null otherwise.

getTrustServiceTypeIdentifierConstraint

public MultiValuesConstraint getTrustServiceTypeIdentifierConstraint(Context context)

Description copied from interface: ValidationPolicy

Returns trusted service type identifier constraint

Specified by:

getTrustServiceTypeIdentifierConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

LevelConstraint if trusted service type identifier for a given context element is present in the constraint file, null otherwise.

getCertificatePolicyIdsConstraint

public MultiValuesConstraint getCertificatePolicyIdsConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Returns CertificatePolicyIds constraint if present in the policy, null otherwise

Specified by:

getCertificatePolicyIdsConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

MultiValuesConstraint if CertificatePolicyIds element is present in the constraint file, null otherwise.

getCertificatePolicyQualificationIdsConstraint

public LevelConstraint getCertificatePolicyQualificationIdsConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Indicates if the CertificatePolicyIds declare the certificate as qualified.

Specified by:

getCertificatePolicyQualificationIdsConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

LevelConstraint if PolicyQualificationIds for a given context element is present in the constraint file, null otherwise.

getCertificatePolicySupportedByQSCDIdsConstraint

public LevelConstraint getCertificatePolicySupportedByQSCDIdsConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Indicates if the CertificatePolicyIds mandate the certificate as to be supported by a secure signature creation device (QSCD).

Specified by:

getCertificatePolicySupportedByQSCDIdsConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

LevelConstraint if PolicySupportedByQSCDIds for a given context element is present in the constraint file, null otherwise.

getCertificateQCComplianceConstraint

public LevelConstraint getCertificateQCComplianceConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Indicates if the end user certificate used in validating the signature is QC Compliant.

Specified by:

getCertificateQCComplianceConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

LevelConstraint if QcCompliance for a given context element is present in the constraint file, null otherwise.

getCertificateQcEuLimitValueCurrencyConstraint

public ValueConstraint getCertificateQcEuLimitValueCurrencyConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Indicates the allowed currency used to specify certificate's QCLimitValue statement.

Specified by:

getCertificateQcEuLimitValueCurrencyConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

IntValueConstraint if QcTransactionLimitCurrency for a given context element is present in the constraint file, null otherwise.

getCertificateMinQcEuLimitValueConstraint

public IntValueConstraint getCertificateMinQcEuLimitValueConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Indicates the minimal allowed QcEuLimitValue transaction limit for which the end user certificate used for the signature can be used.

Specified by:

getCertificateMinQcEuLimitValueConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

IntValueConstraint if MinQcTransactionLimit for a given context element is present in the constraint file, null otherwise.

getCertificateMinQcEuRetentionPeriodConstraint

public IntValueConstraint getCertificateMinQcEuRetentionPeriodConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Indicates the minimal allowed QC retention period for material information relevant to the use of the end user certificate used for the signature.

Specified by:

getCertificateMinQcEuRetentionPeriodConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

IntValueConstraint if MinQcRetentionPeriod for a given context element is present in the constraint file, null otherwise.

getCertificateQcSSCDConstraint

public LevelConstraint getCertificateQcSSCDConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Indicates if the end user certificate used in validating the signature is mandated to be supported by a secure signature creation device (QSCD).

Specified by:

getCertificateQcSSCDConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

LevelConstraint if QcSSCD for a given context element is present in the constraint file, null otherwise.

getCertificateQcEuPDSLocationConstraint

public MultiValuesConstraint getCertificateQcEuPDSLocationConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Indicates the location or set of locations of PKI Disclosure Statements.

Specified by:

getCertificateQcEuPDSLocationConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

MultiValuesConstraint the the location or set of locations of PKI Disclosure Statements

getCertificateQcTypeConstraint

public MultiValuesConstraint getCertificateQcTypeConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Indicates the certificate is claimed as a certificate of a particular type.

Specified by:

getCertificateQcTypeConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

MultiValuesConstraint the types that the certificate is claimed to be of

getCertificateQcCCLegislationConstraint

public MultiValuesConstraint getCertificateQcCCLegislationConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Indicates the country or set of countries under the legislation of which the certificate is issued as a qualified certificate is present. NOTE: in order to verify the EU compliance, the value shall be empty (no QcCCLegislation is allowed)

Specified by:

getCertificateQcCCLegislationConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

MultiValuesConstraint the country or set of countries under the legislation of which the certificate is issued as a qualified certificate

getCertificateIssuedToNaturalPersonConstraint

public LevelConstraint getCertificateIssuedToNaturalPersonConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Indicates if the end user certificate used in validating the signature is issued to a natural person.

Specified by:

getCertificateIssuedToNaturalPersonConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

LevelConstraint if IssuedToNaturalPerson for a given context element is present in the constraint file, null otherwise.

getCertificateIssuedToLegalPersonConstraint

public LevelConstraint getCertificateIssuedToLegalPersonConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Indicates if the end user certificate used in validating the signature is issued to a legal person.

Specified by:

getCertificateIssuedToLegalPersonConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

LevelConstraint if IssuedToLegalPerson for a given context element is present in the constraint file, null otherwise.

getCertificateSemanticsIdentifierConstraint

public MultiValuesConstraint getCertificateSemanticsIdentifierConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Indicates the certificate's QCStatement contains an acceptable semantics identifier.

Specified by:

getCertificateSemanticsIdentifierConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

LevelConstraint if SemanticsIdentifier for a given context element is present in the constraint file, null otherwise.

getCertificatePS2DQcTypeRolesOfPSPConstraint

public MultiValuesConstraint getCertificatePS2DQcTypeRolesOfPSPConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Indicates the acceptable QC PS2D roles for the certificate used for a signature.

Specified by:

getCertificatePS2DQcTypeRolesOfPSPConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

MultiValuesConstraint the set of acceptable QC PS2D roles

getCertificatePS2DQcCompetentAuthorityNameConstraint

public MultiValuesConstraint getCertificatePS2DQcCompetentAuthorityNameConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Indicates the acceptable QC PS2D names for the certificate used for a signature.

Specified by:

getCertificatePS2DQcCompetentAuthorityNameConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

MultiValuesConstraint the set of acceptable QC PS2D names

getCertificatePS2DQcCompetentAuthorityIdConstraint

public MultiValuesConstraint getCertificatePS2DQcCompetentAuthorityIdConstraint(Context context,
 SubContext subContext)

Description copied from interface: ValidationPolicy

Indicates the acceptable QC PS2D ids for the certificate used for a signature.

Specified by:

getCertificatePS2DQcCompetentAuthorityIdConstraint in interface ValidationPolicy

Parameters:

context - Context

subContext - SubContext

Returns:

MultiValuesConstraint the set of acceptable QC PS2D ids

getSigningCertificateRecognitionConstraint

public LevelConstraint getSigningCertificateRecognitionConstraint(Context context)

Description copied from interface: ValidationPolicy

Indicates if signing-certificate has been identified.

Specified by:

getSigningCertificateRecognitionConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

LevelConstraint if Recognition for a given context element is present in the constraint file, null otherwise.

getSigningCertificateAttributePresentConstraint

public LevelConstraint getSigningCertificateAttributePresentConstraint(Context context)

Description copied from interface: ValidationPolicy

Indicates if the signing certificate attribute is present

Specified by:

getSigningCertificateAttributePresentConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

LevelConstraint if SigningCertificateAttribute for a given context element is present in the constraint file, null otherwise.

getUnicitySigningCertificateAttributeConstraint

public LevelConstraint getUnicitySigningCertificateAttributeConstraint(Context context)

Description copied from interface: ValidationPolicy

Indicates if the signing certificate is not ambiguously determines

Specified by:

getUnicitySigningCertificateAttributeConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

LevelConstraint if UnicitySigningCertificate for a given context element is present in the constraint file, null otherwise.

getSigningCertificateDigestValuePresentConstraint

public LevelConstraint getSigningCertificateDigestValuePresentConstraint(Context context)

Description copied from interface: ValidationPolicy

Indicates if the signing certificate reference's digest value is present

Specified by:

getSigningCertificateDigestValuePresentConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

LevelConstraint if DigestValuePresent for a given context element is present in the constraint file, null otherwise.

getSigningCertificateDigestValueMatchConstraint

public LevelConstraint getSigningCertificateDigestValueMatchConstraint(Context context)

Description copied from interface: ValidationPolicy

Indicates if the signing certificate reference's digest value matches

Specified by:

getSigningCertificateDigestValueMatchConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

LevelConstraint if DigestValueMatch for a given context element is present in the constraint file, null otherwise.

getSigningCertificateIssuerSerialMatchConstraint

public LevelConstraint getSigningCertificateIssuerSerialMatchConstraint(Context context)

Description copied from interface: ValidationPolicy

Indicates if the signing certificate reference's issuer serial matches

Specified by:

getSigningCertificateIssuerSerialMatchConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

LevelConstraint if IssuerSerialMatch for a given context element is present in the constraint file, null otherwise.

getKeyIdentifierPresent

public LevelConstraint getKeyIdentifierPresent(Context context)

Description copied from interface: ValidationPolicy

Indicates if the 'kid' (key identifier) header parameter is present within the protected header of the signature

Specified by:

getKeyIdentifierPresent in interface ValidationPolicy

Parameters:

context - Context

Returns:

LevelConstraint if KeyIdentifierPresent for a given context element is present in the constraint file, null otherwise.

getKeyIdentifierMatch

public LevelConstraint getKeyIdentifierMatch(Context context)

Description copied from interface: ValidationPolicy

Indicates if the value of 'kid' (key identifier) header parameter matches the signing-certificate used to create the signature

Specified by:

getKeyIdentifierMatch in interface ValidationPolicy

Parameters:

context - Context

Returns:

LevelConstraint if KeyIdentifierMatch for a given context element is present in the constraint file, null otherwise.

getReferenceDataExistenceConstraint

public LevelConstraint getReferenceDataExistenceConstraint(Context context)

Description copied from interface: ValidationPolicy

Indicates if the referenced data is found

Specified by:

getReferenceDataExistenceConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

LevelConstraint if ReferenceDataExistence for a given context element is present in the constraint file, null otherwise.

getReferenceDataIntactConstraint

public LevelConstraint getReferenceDataIntactConstraint(Context context)

Description copied from interface: ValidationPolicy

Indicates if the referenced data is intact

Specified by:

getReferenceDataIntactConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

LevelConstraint if ReferenceDataIntact for a given context element is present in the constraint file, null otherwise.

getReferenceDataNameMatchConstraint

public LevelConstraint getReferenceDataNameMatchConstraint(Context context)

Description copied from interface: ValidationPolicy

Indicates if the referenced document names match the manifest entry references

Specified by:

getReferenceDataNameMatchConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

LevelConstraint if ReferenceDataNameMatch for a given context element is present in the constraint file, null otherwise.

getManifestEntryObjectExistenceConstraint

public LevelConstraint getManifestEntryObjectExistenceConstraint(Context context)

Description copied from interface: ValidationPolicy

Indicates if the manifested document is found

Specified by:

getManifestEntryObjectExistenceConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

LevelConstraint if ManifestEntryObjectExistence for a given context element is present in the constraint file, null otherwise.

getManifestEntryObjectIntactConstraint

public LevelConstraint getManifestEntryObjectIntactConstraint(Context context)

Description copied from interface: ValidationPolicy

Indicates if the manifested document is intact

Specified by:

getManifestEntryObjectIntactConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

LevelConstraint if ManifestEntryObjectIntact for a given context element is present in the constraint file, null otherwise.

getManifestEntryObjectGroupConstraint

public LevelConstraint getManifestEntryObjectGroupConstraint(Context context)

Description copied from interface: ValidationPolicy

Indicates if all manifest entries have been found

Specified by:

getManifestEntryObjectGroupConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

LevelConstraint if ManifestEntryObjectGroup for a given context element is present in the constraint file, null otherwise.

getManifestEntryNameMatchConstraint

public LevelConstraint getManifestEntryNameMatchConstraint(Context context)

Description copied from interface: ValidationPolicy

Indicates if names of all matching documents match to the manifest entry names

Specified by:

getManifestEntryNameMatchConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

LevelConstraint if ManifestEntryNameMatch for a given context element is present in the constraint file, null otherwise.

getSignatureIntactConstraint

public LevelConstraint getSignatureIntactConstraint(Context context)

Description copied from interface: ValidationPolicy

Indicates if the signature is intact

Specified by:

getSignatureIntactConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

SignatureDataIntact if SignatureIntact for a given context element is present in the constraint file, null otherwise.

getSignatureDuplicatedConstraint

public LevelConstraint getSignatureDuplicatedConstraint(Context context)

Description copied from interface: ValidationPolicy

Indicates if the signature is not ambiguous

Specified by:

getSignatureDuplicatedConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

SignatureDuplicated if SignatureDuplicated for a given context element is present in the constraint file, null otherwise.

getBestSignatureTimeBeforeExpirationDateOfSigningCertificateConstraint

public LevelConstraint getBestSignatureTimeBeforeExpirationDateOfSigningCertificateConstraint()

Description copied from interface: ValidationPolicy

This constraint checks if the certificate is not expired on best-signature-time

Specified by:

getBestSignatureTimeBeforeExpirationDateOfSigningCertificateConstraint in interface ValidationPolicy

Returns:

LevelConstraint if BestSignatureTimeBeforeExpirationDateOfSigningCertificate element is present in the constraint file, null otherwise.

getRevocationTimeAgainstBestSignatureTimeConstraint

public LevelConstraint getRevocationTimeAgainstBestSignatureTimeConstraint()

Description copied from interface: ValidationPolicy

Returns RevocationTimeAgainstBestSignatureTime constraint if present in the policy, null otherwise

Specified by:

getRevocationTimeAgainstBestSignatureTimeConstraint in interface ValidationPolicy

Returns:

LevelConstraint if RevocationTimeAgainstBestSignatureTime element is present in the constraint file, null otherwise.

getTimestampCoherenceConstraint

public LevelConstraint getTimestampCoherenceConstraint()

Description copied from interface: ValidationPolicy

This constraint checks if the timestamp order is coherent

Specified by:

getTimestampCoherenceConstraint in interface ValidationPolicy

Returns:

LevelConstraint if TimestampCoherence element is present in the constraint file, null otherwise.

getTimestampDelayConstraint

public TimeConstraint getTimestampDelayConstraint()

Description copied from interface: ValidationPolicy

Returns TimestampDelay constraint if present in the policy, null otherwise

Specified by:

getTimestampDelayConstraint in interface ValidationPolicy

Returns:

TimeConstraint if TimestampDelay element is present in the constraint file, null otherwise.

getTimestampValidConstraint

public LevelConstraint getTimestampValidConstraint()

Description copied from interface: ValidationPolicy

Returns whether the time-stamp is valid (passed either basic signature validation process or past signature validation). If TimestampValid element is absent within the constraint file then null is returned.

Specified by:

getTimestampValidConstraint in interface ValidationPolicy

Returns:

LevelConstraint if TimestampValid element is present in the constraint file, null otherwise.

getTimestampTSAGeneralNamePresent

public LevelConstraint getTimestampTSAGeneralNamePresent()

Description copied from interface: ValidationPolicy

Indicates if the timestamp's TSTInfo.tsa field is present

Specified by:

getTimestampTSAGeneralNamePresent in interface ValidationPolicy

Returns:

LevelConstraint if TSAGeneralNamePresent for a given context element is present in the constraint file, null otherwise.

getTimestampTSAGeneralNameContentMatch

public LevelConstraint getTimestampTSAGeneralNameContentMatch()

Description copied from interface: ValidationPolicy

Indicates if the timestamp's TSTInfo.tsa field's value matches the timestamp's issuer distinguishing name when present

Specified by:

getTimestampTSAGeneralNameContentMatch in interface ValidationPolicy

Returns:

LevelConstraint if TSAGeneralNameContentMatch for a given context element is present in the constraint file, null otherwise.

getTimestampTSAGeneralNameOrderMatch

public LevelConstraint getTimestampTSAGeneralNameOrderMatch()

Description copied from interface: ValidationPolicy

Indicates if the timestamp's TSTInfo.tsa field's value and order match the timestamp's issuer distinguishing name when present

Specified by:

getTimestampTSAGeneralNameOrderMatch in interface ValidationPolicy

Returns:

LevelConstraint if TSAGeneralNameOrderMatch for a given context element is present in the constraint file, null otherwise.

getFullScopeConstraint

public LevelConstraint getFullScopeConstraint()

Description copied from interface: ValidationPolicy

Returns FullScope constraint if present in the policy, null otherwise

Specified by:

getFullScopeConstraint in interface ValidationPolicy

Returns:

LevelConstraint if FullScope element is present in the constraint file, null otherwise.

getContentTimeStampConstraint

public LevelConstraint getContentTimeStampConstraint(Context context)

Description copied from interface: ValidationPolicy

Indicates if the signed property: content-time-stamp should be checked. If ContentTimeStamp element is absent within the constraint file then null is returned.

Specified by:

getContentTimeStampConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

LevelConstraint if ContentTimeStamp element is present in the constraint file, null otherwise.

getContentTimeStampMessageImprintConstraint

public LevelConstraint getContentTimeStampMessageImprintConstraint(Context context)

Description copied from interface: ValidationPolicy

Indicates if the signed property: content-time-stamp message-imprint should be checked. If ContentTimeStampMessageImprint element is absent within the constraint file then null is returned.

Specified by:

getContentTimeStampMessageImprintConstraint in interface ValidationPolicy

Parameters:

context - Context

Returns:

LevelConstraint if ContentTimeStampMessageImprint element is present in the constraint file, null otherwise.

getEvidenceRecordValidConstraint

public LevelConstraint getEvidenceRecordValidConstraint()

Description copied from interface: ValidationPolicy

Returns whether the evidence record is valid (passed a complete evidence record validation process). If EvidenceRecordValid element is absent within the constraint file then null is returned.

Specified by:

getEvidenceRecordValidConstraint in interface ValidationPolicy

Returns:

LevelConstraint if EvidenceRecordValid element is present in the constraint file, null otherwise.

getEvidenceRecordDataObjectExistenceConstraint

public LevelConstraint getEvidenceRecordDataObjectExistenceConstraint()

Description copied from interface: ValidationPolicy

Returns DataObjectExistence constraint if present in the policy, null otherwise

Specified by:

getEvidenceRecordDataObjectExistenceConstraint in interface ValidationPolicy

Returns:

LevelConstraint if DataObjectExistence element is present

getEvidenceRecordDataObjectIntactConstraint

public LevelConstraint getEvidenceRecordDataObjectIntactConstraint()

Description copied from interface: ValidationPolicy

Returns DataObjectIntact constraint if present in the policy, null otherwise

Specified by:

getEvidenceRecordDataObjectIntactConstraint in interface ValidationPolicy

Returns:

LevelConstraint if DataObjectIntact element is present

getEvidenceRecordDataObjectFoundConstraint

public LevelConstraint getEvidenceRecordDataObjectFoundConstraint()

Description copied from interface: ValidationPolicy

Returns DataObjectFound constraint if present in the policy, null otherwise

Specified by:

getEvidenceRecordDataObjectFoundConstraint in interface ValidationPolicy

Returns:

LevelConstraint if DataObjectFound element is present

getEvidenceRecordDataObjectGroupConstraint

public LevelConstraint getEvidenceRecordDataObjectGroupConstraint()

Description copied from interface: ValidationPolicy

Returns DataObjectGroup constraint if present in the policy, null otherwise

Specified by:

getEvidenceRecordDataObjectGroupConstraint in interface ValidationPolicy

Returns:

LevelConstraint if DataObjectGroup element is present

getEvidenceRecordHashTreeRenewalConstraint

public LevelConstraint getEvidenceRecordHashTreeRenewalConstraint()

Description copied from interface: ValidationPolicy

Returns HashTreeRenewal constraint if present in the policy, null otherwise

Specified by:

getEvidenceRecordHashTreeRenewalConstraint in interface ValidationPolicy

Returns:

LevelConstraint if HashTreeRenewal element is present

getEvidenceRecordCryptographicConstraint

public CryptographicConstraint getEvidenceRecordCryptographicConstraint()

Description copied from interface: ValidationPolicy

This method returns cryptographic constraints for validation of Evidence Record

Specified by:

getEvidenceRecordCryptographicConstraint in interface ValidationPolicy

Returns:

CryptographicConstraint

getAcceptedContainerTypesConstraint

public MultiValuesConstraint getAcceptedContainerTypesConstraint()

Description copied from interface: ValidationPolicy

Returns AcceptedContainerTypes constraint if present in the policy, null otherwise

Specified by:

getAcceptedContainerTypesConstraint in interface ValidationPolicy

Returns:

MultiValuesConstraint if AcceptedContainerTypes element is present in the constraint file, null otherwise.

getZipCommentPresentConstraint

public LevelConstraint getZipCommentPresentConstraint()

Description copied from interface: ValidationPolicy

Returns ZipCommentPresent constraint if present in the policy, null otherwise

Specified by:

getZipCommentPresentConstraint in interface ValidationPolicy

Returns:

LevelConstraint if ZipCommentPresent element is present in the constraint file, null otherwise.

getAcceptedZipCommentsConstraint

public MultiValuesConstraint getAcceptedZipCommentsConstraint()

Description copied from interface: ValidationPolicy

Returns AcceptedZipComments constraint if present in the policy, null otherwise

Specified by:

getAcceptedZipCommentsConstraint in interface ValidationPolicy

Returns:

MultiValuesConstraint if AcceptedZipComments element is present in the constraint file, null otherwise.

getMimeTypeFilePresentConstraint

public LevelConstraint getMimeTypeFilePresentConstraint()

Description copied from interface: ValidationPolicy

Returns MimeTypeFilePresent constraint if present in the policy, null otherwise

Specified by:

getMimeTypeFilePresentConstraint in interface ValidationPolicy

Returns:

LevelConstraint if MimeTypeFilePresent element is present in the constraint file, null otherwise.

getAcceptedMimeTypeContentsConstraint

public MultiValuesConstraint getAcceptedMimeTypeContentsConstraint()

Description copied from interface: ValidationPolicy

Returns AcceptedMimeTypeContents constraint if present in the policy, null otherwise

Specified by:

getAcceptedMimeTypeContentsConstraint in interface ValidationPolicy

Returns:

MultiValuesConstraint if AcceptedMimeTypeContents element is present in the constraint file, null otherwise.

getAllFilesSignedConstraint

public LevelConstraint getAllFilesSignedConstraint()

Description copied from interface: ValidationPolicy

Returns AllFilesSigned constraint if present in the policy, null otherwise

Specified by:

getAllFilesSignedConstraint in interface ValidationPolicy

Returns:

LevelConstraint if AllFilesSigned element is present in the constraint file, null otherwise.

getManifestFilePresentConstraint

public LevelConstraint getManifestFilePresentConstraint()

Description copied from interface: ValidationPolicy

Returns ManifestFilePresent constraint if present in the policy, null otherwise

Specified by:

getManifestFilePresentConstraint in interface ValidationPolicy

Returns:

LevelConstraint if ManifestFilePresent element is present in the constraint file, null otherwise.

getSignedFilesPresentConstraint

public LevelConstraint getSignedFilesPresentConstraint()

Description copied from interface: ValidationPolicy

Returns SignedFilesPresent constraint if present in the policy, null otherwise

Specified by:

getSignedFilesPresentConstraint in interface ValidationPolicy

Returns:

LevelConstraint if SignedFilesPresent element is present in the constraint file, null otherwise.

getAcceptablePDFAProfilesConstraint

public MultiValuesConstraint getAcceptablePDFAProfilesConstraint()

Description copied from interface: ValidationPolicy

Returns AcceptablePDFAProfiles constraint if present in the policy, null otherwise

Specified by:

getAcceptablePDFAProfilesConstraint in interface ValidationPolicy

Returns:

LevelConstraint if AcceptablePDFAProfiles element is present in the constraint file, null otherwise.

getPDFACompliantConstraint

public LevelConstraint getPDFACompliantConstraint()

Description copied from interface: ValidationPolicy

Returns PDFACompliant constraint if present in the policy, null otherwise

Specified by:

getPDFACompliantConstraint in interface ValidationPolicy

Returns:

LevelConstraint if PDFACompliant element is present in the constraint file, null otherwise.

isEIDASConstraintPresent

public boolean isEIDASConstraintPresent()

Description copied from interface: ValidationPolicy

Returns if EIDAS constraints present (qualification check shall be performed)

Specified by:

isEIDASConstraintPresent in interface ValidationPolicy

Returns:

TRUE if EIDAS constraint present, FALSE otherwise

getTLFreshnessConstraint

public TimeConstraint getTLFreshnessConstraint()

Description copied from interface: ValidationPolicy

Returns TLFreshness constraint if present in the policy, null otherwise

Specified by:

getTLFreshnessConstraint in interface ValidationPolicy

Returns:

TimeConstraint if TLFreshness element is present in the constraint file, null otherwise.

getTLWellSignedConstraint

public LevelConstraint getTLWellSignedConstraint()

Description copied from interface: ValidationPolicy

Returns TLWellSigned constraint if present in the policy, null otherwise

Specified by:

getTLWellSignedConstraint in interface ValidationPolicy

Returns:

TimeConstraint if TLWellSigned element is present in the constraint file, null otherwise.

getTLNotExpiredConstraint

public LevelConstraint getTLNotExpiredConstraint()

Description copied from interface: ValidationPolicy

Returns TLNotExpired constraint if present in the policy, null otherwise

Specified by:

getTLNotExpiredConstraint in interface ValidationPolicy

Returns:

TimeConstraint if TLNotExpired element is present in the constraint file, null otherwise.

getTLVersionConstraint

public ValueConstraint getTLVersionConstraint()

Description copied from interface: ValidationPolicy

Returns TLVersion constraint if present in the policy, null otherwise

Specified by:

getTLVersionConstraint in interface ValidationPolicy

Returns:

ValueConstraint if TLVersion element is present in the constraint file, null otherwise.

getValidationModel

public Model getValidationModel()

Description copied from interface: ValidationPolicy

Returns the used validation model (default is SHELL). Alternatives are CHAIN and HYBRID

Specified by:

getValidationModel in interface ValidationPolicy

Returns:

the validation model to be used

getContainerConstraints

public ContainerConstraints getContainerConstraints()

Description copied from interface: ValidationPolicy

Returns the constraint used for ASiC Container validation

Specified by:

getContainerConstraints in interface ValidationPolicy

Returns:

ContainerConstraints

getPDFAConstraints

public PDFAConstraints getPDFAConstraints()

Description copied from interface: ValidationPolicy

Returns the constraint used for ASiC Container validation

Specified by:

getPDFAConstraints in interface ValidationPolicy

Returns:

ContainerConstraints

getSignatureConstraints

public SignatureConstraints getSignatureConstraints()

Description copied from interface: ValidationPolicy

Returns the constraint used for Signature validation

Specified by:

getSignatureConstraints in interface ValidationPolicy

Returns:

SignatureConstraints

getCounterSignatureConstraints

public SignatureConstraints getCounterSignatureConstraints()

Description copied from interface: ValidationPolicy

Returns the constraint used for Counter Signature validation

Specified by:

getCounterSignatureConstraints in interface ValidationPolicy

Returns:

SignatureConstraints

getTimestampConstraints

public TimestampConstraints getTimestampConstraints()

Description copied from interface: ValidationPolicy

Returns the constraint used for Timestamp validation

Specified by:

getTimestampConstraints in interface ValidationPolicy

Returns:

TimestampConstraints

getRevocationConstraints

public RevocationConstraints getRevocationConstraints()

Description copied from interface: ValidationPolicy

Returns the constraint used for Revocation validation

Specified by:

getRevocationConstraints in interface ValidationPolicy

Returns:

RevocationConstraints

getEvidenceRecordConstraints

public EvidenceRecordConstraints getEvidenceRecordConstraints()

Description copied from interface: ValidationPolicy

Returns the constraint used for Evidence Record validation

Specified by:

getEvidenceRecordConstraints in interface ValidationPolicy

Returns:

EvidenceRecordConstraints

getEIDASConstraints

public EIDAS getEIDASConstraints()

Description copied from interface: ValidationPolicy

Returns the constraint used for qualification validation

Specified by:

getEIDASConstraints in interface ValidationPolicy

Returns:

EIDAS

getCryptographic

public CryptographicConstraint getCryptographic()

Description copied from interface: ValidationPolicy

Returns the common constraint used for cryptographic validation

Specified by:

getCryptographic in interface ValidationPolicy

Returns:

CryptographicConstraint