Package eu.europa.esig.dss.policy
Interface ValidationPolicy
- All Known Implementing Classes:
EtsiValidationPolicy
public interface ValidationPolicy
This class encapsulates the constraint file that controls the policy to be used during the validation process. This
is the base class used to implement a
specific validation policy
-
Method Summary
Modifier and TypeMethodDescriptionReturns AcceptablePDFAProfiles constraint if present in the policy, null otherwisegetAcceptableRevocationDataFoundConstraint(Context context, SubContext subContext) Returns acceptable revocation data available constraintReturns AcceptedContainerTypes constraint if present in the policy, null otherwiseReturns AcceptedMimeTypeContents constraint if present in the policy, null otherwiseReturns AcceptedZipComments constraint if present in the policy, null otherwiseReturns AllFilesSigned constraint if present in the policy, null otherwisegetAnnotationChangesConstraint(Context context) This constraint checks whether a PDF document contains annotation creation, modification or deletion modifications after the current signature's revisionsgetArchiveTimeStampConstraint(Context context) Indicates if the presence of unsigned property: archive-time-stamp should be checked.This constraint checks if the certificate is not expired on best-signature-timegetByteRangeAllDocumentConstraint(Context context) This constraint checks if ByteRange is valid for all signatures and document timestamps within PDF NOTE: applicable only for PAdESgetByteRangeCollisionConstraint(Context context) This constraint checks if ByteRange does not collide with other signature byte ranges NOTE: applicable only for PAdESgetByteRangeConstraint(Context context) This constraint checks if ByteRange dictionary is valid NOTE: applicable only for PAdESgetCertificateAuthorityInfoAccessPresentConstraint(Context context, SubContext subContext) Returns CertificateAuthorityInfoAccessPresent constraint if present in the policy, null otherwisegetCertificateCAConstraint(Context context, SubContext subContext) Returns certificate CA constraintgetCertificateCommonNameConstraint(Context context, SubContext subContext) Returns CertificateCommonName constraint if present in the policy, null otherwisegetCertificateCountryConstraint(Context context, SubContext subContext) Returns CertificateCountry constraint if present in the policy, null otherwisegetCertificateCryptographicConstraint(Context context, SubContext subContext) This method creates theSignatureCryptographicConstraintcorresponding to the context parameter.getCertificateEmailConstraint(Context context, SubContext subContext) Returns CertificateEmail constraint if present in the policy, null otherwisegetCertificateExtendedKeyUsageConstraint(Context context, SubContext subContext) Returns certificate extended key usage constraintgetCertificateForbiddenExtensionsConstraint(Context context, SubContext subContext) Returns certificate forbidden extensions constraintgetCertificateGivenNameConstraint(Context context, SubContext subContext) Returns CertificateGivenName constraint if present in the policy, null otherwisegetCertificateIssuedToLegalPersonConstraint(Context context, SubContext subContext) Indicates if the end user certificate used in validating the signature is issued to a legal person.getCertificateIssuedToNaturalPersonConstraint(Context context, SubContext subContext) Indicates if the end user certificate used in validating the signature is issued to a natural person.getCertificateIssuerNameConstraint(Context context, SubContext subContext) Returns certificate IssuerName constraintgetCertificateKeyUsageConstraint(Context context, SubContext subContext) Returns certificate key usage constraintgetCertificateLocalityConstraint(Context context, SubContext subContext) Returns CertificateLocality constraint if present in the policy, null otherwisegetCertificateMaxPathLengthConstraint(Context context, SubContext subContext) Returns certificate MaxPathLength constraintgetCertificateMinQcEuLimitValueConstraint(Context context, SubContext subContext) Indicates the minimal allowed QcEuLimitValue transaction limit for which the end user certificate used for the signature can be used.getCertificateMinQcEuRetentionPeriodConstraint(Context context, SubContext subContext) Indicates the minimal allowed QC retention period for material information relevant to the use of the end user certificate used for the signature.getCertificateNameConstraintsConstraint(Context context, SubContext subContext) Returns certificate NameConstraints constraintgetCertificateNotExpiredConstraint(Context context, SubContext subContext) Returns certificate's validity range constraintgetCertificateNotOnHoldConstraint(Context context, SubContext subContext) Returns certificate's not onHold constraintgetCertificateNotRevokedConstraint(Context context, SubContext subContext) Returns certificate's not revoked constraintgetCertificateNotSelfSignedConstraint(Context context, SubContext subContext) Returns certificate's not self-signed constraintgetCertificateOrganizationIdentifierConstraint(Context context, SubContext subContext) Returns CertificateOrganizationIdentifier constraint if present in the policy, null otherwisegetCertificateOrganizationNameConstraint(Context context, SubContext subContext) Returns CertificateOrganizationName constraint if present in the policy, null otherwisegetCertificateOrganizationUnitConstraint(Context context, SubContext subContext) Returns CertificateOrganizationUnit constraint if present in the policy, null otherwisegetCertificatePolicyIdsConstraint(Context context, SubContext subContext) Returns CertificatePolicyIds constraint if present in the policy, null otherwisegetCertificatePolicyQualificationIdsConstraint(Context context, SubContext subContext) Indicates if the CertificatePolicyIds declare the certificate as qualified.getCertificatePolicySupportedByQSCDIdsConstraint(Context context, SubContext subContext) Indicates if the CertificatePolicyIds mandate the certificate as to be supported by a secure signature creation device (QSCD).getCertificatePolicyTreeConstraint(Context context, SubContext subContext) Returns certificate PolicyTree constraintgetCertificatePS2DQcCompetentAuthorityIdConstraint(Context context, SubContext subContext) Indicates the acceptable QC PS2D ids for the certificate used for a signature.getCertificatePS2DQcCompetentAuthorityNameConstraint(Context context, SubContext subContext) Indicates the acceptable QC PS2D names for the certificate used for a signature.getCertificatePS2DQcTypeRolesOfPSPConstraint(Context context, SubContext subContext) Indicates the acceptable QC PS2D roles for the certificate used for a signature.getCertificatePseudonymConstraint(Context context, SubContext subContext) Returns CertificatePseudonym constraint if present in the policy, null otherwisegetCertificatePseudoUsageConstraint(Context context, SubContext subContext) Returns CertificatePseudoUsage constraint if present in the policy, null otherwisegetCertificateQcCCLegislationConstraint(Context context, SubContext subContext) Indicates the country or set of countries under the legislation of which the certificate is issued as a qualified certificate is present.getCertificateQCComplianceConstraint(Context context, SubContext subContext) Indicates if the end user certificate used in validating the signature is QC Compliant.getCertificateQcEuLimitValueCurrencyConstraint(Context context, SubContext subContext) Indicates the allowed currency used to specify certificate's QCLimitValue statement.getCertificateQcEuPDSLocationConstraint(Context context, SubContext subContext) Indicates the location or set of locations of PKI Disclosure Statements.getCertificateQcSSCDConstraint(Context context, SubContext subContext) Indicates if the end user certificate used in validating the signature is mandated to be supported by a secure signature creation device (QSCD).getCertificateQcTypeConstraint(Context context, SubContext subContext) Indicates the certificate is claimed as a certificate of a particular type.getCertificateRevocationInfoAccessPresentConstraint(Context context, SubContext subContext) Returns CertificateRevocationInfoAccessPresent constraint if present in the policy, null otherwisegetCertificateSelfSignedConstraint(Context context, SubContext subContext) Returns certificate's self-signed constraintgetCertificateSemanticsIdentifierConstraint(Context context, SubContext subContext) Indicates the certificate's QCStatement contains an acceptable semantics identifier.getCertificateSerialNumberConstraint(Context context, SubContext subContext) Returns CertificateSerialNumber constraint if present in the policy, null otherwisegetCertificateSignatureConstraint(Context context, SubContext subContext) Returns certificate's signature constraintgetCertificateStateConstraint(Context context, SubContext subContext) Returns CertificateState constraint if present in the policy, null otherwisegetCertificateSupportedCriticalExtensionsConstraint(Context context, SubContext subContext) Returns certificate supported critical extensions constraintgetCertificateSurnameConstraint(Context context, SubContext subContext) Returns CertificateSurname constraint if present in the policy, null otherwisegetCertificateTitleConstraint(Context context, SubContext subContext) Returns CertificateTitle constraint if present in the policy, null otherwisegetCertifiedRolesConstraint(Context context) Return the mandated signer role.getClaimedRoleConstraint(Context context) Indicates if the unsigned property: claimed-role should be checked.Indicates if the signed property: commitment-type-indication should be checked.Returns the constraint used for ASiC Container validationgetContentHintsConstraint(Context context) Indicates if the signed property: content-hints should be checked.getContentIdentifierConstraint(Context context) Indicates if the signed property: content-identifier should be checked.getContentTimeStampConstraint(Context context) Indicates if the signed property: content-time-stamp should be checked.Indicates if the signed property: content-time-stamp message-imprint should be checked.getContentTypeConstraint(Context context) Indicates if the signed property: content-type should be checked.getCounterSignatureConstraint(Context context) Returns CounterSignature constraint if present in the policy, null otherwiseReturns the constraint used for Counter Signature validationgetCRLNextUpdatePresentConstraint(Context context, SubContext subContext) Returns CRL's nextUpdate present constraintReturns the common constraint used for cryptographic validationgetDocMDPConstraint(Context context) This constraint checks if a document contains changes after a signature, against permission rules identified within a /DocMDP dictionarygetDocumentTimeStampConstraint(Context context) Indicates if the presence of unsigned property: document timestamp should be checked.Returns the constraint used for qualification validationgetEllipticCurveKeySizeConstraint(Context context) This constraint checks whether a JWA signature has a valid elliptic curve key sizeReturns the constraint used for Evidence Record validationThis method returns cryptographic constraints for validation of Evidence RecordReturns DataObjectExistence constraint if present in the policy, null otherwiseReturns DataObjectFound constraint if present in the policy, null otherwiseReturns DataObjectGroup constraint if present in the policy, null otherwiseReturns DataObjectIntact constraint if present in the policy, null otherwiseReturns HashTreeRenewal constraint if present in the policy, null otherwiseReturns whether the evidence record is valid (passed a complete evidence record validation process).getFieldMDPConstraint(Context context) This constraint checks if a document contains changes after a signature, against permission rules identified within a /FieldMDP dictionarygetFormFillChangesConstraint(Context context) This constraint checks whether a PDF document contains form fill or signing modifications after the current signature's revisionsReturns FullScope constraint if present in the policy, null otherwisegetKeyIdentifierMatch(Context context) Indicates if the value of 'kid' (key identifier) header parameter matches the signing-certificate used to create the signaturegetKeyIdentifierPresent(Context context) Indicates if the 'kid' (key identifier) header parameter is present within the protected header of the signaturegetLTALevelTimeStampConstraint(Context context) Indicates if the presence of unsigned property: archive-time-stamp or document timestamp covering the validation data If LTALevelTimeStamp element is absent within the constraint file then null is returned.Indicates if names of all matching documents match to the manifest entry namesIndicates if the manifested document is foundIndicates if all manifest entries have been foundIndicates if the manifested document is intactReturns ManifestFilePresent constraint if present in the policy, null otherwiseIndicates if the signed property: message-digest (for CAdES) or SignedProperties (for XAdES) should be checked.Returns MimeTypeFilePresent constraint if present in the policy, null otherwisegetOCSPNextUpdatePresentConstraint(Context context, SubContext subContext) Returns OCSP's nextUpdate present constraintThe method returns OCSPCertHashMatch constraintThe method returns OCSPCertHashPresent constraintThe method returns OCSPResponderIdMatch constraintReturns PDFACompliant constraint if present in the policy, null otherwiseReturns the constraint used for ASiC Container validationgetPdfAnnotationOverlapConstraint(Context context) Indicates if a PDF annotation overlapping check should be proceeded.getPdfPageDifferenceConstraint(Context context) Indicates if a PDF page difference check should be proceeded.This constraint checks if signature dictionary is consistent across PDF revisions.getPdfVisualDifferenceConstraint(Context context) Indicates if a PDF visual difference check should be proceeded.Returns the policy description.Returns the name of the policy.This constraint requests the presence of the trust anchor in the certificate chain.Indicates if the referenced data is foundgetReferenceDataIntactConstraint(Context context) Indicates if the referenced data is intactIndicates if the referenced document names match the manifest entry referencesIndicates if the whole certificate chain is covered by the Signing Certificate attribute.Returns the constraint used for Revocation validationgetRevocationDataAvailableConstraint(Context context, SubContext subContext) Returns revocation data available constraintgetRevocationDataSkipConstraint(Context context, SubContext subContext) Returns RevocationDataSkip constraint if present in the policy, null otherwisegetRevocationFreshnessConstraint(Context context, SubContext subContext) Returns revocation data's freshness constraintgetRevocationFreshnessNextUpdateConstraint(Context context, SubContext subContext) Returns revocation data's freshness for nextUpdate check constraintgetRevocationIssuerNotExpiredConstraint(Context context, SubContext subContext) Returns revocation issuer's validity range constraintReturns RevocationTimeAgainstBestSignatureTime constraint if present in the policy, null otherwiseThe method returns SelfIssuedOCSP constraintgetSigFieldLockConstraint(Context context) This constraint checks if a document contains changes after a signature, against permission rules identified within a /SigFieldLock dictionaryReturns the constraint used for Signature validationThis method creates theSignatureCryptographicConstraintcorresponding to the context parameter.getSignatureDuplicatedConstraint(Context context) Indicates if the signature is not ambiguousgetSignatureFormatConstraint(Context context) Returns SignatureFormat constraint if present in the policy, null otherwisegetSignatureIntactConstraint(Context context) Indicates if the signature is intactgetSignaturePolicyConstraint(Context context) Indicates if the signature policy should be checked.Indicates if the signature policy validation should be processed.getSignaturePolicyPolicyHashValid(Context context) Indicates if digest present in a SignaturePolicyIdentifier shall match to the extracted policy contentIndicates if a SignaturePolicyStore unsigned attribute, containing a used policy binaries, presence shall be checkedgetSignatureTimeStampConstraint(Context context) Indicates if the presence of unsigned property: signature-time-stamp should be checked.Returns SignedFilesPresent constraint if present in the policy, null otherwiseThis constraint checks if only one SignerInfo is present into a SignerInformationStore NOTE: applicable only for PAdESgetSignerLocationConstraint(Context context) Indicates if the signed property: signer-location should be checked.Indicates if the signing certificate attribute is presentChecks if a used DigestAlgorithm in signing-certificate-reference creation matches the corresponding cryptographic constraintIndicates if the signing certificate reference's digest value matchesIndicates if the signing certificate reference's digest value is presentIndicates if the signing certificate reference's issuer serial matchesIndicates if signing-certificate has been identified.Indicates if the Signing Certificate attribute should be checked against the certificate chain.getSigningTimeConstraint(Context context) Indicates if the signed property: signing-time should be checked.getStructuralValidationConstraint(Context context) Indicates if the structural validation should be checked.This constraint checks if the timestamp order is coherentReturns the constraint used for Timestamp validationReturns TimestampDelay constraint if present in the policy, null otherwiseIndicates if the timestamp's TSTInfo.tsa field's value matches the timestamp's issuer distinguishing name when presentIndicates if the timestamp's TSTInfo.tsa field's value and order match the timestamp's issuer distinguishing name when presentIndicates if the timestamp's TSTInfo.tsa field is presentReturns whether the time-stamp is valid (passed either basic signature validation process or past signature validation).getTLevelTimeStampConstraint(Context context) Indicates if the presence of unsigned property: signature-time-stamp or document timestamp If TLevelTimeStamp element is absent within the constraint file then null is returned.Returns TLFreshness constraint if present in the policy, null otherwiseReturns TLNotExpired constraint if present in the policy, null otherwiseReturns TLVersion constraint if present in the policy, null otherwiseReturns TLWellSigned constraint if present in the policy, null otherwisegetTrustServiceStatusConstraint(Context context) Returns trusted service status constraintReturns trusted service type identifier constraintgetUndefinedChangesConstraint(Context context) This constraint checks whether a PDF document contains undefined object modifications after the current signature's revisionsIndicates if the signing certificate is not ambiguously determinesThe method returns UnknownStatus constraintIndicates if the presence of unsigned property: validation data references only timestamp should be checked.Indicates if the presence of unsigned property: validation data timestamp should be checked.Returns the used validation model (default is SHELL).Returns ZipCommentPresent constraint if present in the policy, null otherwisebooleanReturns if EIDAS constraints present (qualification check shall be performed)
-
Method Details
-
getSignaturePolicyConstraint
Indicates if the signature policy should be checked. If AcceptablePolicies element is absent within the constraint file then null is returned, otherwise the list of identifiers is initialised.- Parameters:
context-Context- Returns:
LevelConstraintif SigningTime element is present in the constraint file, null otherwise.
-
getSignaturePolicyIdentifiedConstraint
Indicates if the signature policy validation should be processed. If SignaturePolicyIdentifier found, but not relevant SignaturePolicy is retrieved, the check fails.- Parameters:
context-Context- Returns:
LevelConstraintif SignaturePolicy shall be identified
-
getSignaturePolicyStorePresentConstraint
Indicates if a SignaturePolicyStore unsigned attribute, containing a used policy binaries, presence shall be checked- Parameters:
context-Context- Returns:
LevelConstraintif SignaturePolicyStore presence shall be checked
-
getSignaturePolicyPolicyHashValid
Indicates if digest present in a SignaturePolicyIdentifier shall match to the extracted policy content- Parameters:
context-Context- Returns:
LevelConstraintif SignaturePolicyIdentifier digest shall match
-
getStructuralValidationConstraint
Indicates if the structural validation should be checked. If StructuralValidation element is absent within the constraint file then null is returned.- Parameters:
context-Context- Returns:
LevelConstraintif StructuralValidation element is present in the constraint file, null otherwise.
-
getSigningCertificateRefersCertificateChainConstraint
Indicates if the Signing Certificate attribute should be checked against the certificate chain. If SigningCertificateRefersCertificateChain element is absent within the constraint file then null is returned.- Parameters:
context-Context- Returns:
LevelConstraintif SigningCertificateRefersCertificateChain element is present in the constraint file, null otherwise.
-
getReferencesToAllCertificateChainPresentConstraint
Indicates if the whole certificate chain is covered by the Signing Certificate attribute. If ReferencesToAllCertificateChainPresent element is absent within the constraint file then null is returned.- Parameters:
context-Context- Returns:
LevelConstraintif ReferencesToAllCertificateChainPresent element is present in the constraint file, null otherwise.
-
getSigningCertificateDigestAlgorithmConstraint
Checks if a used DigestAlgorithm in signing-certificate-reference creation matches the corresponding cryptographic constraint- Parameters:
context-Context- Returns:
LevelConstraintif SigningCertificateDigestAlgorithm for a given context element is present in the constraint file, null otherwise.
-
getSigningTimeConstraint
Indicates if the signed property: signing-time should be checked. If SigningTime element is absent within the constraint file then null is returned.- Parameters:
context-Context- Returns:
LevelConstraintif SigningTime element is present in the constraint file, null otherwise.
-
getContentTypeConstraint
Indicates if the signed property: content-type should be checked. If ContentType element is absent within the constraint file then null is returned.- Parameters:
context-Context- Returns:
ValueConstraintif ContentType element is present in the constraint file, null otherwise.
-
getContentHintsConstraint
Indicates if the signed property: content-hints should be checked. If ContentHints element is absent within the constraint file then null is returned.- Parameters:
context-Context- Returns:
ValueConstraintif ContentHints element is present in the constraint file, null otherwise.
-
getContentIdentifierConstraint
Indicates if the signed property: content-identifier should be checked. If ContentIdentifier element is absent within the constraint file then null is returned.- Parameters:
context-Context- Returns:
ValueConstraintif ContentIdentifier element is present in the constraint file, null otherwise.
-
getMessageDigestOrSignedPropertiesConstraint
Indicates if the signed property: message-digest (for CAdES) or SignedProperties (for XAdES) should be checked. If the relative element is absent within the constraint file then null is returned.- Parameters:
context-Context- Returns:
LevelConstraintif message-digests/SignedProperties element is present in the constraint file, null otherwise.
-
getEllipticCurveKeySizeConstraint
This constraint checks whether a JWA signature has a valid elliptic curve key size- Parameters:
context-Context- Returns:
LevelConstraintif EllipticCurveKeySize element is present in the constraint file, null otherwise.
-
getCommitmentTypeIndicationConstraint
Indicates if the signed property: commitment-type-indication should be checked. If CommitmentTypeIndication element is absent within the constraint file then null is returned, otherwise the list of identifiers is initialised.- Parameters:
context-Context- Returns:
MultiValuesConstraintif CommitmentTypeIndication element is present in the constraint file, null otherwise.
-
getSignerLocationConstraint
Indicates if the signed property: signer-location should be checked. If SignerLocation element is absent within the constraint file then null is returned.- Parameters:
context-Context- Returns:
LevelConstraintif SignerLocation element is present in the constraint file, null otherwise.
-
getContentTimeStampConstraint
Indicates if the signed property: content-time-stamp should be checked. If ContentTimeStamp element is absent within the constraint file then null is returned.- Parameters:
context-Context- Returns:
LevelConstraintif ContentTimeStamp element is present in the constraint file, null otherwise.
-
getContentTimeStampMessageImprintConstraint
Indicates if the signed property: content-time-stamp message-imprint should be checked. If ContentTimeStampMessageImprint element is absent within the constraint file then null is returned.- Parameters:
context-Context- Returns:
LevelConstraintif ContentTimeStampMessageImprint element is present in the constraint file, null otherwise.
-
getClaimedRoleConstraint
Indicates if the unsigned property: claimed-role should be checked. If ClaimedRoles element is absent within the constraint file then null is returned.- Parameters:
context-Context- Returns:
MultiValuesConstraintif ClaimedRoles element is present in the constraint file, null otherwise.
-
getCertifiedRolesConstraint
Return the mandated signer role.- Parameters:
context-Context- Returns:
MultiValuesConstraint
-
getPolicyName
-
getPolicyDescription
-
getSignatureCryptographicConstraint
This method creates theSignatureCryptographicConstraintcorresponding to the context parameter. If AcceptableEncryptionAlgo is not present in the constraint file the null is returned.- Parameters:
context- The context of the signature cryptographic constraints: MainSignature, Timestamp, Revocation- Returns:
SignatureCryptographicConstraintif AcceptableEncryptionAlgo for a given context element is present in the constraint file, null otherwise.
-
getCertificateCryptographicConstraint
CryptographicConstraint getCertificateCryptographicConstraint(Context context, SubContext subContext) This method creates theSignatureCryptographicConstraintcorresponding to the context parameter. If AcceptableEncryptionAlgo is not present in the constraint file the null is returned.- Parameters:
context- The context of the signature cryptographic constraints: MainSignature, Timestamp, RevocationsubContext- the sub context of the signature cryptographic constraints: EMPTY (signature itself), SigningCertificate, CACertificate- Returns:
SignatureCryptographicConstraintif AcceptableEncryptionAlgo for a given context element is present in the constraint file, null otherwise.
-
getEvidenceRecordCryptographicConstraint
CryptographicConstraint getEvidenceRecordCryptographicConstraint()This method returns cryptographic constraints for validation of Evidence Record- Returns:
CryptographicConstraint
-
getCertificateCAConstraint
Returns certificate CA constraint- Parameters:
context-ContextsubContext-SubContext- Returns:
LevelConstraintif CA for a given context element is present in the constraint file, null otherwise.
-
getCertificateIssuerNameConstraint
Returns certificate IssuerName constraint- Parameters:
context-ContextsubContext-SubContext- Returns:
LevelConstraintif IssuerName for a given context element is present in the constraint file, null otherwise.
-
getCertificateMaxPathLengthConstraint
Returns certificate MaxPathLength constraint- Parameters:
context-ContextsubContext-SubContext- Returns:
LevelConstraintif MaxPathLength for a given context element is present in the constraint file, null otherwise.
-
getCertificateKeyUsageConstraint
Returns certificate key usage constraint- Parameters:
context-ContextsubContext-SubContext- Returns:
LevelConstraintif key-usage for a given context element is present in the constraint file, null otherwise.
-
getCertificateExtendedKeyUsageConstraint
MultiValuesConstraint getCertificateExtendedKeyUsageConstraint(Context context, SubContext subContext) Returns certificate extended key usage constraint- Parameters:
context-ContextsubContext-SubContext- Returns:
LevelConstraintif extended key-usage for a given context element is present in the constraint file, null otherwise.
-
getCertificatePolicyTreeConstraint
Returns certificate PolicyTree constraint- Parameters:
context-ContextsubContext-SubContext- Returns:
LevelConstraintif PolicyTree for a given context element is present in the constraint file, null otherwise.
-
getCertificateNameConstraintsConstraint
Returns certificate NameConstraints constraint- Parameters:
context-ContextsubContext-SubContext- Returns:
LevelConstraintif NameConstraints for a given context element is present in the constraint file, null otherwise.
-
getCertificateSupportedCriticalExtensionsConstraint
MultiValuesConstraint getCertificateSupportedCriticalExtensionsConstraint(Context context, SubContext subContext) Returns certificate supported critical extensions constraint- Parameters:
context-ContextsubContext-SubContext- Returns:
LevelConstraintif SupportedCriticalExtensions constraint for a given context element is present in the constraint file,null otherwise.
-
getCertificateForbiddenExtensionsConstraint
MultiValuesConstraint getCertificateForbiddenExtensionsConstraint(Context context, SubContext subContext) Returns certificate forbidden extensions constraint- Parameters:
context-ContextsubContext-SubContext- Returns:
LevelConstraintif ForbiddenExtensions constraint for a given context element is present in the constraint file,null otherwise.
-
getCertificateNotExpiredConstraint
Returns certificate's validity range constraint- Parameters:
context-ContextsubContext-SubContext- Returns:
LevelConstraintif NotExpired constraint for a given certificate context is present in the constraint file, null otherwise.
-
getProspectiveCertificateChainConstraint
This constraint requests the presence of the trust anchor in the certificate chain.- Parameters:
context-Context- Returns:
LevelConstraintif ProspectiveCertificateChain element for a given context element is present in the constraint file, null otherwise.
-
getCertificateSignatureConstraint
Returns certificate's signature constraint- Parameters:
context-ContextsubContext-SubContext- Returns:
LevelConstraintif Signature for a given context element is present in the constraint file, null otherwise.
-
getUnknownStatusConstraint
LevelConstraint getUnknownStatusConstraint()The method returns UnknownStatus constraint- Returns:
LevelConstraint
-
getOCSPResponseResponderIdMatchConstraint
LevelConstraint getOCSPResponseResponderIdMatchConstraint()The method returns OCSPResponderIdMatch constraint- Returns:
LevelConstraint
-
getOCSPResponseCertHashPresentConstraint
LevelConstraint getOCSPResponseCertHashPresentConstraint()The method returns OCSPCertHashPresent constraint- Returns:
LevelConstraint
-
getOCSPResponseCertHashMatchConstraint
LevelConstraint getOCSPResponseCertHashMatchConstraint()The method returns OCSPCertHashMatch constraint- Returns:
LevelConstraint
-
getSelfIssuedOCSPConstraint
LevelConstraint getSelfIssuedOCSPConstraint()The method returns SelfIssuedOCSP constraint- Returns:
LevelConstraint
-
getRevocationDataAvailableConstraint
Returns revocation data available constraint- Parameters:
context-ContextsubContext-SubContext- Returns:
LevelConstraintif RevocationDataAvailable for a given context element is present in the constraint file, null otherwise.
-
getAcceptableRevocationDataFoundConstraint
Returns acceptable revocation data available constraint- Parameters:
context-ContextsubContext-SubContext- Returns:
LevelConstraintif AcceptableRevocationDataFound for a given context element is present in the constraint file, null otherwise.
-
getCRLNextUpdatePresentConstraint
Returns CRL's nextUpdate present constraint- Parameters:
context-ContextsubContext-SubContext- Returns:
LevelConstraintif CRLNextUpdatePresent for a given context element is present in the constraint file, null otherwise.
-
getOCSPNextUpdatePresentConstraint
Returns OCSP's nextUpdate present constraint- Parameters:
context-ContextsubContext-SubContext- Returns:
LevelConstraintif OCSPNextUpdatePresent for a given context element is present in the constraint file, null otherwise.
-
getRevocationFreshnessConstraint
Returns revocation data's freshness constraint- Parameters:
context-ContextsubContext-SubContext- Returns:
TimeConstraintif RevocationFreshness for a given context element is present in the constraint file, null otherwise.
-
getRevocationFreshnessNextUpdateConstraint
Returns revocation data's freshness for nextUpdate check constraint- Parameters:
context-ContextsubContext-SubContext- Returns:
LevelConstraintif RevocationFreshnessNextUpdate for a given context element is present in the constraint file, null otherwise.
-
getCertificateNotRevokedConstraint
Returns certificate's not revoked constraint- Parameters:
context-ContextsubContext-SubContext- Returns:
LevelConstraintif Revoked for a given context element is present in the constraint file, null otherwise.
-
getCertificateNotOnHoldConstraint
Returns certificate's not onHold constraint- Parameters:
context-ContextsubContext-SubContext- Returns:
LevelConstraintif OnHold for a given context element is present in the constraint file, null otherwise.
-
getRevocationIssuerNotExpiredConstraint
Returns revocation issuer's validity range constraint- Parameters:
context-ContextsubContext-SubContext- Returns:
LevelConstraintif RevocationIssuerNotExpired constraint for a given certificate context is present in the constraint file, null otherwise.
-
getCertificateNotSelfSignedConstraint
Returns certificate's not self-signed constraint- Parameters:
context-ContextsubContext-SubContext- Returns:
LevelConstraintif not self-signed for a given context element is present in the constraint file, null otherwise.
-
getCertificateSelfSignedConstraint
Returns certificate's self-signed constraint- Parameters:
context-ContextsubContext-SubContext- Returns:
LevelConstraintif self-signed for a given context element is present in the constraint file, null otherwise.
-
getTrustServiceTypeIdentifierConstraint
Returns trusted service type identifier constraint- Parameters:
context-Context- Returns:
LevelConstraintif trusted service type identifier for a given context element is present in the constraint file, null otherwise.
-
getTrustServiceStatusConstraint
Returns trusted service status constraint- Parameters:
context-Context- Returns:
LevelConstraintif trusted service status for a given context element is present in the constraint file, null otherwise.
-
getCertificatePolicyIdsConstraint
Returns CertificatePolicyIds constraint if present in the policy, null otherwise- Parameters:
context-ContextsubContext-SubContext- Returns:
MultiValuesConstraintif CertificatePolicyIds element is present in the constraint file, null otherwise.
-
getCertificatePolicyQualificationIdsConstraint
LevelConstraint getCertificatePolicyQualificationIdsConstraint(Context context, SubContext subContext) Indicates if the CertificatePolicyIds declare the certificate as qualified.- Parameters:
context-ContextsubContext-SubContext- Returns:
LevelConstraintif PolicyQualificationIds for a given context element is present in the constraint file, null otherwise.
-
getCertificatePolicySupportedByQSCDIdsConstraint
LevelConstraint getCertificatePolicySupportedByQSCDIdsConstraint(Context context, SubContext subContext) Indicates if the CertificatePolicyIds mandate the certificate as to be supported by a secure signature creation device (QSCD).- Parameters:
context-ContextsubContext-SubContext- Returns:
LevelConstraintif PolicySupportedByQSCDIds for a given context element is present in the constraint file, null otherwise.
-
getCertificateQCComplianceConstraint
Indicates if the end user certificate used in validating the signature is QC Compliant.- Parameters:
context-ContextsubContext-SubContext- Returns:
LevelConstraintif QcCompliance for a given context element is present in the constraint file, null otherwise.
-
getCertificateQcEuLimitValueCurrencyConstraint
ValueConstraint getCertificateQcEuLimitValueCurrencyConstraint(Context context, SubContext subContext) Indicates the allowed currency used to specify certificate's QCLimitValue statement.- Parameters:
context-ContextsubContext-SubContext- Returns:
IntValueConstraintif QcTransactionLimitCurrency for a given context element is present in the constraint file, null otherwise.
-
getCertificateMinQcEuLimitValueConstraint
IntValueConstraint getCertificateMinQcEuLimitValueConstraint(Context context, SubContext subContext) Indicates the minimal allowed QcEuLimitValue transaction limit for which the end user certificate used for the signature can be used.- Parameters:
context-ContextsubContext-SubContext- Returns:
IntValueConstraintif MinQcTransactionLimit for a given context element is present in the constraint file, null otherwise.
-
getCertificateMinQcEuRetentionPeriodConstraint
IntValueConstraint getCertificateMinQcEuRetentionPeriodConstraint(Context context, SubContext subContext) Indicates the minimal allowed QC retention period for material information relevant to the use of the end user certificate used for the signature.- Parameters:
context-ContextsubContext-SubContext- Returns:
IntValueConstraintif MinQcRetentionPeriod for a given context element is present in the constraint file, null otherwise.
-
getCertificateQcSSCDConstraint
Indicates if the end user certificate used in validating the signature is mandated to be supported by a secure signature creation device (QSCD).- Parameters:
context-ContextsubContext-SubContext- Returns:
LevelConstraintif QcSSCD for a given context element is present in the constraint file, null otherwise.
-
getCertificateQcEuPDSLocationConstraint
MultiValuesConstraint getCertificateQcEuPDSLocationConstraint(Context context, SubContext subContext) Indicates the location or set of locations of PKI Disclosure Statements.- Parameters:
context-ContextsubContext-SubContext- Returns:
MultiValuesConstraintthe the location or set of locations of PKI Disclosure Statements
-
getCertificateQcTypeConstraint
Indicates the certificate is claimed as a certificate of a particular type.- Parameters:
context-ContextsubContext-SubContext- Returns:
MultiValuesConstraintthe types that the certificate is claimed to be of
-
getCertificateQcCCLegislationConstraint
MultiValuesConstraint getCertificateQcCCLegislationConstraint(Context context, SubContext subContext) Indicates the country or set of countries under the legislation of which the certificate is issued as a qualified certificate is present. NOTE: in order to verify the EU compliance, the value shall be empty (no QcCCLegislation is allowed)- Parameters:
context-ContextsubContext-SubContext- Returns:
MultiValuesConstraintthe country or set of countries under the legislation of which the certificate is issued as a qualified certificate
-
getCertificateIssuedToNaturalPersonConstraint
LevelConstraint getCertificateIssuedToNaturalPersonConstraint(Context context, SubContext subContext) Indicates if the end user certificate used in validating the signature is issued to a natural person.- Parameters:
context-ContextsubContext-SubContext- Returns:
LevelConstraintif IssuedToNaturalPerson for a given context element is present in the constraint file, null otherwise.
-
getCertificateIssuedToLegalPersonConstraint
Indicates if the end user certificate used in validating the signature is issued to a legal person.- Parameters:
context-ContextsubContext-SubContext- Returns:
LevelConstraintif IssuedToLegalPerson for a given context element is present in the constraint file, null otherwise.
-
getCertificateSemanticsIdentifierConstraint
MultiValuesConstraint getCertificateSemanticsIdentifierConstraint(Context context, SubContext subContext) Indicates the certificate's QCStatement contains an acceptable semantics identifier.- Parameters:
context-ContextsubContext-SubContext- Returns:
LevelConstraintif SemanticsIdentifier for a given context element is present in the constraint file, null otherwise.
-
getCertificatePS2DQcTypeRolesOfPSPConstraint
MultiValuesConstraint getCertificatePS2DQcTypeRolesOfPSPConstraint(Context context, SubContext subContext) Indicates the acceptable QC PS2D roles for the certificate used for a signature.- Parameters:
context-ContextsubContext-SubContext- Returns:
MultiValuesConstraintthe set of acceptable QC PS2D roles
-
getCertificatePS2DQcCompetentAuthorityNameConstraint
MultiValuesConstraint getCertificatePS2DQcCompetentAuthorityNameConstraint(Context context, SubContext subContext) Indicates the acceptable QC PS2D names for the certificate used for a signature.- Parameters:
context-ContextsubContext-SubContext- Returns:
MultiValuesConstraintthe set of acceptable QC PS2D names
-
getCertificatePS2DQcCompetentAuthorityIdConstraint
MultiValuesConstraint getCertificatePS2DQcCompetentAuthorityIdConstraint(Context context, SubContext subContext) Indicates the acceptable QC PS2D ids for the certificate used for a signature.- Parameters:
context-ContextsubContext-SubContext- Returns:
MultiValuesConstraintthe set of acceptable QC PS2D ids
-
getSigningCertificateRecognitionConstraint
Indicates if signing-certificate has been identified.- Parameters:
context-Context- Returns:
LevelConstraintif Recognition for a given context element is present in the constraint file, null otherwise.
-
getSigningCertificateAttributePresentConstraint
Indicates if the signing certificate attribute is present- Parameters:
context-Context- Returns:
LevelConstraintif SigningCertificateAttribute for a given context element is present in the constraint file, null otherwise.
-
getUnicitySigningCertificateAttributeConstraint
Indicates if the signing certificate is not ambiguously determines- Parameters:
context-Context- Returns:
LevelConstraintif UnicitySigningCertificate for a given context element is present in the constraint file, null otherwise.
-
getSigningCertificateDigestValuePresentConstraint
Indicates if the signing certificate reference's digest value is present- Parameters:
context-Context- Returns:
LevelConstraintif DigestValuePresent for a given context element is present in the constraint file, null otherwise.
-
getSigningCertificateDigestValueMatchConstraint
Indicates if the signing certificate reference's digest value matches- Parameters:
context-Context- Returns:
LevelConstraintif DigestValueMatch for a given context element is present in the constraint file, null otherwise.
-
getSigningCertificateIssuerSerialMatchConstraint
Indicates if the signing certificate reference's issuer serial matches- Parameters:
context-Context- Returns:
LevelConstraintif IssuerSerialMatch for a given context element is present in the constraint file, null otherwise.
-
getKeyIdentifierPresent
Indicates if the 'kid' (key identifier) header parameter is present within the protected header of the signature- Parameters:
context-Context- Returns:
LevelConstraintif KeyIdentifierPresent for a given context element is present in the constraint file, null otherwise.
-
getKeyIdentifierMatch
Indicates if the value of 'kid' (key identifier) header parameter matches the signing-certificate used to create the signature- Parameters:
context-Context- Returns:
LevelConstraintif KeyIdentifierMatch for a given context element is present in the constraint file, null otherwise.
-
getReferenceDataExistenceConstraint
Indicates if the referenced data is found- Parameters:
context-Context- Returns:
LevelConstraintif ReferenceDataExistence for a given context element is present in the constraint file, null otherwise.
-
getReferenceDataIntactConstraint
Indicates if the referenced data is intact- Parameters:
context-Context- Returns:
LevelConstraintif ReferenceDataIntact for a given context element is present in the constraint file, null otherwise.
-
getReferenceDataNameMatchConstraint
Indicates if the referenced document names match the manifest entry references- Parameters:
context-Context- Returns:
LevelConstraintif ReferenceDataNameMatch for a given context element is present in the constraint file, null otherwise.
-
getManifestEntryObjectExistenceConstraint
Indicates if the manifested document is found- Parameters:
context-Context- Returns:
LevelConstraintif ManifestEntryObjectExistence for a given context element is present in the constraint file, null otherwise.
-
getManifestEntryObjectIntactConstraint
Indicates if the manifested document is intact- Parameters:
context-Context- Returns:
LevelConstraintif ManifestEntryObjectIntact for a given context element is present in the constraint file, null otherwise.
-
getManifestEntryObjectGroupConstraint
Indicates if all manifest entries have been found- Parameters:
context-Context- Returns:
LevelConstraintif ManifestEntryObjectGroup for a given context element is present in the constraint file, null otherwise.
-
getManifestEntryNameMatchConstraint
Indicates if names of all matching documents match to the manifest entry names- Parameters:
context-Context- Returns:
LevelConstraintif ManifestEntryNameMatch for a given context element is present in the constraint file, null otherwise.
-
getSignatureIntactConstraint
Indicates if the signature is intact- Parameters:
context-Context- Returns:
SignatureDataIntactif SignatureIntact for a given context element is present in the constraint file, null otherwise.
-
getSignatureDuplicatedConstraint
Indicates if the signature is not ambiguous- Parameters:
context-Context- Returns:
SignatureDuplicatedif SignatureDuplicated for a given context element is present in the constraint file, null otherwise.
-
getSignerInformationStoreConstraint
This constraint checks if only one SignerInfo is present into a SignerInformationStore NOTE: applicable only for PAdES- Parameters:
context-Context- Returns:
LevelConstraintif SignerInformationStore element for a given context element is present in the constraint file, null otherwise.
-
getByteRangeConstraint
This constraint checks if ByteRange dictionary is valid NOTE: applicable only for PAdES- Parameters:
context-Context- Returns:
LevelConstraintif ByteRange element for a given context element is present in the constraint file, null otherwise.
-
getByteRangeCollisionConstraint
This constraint checks if ByteRange does not collide with other signature byte ranges NOTE: applicable only for PAdES- Parameters:
context-Context- Returns:
LevelConstraintif ByteRangeCollision element for a given context element is present in the constraint file, null otherwise.
-
getByteRangeAllDocumentConstraint
This constraint checks if ByteRange is valid for all signatures and document timestamps within PDF NOTE: applicable only for PAdES- Parameters:
context-Context- Returns:
LevelConstraintif ByteRangeAllDocument element for a given context element is present in the constraint file, null otherwise.
-
getPdfSignatureDictionaryConstraint
This constraint checks if signature dictionary is consistent across PDF revisions. NOTE: applicable only for PAdES- Parameters:
context-Context- Returns:
LevelConstraintif PdfSignatureDictionary element for a given context element is present in the constraint file, null otherwise.
-
getPdfPageDifferenceConstraint
Indicates if a PDF page difference check should be proceeded. If PdfPageDifference element is absent within the constraint file then null is returned.- Parameters:
context-Context- Returns:
LevelConstraintif PdfPageDifference element is present in the constraint file, null otherwise.
-
getPdfAnnotationOverlapConstraint
Indicates if a PDF annotation overlapping check should be proceeded. If PdfAnnotationOverlap element is absent within the constraint file then null is returned.- Parameters:
context-Context- Returns:
LevelConstraintif PdfAnnotationOverlap element is present in the constraint file, null otherwise.
-
getPdfVisualDifferenceConstraint
Indicates if a PDF visual difference check should be proceeded. If PdfVisualDifference element is absent within the constraint file then null is returned.- Parameters:
context-Context- Returns:
LevelConstraintif PdfVisualDifference element is present in the constraint file, null otherwise.
-
getDocMDPConstraint
This constraint checks if a document contains changes after a signature, against permission rules identified within a /DocMDP dictionary- Parameters:
context-Context- Returns:
LevelConstraintif DocMDP element is present in the constraint file, null otherwise.
-
getFieldMDPConstraint
This constraint checks if a document contains changes after a signature, against permission rules identified within a /FieldMDP dictionary- Parameters:
context-Context- Returns:
LevelConstraintif FieldMDP element is present in the constraint file, null otherwise.
-
getSigFieldLockConstraint
This constraint checks if a document contains changes after a signature, against permission rules identified within a /SigFieldLock dictionary- Parameters:
context-Context- Returns:
LevelConstraintif SigFieldLock element is present in the constraint file, null otherwise.
-
getFormFillChangesConstraint
This constraint checks whether a PDF document contains form fill or signing modifications after the current signature's revisions- Parameters:
context-Context- Returns:
LevelConstraintif FormFillChanges element is present in the constraint file, null otherwise.
-
getAnnotationChangesConstraint
This constraint checks whether a PDF document contains annotation creation, modification or deletion modifications after the current signature's revisions- Parameters:
context-Context- Returns:
LevelConstraintif AnnotationChanges element is present in the constraint file, null otherwise.
-
getUndefinedChangesConstraint
This constraint checks whether a PDF document contains undefined object modifications after the current signature's revisions- Parameters:
context-Context- Returns:
LevelConstraintif UndefinedChanges element is present in the constraint file, null otherwise.
-
getBestSignatureTimeBeforeExpirationDateOfSigningCertificateConstraint
LevelConstraint getBestSignatureTimeBeforeExpirationDateOfSigningCertificateConstraint()This constraint checks if the certificate is not expired on best-signature-time- Returns:
LevelConstraintif BestSignatureTimeBeforeExpirationDateOfSigningCertificate element is present in the constraint file, null otherwise.
-
getTimestampCoherenceConstraint
LevelConstraint getTimestampCoherenceConstraint()This constraint checks if the timestamp order is coherent- Returns:
LevelConstraintif TimestampCoherence element is present in the constraint file, null otherwise.
-
getTimestampDelayConstraint
TimeConstraint getTimestampDelayConstraint()Returns TimestampDelay constraint if present in the policy, null otherwise- Returns:
TimeConstraintif TimestampDelay element is present in the constraint file, null otherwise.
-
getTimestampValidConstraint
LevelConstraint getTimestampValidConstraint()Returns whether the time-stamp is valid (passed either basic signature validation process or past signature validation). If TimestampValid element is absent within the constraint file then null is returned.- Returns:
LevelConstraintif TimestampValid element is present in the constraint file, null otherwise.
-
getTimestampTSAGeneralNamePresent
LevelConstraint getTimestampTSAGeneralNamePresent()Indicates if the timestamp's TSTInfo.tsa field is present- Returns:
LevelConstraintif TSAGeneralNamePresent for a given context element is present in the constraint file, null otherwise.
-
getTimestampTSAGeneralNameContentMatch
LevelConstraint getTimestampTSAGeneralNameContentMatch()Indicates if the timestamp's TSTInfo.tsa field's value matches the timestamp's issuer distinguishing name when present- Returns:
LevelConstraintif TSAGeneralNameContentMatch for a given context element is present in the constraint file, null otherwise.
-
getTimestampTSAGeneralNameOrderMatch
LevelConstraint getTimestampTSAGeneralNameOrderMatch()Indicates if the timestamp's TSTInfo.tsa field's value and order match the timestamp's issuer distinguishing name when present- Returns:
LevelConstraintif TSAGeneralNameOrderMatch for a given context element is present in the constraint file, null otherwise.
-
getRevocationTimeAgainstBestSignatureTimeConstraint
LevelConstraint getRevocationTimeAgainstBestSignatureTimeConstraint()Returns RevocationTimeAgainstBestSignatureTime constraint if present in the policy, null otherwise- Returns:
LevelConstraintif RevocationTimeAgainstBestSignatureTime element is present in the constraint file, null otherwise.
-
getEvidenceRecordValidConstraint
LevelConstraint getEvidenceRecordValidConstraint()Returns whether the evidence record is valid (passed a complete evidence record validation process). If EvidenceRecordValid element is absent within the constraint file then null is returned.- Returns:
LevelConstraintif EvidenceRecordValid element is present in the constraint file, null otherwise.
-
getEvidenceRecordDataObjectExistenceConstraint
LevelConstraint getEvidenceRecordDataObjectExistenceConstraint()Returns DataObjectExistence constraint if present in the policy, null otherwise- Returns:
LevelConstraintif DataObjectExistence element is present
-
getEvidenceRecordDataObjectIntactConstraint
LevelConstraint getEvidenceRecordDataObjectIntactConstraint()Returns DataObjectIntact constraint if present in the policy, null otherwise- Returns:
LevelConstraintif DataObjectIntact element is present
-
getEvidenceRecordDataObjectFoundConstraint
LevelConstraint getEvidenceRecordDataObjectFoundConstraint()Returns DataObjectFound constraint if present in the policy, null otherwise- Returns:
LevelConstraintif DataObjectFound element is present
-
getEvidenceRecordDataObjectGroupConstraint
LevelConstraint getEvidenceRecordDataObjectGroupConstraint()Returns DataObjectGroup constraint if present in the policy, null otherwise- Returns:
LevelConstraintif DataObjectGroup element is present
-
getEvidenceRecordHashTreeRenewalConstraint
LevelConstraint getEvidenceRecordHashTreeRenewalConstraint()Returns HashTreeRenewal constraint if present in the policy, null otherwise- Returns:
LevelConstraintif HashTreeRenewal element is present
-
getCounterSignatureConstraint
Returns CounterSignature constraint if present in the policy, null otherwise- Parameters:
context-ContextDiagnosticDataFacade- Returns:
LevelConstraintif CounterSignature element is present in the constraint file, null otherwise.
-
getSignatureTimeStampConstraint
Indicates if the presence of unsigned property: signature-time-stamp should be checked. If SignatureTimeStamp element is absent within the constraint file then null is returned.- Parameters:
context-Context- Returns:
LevelConstraintif SignatureTimeStamp element is present in the constraint file, null otherwise.
-
getValidationDataTimeStampConstraint
Indicates if the presence of unsigned property: validation data timestamp should be checked. If ValidationDataTimeStamp element is absent within the constraint file then null is returned.- Parameters:
context-Context- Returns:
LevelConstraintif ValidationDataTimeStamp element is present in the constraint file, null otherwise.
-
getValidationDataRefsOnlyTimeStampConstraint
Indicates if the presence of unsigned property: validation data references only timestamp should be checked. If ValidationDataRefsOnlyTimeStamp element is absent within the constraint file then null is returned.- Parameters:
context-Context- Returns:
LevelConstraintif ValidationDataRefsOnlyTimeStamp element is present in the constraint file, null otherwise.
-
getArchiveTimeStampConstraint
Indicates if the presence of unsigned property: archive-time-stamp should be checked. If ArchiveTimeStamp element is absent within the constraint file then null is returned.- Parameters:
context-Context- Returns:
LevelConstraintif ArchiveTimeStamp element is present in the constraint file, null otherwise.
-
getDocumentTimeStampConstraint
Indicates if the presence of unsigned property: document timestamp should be checked. If DocumentTimeStamp element is absent within the constraint file then null is returned.- Parameters:
context-Context- Returns:
LevelConstraintif DocumentTimeStamp element is present in the constraint file, null otherwise.
-
getTLevelTimeStampConstraint
Indicates if the presence of unsigned property: signature-time-stamp or document timestamp If TLevelTimeStamp element is absent within the constraint file then null is returned.- Parameters:
context-Context- Returns:
LevelConstraintif TLevelTimeStamp element is present in the constraint file, null otherwise.
-
getLTALevelTimeStampConstraint
Indicates if the presence of unsigned property: archive-time-stamp or document timestamp covering the validation data If LTALevelTimeStamp element is absent within the constraint file then null is returned.- Parameters:
context-Context- Returns:
LevelConstraintif LTALevelTimeStamp element is present in the constraint file, null otherwise.
-
getSignatureFormatConstraint
Returns SignatureFormat constraint if present in the policy, null otherwise- Parameters:
context-Context- Returns:
MultiValuesConstraintif SignatureFormat element is present in the constraint file, null otherwise.
-
getCertificateCountryConstraint
Returns CertificateCountry constraint if present in the policy, null otherwise- Parameters:
context-ContextsubContext-SubContext- Returns:
MultiValuesConstraintif CertificateCountry element is present in the constraint file, null otherwise.
-
getCertificateLocalityConstraint
Returns CertificateLocality constraint if present in the policy, null otherwise- Parameters:
context-ContextsubContext-SubContext- Returns:
MultiValuesConstraintif CertificateLocality element is present in the constraint file, null otherwise.
-
getCertificateStateConstraint
Returns CertificateState constraint if present in the policy, null otherwise- Parameters:
context-ContextsubContext-SubContext- Returns:
MultiValuesConstraintif CertificateState element is present in the constraint file, null otherwise.
-
getCertificateOrganizationIdentifierConstraint
MultiValuesConstraint getCertificateOrganizationIdentifierConstraint(Context context, SubContext subContext) Returns CertificateOrganizationIdentifier constraint if present in the policy, null otherwise- Parameters:
context-ContextsubContext-SubContext- Returns:
MultiValuesConstraintif CertificateOrganizationIdentifier element is present in the constraint file, null otherwise.
-
getCertificateOrganizationNameConstraint
MultiValuesConstraint getCertificateOrganizationNameConstraint(Context context, SubContext subContext) Returns CertificateOrganizationName constraint if present in the policy, null otherwise- Parameters:
context-ContextsubContext-SubContext- Returns:
MultiValuesConstraintif CertificateOrganizationName element is present in the constraint file, null otherwise.
-
getCertificateOrganizationUnitConstraint
MultiValuesConstraint getCertificateOrganizationUnitConstraint(Context context, SubContext subContext) Returns CertificateOrganizationUnit constraint if present in the policy, null otherwise- Parameters:
context-ContextsubContext-SubContext- Returns:
MultiValuesConstraintif CertificateOrganizationUnit element is present in the constraint file, null otherwise.
-
getCertificateSurnameConstraint
Returns CertificateSurname constraint if present in the policy, null otherwise- Parameters:
context-ContextsubContext-SubContext- Returns:
MultiValuesConstraintif CertificateSurname element is present in the constraint file, null otherwise.
-
getCertificateGivenNameConstraint
Returns CertificateGivenName constraint if present in the policy, null otherwise- Parameters:
context-ContextsubContext-SubContext- Returns:
MultiValuesConstraintif CertificateGivenName element is present in the constraint file, null otherwise.
-
getCertificateCommonNameConstraint
Returns CertificateCommonName constraint if present in the policy, null otherwise- Parameters:
context-ContextsubContext-SubContext- Returns:
MultiValuesConstraintif CertificateCommonName element is present in the constraint file, null otherwise.
-
getCertificatePseudonymConstraint
Returns CertificatePseudonym constraint if present in the policy, null otherwise- Parameters:
context-ContextsubContext-SubContext- Returns:
MultiValuesConstraintif CertificatePseudonym element is present in the constraint file, null otherwise.
-
getCertificatePseudoUsageConstraint
Returns CertificatePseudoUsage constraint if present in the policy, null otherwise- Parameters:
context-ContextsubContext-SubContext- Returns:
LevelConstraintif CertificatePseudoUsage element is present in the constraint file, null otherwise.
-
getCertificateTitleConstraint
Returns CertificateTitle constraint if present in the policy, null otherwise- Parameters:
context-ContextsubContext-SubContext- Returns:
MultiValuesConstraintif CertificateTitle element is present in the constraint file, null otherwise.
-
getCertificateEmailConstraint
Returns CertificateEmail constraint if present in the policy, null otherwise- Parameters:
context-ContextsubContext-SubContext- Returns:
MultiValuesConstraintif CertificateEmail element is present in the constraint file, null otherwise.
-
getCertificateSerialNumberConstraint
Returns CertificateSerialNumber constraint if present in the policy, null otherwise- Parameters:
context-ContextsubContext-SubContext- Returns:
LevelConstraintif CertificateSerialNumber element is present in the constraint file, null otherwise.
-
getCertificateAuthorityInfoAccessPresentConstraint
LevelConstraint getCertificateAuthorityInfoAccessPresentConstraint(Context context, SubContext subContext) Returns CertificateAuthorityInfoAccessPresent constraint if present in the policy, null otherwise- Parameters:
context-ContextsubContext-SubContext- Returns:
LevelConstraintif CertificateAuthorityInfoAccessPresent element is present in the constraint file, null otherwise.
-
getRevocationDataSkipConstraint
Returns RevocationDataSkip constraint if present in the policy, null otherwise- Parameters:
context-ContextsubContext-SubContext- Returns:
LevelConstraintif RevocationDataSkip element is present in the constraint file, null otherwise.
-
getCertificateRevocationInfoAccessPresentConstraint
LevelConstraint getCertificateRevocationInfoAccessPresentConstraint(Context context, SubContext subContext) Returns CertificateRevocationInfoAccessPresent constraint if present in the policy, null otherwise- Parameters:
context-ContextsubContext-SubContext- Returns:
LevelConstraintif CertificateRevocationInfoAccessPresent element is present in the constraint file, null otherwise.
-
getAcceptedContainerTypesConstraint
MultiValuesConstraint getAcceptedContainerTypesConstraint()Returns AcceptedContainerTypes constraint if present in the policy, null otherwise- Returns:
MultiValuesConstraintif AcceptedContainerTypes element is present in the constraint file, null otherwise.
-
getZipCommentPresentConstraint
LevelConstraint getZipCommentPresentConstraint()Returns ZipCommentPresent constraint if present in the policy, null otherwise- Returns:
LevelConstraintif ZipCommentPresent element is present in the constraint file, null otherwise.
-
getAcceptedZipCommentsConstraint
MultiValuesConstraint getAcceptedZipCommentsConstraint()Returns AcceptedZipComments constraint if present in the policy, null otherwise- Returns:
MultiValuesConstraintif AcceptedZipComments element is present in the constraint file, null otherwise.
-
getMimeTypeFilePresentConstraint
LevelConstraint getMimeTypeFilePresentConstraint()Returns MimeTypeFilePresent constraint if present in the policy, null otherwise- Returns:
LevelConstraintif MimeTypeFilePresent element is present in the constraint file, null otherwise.
-
getAcceptedMimeTypeContentsConstraint
MultiValuesConstraint getAcceptedMimeTypeContentsConstraint()Returns AcceptedMimeTypeContents constraint if present in the policy, null otherwise- Returns:
MultiValuesConstraintif AcceptedMimeTypeContents element is present in the constraint file, null otherwise.
-
getManifestFilePresentConstraint
LevelConstraint getManifestFilePresentConstraint()Returns ManifestFilePresent constraint if present in the policy, null otherwise- Returns:
LevelConstraintif ManifestFilePresent element is present in the constraint file, null otherwise.
-
getSignedFilesPresentConstraint
LevelConstraint getSignedFilesPresentConstraint()Returns SignedFilesPresent constraint if present in the policy, null otherwise- Returns:
LevelConstraintif SignedFilesPresent element is present in the constraint file, null otherwise.
-
getAllFilesSignedConstraint
LevelConstraint getAllFilesSignedConstraint()Returns AllFilesSigned constraint if present in the policy, null otherwise- Returns:
LevelConstraintif AllFilesSigned element is present in the constraint file, null otherwise.
-
getFullScopeConstraint
LevelConstraint getFullScopeConstraint()Returns FullScope constraint if present in the policy, null otherwise- Returns:
LevelConstraintif FullScope element is present in the constraint file, null otherwise.
-
getAcceptablePDFAProfilesConstraint
MultiValuesConstraint getAcceptablePDFAProfilesConstraint()Returns AcceptablePDFAProfiles constraint if present in the policy, null otherwise- Returns:
LevelConstraintif AcceptablePDFAProfiles element is present in the constraint file, null otherwise.
-
getPDFACompliantConstraint
LevelConstraint getPDFACompliantConstraint()Returns PDFACompliant constraint if present in the policy, null otherwise- Returns:
LevelConstraintif PDFACompliant element is present in the constraint file, null otherwise.
-
isEIDASConstraintPresent
boolean isEIDASConstraintPresent()Returns if EIDAS constraints present (qualification check shall be performed)- Returns:
- TRUE if EIDAS constraint present, FALSE otherwise
-
getTLFreshnessConstraint
TimeConstraint getTLFreshnessConstraint()Returns TLFreshness constraint if present in the policy, null otherwise- Returns:
TimeConstraintif TLFreshness element is present in the constraint file, null otherwise.
-
getTLWellSignedConstraint
LevelConstraint getTLWellSignedConstraint()Returns TLWellSigned constraint if present in the policy, null otherwise- Returns:
TimeConstraintif TLWellSigned element is present in the constraint file, null otherwise.
-
getTLNotExpiredConstraint
LevelConstraint getTLNotExpiredConstraint()Returns TLNotExpired constraint if present in the policy, null otherwise- Returns:
TimeConstraintif TLNotExpired element is present in the constraint file, null otherwise.
-
getTLVersionConstraint
ValueConstraint getTLVersionConstraint()Returns TLVersion constraint if present in the policy, null otherwise- Returns:
ValueConstraintif TLVersion element is present in the constraint file, null otherwise.
-
getValidationModel
Model getValidationModel()Returns the used validation model (default is SHELL). Alternatives are CHAIN and HYBRID- Returns:
- the validation model to be used
-
getSignatureConstraints
SignatureConstraints getSignatureConstraints()Returns the constraint used for Signature validation- Returns:
SignatureConstraints
-
getCounterSignatureConstraints
SignatureConstraints getCounterSignatureConstraints()Returns the constraint used for Counter Signature validation- Returns:
SignatureConstraints
-
getTimestampConstraints
TimestampConstraints getTimestampConstraints()Returns the constraint used for Timestamp validation- Returns:
TimestampConstraints
-
getRevocationConstraints
RevocationConstraints getRevocationConstraints()Returns the constraint used for Revocation validation- Returns:
RevocationConstraints
-
getEvidenceRecordConstraints
EvidenceRecordConstraints getEvidenceRecordConstraints()Returns the constraint used for Evidence Record validation- Returns:
EvidenceRecordConstraints
-
getContainerConstraints
ContainerConstraints getContainerConstraints()Returns the constraint used for ASiC Container validation- Returns:
ContainerConstraints
-
getPDFAConstraints
PDFAConstraints getPDFAConstraints()Returns the constraint used for ASiC Container validation- Returns:
ContainerConstraints
-
getEIDASConstraints
-
getCryptographic
CryptographicConstraint getCryptographic()Returns the common constraint used for cryptographic validation- Returns:
CryptographicConstraint
-