Package eu.europa.esig.dss.policy

Interface ValidationPolicy

All Known Implementing Classes:
EtsiValidationPolicy
public interface ValidationPolicy
This class encapsulates the constraint file that controls the policy to be used during the validation process. This is the base class used to implement a specific validation policy

  • Method Details

    • getAlgorithmExpirationDate

      Date getAlgorithmExpirationDate​(String algorithm, Context context, SubContext subContext)
      This function returns the algorithm expiration date extracted from the 'constraint.xml' file. If the TAG AlgoExpirationDate is not present within the constraints null is returned.
      Parameters:
      algorithm - algorithm (SHA1, SHA256, RSA2048...) to be checked
      context - Context
      subContext - SubContext
      Returns:
      expiration date or null

    • getSignaturePolicyConstraint

      MultiValuesConstraint getSignaturePolicyConstraint​(Context context)
      Indicates if the signature policy should be checked. If AcceptablePolicies element is absent within the constraint file then null is returned, otherwise the list of identifiers is initialised.
      Parameters:
      context - Context
      Returns:
      LevelConstraint if SigningTime element is present in the constraint file, null otherwise.

    • getSignaturePolicyIdentifiedConstraint

      LevelConstraint getSignaturePolicyIdentifiedConstraint​(Context context)
      Indicates if the signature policy validation should be processed. If SignaturePolicyIdentifier found, but not relevant SignaturePolicy is retrieved, the check fails.
      Parameters:
      context - Context
      Returns:
      LevelConstraint if SignaturePolicy shall be identified

    • getSignaturePolicyStorePresentConstraint

      LevelConstraint getSignaturePolicyStorePresentConstraint​(Context context)
      Indicates if a SignaturePolicyStore unsigned attribute, containing a used policy binaries, presence shall be checked
      Parameters:
      context - Context
      Returns:
      LevelConstraint if SignaturePolicyStore presence shall be checked

    • getSignaturePolicyPolicyHashValid

      LevelConstraint getSignaturePolicyPolicyHashValid​(Context context)
      Indicates if digest present in a SignaturePolicyIdentifier shall match to the extracted policy content
      Parameters:
      context - Context
      Returns:
      LevelConstraint if SignaturePolicyIdentifier digest shall match

    • getStructuralValidationConstraint

      LevelConstraint getStructuralValidationConstraint​(Context context)
      Indicates if the structural validation should be checked. If StructuralValidation element is absent within the constraint file then null is returned.
      Parameters:
      context - Context
      Returns:
      LevelConstraint if StructuralValidation element is present in the constraint file, null otherwise.

    • getSigningCertificateRefersCertificateChainConstraint

      LevelConstraint getSigningCertificateRefersCertificateChainConstraint​(Context context)
      Indicates if the Signing Certificate attribute should be checked against the certificate chain. If SigningCertificateRefersCertificateChain element is absent within the constraint file then null is returned.
      Parameters:
      context - Context
      Returns:
      LevelConstraint if SigningCertificateRefersCertificateChain element is present in the constraint file, null otherwise.

    • getReferencesToAllCertificateChainPresentConstraint

      LevelConstraint getReferencesToAllCertificateChainPresentConstraint​(Context context)
      Indicates if the whole certificate chain is covered by the Signing Certificate attribute. If ReferencesToAllCertificateChainPresent element is absent within the constraint file then null is returned.
      Parameters:
      context - Context
      Returns:
      LevelConstraint if ReferencesToAllCertificateChainPresent element is present in the constraint file, null otherwise.

    • getSigningTimeConstraint

      LevelConstraint getSigningTimeConstraint​(Context context)
      Indicates if the signed property: signing-time should be checked. If SigningTime element is absent within the constraint file then null is returned.
      Parameters:
      context - Context
      Returns:
      LevelConstraint if SigningTime element is present in the constraint file, null otherwise.

    • getContentTypeConstraint

      ValueConstraint getContentTypeConstraint​(Context context)
      Indicates if the signed property: content-type should be checked. If ContentType element is absent within the constraint file then null is returned.
      Parameters:
      context - Context
      Returns:
      ValueConstraint if ContentType element is present in the constraint file, null otherwise.

    • getContentHintsConstraint

      ValueConstraint getContentHintsConstraint​(Context context)
      Indicates if the signed property: content-hints should be checked. If ContentHints element is absent within the constraint file then null is returned.
      Parameters:
      context - Context
      Returns:
      ValueConstraint if ContentHints element is present in the constraint file, null otherwise.

    • getContentIdentifierConstraint

      ValueConstraint getContentIdentifierConstraint​(Context context)
      Indicates if the signed property: content-identifier should be checked. If ContentIdentifier element is absent within the constraint file then null is returned.
      Parameters:
      context - Context
      Returns:
      ValueConstraint if ContentIdentifier element is present in the constraint file, null otherwise.

    • getMessageDigestOrSignedPropertiesConstraint

      LevelConstraint getMessageDigestOrSignedPropertiesConstraint​(Context context)
      Indicates if the signed property: message-digest (for CAdES) or SignedProperties (for XAdES) should be checked. If the relative element is absent within the constraint file then null is returned.
      Parameters:
      context - Context
      Returns:
      LevelConstraint if message-digests/SignedProperties element is present in the constraint file, null otherwise.

    • getCommitmentTypeIndicationConstraint

      MultiValuesConstraint getCommitmentTypeIndicationConstraint​(Context context)
      Indicates if the signed property: commitment-type-indication should be checked. If CommitmentTypeIndication element is absent within the constraint file then null is returned, otherwise the list of identifiers is initialised.
      Parameters:
      context - Context
      Returns:
      MultiValuesConstraint if CommitmentTypeIndication element is present in the constraint file, null otherwise.

    • getSignerLocationConstraint

      LevelConstraint getSignerLocationConstraint​(Context context)
      Indicates if the signed property: signer-location should be checked. If SignerLocation element is absent within the constraint file then null is returned.
      Parameters:
      context - Context
      Returns:
      LevelConstraint if SignerLocation element is present in the constraint file, null otherwise.

    • getContentTimestampConstraint

      LevelConstraint getContentTimestampConstraint​(Context context)
      Indicates if the signed property: content-time-stamp should be checked. If ContentTimeStamp element is absent within the constraint file then null is returned.
      Parameters:
      context - Context
      Returns:
      LevelConstraint if ContentTimeStamp element is present in the constraint file, null otherwise.

    • getClaimedRoleConstraint

      MultiValuesConstraint getClaimedRoleConstraint​(Context context)
      Indicates if the unsigned property: claimed-role should be checked. If ClaimedRoles element is absent within the constraint file then null is returned.
      Parameters:
      context - Context
      Returns:
      MultiValuesConstraint if ClaimedRoles element is present in the constraint file, null otherwise.

    • getCertifiedRolesConstraint

      MultiValuesConstraint getCertifiedRolesConstraint​(Context context)
      Return the mandated signer role.
      Parameters:
      context - Context
      Returns:
      MultiValuesConstraint

    • getPolicyName

      String getPolicyName()
      Returns the name of the policy.
      Returns:
      String

    • getPolicyDescription

      String getPolicyDescription()
      Returns the policy description.
      Returns:
      String

    • getSignatureCryptographicConstraint

      CryptographicConstraint getSignatureCryptographicConstraint​(Context context)
      This method creates the SignatureCryptographicConstraint corresponding to the context parameter. If AcceptableEncryptionAlgo is not present in the constraint file the null is returned.
      Parameters:
      context - The context of the signature cryptographic constraints: MainSignature, Timestamp, Revocation
      Returns:
      SignatureCryptographicConstraint if AcceptableEncryptionAlgo for a given context element is present in the constraint file, null otherwise.

    • getCertificateCryptographicConstraint

      CryptographicConstraint getCertificateCryptographicConstraint​(Context context, SubContext subContext)
      This method creates the SignatureCryptographicConstraint corresponding to the context parameter. If AcceptableEncryptionAlgo is not present in the constraint file the null is returned.
      Parameters:
      context - The context of the signature cryptographic constraints: MainSignature, Timestamp, Revocation
      subContext - the sub context of the signature cryptographic constraints: EMPTY (signature itself), SigningCertificate, CACertificate
      Returns:
      SignatureCryptographicConstraint if AcceptableEncryptionAlgo for a given context element is present in the constraint file, null otherwise.

    • getCertificateKeyUsageConstraint

      MultiValuesConstraint getCertificateKeyUsageConstraint​(Context context, SubContext subContext)
      Returns certificate key usage constraint
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      LevelConstraint if key-usage for a given context element is present in the constraint file, null otherwise.

    • getCertificateExtendedKeyUsageConstraint

      MultiValuesConstraint getCertificateExtendedKeyUsageConstraint​(Context context, SubContext subContext)
      Returns certificate extended key usage constraint
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      LevelConstraint if extended key-usage for a given context element is present in the constraint file, null otherwise.

    • getCertificateNotExpiredConstraint

      LevelConstraint getCertificateNotExpiredConstraint​(Context context, SubContext subContext)
      Returns certificate's not expired constraint
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      LevelConstraint if Expiration for a given context element is present in the constraint file, null otherwise.

    • getProspectiveCertificateChainConstraint

      LevelConstraint getProspectiveCertificateChainConstraint​(Context context)
      This constraint requests the presence of the trust anchor in the certificate chain.
      Parameters:
      context - Context
      Returns:
      LevelConstraint if ProspectiveCertificateChain element for a given context element is present in the constraint file, null otherwise.

    • getCertificateSignatureConstraint

      LevelConstraint getCertificateSignatureConstraint​(Context context, SubContext subContext)
      Returns certificate's signature constraint
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      LevelConstraint if Signature for a given context element is present in the constraint file, null otherwise.

    • getUnknownStatusConstraint

      LevelConstraint getUnknownStatusConstraint()
      The method returns UnknownStatus constraint
      Returns:
      LevelConstraint

    • getOCSPResponseCertHashPresentConstraint

      LevelConstraint getOCSPResponseCertHashPresentConstraint()
      The method returns OCSPCertHashPresent constraint
      Returns:
      LevelConstraint

    • getOCSPResponseCertHashMatchConstraint

      LevelConstraint getOCSPResponseCertHashMatchConstraint()
      The method returns OCSPCertHashMatch constraint
      Returns:
      LevelConstraint

    • getSelfIssuedOCSPConstraint

      LevelConstraint getSelfIssuedOCSPConstraint()
      The method returns SelfIssuedOCSP constraint
      Returns:
      LevelConstraint

    • getRevocationDataAvailableConstraint

      LevelConstraint getRevocationDataAvailableConstraint​(Context context, SubContext subContext)
      Returns revocation data available constraint
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      LevelConstraint if RevocationDataAvailable for a given context element is present in the constraint file, null otherwise.

    • getRevocationDataNextUpdatePresentConstraint

      LevelConstraint getRevocationDataNextUpdatePresentConstraint​(Context context, SubContext subContext)
      Returns revocation data's nextUpdate present constraint
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      LevelConstraint if RevocationDataNextUpdatePresent for a given context element is present in the constraint file, null otherwise.

    • getCertificateRevocationFreshnessConstraint

      LevelConstraint getCertificateRevocationFreshnessConstraint​(Context context, SubContext subContext)
      Returns revocation data's freshness constraint
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      LevelConstraint if RevocationFreshness for a given context element is present in the constraint file, null otherwise.

    • getCertificateNotRevokedConstraint

      LevelConstraint getCertificateNotRevokedConstraint​(Context context, SubContext subContext)
      Returns certificate's not revoked constraint
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      LevelConstraint if Revoked for a given context element is present in the constraint file, null otherwise.

    • getCertificateNotOnHoldConstraint

      LevelConstraint getCertificateNotOnHoldConstraint​(Context context, SubContext subContext)
      Returns certificate's not onHold constraint
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      LevelConstraint if OnHold for a given context element is present in the constraint file, null otherwise.

    • getCertificateNotSelfSignedConstraint

      LevelConstraint getCertificateNotSelfSignedConstraint​(Context context, SubContext subContext)
      Returns certificate's not self-signed constraint
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      LevelConstraint if not self-signed for a given context element is present in the constraint file, null otherwise.

    • getCertificateSelfSignedConstraint

      LevelConstraint getCertificateSelfSignedConstraint​(Context context, SubContext subContext)
      Returns certificate's self-signed constraint
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      LevelConstraint if self-signed for a given context element is present in the constraint file, null otherwise.

    • getTrustedServiceTypeIdentifierConstraint

      MultiValuesConstraint getTrustedServiceTypeIdentifierConstraint​(Context context)
      Returns trusted service type identifier constraint
      Parameters:
      context - Context
      Returns:
      LevelConstraint if trusted service type identifier for a given context element is present in the constraint file, null otherwise.

    • getTrustedServiceStatusConstraint

      MultiValuesConstraint getTrustedServiceStatusConstraint​(Context context)
      Returns trusted service status constraint
      Parameters:
      context - Context
      Returns:
      LevelConstraint if trusted service status for a given context element is present in the constraint file, null otherwise.

    • getCertificateQualificationConstraint

      LevelConstraint getCertificateQualificationConstraint​(Context context, SubContext subContext)
      Indicates if the end user certificate is qualified.
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      LevelConstraint if Qualification for a given context element is present in the constraint file, null otherwise.

    • getCertificateSupportedByQSCDConstraint

      LevelConstraint getCertificateSupportedByQSCDConstraint​(Context context, SubContext subContext)
      Indicates if the end user certificate used in validating the signature is mandated to be supported by a secure signature creation device (QSCD).
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      LevelConstraint if SupportedByQSCD for a given context element is present in the constraint file, null otherwise.

    • getCertificateIssuedToLegalPersonConstraint

      LevelConstraint getCertificateIssuedToLegalPersonConstraint​(Context context, SubContext subContext)
      Indicates if the end user certificate used in validating the signature is issued to a legal person.
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      LevelConstraint if IssuedToLegalPerson for a given context element is present in the constraint file, null otherwise.

    • getSigningCertificateRecognitionConstraint

      LevelConstraint getSigningCertificateRecognitionConstraint​(Context context)
      Indicates if the end user certificate used in validating the signature is issued to a natural person.
      Parameters:
      context - Context
      Returns:
      LevelConstraint if Recognition for a given context element is present in the constraint file, null otherwise.

    • getSigningCertificateAttributePresentConstraint

      LevelConstraint getSigningCertificateAttributePresentConstraint​(Context context)
      Indicates if the signing certificate attribute is present
      Parameters:
      context - Context
      Returns:
      LevelConstraint if SigningCertificateAttribute for a given context element is present in the constraint file, null otherwise.

    • getUnicitySigningCertificateAttributeConstraint

      LevelConstraint getUnicitySigningCertificateAttributeConstraint​(Context context)
      Indicates if the signing certificate is not ambiguously determines
      Parameters:
      context - Context
      Returns:
      LevelConstraint if UnicitySigningCertificate for a given context element is present in the constraint file, null otherwise.

    • getSigningCertificateDigestValuePresentConstraint

      LevelConstraint getSigningCertificateDigestValuePresentConstraint​(Context context)
      Indicates if the signing certificate reference's digest value is present
      Parameters:
      context - Context
      Returns:
      LevelConstraint if DigestValuePresent for a given context element is present in the constraint file, null otherwise.

    • getSigningCertificateDigestValueMatchConstraint

      LevelConstraint getSigningCertificateDigestValueMatchConstraint​(Context context)
      Indicates if the signing certificate reference's digest value matches
      Parameters:
      context - Context
      Returns:
      LevelConstraint if DigestValueMatch for a given context element is present in the constraint file, null otherwise.

    • getAllSigningCertificateDigestValuesMatchConstraint

      LevelConstraint getAllSigningCertificateDigestValuesMatchConstraint​(Context context)
      Indicates if all signing certificate reference digests match the signing certificate
      Parameters:
      context - Context
      Returns:
      LevelConstraint if AllCertDigestsMatch for a given context element is present in the constraint file, null otherwise.

    • getSigningCertificateIssuerSerialMatchConstraint

      LevelConstraint getSigningCertificateIssuerSerialMatchConstraint​(Context context)
      Indicates if the signing certificate reference's issuer serial matches
      Parameters:
      context - Context
      Returns:
      LevelConstraint if IssuerSerialMatch for a given context element is present in the constraint file, null otherwise.

    • getReferenceDataExistenceConstraint

      LevelConstraint getReferenceDataExistenceConstraint​(Context context)
      Indicates if the referenced data is found
      Parameters:
      context - Context
      Returns:
      LevelConstraint if ReferenceDataExistence for a given context element is present in the constraint file, null otherwise.

    • getReferenceDataIntactConstraint

      LevelConstraint getReferenceDataIntactConstraint​(Context context)
      Indicates if the referenced data is intact
      Parameters:
      context - Context
      Returns:
      LevelConstraint if ReferenceDataIntact for a given context element is present in the constraint file, null otherwise.

    • getManifestEntryObjectExistenceConstraint

      LevelConstraint getManifestEntryObjectExistenceConstraint​(Context context)
      Indicates if the manifested document is found
      Parameters:
      context - Context
      Returns:
      LevelConstraint if ManifestEntryObjectExistence for a given context element is present in the constraint file, null otherwise.

    • getSignatureIntactConstraint

      LevelConstraint getSignatureIntactConstraint​(Context context)
      Indicates if the signature is intact
      Parameters:
      context - Context
      Returns:
      SignatureDataIntact if SignatureIntact for a given context element is present in the constraint file, null otherwise.

    • getSignatureDuplicatedConstraint

      LevelConstraint getSignatureDuplicatedConstraint​(Context context)
      Indicates if the signature is not ambiguous
      Parameters:
      context - Context
      Returns:
      SignatureDuplicated if SignatureDuplicated for a given context element is present in the constraint file, null otherwise.

    • getSignerInformationStoreConstraint

      LevelConstraint getSignerInformationStoreConstraint​(Context context)
      This constraint checks if only one SignerInfo is present into a SignerInformationStore NOTE: applicable only for PAdES
      Parameters:
      context - Context
      Returns:
      LevelConstraint if SignerInformationStore element for a given context element is present in the constraint file, null otherwise.

    • getPdfPageDifferenceConstraint

      LevelConstraint getPdfPageDifferenceConstraint​(Context context)
      Indicates if a PDF page difference check should be proceeded. If PdfPageDifference element is absent within the constraint file then null is returned.
      Parameters:
      context - Context
      Returns:
      LevelConstraint if PdfPageDifference element is present in the constraint file, null otherwise.

    • getPdfAnnotationOverlapConstraint

      LevelConstraint getPdfAnnotationOverlapConstraint​(Context context)
      Indicates if a PDF annotation overlapping check should be proceeded. If PdfAnnotationOverlap element is absent within the constraint file then null is returned.
      Parameters:
      context - Context
      Returns:
      LevelConstraint if PdfAnnotationOverlap element is present in the constraint file, null otherwise.

    • getPdfVisualDifferenceConstraint

      LevelConstraint getPdfVisualDifferenceConstraint​(Context context)
      Indicates if a PDF visual difference check should be proceeded. If PdfVisualDifference element is absent within the constraint file then null is returned.
      Parameters:
      context - Context
      Returns:
      LevelConstraint if PdfVisualDifference element is present in the constraint file, null otherwise.

    • getBestSignatureTimeBeforeExpirationDateOfSigningCertificateConstraint

      LevelConstraint getBestSignatureTimeBeforeExpirationDateOfSigningCertificateConstraint()
      This constraint checks if the certificate is not expired on best-signature-time
      Returns:
      LevelConstraint if BestSignatureTimeBeforeExpirationDateOfSigningCertificate element is present in the constraint file, null otherwise.

    • getTimestampCoherenceConstraint

      LevelConstraint getTimestampCoherenceConstraint()
      This constraint checks if the timestamp order is coherent
      Returns:
      LevelConstraint if TimestampCoherence element is present in the constraint file, null otherwise.

    • getTimestampDelayConstraint

      TimeConstraint getTimestampDelayConstraint()
      Returns TimestampDelay constraint if present in the policy, null otherwise
      Returns:
      TimeConstraint if TimestampDelay element is present in the constraint file, null otherwise.

    • getRevocationTimeAgainstBestSignatureTimeConstraint

      LevelConstraint getRevocationTimeAgainstBestSignatureTimeConstraint()
      Returns RevocationTimeAgainstBestSignatureTime constraint if present in the policy, null otherwise
      Returns:
      LevelConstraint if RevocationTimeAgainstBestSignatureTime element is present in the constraint file, null otherwise.

    • getRevocationFreshnessConstraint

      TimeConstraint getRevocationFreshnessConstraint()
      Returns RevocationFreshness constraint if present in the policy, null otherwise
      Returns:
      TimeConstraint if RevocationFreshness element is present in the constraint file, null otherwise.

    • getCounterSignatureConstraint

      LevelConstraint getCounterSignatureConstraint​(Context context)
      Returns CounterSignature constraint if present in the policy, null otherwise
      Parameters:
      context - ContextDiagnosticDataFacade
      Returns:
      LevelConstraint if CounterSignature element is present in the constraint file, null otherwise.

    • getSignatureFormatConstraint

      MultiValuesConstraint getSignatureFormatConstraint​(Context context)
      Returns SignatureFormat constraint if present in the policy, null otherwise
      Parameters:
      context - Context
      Returns:
      MultiValuesConstraint if SignatureFormat element is present in the constraint file, null otherwise.

    • getCertificateCountryConstraint

      MultiValuesConstraint getCertificateCountryConstraint​(Context context, SubContext subContext)
      Returns CertificateCountry constraint if present in the policy, null otherwise
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      MultiValuesConstraint if CertificateCountry element is present in the constraint file, null otherwise.

    • getCertificateOrganizationNameConstraint

      MultiValuesConstraint getCertificateOrganizationNameConstraint​(Context context, SubContext subContext)
      Returns CertificateOrganizationName constraint if present in the policy, null otherwise
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      MultiValuesConstraint if CertificateOrganizationName element is present in the constraint file, null otherwise.

    • getCertificateOrganizationUnitConstraint

      MultiValuesConstraint getCertificateOrganizationUnitConstraint​(Context context, SubContext subContext)
      Returns CertificateOrganizationUnit constraint if present in the policy, null otherwise
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      MultiValuesConstraint if CertificateOrganizationUnit element is present in the constraint file, null otherwise.

    • getCertificateSurnameConstraint

      MultiValuesConstraint getCertificateSurnameConstraint​(Context context, SubContext subContext)
      Returns CertificateSurname constraint if present in the policy, null otherwise
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      MultiValuesConstraint if CertificateSurname element is present in the constraint file, null otherwise.

    • getCertificateGivenNameConstraint

      MultiValuesConstraint getCertificateGivenNameConstraint​(Context context, SubContext subContext)
      Returns CertificateGivenName constraint if present in the policy, null otherwise
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      MultiValuesConstraint if CertificateGivenName element is present in the constraint file, null otherwise.

    • getCertificateCommonNameConstraint

      MultiValuesConstraint getCertificateCommonNameConstraint​(Context context, SubContext subContext)
      Returns CertificateCommonName constraint if present in the policy, null otherwise
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      MultiValuesConstraint if CertificateCommonName element is present in the constraint file, null otherwise.

    • getCertificatePseudonymConstraint

      MultiValuesConstraint getCertificatePseudonymConstraint​(Context context, SubContext subContext)
      Returns CertificatePseudonym constraint if present in the policy, null otherwise
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      MultiValuesConstraint if CertificatePseudonym element is present in the constraint file, null otherwise.

    • getCertificatePseudoUsageConstraint

      LevelConstraint getCertificatePseudoUsageConstraint​(Context context, SubContext subContext)
      Returns CertificatePseudoUsage constraint if present in the policy, null otherwise
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      LevelConstraint if CertificatePseudoUsage element is present in the constraint file, null otherwise.

    • getCertificateSerialNumberConstraint

      LevelConstraint getCertificateSerialNumberConstraint​(Context context, SubContext subContext)
      Returns CertificateSerialNumber constraint if present in the policy, null otherwise
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      LevelConstraint if CertificateSerialNumber element is present in the constraint file, null otherwise.

    • getCertificateAuthorityInfoAccessPresentConstraint

      LevelConstraint getCertificateAuthorityInfoAccessPresentConstraint​(Context context, SubContext subContext)
      Returns CertificateAuthorityInfoAccessPresent constraint if present in the policy, null otherwise
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      LevelConstraint if CertificateAuthorityInfoAccessPresent element is present in the constraint file, null otherwise.

    • getCertificateRevocationInfoAccessPresentConstraint

      LevelConstraint getCertificateRevocationInfoAccessPresentConstraint​(Context context, SubContext subContext)
      Returns CertificateRevocationInfoAccessPresent constraint if present in the policy, null otherwise
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      LevelConstraint if CertificateRevocationInfoAccessPresent element is present in the constraint file, null otherwise.

    • getCertificatePolicyIdsConstraint

      MultiValuesConstraint getCertificatePolicyIdsConstraint​(Context context, SubContext subContext)
      Returns CertificatePolicyIds constraint if present in the policy, null otherwise
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      MultiValuesConstraint if CertificatePolicyIds element is present in the constraint file, null otherwise.

    • getCertificateQCStatementIdsConstraint

      MultiValuesConstraint getCertificateQCStatementIdsConstraint​(Context context, SubContext subContext)
      Returns CertificateQCStatementIds constraint if present in the policy, null otherwise
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      MultiValuesConstraint if CertificateQCStatementIds element is present in the constraint file, null otherwise.

    • getCertificateIssuedToNaturalPersonConstraint

      LevelConstraint getCertificateIssuedToNaturalPersonConstraint​(Context context, SubContext subContext)
      Returns CertificateIssuedToNaturalPerson constraint if present in the policy, null otherwise
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      LevelConstraint if CertificateIssuedToNaturalPerson element is present in the constraint file, null otherwise.

    • getAcceptedContainerTypesConstraint

      MultiValuesConstraint getAcceptedContainerTypesConstraint()
      Returns AcceptedContainerTypes constraint if present in the policy, null otherwise
      Returns:
      MultiValuesConstraint if AcceptedContainerTypes element is present in the constraint file, null otherwise.

    • getZipCommentPresentConstraint

      LevelConstraint getZipCommentPresentConstraint()
      Returns ZipCommentPresent constraint if present in the policy, null otherwise
      Returns:
      LevelConstraint if ZipCommentPresent element is present in the constraint file, null otherwise.

    • getAcceptedZipCommentsConstraint

      MultiValuesConstraint getAcceptedZipCommentsConstraint()
      Returns AcceptedZipComments constraint if present in the policy, null otherwise
      Returns:
      MultiValuesConstraint if AcceptedZipComments element is present in the constraint file, null otherwise.

    • getMimeTypeFilePresentConstraint

      LevelConstraint getMimeTypeFilePresentConstraint()
      Returns MimeTypeFilePresent constraint if present in the policy, null otherwise
      Returns:
      LevelConstraint if MimeTypeFilePresent element is present in the constraint file, null otherwise.

    • getAcceptedMimeTypeContentsConstraint

      MultiValuesConstraint getAcceptedMimeTypeContentsConstraint()
      Returns AcceptedMimeTypeContents constraint if present in the policy, null otherwise
      Returns:
      MultiValuesConstraint if AcceptedMimeTypeContents element is present in the constraint file, null otherwise.

    • getAllFilesSignedConstraint

      LevelConstraint getAllFilesSignedConstraint()
      Returns AllFilesSigned constraint if present in the policy, null otherwise
      Returns:
      LevelConstraint if AllFilesSigned element is present in the constraint file, null otherwise.

    • getManifestFilePresentConstraint

      LevelConstraint getManifestFilePresentConstraint()
      Returns ManifestFilePresent constraint if present in the policy, null otherwise
      Returns:
      LevelConstraint if ManifestFilePresent element is present in the constraint file, null otherwise.

    • getSignedFilesPresentConstraint

      LevelConstraint getSignedFilesPresentConstraint()
      Returns SignedFilesPresent constraint if present in the policy, null otherwise
      Returns:
      LevelConstraint if SignedFilesPresent element is present in the constraint file, null otherwise.

    • getFullScopeConstraint

      LevelConstraint getFullScopeConstraint()
      Returns FullScope constraint if present in the policy, null otherwise
      Returns:
      LevelConstraint if FullScope element is present in the constraint file, null otherwise.

    • isEIDASConstraintPresent

      boolean isEIDASConstraintPresent()
      Returns if EIDAS constraints present (qualification check shall be performed)
      Returns:
      TRUE if EIDAS constraint present, FALSE otherwise

    • getTLFreshnessConstraint

      TimeConstraint getTLFreshnessConstraint()
      Returns TLFreshness constraint if present in the policy, null otherwise
      Returns:
      TimeConstraint if TLFreshness element is present in the constraint file, null otherwise.

    • getTLWellSignedConstraint

      LevelConstraint getTLWellSignedConstraint()
      Returns TLWellSigned constraint if present in the policy, null otherwise
      Returns:
      TimeConstraint if TLWellSigned element is present in the constraint file, null otherwise.

    • getTLNotExpiredConstraint

      LevelConstraint getTLNotExpiredConstraint()
      Returns TLNotExpired constraint if present in the policy, null otherwise
      Returns:
      TimeConstraint if TLNotExpired element is present in the constraint file, null otherwise.

    • getTLVersionConstraint

      ValueConstraint getTLVersionConstraint()
      Returns TLVersion constraint if present in the policy, null otherwise
      Returns:
      ValueConstraint if TLVersion element is present in the constraint file, null otherwise.

    • getValidationModel

      Model getValidationModel()
      Returns the used validation model (default is SHELL). Alternatives are CHAIN and HYBRID
      Returns:
      the validation model to be used

    • getContainerConstraints

      ContainerConstraints getContainerConstraints()
      Returns the constraint used for ASiC Container validation
      Returns:
      ContainerConstraints

    • getSignatureConstraints

      SignatureConstraints getSignatureConstraints()
      Returns the constraint used for Signature validation
      Returns:
      SignatureConstraints

    • getCounterSignatureConstraints

      SignatureConstraints getCounterSignatureConstraints()
      Returns the constraint used for Counter Signature validation
      Returns:
      SignatureConstraints

    • getTimestampConstraints

      TimestampConstraints getTimestampConstraints()
      Returns the constraint used for Timestamp validation
      Returns:
      TimestampConstraints

    • getRevocationConstraints

      RevocationConstraints getRevocationConstraints()
      Returns the constraint used for Revocation validation
      Returns:
      RevocationConstraints

    • getEIDASConstraints

      EIDAS getEIDASConstraints()
      Returns the constraint used for qualification validation
      Returns:
      EIDAS

    • getCryptographic

      CryptographicConstraint getCryptographic()
      Returns the common constraint used for cryptographic validation
      Returns:
      CryptographicConstraint