Package eu.europa.esig.dss.model.policy

Interface ValidationPolicy

All Known Implementing Classes:
EtsiValidationPolicy, ValidationPolicyWithCryptographicSuite
public interface ValidationPolicy
This class encapsulates the constraint file that controls the policy to be used during the validation process. This is the base class used to implement a specific validation policy

  • Method Details

    • getPolicyName

      String getPolicyName()
      Returns the name of the policy.
      Returns:
      String

    • getPolicyDescription

      String getPolicyDescription()
      Returns the policy description.
      Returns:
      String

    • getSignaturePolicyConstraint

      MultiValuesRule getSignaturePolicyConstraint(Context context)
      Indicates if the signature policy should be checked. If AcceptablePolicies element is absent within the constraint file then null is returned, otherwise the list of identifiers is initialised.
      Parameters:
      context - Context
      Returns:
      LevelRule if SigningTime element is present in the constraint file, null otherwise.

    • getSignaturePolicyIdentifiedConstraint

      LevelRule getSignaturePolicyIdentifiedConstraint(Context context)
      Indicates if the signature policy validation should be processed. If SignaturePolicyIdentifier found, but not relevant SignaturePolicy is retrieved, the check fails.
      Parameters:
      context - Context
      Returns:
      LevelRule if SignaturePolicy shall be identified

    • getSignaturePolicyStorePresentConstraint

      LevelRule getSignaturePolicyStorePresentConstraint(Context context)
      Indicates if a SignaturePolicyStore unsigned attribute, containing a used policy binaries, presence shall be checked
      Parameters:
      context - Context
      Returns:
      LevelRule if SignaturePolicyStore presence shall be checked

    • getSignaturePolicyPolicyHashValid

      LevelRule getSignaturePolicyPolicyHashValid(Context context)
      Indicates if digest present in a SignaturePolicyIdentifier shall match to the extracted policy content
      Parameters:
      context - Context
      Returns:
      LevelRule if SignaturePolicyIdentifier digest shall match

    • getStructuralValidationConstraint

      LevelRule getStructuralValidationConstraint(Context context)
      Indicates if the structural validation should be checked. If StructuralValidation element is absent within the constraint file then null is returned.
      Parameters:
      context - Context
      Returns:
      LevelRule if StructuralValidation element is present in the constraint file, null otherwise.

    • getSigningCertificateRefersCertificateChainConstraint

      LevelRule getSigningCertificateRefersCertificateChainConstraint(Context context)
      Indicates if the Signing Certificate attribute should be checked against the certificate chain. If SigningCertificateRefersCertificateChain element is absent within the constraint file then null is returned.
      Parameters:
      context - Context
      Returns:
      LevelRule if SigningCertificateRefersCertificateChain element is present in the constraint file, null otherwise.

    • getReferencesToAllCertificateChainPresentConstraint

      LevelRule getReferencesToAllCertificateChainPresentConstraint(Context context)
      Indicates if the whole certificate chain is covered by the Signing Certificate attribute. If ReferencesToAllCertificateChainPresent element is absent within the constraint file then null is returned.
      Parameters:
      context - Context
      Returns:
      LevelRule if ReferencesToAllCertificateChainPresent element is present in the constraint file, null otherwise.

    • getSigningCertificateDigestAlgorithmConstraint

      LevelRule getSigningCertificateDigestAlgorithmConstraint(Context context)
      Checks if a used DigestAlgorithm in signing-certificate-reference creation matches the corresponding cryptographic constraint
      Parameters:
      context - Context
      Returns:
      LevelRule if SigningCertificateDigestAlgorithm for a given context element is present in the constraint file, null otherwise.

    • getSigningDurationRule

      LevelRule getSigningDurationRule(Context context)
      Indicates if the signed property: signing-time should be checked. If SigningTime element is absent within the constraint file then null is returned.
      Parameters:
      context - Context
      Returns:
      LevelRule if SigningTime element is present in the constraint file, null otherwise.

    • getContentTypeConstraint

      ValueRule getContentTypeConstraint(Context context)
      Indicates if the signed property: content-type should be checked. If ContentType element is absent within the constraint file then null is returned.
      Parameters:
      context - Context
      Returns:
      ValueRule if ContentType element is present in the constraint file, null otherwise.

    • getContentHintsConstraint

      ValueRule getContentHintsConstraint(Context context)
      Indicates if the signed property: content-hints should be checked. If ContentHints element is absent within the constraint file then null is returned.
      Parameters:
      context - Context
      Returns:
      ValueRule if ContentHints element is present in the constraint file, null otherwise.

    • getContentIdentifierConstraint

      ValueRule getContentIdentifierConstraint(Context context)
      Indicates if the signed property: content-identifier should be checked. If ContentIdentifier element is absent within the constraint file then null is returned.
      Parameters:
      context - Context
      Returns:
      ValueRule if ContentIdentifier element is present in the constraint file, null otherwise.

    • getMessageDigestOrSignedPropertiesConstraint

      LevelRule getMessageDigestOrSignedPropertiesConstraint(Context context)
      Indicates if the signed property: message-digest (for CAdES) or SignedProperties (for XAdES) should be checked. If the relative element is absent within the constraint file then null is returned.
      Parameters:
      context - Context
      Returns:
      LevelRule if message-digests/SignedProperties element is present in the constraint file, null otherwise.

    • getEllipticCurveKeySizeConstraint

      LevelRule getEllipticCurveKeySizeConstraint(Context context)
      This constraint checks whether a JWA signature has a valid elliptic curve key size
      Parameters:
      context - Context
      Returns:
      LevelRule if EllipticCurveKeySize element is present in the constraint file, null otherwise.

    • getCommitmentTypeIndicationConstraint

      MultiValuesRule getCommitmentTypeIndicationConstraint(Context context)
      Indicates if the signed property: commitment-type-indication should be checked. If CommitmentTypeIndication element is absent within the constraint file then null is returned, otherwise the list of identifiers is initialised.
      Parameters:
      context - Context
      Returns:
      MultiValuesRule if CommitmentTypeIndication element is present in the constraint file, null otherwise.

    • getSignerLocationConstraint

      LevelRule getSignerLocationConstraint(Context context)
      Indicates if the signed property: signer-location should be checked. If SignerLocation element is absent within the constraint file then null is returned.
      Parameters:
      context - Context
      Returns:
      LevelRule if SignerLocation element is present in the constraint file, null otherwise.

    • getContentTimeStampConstraint

      LevelRule getContentTimeStampConstraint(Context context)
      Indicates if the signed property: content-time-stamp should be checked. If ContentTimeStamp element is absent within the constraint file then null is returned.
      Parameters:
      context - Context
      Returns:
      LevelRule if ContentTimeStamp element is present in the constraint file, null otherwise.

    • getContentTimeStampMessageImprintConstraint

      LevelRule getContentTimeStampMessageImprintConstraint(Context context)
      Indicates if the signed property: content-time-stamp message-imprint should be checked. If ContentTimeStampMessageImprint element is absent within the constraint file then null is returned.
      Parameters:
      context - Context
      Returns:
      LevelRule if ContentTimeStampMessageImprint element is present in the constraint file, null otherwise.

    • getClaimedRoleConstraint

      MultiValuesRule getClaimedRoleConstraint(Context context)
      Indicates if the unsigned property: claimed-role should be checked. If ClaimedRoles element is absent within the constraint file then null is returned.
      Parameters:
      context - Context
      Returns:
      MultiValuesRule if ClaimedRoles element is present in the constraint file, null otherwise.

    • getCertifiedRolesConstraint

      MultiValuesRule getCertifiedRolesConstraint(Context context)
      Return the mandated signer role.
      Parameters:
      context - Context
      Returns:
      MultiValuesRule

    • getSignatureCryptographicConstraint

      CryptographicSuite getSignatureCryptographicConstraint(Context context)
      This method creates the CryptographicSuite corresponding to the context parameter. If AcceptableEncryptionAlgo is not present in the constraint file the null is returned.
      Parameters:
      context - The context of the signature cryptographic constraints: MainSignature, Timestamp, Revocation
      Returns:
      CryptographicSuite if AcceptableEncryptionAlgo for a given context element is present in the constraint file, null otherwise.

    • getCertificateCryptographicConstraint

      CryptographicSuite getCertificateCryptographicConstraint(Context context, SubContext subContext)
      This method creates the CryptographicSuite corresponding to the context parameter. If AcceptableEncryptionAlgo is not present in the constraint file the null is returned.
      Parameters:
      context - The context of the signature cryptographic constraints: MainSignature, Timestamp, Revocation
      subContext - the sub context of the signature cryptographic constraints: EMPTY (signature itself), SigningCertificate, CACertificate
      Returns:
      CryptographicSuite if AcceptableEncryptionAlgo for a given context element is present in the constraint file, null otherwise.

    • getEvidenceRecordCryptographicConstraint

      CryptographicSuite getEvidenceRecordCryptographicConstraint()
      This method returns cryptographic constraints for validation of Evidence Record
      Returns:
      CryptographicSuite

    • getCertificateCAConstraint

      LevelRule getCertificateCAConstraint(Context context, SubContext subContext)
      Returns certificate CA constraint
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      LevelRule if CA for a given context element is present in the constraint file, null otherwise.

    • getCertificateIssuerNameConstraint

      LevelRule getCertificateIssuerNameConstraint(Context context, SubContext subContext)
      Returns certificate IssuerName constraint
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      LevelRule if IssuerName for a given context element is present in the constraint file, null otherwise.

    • getCertificateMaxPathLengthConstraint

      LevelRule getCertificateMaxPathLengthConstraint(Context context, SubContext subContext)
      Returns certificate MaxPathLength constraint
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      LevelRule if MaxPathLength for a given context element is present in the constraint file, null otherwise.

    • getCertificateKeyUsageConstraint

      MultiValuesRule getCertificateKeyUsageConstraint(Context context, SubContext subContext)
      Returns certificate key usage constraint
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      LevelRule if key-usage for a given context element is present in the constraint file, null otherwise.

    • getCertificateExtendedKeyUsageConstraint

      MultiValuesRule getCertificateExtendedKeyUsageConstraint(Context context, SubContext subContext)
      Returns certificate extended key usage constraint
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      LevelRule if extended key-usage for a given context element is present in the constraint file, null otherwise.

    • getCertificatePolicyTreeConstraint

      LevelRule getCertificatePolicyTreeConstraint(Context context, SubContext subContext)
      Returns certificate PolicyTree constraint
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      LevelRule if PolicyTree for a given context element is present in the constraint file, null otherwise.

    • getCertificateNameConstraintsConstraint

      LevelRule getCertificateNameConstraintsConstraint(Context context, SubContext subContext)
      Returns certificate NameConstraints constraint
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      LevelRule if NameConstraints for a given context element is present in the constraint file, null otherwise.

    • getCertificateNoRevAvailConstraint

      LevelRule getCertificateNoRevAvailConstraint(Context context, SubContext subContext)
      Returns certificate NoRevAvail constraint
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      LevelRule if NoRevAvail for a given context element is present in the constraint file, null otherwise.

    • getCertificateSupportedCriticalExtensionsConstraint

      MultiValuesRule getCertificateSupportedCriticalExtensionsConstraint(Context context, SubContext subContext)
      Returns certificate supported critical extensions constraint
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      LevelRule if SupportedCriticalExtensions constraint for a given context element is present in the constraint file,null otherwise.

    • getCertificateForbiddenExtensionsConstraint

      MultiValuesRule getCertificateForbiddenExtensionsConstraint(Context context, SubContext subContext)
      Returns certificate forbidden extensions constraint
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      LevelRule if ForbiddenExtensions constraint for a given context element is present in the constraint file,null otherwise.

    • getCertificateNotExpiredConstraint

      LevelRule getCertificateNotExpiredConstraint(Context context, SubContext subContext)
      Returns certificate's validity range constraint
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      LevelRule if NotExpired constraint for a given certificate context is present in the constraint file, null otherwise.

    • getCertificateSunsetDateConstraint

      LevelRule getCertificateSunsetDateConstraint(Context context, SubContext subContext)
      Returns certificate's sunset date constraint
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      LevelRule if SunsetDate constraint for a given certificate context is present in the constraint file, null otherwise.

    • getProspectiveCertificateChainConstraint

      LevelRule getProspectiveCertificateChainConstraint(Context context)
      This constraint requests the presence of the trust anchor in the certificate chain.
      Parameters:
      context - Context
      Returns:
      LevelRule if ProspectiveCertificateChain element for a given context element is present in the constraint file, null otherwise.

    • getCertificateSignatureConstraint

      LevelRule getCertificateSignatureConstraint(Context context, SubContext subContext)
      Returns certificate's signature constraint
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      LevelRule if Signature for a given context element is present in the constraint file, null otherwise.

    • getUnknownStatusConstraint

      LevelRule getUnknownStatusConstraint()
      The method returns UnknownStatus constraint
      Returns:
      LevelRule

    • getThisUpdatePresentConstraint

      LevelRule getThisUpdatePresentConstraint()
      The method returns ThisUpdatePresent constraint
      Returns:
      LevelRule

    • getRevocationIssuerKnownConstraint

      LevelRule getRevocationIssuerKnownConstraint()
      The method returns RevocationIssuerKnown constraint
      Returns:
      LevelRule

    • getRevocationIssuerValidAtProductionTimeConstraint

      LevelRule getRevocationIssuerValidAtProductionTimeConstraint()
      The method returns RevocationIssuerValidAtProductionTime constraint
      Returns:
      LevelRule

    • getRevocationAfterCertificateIssuanceConstraint

      LevelRule getRevocationAfterCertificateIssuanceConstraint()
      The method returns RevocationIssuerKnowsCertificate constraint
      Returns:
      LevelRule

    • getRevocationHasInformationAboutCertificateConstraint

      LevelRule getRevocationHasInformationAboutCertificateConstraint()
      The method returns RevocationIssuerHasInformationAboutCertificate constraint
      Returns:
      LevelRule

    • getOCSPResponseResponderIdMatchConstraint

      LevelRule getOCSPResponseResponderIdMatchConstraint()
      The method returns OCSPResponderIdMatch constraint
      Returns:
      LevelRule

    • getOCSPResponseCertHashPresentConstraint

      LevelRule getOCSPResponseCertHashPresentConstraint()
      The method returns OCSPCertHashPresent constraint
      Returns:
      LevelRule

    • getOCSPResponseCertHashMatchConstraint

      LevelRule getOCSPResponseCertHashMatchConstraint()
      The method returns OCSPCertHashMatch constraint
      Returns:
      LevelRule

    • getSelfIssuedOCSPConstraint

      LevelRule getSelfIssuedOCSPConstraint()
      The method returns SelfIssuedOCSP constraint
      Returns:
      LevelRule

    • getRevocationDataAvailableConstraint

      LevelRule getRevocationDataAvailableConstraint(Context context, SubContext subContext)
      Returns revocation data available constraint
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      LevelRule if RevocationDataAvailable for a given context element is present in the constraint file, null otherwise.

    • getAcceptableRevocationDataFoundConstraint

      LevelRule getAcceptableRevocationDataFoundConstraint(Context context, SubContext subContext)
      Returns acceptable revocation data available constraint
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      LevelRule if AcceptableRevocationDataFound for a given context element is present in the constraint file, null otherwise.

    • getCRLNextUpdatePresentConstraint

      LevelRule getCRLNextUpdatePresentConstraint(Context context, SubContext subContext)
      Returns CRL's nextUpdate present constraint
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      LevelRule if CRLNextUpdatePresent for a given context element is present in the constraint file, null otherwise.

    • getOCSPNextUpdatePresentConstraint

      LevelRule getOCSPNextUpdatePresentConstraint(Context context, SubContext subContext)
      Returns OCSP's nextUpdate present constraint
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      LevelRule if OCSPNextUpdatePresent for a given context element is present in the constraint file, null otherwise.

    • getRevocationFreshnessConstraint

      DurationRule getRevocationFreshnessConstraint(Context context, SubContext subContext)
      Returns revocation data's freshness constraint
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      DurationRule if RevocationFreshness for a given context element is present in the constraint file, null otherwise.

    • getRevocationFreshnessNextUpdateConstraint

      LevelRule getRevocationFreshnessNextUpdateConstraint(Context context, SubContext subContext)
      Returns revocation data's freshness for nextUpdate check constraint
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      LevelRule if RevocationFreshnessNextUpdate for a given context element is present in the constraint file, null otherwise.

    • getCertificateNotRevokedConstraint

      LevelRule getCertificateNotRevokedConstraint(Context context, SubContext subContext)
      Returns certificate's not revoked constraint
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      LevelRule if Revoked for a given context element is present in the constraint file, null otherwise.

    • getCertificateNotOnHoldConstraint

      LevelRule getCertificateNotOnHoldConstraint(Context context, SubContext subContext)
      Returns certificate's not onHold constraint
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      LevelRule if OnHold for a given context element is present in the constraint file, null otherwise.

    • getRevocationIssuerNotExpiredConstraint

      LevelRule getRevocationIssuerNotExpiredConstraint(Context context, SubContext subContext)
      Returns revocation issuer's validity range constraint
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      LevelRule if RevocationIssuerNotExpired constraint for a given certificate context is present in the constraint file, null otherwise.

    • getCertificateNotSelfSignedConstraint

      LevelRule getCertificateNotSelfSignedConstraint(Context context, SubContext subContext)
      Returns certificate's not self-signed constraint
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      LevelRule if not self-signed for a given context element is present in the constraint file, null otherwise.

    • getCertificateSelfSignedConstraint

      LevelRule getCertificateSelfSignedConstraint(Context context, SubContext subContext)
      Returns certificate's self-signed constraint
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      LevelRule if self-signed for a given context element is present in the constraint file, null otherwise.

    • getTrustServiceTypeIdentifierConstraint

      MultiValuesRule getTrustServiceTypeIdentifierConstraint(Context context)
      Returns trusted service type identifier constraint
      Parameters:
      context - Context
      Returns:
      LevelRule if trusted service type identifier for a given context element is present in the constraint file, null otherwise.

    • getTrustServiceStatusConstraint

      MultiValuesRule getTrustServiceStatusConstraint(Context context)
      Returns trusted service status constraint
      Parameters:
      context - Context
      Returns:
      LevelRule if trusted service status for a given context element is present in the constraint file, null otherwise.

    • getCertificatePolicyIdsConstraint

      MultiValuesRule getCertificatePolicyIdsConstraint(Context context, SubContext subContext)
      Returns CertificatePolicyIds constraint if present in the policy, null otherwise
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      MultiValuesRule if CertificatePolicyIds element is present in the constraint file, null otherwise.

    • getCertificatePolicyQualificationIdsConstraint

      LevelRule getCertificatePolicyQualificationIdsConstraint(Context context, SubContext subContext)
      Indicates if the CertificatePolicyIds declare the certificate as qualified.
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      LevelRule if PolicyQualificationIds for a given context element is present in the constraint file, null otherwise.

    • getCertificatePolicySupportedByQSCDIdsConstraint

      LevelRule getCertificatePolicySupportedByQSCDIdsConstraint(Context context, SubContext subContext)
      Indicates if the CertificatePolicyIds mandate the certificate as to be supported by a secure signature creation device (QSCD).
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      LevelRule if PolicySupportedByQSCDIds for a given context element is present in the constraint file, null otherwise.

    • getCertificateQCComplianceConstraint

      LevelRule getCertificateQCComplianceConstraint(Context context, SubContext subContext)
      Indicates if the end user certificate used in validating the signature is QC Compliant.
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      LevelRule if QcCompliance for a given context element is present in the constraint file, null otherwise.

    • getCertificateQcEuLimitValueCurrencyConstraint

      ValueRule getCertificateQcEuLimitValueCurrencyConstraint(Context context, SubContext subContext)
      Indicates the allowed currency used to specify certificate's QCLimitValue statement.
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      NumericValueRule if QcTransactionLimitCurrency for a given context element is present in the constraint file, null otherwise.

    • getCertificateMinQcEuLimitValueConstraint

      NumericValueRule getCertificateMinQcEuLimitValueConstraint(Context context, SubContext subContext)
      Indicates the minimal allowed QcEuLimitValue transaction limit for which the end user certificate used for the signature can be used.
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      NumericValueRule if MinQcTransactionLimit for a given context element is present in the constraint file, null otherwise.

    • getCertificateMinQcEuRetentionPeriodConstraint

      NumericValueRule getCertificateMinQcEuRetentionPeriodConstraint(Context context, SubContext subContext)
      Indicates the minimal allowed QC retention period for material information relevant to the use of the end user certificate used for the signature.
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      NumericValueRule if MinQcRetentionPeriod for a given context element is present in the constraint file, null otherwise.

    • getCertificateQcSSCDConstraint

      LevelRule getCertificateQcSSCDConstraint(Context context, SubContext subContext)
      Indicates if the end user certificate used in validating the signature is mandated to be supported by a secure signature creation device (QSCD).
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      LevelRule if QcSSCD for a given context element is present in the constraint file, null otherwise.

    • getCertificateQcEuPDSLocationConstraint

      MultiValuesRule getCertificateQcEuPDSLocationConstraint(Context context, SubContext subContext)
      Indicates the location or set of locations of PKI Disclosure Statements.
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      MultiValuesRule the the location or set of locations of PKI Disclosure Statements

    • getCertificateQcTypeConstraint

      MultiValuesRule getCertificateQcTypeConstraint(Context context, SubContext subContext)
      Indicates the certificate is claimed as a certificate of a particular type.
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      MultiValuesRule the types that the certificate is claimed to be of

    • getCertificateQcCCLegislationConstraint

      MultiValuesRule getCertificateQcCCLegislationConstraint(Context context, SubContext subContext)
      Indicates the country or set of countries under the legislation of which the certificate is issued as a qualified certificate is present. NOTE: in order to verify the EU compliance, the value shall be empty (no QcCCLegislation is allowed)
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      MultiValuesRule the country or set of countries under the legislation of which the certificate is issued as a qualified certificate

    • getCertificateIssuedToNaturalPersonConstraint

      LevelRule getCertificateIssuedToNaturalPersonConstraint(Context context, SubContext subContext)
      Indicates if the end user certificate used in validating the signature is issued to a natural person.
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      LevelRule if IssuedToNaturalPerson for a given context element is present in the constraint file, null otherwise.

    • getCertificateIssuedToLegalPersonConstraint

      LevelRule getCertificateIssuedToLegalPersonConstraint(Context context, SubContext subContext)
      Indicates if the end user certificate used in validating the signature is issued to a legal person.
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      LevelRule if IssuedToLegalPerson for a given context element is present in the constraint file, null otherwise.

    • getCertificateSemanticsIdentifierConstraint

      MultiValuesRule getCertificateSemanticsIdentifierConstraint(Context context, SubContext subContext)
      Indicates the certificate's QCStatement contains an acceptable semantics identifier.
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      LevelRule if SemanticsIdentifier for a given context element is present in the constraint file, null otherwise.

    • getCertificatePS2DQcTypeRolesOfPSPConstraint

      MultiValuesRule getCertificatePS2DQcTypeRolesOfPSPConstraint(Context context, SubContext subContext)
      Indicates the acceptable QC PS2D roles for the certificate used for a signature.
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      MultiValuesRule the set of acceptable QC PS2D roles

    • getCertificatePS2DQcCompetentAuthorityNameConstraint

      MultiValuesRule getCertificatePS2DQcCompetentAuthorityNameConstraint(Context context, SubContext subContext)
      Indicates the acceptable QC PS2D names for the certificate used for a signature.
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      MultiValuesRule the set of acceptable QC PS2D names

    • getCertificatePS2DQcCompetentAuthorityIdConstraint

      MultiValuesRule getCertificatePS2DQcCompetentAuthorityIdConstraint(Context context, SubContext subContext)
      Indicates the acceptable QC PS2D ids for the certificate used for a signature.
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      MultiValuesRule the set of acceptable QC PS2D ids

    • getSigningCertificateRecognitionConstraint

      LevelRule getSigningCertificateRecognitionConstraint(Context context)
      Indicates if signing-certificate has been identified.
      Parameters:
      context - Context
      Returns:
      LevelRule if Recognition for a given context element is present in the constraint file, null otherwise.

    • getSigningCertificateAttributePresentConstraint

      LevelRule getSigningCertificateAttributePresentConstraint(Context context)
      Indicates if the signing certificate attribute is present
      Parameters:
      context - Context
      Returns:
      LevelRule if SigningCertificateAttribute for a given context element is present in the constraint file, null otherwise.

    • getUnicitySigningCertificateAttributeConstraint

      LevelRule getUnicitySigningCertificateAttributeConstraint(Context context)
      Indicates if the signing certificate is not ambiguously determines
      Parameters:
      context - Context
      Returns:
      LevelRule if UnicitySigningCertificate for a given context element is present in the constraint file, null otherwise.

    • getSigningCertificateDigestValuePresentConstraint

      LevelRule getSigningCertificateDigestValuePresentConstraint(Context context)
      Indicates if the signing certificate reference's digest value is present
      Parameters:
      context - Context
      Returns:
      LevelRule if DigestValuePresent for a given context element is present in the constraint file, null otherwise.

    • getSigningCertificateDigestValueMatchConstraint

      LevelRule getSigningCertificateDigestValueMatchConstraint(Context context)
      Indicates if the signing certificate reference's digest value matches
      Parameters:
      context - Context
      Returns:
      LevelRule if DigestValueMatch for a given context element is present in the constraint file, null otherwise.

    • getSigningCertificateIssuerSerialMatchConstraint

      LevelRule getSigningCertificateIssuerSerialMatchConstraint(Context context)
      Indicates if the signing certificate reference's issuer serial matches
      Parameters:
      context - Context
      Returns:
      LevelRule if IssuerSerialMatch for a given context element is present in the constraint file, null otherwise.

    • getKeyIdentifierPresent

      LevelRule getKeyIdentifierPresent(Context context)
      Indicates if the 'kid' (key identifier) header parameter is present within the protected header of the signature
      Parameters:
      context - Context
      Returns:
      LevelRule if KeyIdentifierPresent for a given context element is present in the constraint file, null otherwise.

    • getKeyIdentifierMatch

      LevelRule getKeyIdentifierMatch(Context context)
      Indicates if the value of 'kid' (key identifier) header parameter matches the signing-certificate used to create the signature
      Parameters:
      context - Context
      Returns:
      LevelRule if KeyIdentifierMatch for a given context element is present in the constraint file, null otherwise.

    • getReferenceDataExistenceConstraint

      LevelRule getReferenceDataExistenceConstraint(Context context)
      Indicates if the referenced data is found
      Parameters:
      context - Context
      Returns:
      LevelRule if ReferenceDataExistence for a given context element is present in the constraint file, null otherwise.

    • getReferenceDataIntactConstraint

      LevelRule getReferenceDataIntactConstraint(Context context)
      Indicates if the referenced data is intact
      Parameters:
      context - Context
      Returns:
      LevelRule if ReferenceDataIntact for a given context element is present in the constraint file, null otherwise.

    • getReferenceDataNameMatchConstraint

      LevelRule getReferenceDataNameMatchConstraint(Context context)
      Indicates if the referenced document names match the manifest entry references
      Parameters:
      context - Context
      Returns:
      LevelRule if ReferenceDataNameMatch for a given context element is present in the constraint file, null otherwise.

    • getManifestEntryObjectExistenceConstraint

      LevelRule getManifestEntryObjectExistenceConstraint(Context context)
      Indicates if the manifested document is found
      Parameters:
      context - Context
      Returns:
      LevelRule if ManifestEntryObjectExistence for a given context element is present in the constraint file, null otherwise.

    • getManifestEntryObjectIntactConstraint

      LevelRule getManifestEntryObjectIntactConstraint(Context context)
      Indicates if the manifested document is intact
      Parameters:
      context - Context
      Returns:
      LevelRule if ManifestEntryObjectIntact for a given context element is present in the constraint file, null otherwise.

    • getManifestEntryObjectGroupConstraint

      LevelRule getManifestEntryObjectGroupConstraint(Context context)
      Indicates if all manifest entries have been found
      Parameters:
      context - Context
      Returns:
      LevelRule if ManifestEntryObjectGroup for a given context element is present in the constraint file, null otherwise.

    • getManifestEntryNameMatchConstraint

      LevelRule getManifestEntryNameMatchConstraint(Context context)
      Indicates if names of all matching documents match to the manifest entry names
      Parameters:
      context - Context
      Returns:
      LevelRule if ManifestEntryNameMatch for a given context element is present in the constraint file, null otherwise.

    • getSignatureIntactConstraint

      LevelRule getSignatureIntactConstraint(Context context)
      Indicates if the signature is intact
      Parameters:
      context - Context
      Returns:
      SignatureDataIntact if SignatureIntact for a given context element is present in the constraint file, null otherwise.

    • getSignatureDuplicatedConstraint

      LevelRule getSignatureDuplicatedConstraint(Context context)
      Indicates if the signature is not ambiguous
      Parameters:
      context - Context
      Returns:
      SignatureDuplicated if SignatureDuplicated for a given context element is present in the constraint file, null otherwise.

    • getSignerInformationStoreConstraint

      LevelRule getSignerInformationStoreConstraint(Context context)
      This constraint checks if only one SignerInfo is present into a SignerInformationStore NOTE: applicable only for PAdES
      Parameters:
      context - Context
      Returns:
      LevelRule if SignerInformationStore element for a given context element is present in the constraint file, null otherwise.

    • getByteRangeConstraint

      LevelRule getByteRangeConstraint(Context context)
      This constraint checks if ByteRange dictionary is valid NOTE: applicable only for PAdES
      Parameters:
      context - Context
      Returns:
      LevelRule if ByteRange element for a given context element is present in the constraint file, null otherwise.

    • getByteRangeCollisionConstraint

      LevelRule getByteRangeCollisionConstraint(Context context)
      This constraint checks if ByteRange does not collide with other signature byte ranges NOTE: applicable only for PAdES
      Parameters:
      context - Context
      Returns:
      LevelRule if ByteRangeCollision element for a given context element is present in the constraint file, null otherwise.

    • getByteRangeAllDocumentConstraint

      LevelRule getByteRangeAllDocumentConstraint(Context context)
      This constraint checks if ByteRange is valid for all signatures and document timestamps within PDF NOTE: applicable only for PAdES
      Parameters:
      context - Context
      Returns:
      LevelRule if ByteRangeAllDocument element for a given context element is present in the constraint file, null otherwise.

    • getPdfSignatureDictionaryConstraint

      LevelRule getPdfSignatureDictionaryConstraint(Context context)
      This constraint checks if signature dictionary is consistent across PDF revisions. NOTE: applicable only for PAdES
      Parameters:
      context - Context
      Returns:
      LevelRule if PdfSignatureDictionary element for a given context element is present in the constraint file, null otherwise.

    • getPdfPageDifferenceConstraint

      LevelRule getPdfPageDifferenceConstraint(Context context)
      Indicates if a PDF page difference check should be proceeded. If PdfPageDifference element is absent within the constraint file then null is returned.
      Parameters:
      context - Context
      Returns:
      LevelRule if PdfPageDifference element is present in the constraint file, null otherwise.

    • getPdfAnnotationOverlapConstraint

      LevelRule getPdfAnnotationOverlapConstraint(Context context)
      Indicates if a PDF annotation overlapping check should be proceeded. If PdfAnnotationOverlap element is absent within the constraint file then null is returned.
      Parameters:
      context - Context
      Returns:
      LevelRule if PdfAnnotationOverlap element is present in the constraint file, null otherwise.

    • getPdfVisualDifferenceConstraint

      LevelRule getPdfVisualDifferenceConstraint(Context context)
      Indicates if a PDF visual difference check should be proceeded. If PdfVisualDifference element is absent within the constraint file then null is returned.
      Parameters:
      context - Context
      Returns:
      LevelRule if PdfVisualDifference element is present in the constraint file, null otherwise.

    • getDocMDPConstraint

      LevelRule getDocMDPConstraint(Context context)
      This constraint checks if a document contains changes after a signature, against permission rules identified within a /DocMDP dictionary
      Parameters:
      context - Context
      Returns:
      LevelRule if DocMDP element is present in the constraint file, null otherwise.

    • getFieldMDPConstraint

      LevelRule getFieldMDPConstraint(Context context)
      This constraint checks if a document contains changes after a signature, against permission rules identified within a /FieldMDP dictionary
      Parameters:
      context - Context
      Returns:
      LevelRule if FieldMDP element is present in the constraint file, null otherwise.

    • getSigFieldLockConstraint

      LevelRule getSigFieldLockConstraint(Context context)
      This constraint checks if a document contains changes after a signature, against permission rules identified within a /SigFieldLock dictionary
      Parameters:
      context - Context
      Returns:
      LevelRule if SigFieldLock element is present in the constraint file, null otherwise.

    • getFormFillChangesConstraint

      LevelRule getFormFillChangesConstraint(Context context)
      This constraint checks whether a PDF document contains form fill or signing modifications after the current signature's revisions
      Parameters:
      context - Context
      Returns:
      LevelRule if FormFillChanges element is present in the constraint file, null otherwise.

    • getAnnotationChangesConstraint

      LevelRule getAnnotationChangesConstraint(Context context)
      This constraint checks whether a PDF document contains annotation creation, modification or deletion modifications after the current signature's revisions
      Parameters:
      context - Context
      Returns:
      LevelRule if AnnotationChanges element is present in the constraint file, null otherwise.

    • getUndefinedChangesConstraint

      LevelRule getUndefinedChangesConstraint(Context context)
      This constraint checks whether a PDF document contains undefined object modifications after the current signature's revisions
      Parameters:
      context - Context
      Returns:
      LevelRule if UndefinedChanges element is present in the constraint file, null otherwise.

    • getBestSignatureTimeBeforeExpirationDateOfSigningCertificateConstraint

      LevelRule getBestSignatureTimeBeforeExpirationDateOfSigningCertificateConstraint()
      This constraint checks if the certificate is not expired on best-signature-time
      Returns:
      LevelRule if BestSignatureTimeBeforeExpirationDateOfSigningCertificate element is present in the constraint file, null otherwise.

    • getTimestampCoherenceConstraint

      LevelRule getTimestampCoherenceConstraint()
      This constraint checks if the timestamp order is coherent
      Returns:
      LevelRule if TimestampCoherence element is present in the constraint file, null otherwise.

    • getTimestampDelayConstraint

      DurationRule getTimestampDelayConstraint()
      Returns TimestampDelay constraint if present in the policy, null otherwise
      Returns:
      DurationRule if TimestampDelay element is present in the constraint file, null otherwise.

    • getTimestampValidConstraint

      LevelRule getTimestampValidConstraint()
      Returns whether the time-stamp is valid (passed either basic signature validation process or past signature validation). If TimestampValid element is absent within the constraint file then null is returned.
      Returns:
      LevelRule if TimestampValid element is present in the constraint file, null otherwise.

    • getTimestampTSAGeneralNamePresent

      LevelRule getTimestampTSAGeneralNamePresent()
      Indicates if the timestamp's TSTInfo.tsa field is present
      Returns:
      LevelRule if TSAGeneralNamePresent for a given context element is present in the constraint file, null otherwise.

    • getTimestampTSAGeneralNameContentMatch

      LevelRule getTimestampTSAGeneralNameContentMatch()
      Indicates if the timestamp's TSTInfo.tsa field's value matches the timestamp's issuer distinguishing name when present
      Returns:
      LevelRule if TSAGeneralNameContentMatch for a given context element is present in the constraint file, null otherwise.

    • getTimestampTSAGeneralNameOrderMatch

      LevelRule getTimestampTSAGeneralNameOrderMatch()
      Indicates if the timestamp's TSTInfo.tsa field's value and order match the timestamp's issuer distinguishing name when present
      Returns:
      LevelRule if TSAGeneralNameOrderMatch for a given context element is present in the constraint file, null otherwise.

    • getAtsHashIndexConstraint

      LevelRule getAtsHashIndexConstraint()
      Returns timestamp AtsHashIndex constraint if present in the policy, null otherwise
      Returns:
      LevelRule if AtsHashIndex element is present in the constraint file, null otherwise.

    • getTimestampContainerSignedAndTimestampedFilesCoveredConstraint

      LevelRule getTimestampContainerSignedAndTimestampedFilesCoveredConstraint()
      Returns timestamp ContainerSignedAndTimestampedFilesCovered constraint if present in the policy, null otherwise
      Returns:
      LevelRule if ContainerSignedAndTimestampedFilesCovered element is present in the constraint file, null otherwise.

    • getRevocationTimeAgainstBestSignatureDurationRule

      LevelRule getRevocationTimeAgainstBestSignatureDurationRule()
      Returns RevocationTimeAgainstBestSignatureTime constraint if present in the policy, null otherwise
      Returns:
      LevelRule if RevocationTimeAgainstBestSignatureTime element is present in the constraint file, null otherwise.

    • getEvidenceRecordValidConstraint

      LevelRule getEvidenceRecordValidConstraint()
      Returns whether the evidence record is valid (passed a complete evidence record validation process). If EvidenceRecordValid element is absent within the constraint file then null is returned.
      Returns:
      LevelRule if EvidenceRecordValid element is present in the constraint file, null otherwise.

    • getEvidenceRecordDataObjectExistenceConstraint

      LevelRule getEvidenceRecordDataObjectExistenceConstraint()
      Returns DataObjectExistence constraint if present in the policy, null otherwise
      Returns:
      LevelRule if DataObjectExistence element is present

    • getEvidenceRecordDataObjectIntactConstraint

      LevelRule getEvidenceRecordDataObjectIntactConstraint()
      Returns DataObjectIntact constraint if present in the policy, null otherwise
      Returns:
      LevelRule if DataObjectIntact element is present

    • getEvidenceRecordDataObjectFoundConstraint

      LevelRule getEvidenceRecordDataObjectFoundConstraint()
      Returns DataObjectFound constraint if present in the policy, null otherwise
      Returns:
      LevelRule if DataObjectFound element is present

    • getEvidenceRecordDataObjectGroupConstraint

      LevelRule getEvidenceRecordDataObjectGroupConstraint()
      Returns DataObjectGroup constraint if present in the policy, null otherwise
      Returns:
      LevelRule if DataObjectGroup element is present

    • getEvidenceRecordSignedFilesCoveredConstraint

      LevelRule getEvidenceRecordSignedFilesCoveredConstraint()
      Returns SignedFilesCovered constraint if present in the policy, null otherwise
      Returns:
      LevelRule if SignedFilesCovered element is present in the constraint file, null otherwise.

    • getEvidenceRecordContainerSignedAndTimestampedFilesCoveredConstraint

      LevelRule getEvidenceRecordContainerSignedAndTimestampedFilesCoveredConstraint()
      Returns evidence record ContainerSignedAndTimestampedFilesCovered constraint if present in the policy, null otherwise
      Returns:
      LevelRule if ContainerSignedAndTimestampedFilesCovered element is present in the constraint file, null otherwise.

    • getEvidenceRecordHashTreeRenewalConstraint

      LevelRule getEvidenceRecordHashTreeRenewalConstraint()
      Returns HashTreeRenewal constraint if present in the policy, null otherwise
      Returns:
      LevelRule if HashTreeRenewal element is present

    • getCounterSignatureConstraint

      LevelRule getCounterSignatureConstraint(Context context)
      Returns CounterSignature constraint if present in the policy, null otherwise
      Parameters:
      context - ContextDiagnosticDataFacade
      Returns:
      LevelRule if CounterSignature element is present in the constraint file, null otherwise.

    • getSignatureTimeStampConstraint

      LevelRule getSignatureTimeStampConstraint(Context context)
      Indicates if the presence of unsigned property: signature-time-stamp should be checked. If SignatureTimeStamp element is absent within the constraint file then null is returned.
      Parameters:
      context - Context
      Returns:
      LevelRule if SignatureTimeStamp element is present in the constraint file, null otherwise.

    • getValidationDataTimeStampConstraint

      LevelRule getValidationDataTimeStampConstraint(Context context)
      Indicates if the presence of unsigned property: validation data timestamp should be checked. If ValidationDataTimeStamp element is absent within the constraint file then null is returned.
      Parameters:
      context - Context
      Returns:
      LevelRule if ValidationDataTimeStamp element is present in the constraint file, null otherwise.

    • getValidationDataRefsOnlyTimeStampConstraint

      LevelRule getValidationDataRefsOnlyTimeStampConstraint(Context context)
      Indicates if the presence of unsigned property: validation data references only timestamp should be checked. If ValidationDataRefsOnlyTimeStamp element is absent within the constraint file then null is returned.
      Parameters:
      context - Context
      Returns:
      LevelRule if ValidationDataRefsOnlyTimeStamp element is present in the constraint file, null otherwise.

    • getArchiveTimeStampConstraint

      LevelRule getArchiveTimeStampConstraint(Context context)
      Indicates if the presence of unsigned property: archive-time-stamp should be checked. If ArchiveTimeStamp element is absent within the constraint file then null is returned.
      Parameters:
      context - Context
      Returns:
      LevelRule if ArchiveTimeStamp element is present in the constraint file, null otherwise.

    • getDocumentTimeStampConstraint

      LevelRule getDocumentTimeStampConstraint(Context context)
      Indicates if the presence of unsigned property: document timestamp should be checked. If DocumentTimeStamp element is absent within the constraint file then null is returned.
      Parameters:
      context - Context
      Returns:
      LevelRule if DocumentTimeStamp element is present in the constraint file, null otherwise.

    • getTLevelTimeStampConstraint

      LevelRule getTLevelTimeStampConstraint(Context context)
      Indicates if the presence of unsigned property: signature-time-stamp or document timestamp If TLevelTimeStamp element is absent within the constraint file then null is returned.
      Parameters:
      context - Context
      Returns:
      LevelRule if TLevelTimeStamp element is present in the constraint file, null otherwise.

    • getLTALevelTimeStampConstraint

      LevelRule getLTALevelTimeStampConstraint(Context context)
      Indicates if the presence of unsigned property: archive-time-stamp or document timestamp covering the validation data If LTALevelTimeStamp element is absent within the constraint file then null is returned.
      Parameters:
      context - Context
      Returns:
      LevelRule if LTALevelTimeStamp element is present in the constraint file, null otherwise.

    • getSignatureFormatConstraint

      MultiValuesRule getSignatureFormatConstraint(Context context)
      Returns SignatureFormat constraint if present in the policy, null otherwise
      Parameters:
      context - Context
      Returns:
      MultiValuesRule if SignatureFormat element is present in the constraint file, null otherwise.

    • getCertificateCountryConstraint

      MultiValuesRule getCertificateCountryConstraint(Context context, SubContext subContext)
      Returns CertificateCountry constraint if present in the policy, null otherwise
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      MultiValuesRule if CertificateCountry element is present in the constraint file, null otherwise.

    • getCertificateLocalityConstraint

      MultiValuesRule getCertificateLocalityConstraint(Context context, SubContext subContext)
      Returns CertificateLocality constraint if present in the policy, null otherwise
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      MultiValuesRule if CertificateLocality element is present in the constraint file, null otherwise.

    • getCertificateStateConstraint

      MultiValuesRule getCertificateStateConstraint(Context context, SubContext subContext)
      Returns CertificateState constraint if present in the policy, null otherwise
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      MultiValuesRule if CertificateState element is present in the constraint file, null otherwise.

    • getCertificateOrganizationIdentifierConstraint

      MultiValuesRule getCertificateOrganizationIdentifierConstraint(Context context, SubContext subContext)
      Returns CertificateOrganizationIdentifier constraint if present in the policy, null otherwise
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      MultiValuesRule if CertificateOrganizationIdentifier element is present in the constraint file, null otherwise.

    • getCertificateOrganizationNameConstraint

      MultiValuesRule getCertificateOrganizationNameConstraint(Context context, SubContext subContext)
      Returns CertificateOrganizationName constraint if present in the policy, null otherwise
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      MultiValuesRule if CertificateOrganizationName element is present in the constraint file, null otherwise.

    • getCertificateOrganizationUnitConstraint

      MultiValuesRule getCertificateOrganizationUnitConstraint(Context context, SubContext subContext)
      Returns CertificateOrganizationUnit constraint if present in the policy, null otherwise
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      MultiValuesRule if CertificateOrganizationUnit element is present in the constraint file, null otherwise.

    • getCertificateSurnameConstraint

      MultiValuesRule getCertificateSurnameConstraint(Context context, SubContext subContext)
      Returns CertificateSurname constraint if present in the policy, null otherwise
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      MultiValuesRule if CertificateSurname element is present in the constraint file, null otherwise.

    • getCertificateGivenNameConstraint

      MultiValuesRule getCertificateGivenNameConstraint(Context context, SubContext subContext)
      Returns CertificateGivenName constraint if present in the policy, null otherwise
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      MultiValuesRule if CertificateGivenName element is present in the constraint file, null otherwise.

    • getCertificateCommonNameConstraint

      MultiValuesRule getCertificateCommonNameConstraint(Context context, SubContext subContext)
      Returns CertificateCommonName constraint if present in the policy, null otherwise
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      MultiValuesRule if CertificateCommonName element is present in the constraint file, null otherwise.

    • getCertificatePseudonymConstraint

      MultiValuesRule getCertificatePseudonymConstraint(Context context, SubContext subContext)
      Returns CertificatePseudonym constraint if present in the policy, null otherwise
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      MultiValuesRule if CertificatePseudonym element is present in the constraint file, null otherwise.

    • getCertificatePseudoUsageConstraint

      LevelRule getCertificatePseudoUsageConstraint(Context context, SubContext subContext)
      Returns CertificatePseudoUsage constraint if present in the policy, null otherwise
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      LevelRule if CertificatePseudoUsage element is present in the constraint file, null otherwise.

    • getCertificateTitleConstraint

      MultiValuesRule getCertificateTitleConstraint(Context context, SubContext subContext)
      Returns CertificateTitle constraint if present in the policy, null otherwise
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      MultiValuesRule if CertificateTitle element is present in the constraint file, null otherwise.

    • getCertificateEmailConstraint

      MultiValuesRule getCertificateEmailConstraint(Context context, SubContext subContext)
      Returns CertificateEmail constraint if present in the policy, null otherwise
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      MultiValuesRule if CertificateEmail element is present in the constraint file, null otherwise.

    • getCertificateSerialNumberConstraint

      LevelRule getCertificateSerialNumberConstraint(Context context, SubContext subContext)
      Returns CertificateSerialNumber constraint if present in the policy, null otherwise
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      LevelRule if CertificateSerialNumber element is present in the constraint file, null otherwise.

    • getCertificateAuthorityInfoAccessPresentConstraint

      LevelRule getCertificateAuthorityInfoAccessPresentConstraint(Context context, SubContext subContext)
      Returns CertificateAuthorityInfoAccessPresent constraint if present in the policy, null otherwise
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      LevelRule if CertificateAuthorityInfoAccessPresent element is present in the constraint file, null otherwise.

    • getRevocationDataSkipConstraint

      CertificateApplicabilityRule getRevocationDataSkipConstraint(Context context, SubContext subContext)
      Returns RevocationDataSkip constraint if present in the policy, null otherwise
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      LevelRule if RevocationDataSkip element is present in the constraint file, null otherwise.

    • getCertificateRevocationInfoAccessPresentConstraint

      LevelRule getCertificateRevocationInfoAccessPresentConstraint(Context context, SubContext subContext)
      Returns CertificateRevocationInfoAccessPresent constraint if present in the policy, null otherwise
      Parameters:
      context - Context
      subContext - SubContext
      Returns:
      LevelRule if CertificateRevocationInfoAccessPresent element is present in the constraint file, null otherwise.

    • getAcceptedContainerTypesConstraint

      MultiValuesRule getAcceptedContainerTypesConstraint()
      Returns AcceptedContainerTypes constraint if present in the policy, null otherwise
      Returns:
      MultiValuesRule if AcceptedContainerTypes element is present in the constraint file, null otherwise.

    • getZipCommentPresentConstraint

      LevelRule getZipCommentPresentConstraint()
      Returns ZipCommentPresent constraint if present in the policy, null otherwise
      Returns:
      LevelRule if ZipCommentPresent element is present in the constraint file, null otherwise.

    • getAcceptedZipCommentsConstraint

      MultiValuesRule getAcceptedZipCommentsConstraint()
      Returns AcceptedZipComments constraint if present in the policy, null otherwise
      Returns:
      MultiValuesRule if AcceptedZipComments element is present in the constraint file, null otherwise.

    • getMimeTypeFilePresentConstraint

      LevelRule getMimeTypeFilePresentConstraint()
      Returns MimeTypeFilePresent constraint if present in the policy, null otherwise
      Returns:
      LevelRule if MimeTypeFilePresent element is present in the constraint file, null otherwise.

    • getAcceptedMimeTypeContentsConstraint

      MultiValuesRule getAcceptedMimeTypeContentsConstraint()
      Returns AcceptedMimeTypeContents constraint if present in the policy, null otherwise
      Returns:
      MultiValuesRule if AcceptedMimeTypeContents element is present in the constraint file, null otherwise.

    • getManifestFilePresentConstraint

      LevelRule getManifestFilePresentConstraint()
      Returns ManifestFilePresent constraint if present in the policy, null otherwise
      Returns:
      LevelRule if ManifestFilePresent element is present in the constraint file, null otherwise.

    • getSignedFilesPresentConstraint

      LevelRule getSignedFilesPresentConstraint()
      Returns SignedFilesPresent constraint if present in the policy, null otherwise
      Returns:
      LevelRule if SignedFilesPresent element is present in the constraint file, null otherwise.

    • getFilenameAdherenceConstraint

      LevelRule getFilenameAdherenceConstraint()
      Returns FilenameAdherence constraint if present in the policy, null otherwise
      Returns:
      LevelRule if FilenameAdherence element is present in the constraint file, null otherwise.

    • getAllFilesSignedConstraint

      LevelRule getAllFilesSignedConstraint()
      Returns AllFilesSigned constraint if present in the policy, null otherwise
      Returns:
      LevelRule if AllFilesSigned element is present in the constraint file, null otherwise.

    • getFullScopeConstraint

      LevelRule getFullScopeConstraint()
      Returns FullScope constraint if present in the policy, null otherwise
      Returns:
      LevelRule if FullScope element is present in the constraint file, null otherwise.

    • getAcceptablePDFAProfilesConstraint

      MultiValuesRule getAcceptablePDFAProfilesConstraint()
      Returns AcceptablePDFAProfiles constraint if present in the policy, null otherwise
      Returns:
      LevelRule if AcceptablePDFAProfiles element is present in the constraint file, null otherwise.

    • getPDFACompliantConstraint

      LevelRule getPDFACompliantConstraint()
      Returns PDFACompliant constraint if present in the policy, null otherwise
      Returns:
      LevelRule if PDFACompliant element is present in the constraint file, null otherwise.

    • isEIDASConstraintPresent

      boolean isEIDASConstraintPresent()
      Returns if EIDAS constraints present (qualification check shall be performed)
      Returns:
      TRUE if EIDAS constraint present, FALSE otherwise

    • getTLFreshnessConstraint

      DurationRule getTLFreshnessConstraint()
      Returns TLFreshness constraint if present in the policy, null otherwise
      Returns:
      LevelRule if TLFreshness element is present in the constraint file, null otherwise.

    • getTLWellSignedConstraint

      LevelRule getTLWellSignedConstraint()
      Returns TLWellSigned constraint if present in the policy, null otherwise
      Returns:
      LevelRule if TLWellSigned element is present in the constraint file, null otherwise.

    • getTLNotExpiredConstraint

      LevelRule getTLNotExpiredConstraint()
      Returns TLNotExpired constraint if present in the policy, null otherwise
      Returns:
      LevelRule if TLNotExpired element is present in the constraint file, null otherwise.

    • getTLVersionConstraint

      MultiValuesRule getTLVersionConstraint()
      Returns TLVersion constraint if present in the policy, null otherwise
      Returns:
      MultiValuesRule if TLVersion element is present in the constraint file, null otherwise.

    • getTLStructureConstraint

      LevelRule getTLStructureConstraint()
      Returns TLStructure constraint if present in the policy, null otherwise
      Returns:
      LevelRule if TLStructure element is present in the constraint file, null otherwise.

    • getValidationModel

      ValidationModel getValidationModel()
      Returns the used validation model (default is SHELL). Alternatives are CHAIN and HYBRID
      Returns:
      the validation model to be used