| Interface | Description |
|---|---|
| Validator |
| Class | Description |
|---|---|
| AllDataObjectsTimeStampValidator |
The time-stamp token contained within
AllDataObjectsTimeStamp
property does not cover any unsigned property and the regular elements
within the signature that are mandated to be time-stamped are easily
determined by inspecting the ds:SignedInfocontents. |
| ArchiveTimestampValidator | |
| AttrAuthoritiesCertValuesValidator | |
| AttributeCertificateRefsValidator | |
| AttributeRevocationRefsValidator | |
| AttributeRevocationValuesValidator | |
| BaseTimeStampValidator |
Base class for BES TimeStamp validator objects.
|
| CertificateValuesValidator | |
| CompleteCertificateRefsValidator |
If CompleteCertificateRefs is present the verifier should:
1) Gain access to all the CA certificates that are part of the certification
path
2) Check that for each certificate in the aforementioned set, the property
contains its corresponding reference.
|
| CompleteRevocationRefsValidator | |
| DataObjectFormatValidator |
G.2.2.8 Checking DataObjectFormat
|
| EncapsulatedTimeStampValidator | |
| IndividualDataObjectsTimeStampValidator |
The time-stamp token contained within IndividualDataObjectsTimeStamp
property does not cover any unsigned property, but now there is need for
explicit information of what of the signed data-objects are actually
time-stamped.
|
| RefsOnlyTimestampValidator | |
| RevocationValuesValidator | |
| SigAndRefsTimestampValidator | |
| SignaturePolicyValidator |
Verifies SignaturePoliciyIdentifier when it is not implicit.
|
| SignatureTimeStampValidator |
SignatureTimeStamp envelopes a time-stamp token on the
ds:SignatureValue element and exclusively uses the implicit
mechanism. |
| SignerRoleValidator |
Should this property contain claimed roles, the specific rules governing the
acceptance of the XAdES signature as valid or not in the view of the contents
of this property are out of the scope of the present document.
|
| SigningCertificateValidator |
ETSI TS 101 903 V1.4.1 :
|
| SigningTimeValidator |
Should a signature policy (implicit or explicit) be in place,
applications SHOULD follow its rules for checking this signed property.
|
| TurkishESigProfileAttributeValidator |
Checks if the signature satisfies Turkish Electronic Signature standards
For all types (P1, P2, P3 and P4),
1- Digest algorithm stated in policy identifier must be SHA-256
2- Digest algorithm of signing certificate must be SHA-256
3- Signing time has to be existed
If T or above (P2, P3 and P4)
4- Signature timestamp has to be later than signing time
5- Signature timestamp has to be taken with in 2 hours of signing (more specifically, the signing time)
If XL or above (P3 and P4)
6- Revocation data in TimeStampValidationData must be CRL
7- TimeStampValidationData must have root of timestamp signing certificate
|
| TurkishESigProfileValidator |
Checks the signature format consistency with Turkish Electronic Signature standards
If P4,
- It has to be XL or A
- It has to have OCSP as revocation data
If P3,
- It has to be XL or A
- It has to have CRL as revocation data
If P2,
- It has to be T or above
Note:
If you are planning to to upgrade later, let's say you sign T with P3 and will upgrade 1 hour later,
you should not validate that temporary signature or you can use a modified config file without this validator
|
Copyright © 2025. All rights reserved.