PkixXmlSignaturePolicyValidator (Signature Validation XML - 1.3.0)

java.lang.Object

se.swedenconnect.sigval.xml.policy.impl.AbstractBasicXMLSignaturePolicyChecks

se.swedenconnect.sigval.xml.policy.impl.PkixXmlSignaturePolicyValidator

All Implemented Interfaces:: XMLSignaturePolicyValidator

public class PkixXmlSignaturePolicyValidator extends AbstractBasicXMLSignaturePolicyChecks

This is the PKIX policy for signature validation

This policy allows a certificate that was revoked if the signature was timestamped by a trusted timestamp before the certificate was revoked.

Author:: Martin Lindström (martin@idsec.se), Stefan Santesson (stefan@idsec.se)

Constructor Summary

Constructors

Constructor

Description

PkixXmlSignaturePolicyValidator(boolean enforceCurrentTimeValidation)

Constructor for PKIX policy validator
Method Summary

Modifier and Type

Method

Description

protected String

getValidationPolicy()

Returns the validation policy implemented by this policy validator

protected PolicyValidationResult

performAdditionalValidityChecks(ExtendedXmlSigvalResult verifyResultSignature)

Validate the signature according to PKIX path validation and revocation checking.

Methods inherited from class se.swedenconnect.sigval.xml.policy.impl.AbstractBasicXMLSignaturePolicyChecks
validatePolicy

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details
- PkixXmlSignaturePolicyValidator
  
  public PkixXmlSignaturePolicyValidator(boolean enforceCurrentTimeValidation)
  
  Constructor for PKIX policy validator
  
  Parameters:
  
  enforceCurrentTimeValidation - true if the signing certificate must be unrevoked at signing time regardless of time stamps
Method Details
- performAdditionalValidityChecks
  
  protected PolicyValidationResult performAdditionalValidityChecks(ExtendedXmlSigvalResult verifyResultSignature)
  
  Validate the signature according to PKIX path validation and revocation checking.
  
  Specified by:
  
  performAdditionalValidityChecks in class AbstractBasicXMLSignaturePolicyChecks
  
  Parameters:
  
  verifyResultSignature - the verification result of the signature that MUST provide PathValidationResult data for the validated certificate path
  
  Returns:
  
  PolicyValidationResult for this signature
- getValidationPolicy
  
  protected String getValidationPolicy()
  
  Description copied from class: AbstractBasicXMLSignaturePolicyChecks
  
  Returns the validation policy implemented by this policy validator
  
  Specified by:
  
  getValidationPolicy in class AbstractBasicXMLSignaturePolicyChecks
  
  Returns:
  
  validation policy identifier