Enum SignatureValidationStatus.SubIndication

    • Enum Constant Summary

      Enum Constants 
      Enum Constant Description
      CERTIFICATE_CHAIN_GENERAL_FAILURE
      The signature validation process results into INDETERMINATE because the set of certificates available for chain validation produced an error for an unspecified reason.
      CHAIN_CONSTRAINTS_FAILURE
      The signature validation process results into INDETERMINATE because the certificate chain used in the validation process does not match the validation constraints related to the certificate.
      CRYPTO_CONSTRAINTS_FAILURE
      The signature validation process results into INDETERMINATE because at least one of the algorithms that have been used in material (e.g.
      CRYPTO_CONSTRAINTS_FAILURE_NO_POE
      The signature validation process results into INDETERMINATE because at least one of the algorithms that have been used in objects (e.g.
      EXPIRED
      The signature validation process results into TOTAL-FAILED because there is proof that the signature has been created after the expiration date (notAfter) of the signing certificate.
      FORMAT_FAILURE
      The signature is not conformant to one of the base standards to the extent that the cryptographic verification building block is unable to process it.
      HASH_FAILURE
      The signature validation process results into TOTAL-FAILED because at least one hash of a signed data object(s) that has been included in the signing process does not match the corresponding hash value in the signature.
      NO_CERTIFICATE_CHAIN_FOUND
      The signature validation process results into INDETERMINATE because no certificate chain has been found for the identified signing certificate.
      NO_POE
      The signature validation process results into INDETERMINATE because a proof of existence is missing to ascertain that a signed object has been produced before some compromising even
      NO_SIGNING_CERTIFICATE_FOUND
      The signature validation process results into INDETERMINATE because the signing certificate cannot be identified.
      NOT_YET_VALID
      The signature validation process results into TOTAL-FAILED because there is proof that the signature was created before the issuance date (notBefore) of the signing certificate.
      OUT_OF_BOUNDS_NO_POE
      The signature validation process results into INDETERMINATE because the signing certificate is expired or not yet valid at the validation date/time and the Signature Validation Algorithm cannot ascertain that the signing time lies within the validity interval of the signing certificate.
      OUT_OF_BOUNDS_NOT_REVOKED
      The signature validation process results into INDETERMINATE because the signing certificate is expired or not yet valid at the validation date/time and the Signature Validation Algorithm cannot ascertain that the signing time lies within the validity interval of the signing certificate.
      POLICY_PROCESSING_ERROR
      The signature validation process results into INDETERMINATE because a given formal policy file could not be processed for any reason (e.g.
      REVOKED
      The signature validation process results into TOTAL-FAILED because: • the signing certificate has been revoked; and • there is proof that the signature has been created after the revocation time.
      REVOKED_CA_NO_POE
      The signature validation process results into INDETERMINATE because at least one certificate chain was found but an intermediate CA certificate is revoked.
      REVOKED_NO_POE
      The signature validation process results into INDETERMINATE because the signing certificate was revoked at the validation date/time.
      SIG_CONSTRAINTS_FAILURE
      The signature validation process results into INDETERMINATE because one or more attributes of the signature do not match the validation constraints.
      SIG_CRYPTO_FAILURE
      The signature validation process results into TOTAL-FAILED because the signature value in the signature could not be verified using the signer's public key in the signing certificate.
      SIGNATURE_POLICY_NOT_AVAILABLE
      The signature validation process results into INDETERMINATE because the electronic document containing the details of the policy is not available.
      SIGNED_DATA_NOT_FOUND
      The signature validation processresults into INDETERMINATE because signed data cannot beobtained.
      TIMESTAMP_ORDER_FAILURE
      The signature validation process results into INDETERMINATE because some constraints on the order of signature time-stamps and/or signed data object(s) time-stamps are not respected.
      TRY_LATER
      The signature validation process results into INDETERMINATE because not all constraints can be fulfilled using available information.
    • Constructor Summary

      Constructors 
      Modifier Constructor Description
      private SubIndication()  
    • Method Summary

      All Methods Static Methods Concrete Methods 
      Modifier and Type Method Description
      static SignatureValidationStatus.SubIndication valueOf​(java.lang.String name)
      Returns the enum constant of this type with the specified name.
      static SignatureValidationStatus.SubIndication[] values()
      Returns an array containing the constants of this enum type, in the order they are declared.
      • Methods inherited from class java.lang.Enum

        clone, compareTo, equals, finalize, getDeclaringClass, hashCode, name, ordinal, toString, valueOf
      • Methods inherited from class java.lang.Object

        getClass, notify, notifyAll, wait, wait, wait
    • Enum Constant Detail

      • FORMAT_FAILURE

        public static final SignatureValidationStatus.SubIndication FORMAT_FAILURE
        The signature is not conformant to one of the base standards to the extent that the cryptographic verification building block is unable to process it.

        The validation process shall provide any information available why parsing of the signature failed.

      • HASH_FAILURE

        public static final SignatureValidationStatus.SubIndication HASH_FAILURE
        The signature validation process results into TOTAL-FAILED because at least one hash of a signed data object(s) that has been included in the signing process does not match the corresponding hash value in the signature.

        The validation process shall provide: An identifier (s) (e.g. a URI or OID) uniquely identifying the element within the signed data object (such as the signature attributes, or the SD) that caused the failure.

      • SIG_CRYPTO_FAILURE

        public static final SignatureValidationStatus.SubIndication SIG_CRYPTO_FAILURE
        The signature validation process results into TOTAL-FAILED because the signature value in the signature could not be verified using the signer's public key in the signing certificate.

        The validation process shall output: The signing certificate used in the validation process.

      • REVOKED

        public static final SignatureValidationStatus.SubIndication REVOKED
        The signature validation process results into TOTAL-FAILED because: • the signing certificate has been revoked; and • there is proof that the signature has been created after the revocation time.

        The validation process shall provide the following: • The certificate chain used in the validation process. • The time and, if available, the reason of revocation of the signing certificate.

      • EXPIRED

        public static final SignatureValidationStatus.SubIndication EXPIRED
        The signature validation process results into TOTAL-FAILED because there is proof that the signature has been created after the expiration date (notAfter) of the signing certificate.

        The process shall output: The validated certificate chain.

      • NOT_YET_VALID

        public static final SignatureValidationStatus.SubIndication NOT_YET_VALID
        The signature validation process results into TOTAL-FAILED because there is proof that the signature was created before the issuance date (notBefore) of the signing certificate.
      • SIG_CONSTRAINTS_FAILURE

        public static final SignatureValidationStatus.SubIndication SIG_CONSTRAINTS_FAILURE
        The signature validation process results into INDETERMINATE because one or more attributes of the signature do not match the validation constraints.

        The validation process shall provide: The set of constraints that have not been met by the signature.

      • CHAIN_CONSTRAINTS_FAILURE

        public static final SignatureValidationStatus.SubIndication CHAIN_CONSTRAINTS_FAILURE
        The signature validation process results into INDETERMINATE because the certificate chain used in the validation process does not match the validation constraints related to the certificate.

        The validation process shall output: • The certificate chain used in the validation process. • The set of constraints that have not been met by the chain.

      • CERTIFICATE_CHAIN_GENERAL_FAILURE

        public static final SignatureValidationStatus.SubIndication CERTIFICATE_CHAIN_GENERAL_FAILURE
        The signature validation process results into INDETERMINATE because the set of certificates available for chain validation produced an error for an unspecified reason.

        The process shall output: Additional information regarding the reason.

      • CRYPTO_CONSTRAINTS_FAILURE

        public static final SignatureValidationStatus.SubIndication CRYPTO_CONSTRAINTS_FAILURE
        The signature validation process results into INDETERMINATE because at least one of the algorithms that have been used in material (e.g. the signature value, a certificate...) involved in validating the signature, or the size of a key used with such an algorithm, is below the required cryptographic security level, and: • this material was produced after the time up to which this algorithm/key was considered secure (if such a time is known); and • the material is not protected by a sufficiently strong time-stamp applied before the time up to which the algorithm/key was considered secure (if such a time is known).

        The process shall output: • Identification of the material (signature, certificate) that is produced using an algorithm or key size below the required cryptographic security level. • If known, the time up to which the algorithm or key size were considered secure.

      • POLICY_PROCESSING_ERROR

        public static final SignatureValidationStatus.SubIndication POLICY_PROCESSING_ERROR
        The signature validation process results into INDETERMINATE because a given formal policy file could not be processed for any reason (e.g. not accessible, not parseable, digest mismatch, etc.).

        The validation process shall provide additional information on the problem.

      • SIGNATURE_POLICY_NOT_AVAILABLE

        public static final SignatureValidationStatus.SubIndication SIGNATURE_POLICY_NOT_AVAILABLE
        The signature validation process results into INDETERMINATE because the electronic document containing the details of the policy is not available.
      • TIMESTAMP_ORDER_FAILURE

        public static final SignatureValidationStatus.SubIndication TIMESTAMP_ORDER_FAILURE
        The signature validation process results into INDETERMINATE because some constraints on the order of signature time-stamps and/or signed data object(s) time-stamps are not respected.

        The validation process shall output the list of time-stamps that do no respect the ordering constraints.

      • NO_SIGNING_CERTIFICATE_FOUND

        public static final SignatureValidationStatus.SubIndication NO_SIGNING_CERTIFICATE_FOUND
        The signature validation process results into INDETERMINATE because the signing certificate cannot be identified.
      • NO_CERTIFICATE_CHAIN_FOUND

        public static final SignatureValidationStatus.SubIndication NO_CERTIFICATE_CHAIN_FOUND
        The signature validation process results into INDETERMINATE because no certificate chain has been found for the identified signing certificate.
      • REVOKED_NO_POE

        public static final SignatureValidationStatus.SubIndication REVOKED_NO_POE
        The signature validation process results into INDETERMINATE because the signing certificate was revoked at the validation date/time. However, the Signature Validation Algorithm cannot ascertain that the signing time lies before or after the revocation time.

        The validation process shall provide the following: • The certificate chain used in the validation process. • The time and the reason of revocation of the signing certificate.

      • REVOKED_CA_NO_POE

        public static final SignatureValidationStatus.SubIndication REVOKED_CA_NO_POE
        The signature validation process results into INDETERMINATE because at least one certificate chain was found but an intermediate CA certificate is revoked.

        The validation process shall provide the following: • The certificate chain which includes the revoked CA certificate. • The time and the reason of revocation of the certificate.

      • OUT_OF_BOUNDS_NOT_REVOKED

        public static final SignatureValidationStatus.SubIndication OUT_OF_BOUNDS_NOT_REVOKED
        The signature validation process results into INDETERMINATE because the signing certificate is expired or not yet valid at the validation date/time and the Signature Validation Algorithm cannot ascertain that the signing time lies within the validity interval of the signing certificate. The certificate is known not to be revoked.
      • OUT_OF_BOUNDS_NO_POE

        public static final SignatureValidationStatus.SubIndication OUT_OF_BOUNDS_NO_POE
        The signature validation process results into INDETERMINATE because the signing certificate is expired or not yet valid at the validation date/time and the Signature Validation Algorithm cannot ascertain that the signing time lies within the validity interval of the signing certificate.
      • CRYPTO_CONSTRAINTS_FAILURE_NO_POE

        public static final SignatureValidationStatus.SubIndication CRYPTO_CONSTRAINTS_FAILURE_NO_POE
        The signature validation process results into INDETERMINATE because at least one of the algorithms that have been used in objects (e.g. the signature value, a certificate, etc.) involved in validating the signature, or the size of a key used with such an algorithm, is below the required cryptographic security level, and there is no proof that this material was produced before the time up to which this algorithm/key was considered secure.

        The process shall output: • Identification of the material (signature, certificate) that is produced using an algorithm or key size below the required cryptographic security level. If known, the time up to which the algorithm or key size were consider secure.

      • NO_POE

        public static final SignatureValidationStatus.SubIndication NO_POE
        The signature validation process results into INDETERMINATE because a proof of existence is missing to ascertain that a signed object has been produced before some compromising even

        The validation process shall identify at least the signed objects for which the POEs are missing. • The validation process should provide additional information on the problem.

      • TRY_LATER

        public static final SignatureValidationStatus.SubIndication TRY_LATER
        The signature validation process results into INDETERMINATE because not all constraints can be fulfilled using available information. However, it may be possible to do so using additional revocation information that will be available at a later point of time.

        The validation process shall output the point of time, where the necessary revocation information is expected to become available.

      • SIGNED_DATA_NOT_FOUND

        public static final SignatureValidationStatus.SubIndication SIGNED_DATA_NOT_FOUND
        The signature validation processresults into INDETERMINATE because signed data cannot beobtained.

        The process should output when available: The identifier(s) (e.g. a URI) of the signed data that caused the failure.

    • Constructor Detail

      • SubIndication

        private SubIndication()
    • Method Detail

      • values

        public static SignatureValidationStatus.SubIndication[] values()
        Returns an array containing the constants of this enum type, in the order they are declared. This method may be used to iterate over the constants as follows:
        for (SignatureValidationStatus.SubIndication c : SignatureValidationStatus.SubIndication.values())
            System.out.println(c);
        
        Returns:
        an array containing the constants of this enum type, in the order they are declared
      • valueOf

        public static SignatureValidationStatus.SubIndication valueOf​(java.lang.String name)
        Returns the enum constant of this type with the specified name. The string must match exactly an identifier used to declare an enum constant in this type. (Extraneous whitespace characters are not permitted.)
        Parameters:
        name - the name of the enum constant to be returned.
        Returns:
        the enum constant with the specified name
        Throws:
        java.lang.IllegalArgumentException - if this enum type has no constant with the specified name
        java.lang.NullPointerException - if the argument is null