| Package | Description |
|---|---|
| com.guardtime.ksi.unisignature.verifier.rules |
KSI signature verification rules
|
| Modifier and Type | Class and Description |
|---|---|
class |
AggregationChainInputHashVerificationRule
Verifies that if RFC3161 record is present then the calculated output hash (from RFC3161 record) equals to
aggregation chain input hash.
|
class |
AggregationHashChainAlgorithmDeprecatedRule
Verifies if the aggregation hash chain uses a hash algorithm that was deprecated at the aggregation time.
|
class |
AggregationHashChainConsistencyRule
Verifies that all aggregation hash chains are consistent (e.g previous aggregation output hash equals to
current aggregation chain input hash).
|
class |
AggregationHashChainIndexConsistencyRule
Verifies that aggregation chain indices are matching corresponding aggregation chains (e.g all left and
right links are correctly defined in the chain index).
|
class |
AggregationHashChainIndexSuccessorRule
Checks that chain index of a aggregation hash chain is successor to it's parent aggregation hash chain index.
|
class |
AggregationHashChainLinkMetadataRule
Verifies that all metadata structures in aggregation hash chain links are valid.
|
class |
AggregationHashChainTimeConsistencyRule
Checks that aggregation hash chain aggregation times are consistent (e.g previous aggregation
hash chain aggregation time to current aggregation hash chain aggregation time).
|
class |
CalendarAuthenticationRecordAggregationHashRule
Verifies that calendar authentication record publication hash equals to calendar hash chain
publication hash.
|
class |
CalendarAuthenticationRecordAggregationTimeRule
Verifies that calendar authentication record publication time equals to calendar hash chain
publication time.
|
class |
CalendarAuthenticationRecordExistenceRule
Verifies that KSI signature contains calendar authentication record element.
|
class |
CalendarAuthenticationRecordSignatureVerificationRule
Validates calendar authentication record signature.
|
class |
CalendarHashChainAggregationAlgorithmObsoleteRule
Verifies that calendar hash chain aggregation(derived from the left link) hash algorithms were
obsolete at the publication time.
|
class |
CalendarHashChainAggregationTimeRule
Verifies that calendar hash chain aggregation time equals to last aggregation hash chain
aggregation time.
|
class |
CalendarHashChainAlgorithmDeprecatedExtenderResponseRule
Verifies if any of the response calendar hash chain aggregation hash algorithms (derived from the left link)
were deprecated at the publication time.
|
class |
CalendarHashChainAlgorithmDeprecatedRule
Verifies if any of the calendar hash chain aggregation hash algorithms (derived from the left link)
were deprecated at the publication time.
|
class |
CalendarHashChainDoesNotExistRule
Checks that KSI signature does not contain calendar hash chain.
|
class |
CalendarHashChainExistenceRule
Checks if KSI signature contains calendar hash chain.
|
class |
CalendarHashChainInputHashVerificationRule
Verifies that last aggregation hash chain output hash equals to calendar hash chain input hash.
|
class |
CalendarHashChainRegistrationTimeRule
Verifies that calendar hash chain registration time (calculated from the shape of the calendar
hash chain) equals to calendar hash chain aggregation time.
|
class |
CertificateExistenceRule
Checks if publications file contains certificate with certificate id present in calendar
authentication record.
|
class |
CertificateValidityRule
Checks if certificate was valid at aggregation time.
|
class |
DocumentHashAlgorithmVerificationRule
Verifies that document hash provided and it's hash algorithm match with the hash algorithm of
the input hash of the first aggregation chain or RFC-3161 record if present.
|
class |
DocumentHashVerificationRule
Verifies document hash.
|
class |
ExtendedSignatureCalendarChainAggregationTimeRule
Checks that extended signature contains correct aggregation time.
|
class |
ExtendedSignatureCalendarChainInputHashRule
Checks that extended signature contains correct calendar hash chain input hash (e.g matches with
aggregation chain root hash).
|
class |
ExtendedSignatureCalendarChainRootHashRule
Checks that reproduced calendar hash chain (reproduced by sending extension request with the same
aggregation and publication time as the attached calendar chain) matches with the already present calendar hash chain
root hash.
|
class |
ExtendedSignatureCalendarHashChainRightLinksMatchesRule
Checks that: the extended calendar hash chain contains the same count of right
links the extended calendar hash chain right links are equal to the not extended
calendar hash chain right links
|
class |
ExtendingPermittedVerificationRule
Checks is signature extending is permitted or not.
|
class |
InputHashLevelVerificationRule
Verifies that user provided input hash level is less than or equal to first aggregation hash chain's first
link's level corrector value.
|
class |
PublicationsFileContainsPublicationRule
Checks if publications file contains publication closest to signature registration time.
|
class |
PublicationsFileContainsSignaturePublicationRule
Checks if publications file contains signature publication.
|
class |
PublicationsFileExtendedSignatureInputHashRule
Checks that extender response input hash equals with signature aggregation root hash.
|
class |
PublicationsFilePublicationHashMatchesExtenderResponseRule
Verifies that publications file publication hash matches with extender response calendar root hash.
|
class |
PublicationsFilePublicationTimeMatchesExtenderResponseRule
Verifies that publications file publication time matches with extender response calendar chain
shape.
|
class |
Rfc3161InternalHashAlgorithmsDeprecatedRule
Verifies that the RFC-3161 record uses internally a hash functions that were not deprecated at the aggregation time.
|
class |
Rfc3161OutputHashAlgorithmDeprecatedRule
Verifies if the RFC3161 compatibility record output hash algorithm was deprecated at the time of signing.
|
class |
Rfc3161RecordIndexRule
Verifies the index of the RFC3161 record.
|
class |
Rfc3161RecordTimeRule
Verifies that RFC3161 record aggregation time equals to first aggregation chain aggregation time.
|
class |
SignatureDoesNotContainPublicationRule
Checks that signature does not contain publication record.
|
class |
SignatureInputHashAlgorithmDeprecatedRule
Verifies that the hash algorithm of the input hash of the signature (input hash of the first aggregation hash chain
or if present the input hash of the RFC-3161 record) was not deprecated at the aggregation time.
|
class |
SignaturePublicationRecordExistenceRule
Checks if the KSI signature contains publication record or not.
|
class |
SignaturePublicationRecordPublicationHashRule
Checks if the KSI signature contains publication record or not.
|
class |
SignaturePublicationRecordPublicationTimeRule
Checks if the KSI signature contains correct publication record publication time.
|
class |
UserProvidedPublicationCalendarHashChainAlgorithmDeprecatedRule
Verifies if any of the extender response calendar hash chain aggregation hash algorithms (derived from the left link)
were deprecated at the publication time.
|
class |
UserProvidedPublicationCreationTimeVerificationRule
Checks that signature is created before user provided publication.
|
class |
UserProvidedPublicationExistenceRule
Verifies if user has provided the publication or not.
|
class |
UserProvidedPublicationExtendedSignatureInputHashRule
Checks that extender response input hash equals with signature aggregation root hash.
|
class |
UserProvidedPublicationHashEqualsToSignaturePublicationHashRule
Verifies that user provided publication data hash equals to signature publication record data hash.
|
class |
UserProvidedPublicationHashMatchesExtendedResponseRule
Verifies that user provided publication hash matches with extender response calendar root hash.
|
class |
UserProvidedPublicationTimeEqualsToSignaturePublicationTimeRule
Verifies that user provided publication time equals to signature publication time
|
class |
UserProvidedPublicationTimeMatchesExtendedResponseRule
Verifies that user provided publication time matches with extender response calendar chain shape.
|
class |
UserProvidedPublicationTimeNotEqualToSignaturePublicationTimeRule
Verifies that user provided publication time does not equal to signature publication time
|
Copyright © 2024 Guardtime. All rights reserved.