| SignDocVerificationParameters Methods |
The SignDocVerificationParameters type exposes the following members.
Methods| Name | Description | |
|---|---|---|
 | clone | |
| destroy | Destroy this object, overwriting sensitive data.
After calling this method, all methods of this object will throw.
|
| Dispose | |
| equals | |
| getErrorMessage | Get an error message for the last function call. |
| setBlob | Set an blob parameter.
Available blob parameters are:
- IntermediateCertificate Add an intermediate certificate
which might help building the
certificate chain.
The blob must contain
a serialized X.509 certificate
(DER or PEM).
- TrustedCertificate Add a trusted root certificate.
The blob must contain
a serialized X.509 certificate
(DER or PEM).
|
| setForUpdateDSS | Set suitable values for using this object with
SignDocDocument.updateDSS() and SignDocDocument.updateDSS2().
|
| setInteger | Set an integer parameter.
Available integer parameters are:
- CertificateChainVerificationPolicy Policy for simplified
verification of the certificate chain:
#ccvp_dont_verify, #ccvp_accept_self_signed,
#ccvp_accept_self_signed_with_bio, or
#ccvp_accept_self_signed_with_rsa_bio.
The default value is
#ccvp_accept_self_signed_with_rsa_bio.
This parameter is used by
SignDocDocument.renderPageAsImage(),
SignDocDocument.updateDSS(),
SignDocDocument.updateDSS2(),
SignDocVerificationResult.verifyCertificateSimplified(), and
SignDocVerificationResult.verifyTimeStampCertificateSimplified() only.
- CertificateRevocationVerificationPolicy Policy for simplified
verification of
the revocation status of the certificates:
#crvp_dont_check, #crvp_offline, or
#crvp_online.
The default value is #crvp_dont_check.
This parameter is used by
SignDocDocument.renderPageAsImage(),
SignDocDocument.updateDSS(),
SignDocDocument.updateDSS2(),
SignDocVerificationResult.verifyCertificateSimplified(), and
SignDocVerificationResult.verifyTimeStampCertificateSimplified() only.
- ChainPolicy Abbreviation for "CertificateChainVerificationPolicy".
- ComputeOfflineNextUpdate Number of hours embedded CRLs and OCSP responses
that do not have a nextUpdate value will be
assumed to be valid after their thisUpdate value.
That is, nextUpdate will be computed from
thisUpdate by adding the specified number of
hours.
The value -1 is special and means that those
CRLs and OCSP responses will be assumed to be
valid indefinitely.
The default value is -1.
See also flag #vf_enforce_next_update of
integer parameter "VerificationFlags".
- Flags Abbreviation for "VerificationFlags".
- Model Abbreviation for "VerificationModel".
- RevocationPolicy Abbreviation for "CertificateRevocationVerificationPolicy".
- Timeout The timeout (in millisconds) for HTTP
connections used for checking the revocation
state of certificates. This value is ignored
unless vf_check_revocation
is set for integer parameter "VerificationFlags".
The default value is 10000.
- VerificationFlags Flags modifying the verification. This is a
combination of these flags:
#vf_check_revocation, #vf_crl_first,
#vf_enforce_next_update, #vf_enforce_ocsp_signer,
#vf_ignore_no_revocation,
#vf_no_ocsp_nonce, #vf_offline, #vf_online,
#vf_use_crl_only, #vf_use_ocsp_only.
If you pass 0, the revocation state of the
certificates won't be checked.
The default value is 0.
SignDocDocument.renderPageAsImage(),
SignDocDocument.updateDSS(),
SignDocDocument.updateDSS2(),
SignDocVerificationResult.verifyCertificateSimplified(), and
SignDocVerificationResult.verifyTimeStampCertificateSimplified()
use integer parameter CertificateRevocationVerificationPolicy
instead of the vf_check_revocation flag.
#vf_offline should not be set for
SignDocDocument.addSignature().
- VerificationModel Model to be used for verifying the certificate
chain: #vm_minimal, #vm_chain, #vm_modified_shell,
or #vm_shell.
The default value is #vm_minimal.
SignDocDocument.addSignature() ignores this
parameter and uses #vm_chain if revocation
data is to be included in the signature.
|
| setString | Set a string parameter.
Available string parameters are:
- UserAgent The value of the User-Agent header field
sent to CRL and OCSP servers. The default
value is "SignDoc".
- VerificationTime Empty (for the current date and time)
or a string in ISO 8601 format
("yyyy-mm-ddThh:mm:ss", with optional timezone)
specifying the verification date and time.
The default value is empty.
Used only if integer parameter
"VerificationModel" is vm_shell.
This parameteter is not used by
SignDocDocument.addSignature();
that function always use the signing time
as verification time.
|
See Also