JAdESVerifier Class
Properties Methods Events Config Settings Errors
The JAdESVerifier class verifies signatures over JSON objects.
Class Name
SecureBlackbox_JAdESVerifier
Procedural Interface
secureblackbox_jadesverifier_open(); secureblackbox_jadesverifier_close($res); secureblackbox_jadesverifier_register_callback($res, $id, $function); secureblackbox_jadesverifier_get_last_error($res); secureblackbox_jadesverifier_get_last_error_code($res); secureblackbox_jadesverifier_set($res, $id, $index, $value); secureblackbox_jadesverifier_get($res, $id, $index); secureblackbox_jadesverifier_do_close($res, $savechanges); secureblackbox_jadesverifier_do_config($res, $configurationstring); secureblackbox_jadesverifier_do_doaction($res, $actionid, $actionparams); secureblackbox_jadesverifier_do_open($res); secureblackbox_jadesverifier_do_revalidate($res, $sigindex); secureblackbox_jadesverifier_do_unsign($res, $sigindex); secureblackbox_jadesverifier_do_verify($res);
Remarks
Use JAdESVerifier to validate electronic signatures over JSON structures. Generic (JWS) and JAdES (JSON Advanced Electronic Signatures) are supported.
JAdESVerifier validates each signature from two perspectives: the integrity and validity of the signature itself (i.e. its correspondence to the JSON data it covers), and the validity and trustworthiness of the signing certificate chain. These two signature aspects are generally independent of each other: the signature may be valid but the chain may not be trusted, or, the other way round, the chain may be trusted, but the integrity of the signature may be violated. Under normal circumstances both the signature and the chain must be valid for the signature to be considered good.
To initiate the validation, assign the path to the signed JSON file to the InputFile property (alternatively, you can provide it in a memory buffer via InputBytes or InputString property), and call Verify method. For every signature located in the document, JAdESVerifier will fire the SignatureFound event. This event lets you specify whether you want JAdESVerifier to validate the signature, the chain, or both.
Note: it does not mean that any of the two is optional. This API lets you be flexible in how you validate documents in your code, to allow for a variety of validation scenarios. For example, if your trust environment relies on certificate pinning, validating the chain by JAdESVerifier internally may cause unnecessary burden on the system, in which case (but not in others!) it may be reasonable to disable it in the event handler.
Once SignatureFound returns, JAdESVerifier proceeds to the signature validation routine in accordance with the provided settings. Upon completion of the validation, SignatureValidated event is fired, and the validation results are separately provided via SignatureValidationResult and ChainValidationResult properties of the relevant signature object. Other information about the signature can be accessed via the Signatures property.
Useful settings and properties
The following properties of JAdESVerifier may be handy when working with this component:
- OfflineMode lets you validate the JSON object without contacting online revocation sources. Paired with switched off system trust settings, it can be used to establish the long-term validity of the signed object and the completeness of validation material included in it.
- RevocationCheck lets you adjust the revocation checking preferences.
- ValidatedSigningTime returns the signing time as recorded in the embedded signature timestamp. This is in contrast to ClaimedSigningTime, which returns the signing time as specified by the signer.
- ValidationLog is a great way to find out the details of chain validation failures. This property returns a comprehensive validation log that reports all the issues encountered during the validation.
By default, JAdESVerifier uses the system trust settings to establish certificate chain validity. You can configure it to use your own, custom validation environment by providing the necessary trust elements via KnownCertificates, TrustedCertificates, KnownCRLs, and other similar properties.
Property List
The following is the full list of the properties of the class with short descriptions. Click on the links for further details.
| AllSignaturesValid | The cumulative validity of all signatures. |
| AutoValidateSignatures | Specifies whether class should validate any present signatures when the JWS/JAdES signature is opened. |
| BlockedCertCount | The number of records in the BlockedCert arrays. |
| BlockedCertBytes | Returns the raw certificate data in DER format. |
| BlockedCertHandle | Allows to get or set a 'handle', a unique identifier of the underlying property object. |
| CertCount | The number of records in the Cert arrays. |
| CertBytes | Returns the raw certificate data in DER format. |
| CertCA | Indicates whether the certificate has a CA capability (a setting in the BasicConstraints extension). |
| CertCAKeyID | A unique identifier (fingerprint) of the CA certificate's private key. |
| CertCRLDistributionPoints | Locations of the CRL (Certificate Revocation List) distribution points used to check this certificate's validity. |
| CertCurve | Specifies the elliptic curve of the EC public key. |
| CertFingerprint | Contains the fingerprint (a hash imprint) of this certificate. |
| CertFriendlyName | Contains an associated alias (friendly name) of the certificate. |
| CertHandle | Allows to get or set a 'handle', a unique identifier of the underlying property object. |
| CertHashAlgorithm | Specifies the hash algorithm to be used in the operations on the certificate (such as key signing) SB_HASH_ALGORITHM_SHA1 SHA1 SB_HASH_ALGORITHM_SHA224 SHA224 SB_HASH_ALGORITHM_SHA256 SHA256 SB_HASH_ALGORITHM_SHA384 SHA384 SB_HASH_ALGORITHM_SHA512 SHA512 SB_HASH_ALGORITHM_MD2 MD2 SB_HASH_ALGORITHM_MD4 MD4 SB_HASH_ALGORITHM_MD5 MD5 SB_HASH_ALGORITHM_RIPEMD160 RIPEMD160 SB_HASH_ALGORITHM_CRC32 CRC32 SB_HASH_ALGORITHM_SSL3 SSL3 SB_HASH_ALGORITHM_GOST_R3411_1994 GOST1994 SB_HASH_ALGORITHM_WHIRLPOOL WHIRLPOOL SB_HASH_ALGORITHM_POLY1305 POLY1305 SB_HASH_ALGORITHM_SHA3_224 SHA3_224 SB_HASH_ALGORITHM_SHA3_256 SHA3_256 SB_HASH_ALGORITHM_SHA3_384 SHA3_384 SB_HASH_ALGORITHM_SHA3_512 SHA3_512 SB_HASH_ALGORITHM_BLAKE2S_128 BLAKE2S_128 SB_HASH_ALGORITHM_BLAKE2S_160 BLAKE2S_160 SB_HASH_ALGORITHM_BLAKE2S_224 BLAKE2S_224 SB_HASH_ALGORITHM_BLAKE2S_256 BLAKE2S_256 SB_HASH_ALGORITHM_BLAKE2B_160 BLAKE2B_160 SB_HASH_ALGORITHM_BLAKE2B_256 BLAKE2B_256 SB_HASH_ALGORITHM_BLAKE2B_384 BLAKE2B_384 SB_HASH_ALGORITHM_BLAKE2B_512 BLAKE2B_512 SB_HASH_ALGORITHM_SHAKE_128 SHAKE_128 SB_HASH_ALGORITHM_SHAKE_256 SHAKE_256 SB_HASH_ALGORITHM_SHAKE_128_LEN SHAKE_128_LEN SB_HASH_ALGORITHM_SHAKE_256_LEN SHAKE_256_LEN . |
| CertIssuer | The common name of the certificate issuer (CA), typically a company name. |
| CertIssuerRDN | A collection of information, in the form of [OID, Value] pairs, uniquely identifying the certificate issuer. |
| CertKeyAlgorithm | Specifies the public key algorithm of this certificate. |
| CertKeyBits | Returns the length of the public key. |
| CertKeyFingerprint | Returns a fingerprint of the public key contained in the certificate. |
| CertKeyUsage | Indicates the purposes of the key contained in the certificate, in the form of an OR'ed flag set. |
| CertKeyValid | Returns True if the certificate's key is cryptographically valid, and False otherwise. |
| CertOCSPLocations | Locations of OCSP (Online Certificate Status Protocol) services that can be used to check this certificate's validity, as recorded by the CA. |
| CertPolicyIDs | Contains identifiers (OIDs) of the applicable certificate policies. |
| CertPublicKeyBytes | Contains the certificate's public key in DER format. |
| CertSelfSigned | Indicates whether the certificate is self-signed (root) or signed by an external CA. |
| CertSerialNumber | Returns the certificate's serial number. |
| CertSigAlgorithm | Indicates the algorithm that was used by the CA to sign this certificate. |
| CertSubject | The common name of the certificate holder, typically an individual's name, a URL, an e-mail address, or a company name. |
| CertSubjectKeyID | Contains a unique identifier (fingerprint) of the certificate's private key. |
| CertSubjectRDN | A collection of information, in the form of [OID, Value] pairs, uniquely identifying the certificate holder (subject). |
| CertValidFrom | The time point at which the certificate becomes valid, in UTC. |
| CertValidTo | The time point at which the certificate expires, in UTC. |
| CompactForm | Specifies if the JWS compact serialization to be used. |
| ContentType | Specifies payload content type. |
| CRLCount | The number of records in the CRL arrays. |
| CRLBytes | Returns the raw CRL data in DER format. |
| CRLHandle | Allows to get or set a 'handle', a unique identifier of the underlying property object. |
| CRLIssuer | The common name of the CRL issuer (CA), typically a company name. |
| CRLIssuerRDN | A collection of information, in the form of [OID, Value] pairs, uniquely identifying the CRL issuer. |
| CRLLocation | The URL that the CRL was downloaded from. |
| CRLNextUpdate | The planned time and date of the next version of this CRL to be published. |
| CRLThisUpdate | The date and time at which this version of the CRL was published. |
| DataBytes | Use this property to pass a payload or an object data to class in the byte array form. |
| DataFile | A path to a file containing a payload or an object data. |
| DataString | Use this property to pass a payload or an object data to class in the string form. |
| Detached | Specifies whether a detached signature should be produced or verified. |
| ExtractPayload | Specifies whether a payload should be extracted. |
| FIPSMode | Reserved. |
| FlattenedSignature | Specifies if the flattened signature to be used. |
| IgnoreChainValidationErrors | Makes the class tolerant to chain validation errors. |
| InputBytes | Use this property to pass the input to class in byte array form. |
| InputFile | The file to be signed. |
| InputString | Use this property to pass the input to class in the string form. |
| KnownCertCount | The number of records in the KnownCert arrays. |
| KnownCertBytes | Returns the raw certificate data in DER format. |
| KnownCertHandle | Allows to get or set a 'handle', a unique identifier of the underlying property object. |
| KnownCRLCount | The number of records in the KnownCRL arrays. |
| KnownCRLBytes | Returns the raw CRL data in DER format. |
| KnownCRLHandle | Allows to get or set a 'handle', a unique identifier of the underlying property object. |
| KnownOCSPCount | The number of records in the KnownOCSP arrays. |
| KnownOCSPBytes | A buffer containing the raw OCSP response data. |
| KnownOCSPHandle | Allows to get or set a 'handle', a unique identifier of the underlying property object. |
| OCSPCount | The number of records in the OCSP arrays. |
| OCSPBytes | A buffer containing the raw OCSP response data. |
| OCSPHandle | Allows to get or set a 'handle', a unique identifier of the underlying property object. |
| OCSPIssuer | Indicates the issuer of this response (a CA or its authorized representative). |
| OCSPIssuerRDN | Indicates the RDN of the issuer of this response (a CA or its authorized representative). |
| OCSPLocation | The location of the OCSP responder. |
| OCSPProducedAt | Specifies the time when the response was produced, in UTC. |
| OfflineMode | Switches the class to offline mode. |
| OutputBytes | Use this property to read the output the class object has produced. |
| OutputFile | Defines where to save the signature. |
| OutputString | Use this property to read the output the class object has produced. |
| Profile | Specifies a pre-defined profile to apply when creating the signature. |
| ProxyAddress | The IP address of the proxy server. |
| ProxyAuthentication | The authentication type used by the proxy server. |
| ProxyPassword | The password to authenticate to the proxy server. |
| ProxyPort | The port on the proxy server to connect to. |
| ProxyProxyType | The type of the proxy server. |
| ProxyRequestHeaders | Contains HTTP request headers for WebTunnel and HTTP proxy. |
| ProxyResponseBody | Contains the HTTP or HTTPS (WebTunnel) proxy response body. |
| ProxyResponseHeaders | Contains response headers received from an HTTP or HTTPS (WebTunnel) proxy server. |
| ProxyUseIPv6 | Specifies whether IPv6 should be used when connecting through the proxy. |
| ProxyUseProxy | Enables or disables proxy-driven connection. |
| ProxyUsername | Specifies the username credential for proxy authentication. |
| RevocationCheck | Specifies the kind(s) of revocation check to perform for all chain certificates. |
| SignatureCount | The number of records in the Signature arrays. |
| SignatureCertificateIndex | Returns the index of the signing certificate in the Certificates collection Use this property to look up the signing certificate in the Certificates collection. |
| SignatureChainValidationDetails | The details of a certificate chain validation outcome. |
| SignatureChainValidationResult | The outcome of a certificate chain validation routine. |
| SignatureClaimedSigningTime | The signing time from the signer's computer. |
| SignatureContentType | Specifies payload content type. |
| SignatureCountersigned | Indicates if the signature is countersigned. |
| SignatureHandle | Allows to get or set a 'handle', a unique identifier of the underlying property object. |
| SignatureHashAlgorithm | Specifies the hash algorithm to be used. |
| SignatureIssuerRDN | The Relative Distinguished Name of the signing certificate's issuer. |
| SignatureJAdESVersion | Specifies JAdES version. |
| SignatureLastArchivalTime | Indicates the most recent archival time of an archived signature This property returns the time of the most recent archival timestamp applied to the signature. |
| SignatureLevel | Specifies the signature kind and level. |
| SignatureObjectType | Specifies signature object content type. |
| SignatureParentSignatureIndex | Returns the index of the parent signature, if applicable. |
| SignaturePolicyHash | The signature policy hash value. |
| SignaturePolicyHashAlgorithm | The algorithm that was used to calculate the signature policy hash Use this property to get or set the hash algorithm used to calculate the signature policy hash. |
| SignaturePolicyID | The policy ID that was included or to be included into the signature. |
| SignaturePolicyURI | The signature policy URI that was included in the signature. |
| SignatureSerialNumber | The serial number of the timestamp. |
| SignatureSignatureBytes | Returns the binary representation of the JSON/JAdES signature. |
| SignatureSignatureValidationResult | The outcome of the cryptographic signature validation. |
| SignatureSignedData | The sigD header parameter in JSON format that was included or to be included into the signature. |
| SignatureSignedDataType | Specifies the type of signed data. |
| SignatureSubjectKeyID | Contains the subject key identifier of the signing certificate. |
| SignatureSubjectRDN | Contains information about the person owning the signing certificate. |
| SignatureTimestamped | Use this property to establish whether the signature contains an embedded timestamp. |
| SignatureValidatedSigningTime | Contains the certified signing time. |
| SignatureValidationLog | Contains the complete log of the certificate validation routine. |
| SocketDNSMode | Selects the DNS resolver to use: the class's (secure) built-in one, or the one provided by the system. |
| SocketDNSPort | Specifies the port number to be used for sending queries to the DNS server. |
| SocketDNSQueryTimeout | The timeout (in milliseconds) for each DNS query. |
| SocketDNSServers | The addresses of DNS servers to use for address resolution, separated by commas or semicolons. |
| SocketDNSTotalTimeout | The timeout (in milliseconds) for the whole resolution process. |
| SocketIncomingSpeedLimit | The maximum number of bytes to read from the socket, per second. |
| SocketLocalAddress | The local network interface to bind the socket to. |
| SocketLocalPort | The local port number to bind the socket to. |
| SocketOutgoingSpeedLimit | The maximum number of bytes to write to the socket, per second. |
| SocketTimeout | The maximum period of waiting, in milliseconds, after which the socket operation is considered unsuccessful. |
| SocketUseIPv6 | Enables or disables IP protocol version 6. |
| TimestampCount | The number of records in the Timestamp arrays. |
| TimestampAccuracy | This property indicates the accuracy of the included time mark, in microseconds. |
| TimestampBytes | Returns the raw timestamp data in DER format. |
| TimestampCertificateIndex | Returns the index of the TSA certificate in the Certificates collection. |
| TimestampChainValidationDetails | The details of a certificate chain validation outcome. |
| TimestampChainValidationResult | The outcome of a certificate chain validation routine. |
| TimestampHashAlgorithm | Returns the timestamp's hash algorithm. |
| TimestampSerialNumber | Returns the timestamp's serial number. |
| TimestampSignatureIndex | Returns the index of the owner signature, if applicable. |
| TimestampTime | The time point incorporated into the timestamp. |
| TimestampTimestampType | Returns the type of the timestamp. |
| TimestampTSAName | This value uniquely identifies the Timestamp Authority (TSA). |
| TimestampValidationLog | Contains the TSA certificate chain validation log. |
| TimestampValidationResult | Contains the timestamp validation outcome. |
| TLSClientCertCount | The number of records in the TLSClientCert arrays. |
| TLSClientCertBytes | Returns the raw certificate data in DER format. |
| TLSClientCertHandle | Allows to get or set a 'handle', a unique identifier of the underlying property object. |
| TLSServerCertCount | The number of records in the TLSServerCert arrays. |
| TLSServerCertBytes | Returns the raw certificate data in DER format. |
| TLSServerCertHandle | Allows to get or set a 'handle', a unique identifier of the underlying property object. |
| TLSAutoValidateCertificates | Specifies whether server-side TLS certificates should be validated automatically using internal validation rules. |
| TLSBaseConfiguration | Selects the base configuration for the TLS settings. |
| TLSCiphersuites | A list of ciphersuites separated with commas or semicolons. |
| TLSECCurves | Defines the elliptic curves to enable. |
| TLSExtensions | Provides access to TLS extensions. |
| TLSForceResumeIfDestinationChanges | Whether to force TLS session resumption when the destination address changes. |
| TLSPreSharedIdentity | Defines the identity used when the PSK (Pre-Shared Key) key-exchange mechanism is negotiated. |
| TLSPreSharedKey | Contains the pre-shared key for the PSK (Pre-Shared Key) key-exchange mechanism, encoded with base16. |
| TLSPreSharedKeyCiphersuite | Defines the ciphersuite used for PSK (Pre-Shared Key) negotiation. |
| TLSRenegotiationAttackPreventionMode | Selects the renegotiation attack prevention mechanism. |
| TLSRevocationCheck | Specifies the kind(s) of revocation check to perform. |
| TLSSSLOptions | Various SSL (TLS) protocol options, set of cssloExpectShutdownMessage 0x001 Wait for the close-notify message when shutting down the connection cssloOpenSSLDTLSWorkaround 0x002 (DEPRECATED) Use a DTLS version workaround when talking to very old OpenSSL versions cssloDisableKexLengthAlignment 0x004 Do not align the client-side PMS by the RSA modulus size. |
| TLSTLSMode | Specifies the TLS mode to use. |
| TLSUseExtendedMasterSecret | Enables the Extended Master Secret Extension, as defined in RFC 7627. |
| TLSUseSessionResumption | Enables or disables the TLS session resumption capability. |
| TLSVersions | The SSL/TLS versions to enable by default. |
| TrustedCertCount | The number of records in the TrustedCert arrays. |
| TrustedCertBytes | Returns the raw certificate data in DER format. |
| TrustedCertHandle | Allows to get or set a 'handle', a unique identifier of the underlying property object. |
| ValidationMoment | The time point at which signature validity is to be established. |
Method List
The following is the full list of the methods of the class with short descriptions. Click on the links for further details.
| Close | Closes an opened JWS/JAdES signature. |
| Config | Sets or retrieves a configuration setting. |
| DoAction | Performs an additional action. |
| Open | Opens a JSON for verifying or removing signatures. |
| Revalidate | Revalidates a signature in accordance with current settings. |
| Unsign | Deletes a signature from the JWS/JAdES signature. |
| Verify | Verifies the JWS/JAdES signature. |
Event List
The following is the full list of the events fired by the class with short descriptions. Click on the links for further details.
| ChainElementDownload | Fires when there is a need to download a chain element from an online source. |
| ChainElementNeeded | Fires when an element required to validate the chain was not located. |
| ChainElementStore | This event is fired when a chain element (certificate, CRL, or OCSP response) should be stored along with a signature. |
| ChainValidated | Reports the completion of a certificate chain validation. |
| ChainValidationProgress | This event is fired multiple times during chain validation to report various stages of the validation procedure. |
| Error | Information about errors during signing. |
| HTTPHeaderFieldNeeded | This event is fired when HTTP header field value is required. |
| Loaded | This event is fired when the JSON has been loaded into memory. |
| Notification | This event notifies the application about an underlying control flow event. |
| ObjectNeeded | This event is fired when object is required. |
| ObjectValidate | This event is fired when object should be verified by user. |
| SignatureFound | Signifies the start of signature validation. |
| SignatureValidated | Marks the completion of the signature validation routine. |
| TimestampFound | Signifies the start of a timestamp validation routine. |
| TimestampValidated | Reports the completion of the timestamp validation routine. |
| TLSCertNeeded | Fires when a remote TLS party requests a client certificate. |
| TLSCertValidate | This event is fired upon receipt of the TLS server's certificate, allowing the user to control its acceptance. |
| TLSEstablished | Fires when a TLS handshake with Host successfully completes. |
| TLSHandshake | Fires when a new TLS handshake is initiated, before the handshake commences. |
| TLSShutdown | Reports the graceful closure of a TLS connection. |
Config Settings
The following is a list of config settings for the class with short descriptions. Click on the links for further details.
| CertThumbprint | Specifies the certificate thumbprint. |
| CertURL | Specifies the certificate URL. |
| DataBase64 | Specifies whether data is Base64-URL-encoded. |
| ForceCompleteChainValidationForTrusted | Whether to continue with the full validation up to the root CA certificate for mid-level trust anchors. |
| IgnoreOCSPNoCheckExtension | Whether the OCSP NoCheck extension should be ignored. |
| IgnoreSystemTrust | Whether trusted Windows Certificate Stores should be treated as trusted. |
| ImplicitlyTrustSelfSignedCertificates | Whether to trust self-signed certificates. |
| KeyId | Specifies Key ID. |
| PolicyDescription | signature policy description. |
| PolicyExplicitText | The explicit text of the user notice. |
| PolicyUNNumbers | The noticeNumbers part of the NoticeReference CAdES attribute. |
| PolicyUNOrganization | The organization part of the NoticeReference qualifier. |
| ProductionPlace | Identifies the place of the signature production. |
| PromoteLongOCSPResponses | Whether long OCSP responses are requested. |
| ProtectedHeader | Specifies the protected header. |
| PSSUsed | Whether RSASSA-PSS mode was used. |
| SignerAttrs | Identifies the signer attributes. |
| SignerCommitments | Identifies the signer commitments. |
| ThumbprintHashAlgorithm | Specifies the thumbprint hash algorithm. |
| TLSChainValidationDetails | Contains the advanced details of the TLS server certificate validation. |
| TLSChainValidationResult | Contains the result of the TLS server certificate validation. |
| TLSClientAuthRequested | Indicates whether the TLS server requests client authentication. |
| TLSValidationLog | Contains the log of the TLS server certificate validation. |
| TolerateMinorChainIssues | Whether to tolerate minor chain issues. |
| UnprotectedHeader | Specifies the unprotected header. |
| UseMicrosoftCTL | Enables or disables the automatic use of the Microsoft online certificate trust list. |
| UseSystemCertificates | Enables or disables the use of the system certificates. |
| CheckKeyIntegrityBeforeUse | Enables or disable private key integrity check before use. |
| CookieCaching | Specifies whether a cookie cache should be used for HTTP(S) transports. |
| Cookies | Gets or sets local cookies for the class. |
| DefDeriveKeyIterations | Specifies the default key derivation algorithm iteration count. |
| EnableClientSideSSLFFDHE | Enables or disables finite field DHE key exchange support in TLS clients. |
| GlobalCookies | Gets or sets global cookies for all the HTTP transports. |
| HttpUserAgent | Specifies the user agent name to be used by all HTTP clients. |
| LogDestination | Specifies the debug log destination. |
| LogDetails | Specifies the debug log details to dump. |
| LogFile | Specifies the debug log filename. |
| LogFilters | Specifies the debug log filters. |
| LogFlushMode | Specifies the log flush mode. |
| LogLevel | Specifies the debug log level. |
| LogMaxEventCount | Specifies the maximum number of events to cache before further action is taken. |
| LogRotationMode | Specifies the log rotation mode. |
| MaxASN1BufferLength | Specifies the maximal allowed length for ASN.1 primitive tag data. |
| MaxASN1TreeDepth | Specifies the maximal depth for processed ASN.1 trees. |
| OCSPHashAlgorithm | Specifies the hash algorithm to be used to identify certificates in OCSP requests. |
| StaticDNS | Specifies whether static DNS rules should be used. |
| StaticIPAddress[domain] | Gets or sets an IP address for the specified domain name. |
| StaticIPAddresses | Gets or sets all the static DNS rules. |
| Tag | Allows to store any custom data. |
| TLSSessionGroup | Specifies the group name of TLS sessions to be used for session resumption. |
| TLSSessionLifetime | Specifies lifetime in seconds of the cached TLS session. |
| TLSSessionPurgeInterval | Specifies how often the session cache should remove the expired TLS sessions. |
| UseOwnDNSResolver | Specifies whether the client classes should use own DNS resolver. |
| UseSharedSystemStorages | Specifies whether the validation engine should use a global per-process copy of the system certificate stores. |
| UseSystemOAEPAndPSS | Enforces or disables the use of system-driven RSA OAEP and PSS computations. |
| UseSystemRandom | Enables or disables the use of the OS PRNG. |
AllSignaturesValid Property (SecureBlackbox_JAdESVerifier Class)
The cumulative validity of all signatures.
Object Oriented Interface
public function getAllSignaturesValid();
Procedural Interface
secureblackbox_jadesverifier_get($res, 1 );
Default Value
false
Remarks
Use this property to check if all the signatures found in the message or document are valid.
This property is read-only and not available at design time.
Data Type
Boolean
AutoValidateSignatures Property (SecureBlackbox_JAdESVerifier Class)
Specifies whether class should validate any present signatures when the JWS/JAdES signature is opened.
Object Oriented Interface
public function getAutoValidateSignatures(); public function setAutoValidateSignatures($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 2 ); secureblackbox_jadesverifier_set($res, 2, $value );
Default Value
true
Remarks
This setting is switched on by default. You can choose to set this property to false in order to validate the signatures manually on a later stage using the Revalidate method.
Data Type
Boolean
BlockedCertCount Property (SecureBlackbox_JAdESVerifier Class)
The number of records in the BlockedCert arrays.
Object Oriented Interface
public function getBlockedCertCount(); public function setBlockedCertCount($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 3 ); secureblackbox_jadesverifier_set($res, 3, $value );
Default Value
0
Remarks
This property controls the size of the following arrays:
The array indices start at 0 and end at BlockedCertCount - 1.This property is not available at design time.
Data Type
Integer
BlockedCertBytes Property (SecureBlackbox_JAdESVerifier Class)
Returns the raw certificate data in DER format.
Object Oriented Interface
public function getBlockedCertBytes($blockedcertindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 4 , $blockedcertindex);
Remarks
Returns the raw certificate data in DER format.
The $blockedcertindex parameter specifies the index of the item in the array. The size of the array is controlled by the BlockedCertCount property.
This property is read-only and not available at design time.
Data Type
Byte Array
BlockedCertHandle Property (SecureBlackbox_JAdESVerifier Class)
Allows to get or set a 'handle', a unique identifier of the underlying property object.
Object Oriented Interface
public function getBlockedCertHandle($blockedcertindex); public function setBlockedCertHandle($blockedcertindex, $value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 11 , $blockedcertindex); secureblackbox_jadesverifier_set($res, 11, $value , $blockedcertindex);
Default Value
0
Remarks
Allows to get or set a 'handle', a unique identifier of the underlying property object. Use this property to assign objects of the same type in a quicker manner, without copying them fieldwise.
When you pass a handle of one object to another, the source object is copied to the destination rather than assigned. It is safe to get rid of the original object
after such operation.
pdfSigner.setSigningCertHandle(certMgr.getCertHandle());
The $blockedcertindex parameter specifies the index of the item in the array. The size of the array is controlled by the BlockedCertCount property.
This property is not available at design time.
Data Type
Long64
CertCount Property (SecureBlackbox_JAdESVerifier Class)
The number of records in the Cert arrays.
Object Oriented Interface
public function getCertCount();
Procedural Interface
secureblackbox_jadesverifier_get($res, 38 );
Default Value
0
Remarks
This property controls the size of the following arrays:
- CertBytes
- CertCA
- CertCAKeyID
- CertCRLDistributionPoints
- CertCurve
- CertFingerprint
- CertFriendlyName
- CertHandle
- CertHashAlgorithm
- CertIssuer
- CertIssuerRDN
- CertKeyAlgorithm
- CertKeyBits
- CertKeyFingerprint
- CertKeyUsage
- CertKeyValid
- CertOCSPLocations
- CertPolicyIDs
- CertPublicKeyBytes
- CertSelfSigned
- CertSerialNumber
- CertSigAlgorithm
- CertSubject
- CertSubjectKeyID
- CertSubjectRDN
- CertValidFrom
- CertValidTo
This property is read-only and not available at design time.
Data Type
Integer
CertBytes Property (SecureBlackbox_JAdESVerifier Class)
Returns the raw certificate data in DER format.
Object Oriented Interface
public function getCertBytes($certindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 39 , $certindex);
Remarks
Returns the raw certificate data in DER format.
The $certindex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.
This property is read-only and not available at design time.
Data Type
Byte Array
CertCA Property (SecureBlackbox_JAdESVerifier Class)
Indicates whether the certificate has a CA capability (a setting in the BasicConstraints extension).
Object Oriented Interface
public function getCertCA($certindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 40 , $certindex);
Default Value
false
Remarks
Indicates whether the certificate has a CA capability (a setting in the BasicConstraints extension).
The $certindex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.
This property is read-only and not available at design time.
Data Type
Boolean
CertCAKeyID Property (SecureBlackbox_JAdESVerifier Class)
A unique identifier (fingerprint) of the CA certificate's private key.
Object Oriented Interface
public function getCertCAKeyID($certindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 41 , $certindex);
Remarks
A unique identifier (fingerprint) of the CA certificate's private key.
Authority Key Identifier is a (non-critical) X.509 certificate extension which allows the identification of certificates produced by the same issuer, but with different public keys.
The $certindex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.
This property is read-only and not available at design time.
Data Type
Byte Array
CertCRLDistributionPoints Property (SecureBlackbox_JAdESVerifier Class)
Locations of the CRL (Certificate Revocation List) distribution points used to check this certificate's validity.
Object Oriented Interface
public function getCertCRLDistributionPoints($certindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 42 , $certindex);
Default Value
''
Remarks
Locations of the CRL (Certificate Revocation List) distribution points used to check this certificate's validity.
The $certindex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.
This property is read-only and not available at design time.
Data Type
String
CertCurve Property (SecureBlackbox_JAdESVerifier Class)
Specifies the elliptic curve of the EC public key.
Object Oriented Interface
public function getCertCurve($certindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 43 , $certindex);
Default Value
''
Remarks
Specifies the elliptic curve of the EC public key.
| SB_EC_SECP112R1 | SECP112R1 | |
| SB_EC_SECP112R2 | SECP112R2 | |
| SB_EC_SECP128R1 | SECP128R1 | |
| SB_EC_SECP128R2 | SECP128R2 | |
| SB_EC_SECP160K1 | SECP160K1 | |
| SB_EC_SECP160R1 | SECP160R1 | |
| SB_EC_SECP160R2 | SECP160R2 | |
| SB_EC_SECP192K1 | SECP192K1 | |
| SB_EC_SECP192R1 | SECP192R1 | |
| SB_EC_SECP224K1 | SECP224K1 | |
| SB_EC_SECP224R1 | SECP224R1 | |
| SB_EC_SECP256K1 | SECP256K1 | |
| SB_EC_SECP256R1 | SECP256R1 | |
| SB_EC_SECP384R1 | SECP384R1 | |
| SB_EC_SECP521R1 | SECP521R1 | |
| SB_EC_SECT113R1 | SECT113R1 | |
| SB_EC_SECT113R2 | SECT113R2 | |
| SB_EC_SECT131R1 | SECT131R1 | |
| SB_EC_SECT131R2 | SECT131R2 | |
| SB_EC_SECT163K1 | SECT163K1 | |
| SB_EC_SECT163R1 | SECT163R1 | |
| SB_EC_SECT163R2 | SECT163R2 | |
| SB_EC_SECT193R1 | SECT193R1 | |
| SB_EC_SECT193R2 | SECT193R2 | |
| SB_EC_SECT233K1 | SECT233K1 | |
| SB_EC_SECT233R1 | SECT233R1 | |
| SB_EC_SECT239K1 | SECT239K1 | |
| SB_EC_SECT283K1 | SECT283K1 | |
| SB_EC_SECT283R1 | SECT283R1 | |
| SB_EC_SECT409K1 | SECT409K1 | |
| SB_EC_SECT409R1 | SECT409R1 | |
| SB_EC_SECT571K1 | SECT571K1 | |
| SB_EC_SECT571R1 | SECT571R1 | |
| SB_EC_PRIME192V1 | PRIME192V1 | |
| SB_EC_PRIME192V2 | PRIME192V2 | |
| SB_EC_PRIME192V3 | PRIME192V3 | |
| SB_EC_PRIME239V1 | PRIME239V1 | |
| SB_EC_PRIME239V2 | PRIME239V2 | |
| SB_EC_PRIME239V3 | PRIME239V3 | |
| SB_EC_PRIME256V1 | PRIME256V1 | |
| SB_EC_C2PNB163V1 | C2PNB163V1 | |
| SB_EC_C2PNB163V2 | C2PNB163V2 | |
| SB_EC_C2PNB163V3 | C2PNB163V3 | |
| SB_EC_C2PNB176W1 | C2PNB176W1 | |
| SB_EC_C2TNB191V1 | C2TNB191V1 | |
| SB_EC_C2TNB191V2 | C2TNB191V2 | |
| SB_EC_C2TNB191V3 | C2TNB191V3 | |
| SB_EC_C2ONB191V4 | C2ONB191V4 | |
| SB_EC_C2ONB191V5 | C2ONB191V5 | |
| SB_EC_C2PNB208W1 | C2PNB208W1 | |
| SB_EC_C2TNB239V1 | C2TNB239V1 | |
| SB_EC_C2TNB239V2 | C2TNB239V2 | |
| SB_EC_C2TNB239V3 | C2TNB239V3 | |
| SB_EC_C2ONB239V4 | C2ONB239V4 | |
| SB_EC_C2ONB239V5 | C2ONB239V5 | |
| SB_EC_C2PNB272W1 | C2PNB272W1 | |
| SB_EC_C2PNB304W1 | C2PNB304W1 | |
| SB_EC_C2TNB359V1 | C2TNB359V1 | |
| SB_EC_C2PNB368W1 | C2PNB368W1 | |
| SB_EC_C2TNB431R1 | C2TNB431R1 | |
| SB_EC_NISTP192 | NISTP192 | |
| SB_EC_NISTP224 | NISTP224 | |
| SB_EC_NISTP256 | NISTP256 | |
| SB_EC_NISTP384 | NISTP384 | |
| SB_EC_NISTP521 | NISTP521 | |
| SB_EC_NISTB163 | NISTB163 | |
| SB_EC_NISTB233 | NISTB233 | |
| SB_EC_NISTB283 | NISTB283 | |
| SB_EC_NISTB409 | NISTB409 | |
| SB_EC_NISTB571 | NISTB571 | |
| SB_EC_NISTK163 | NISTK163 | |
| SB_EC_NISTK233 | NISTK233 | |
| SB_EC_NISTK283 | NISTK283 | |
| SB_EC_NISTK409 | NISTK409 | |
| SB_EC_NISTK571 | NISTK571 | |
| SB_EC_GOSTCPTEST | GOSTCPTEST | |
| SB_EC_GOSTCPA | GOSTCPA | |
| SB_EC_GOSTCPB | GOSTCPB | |
| SB_EC_GOSTCPC | GOSTCPC | |
| SB_EC_GOSTCPXCHA | GOSTCPXCHA | |
| SB_EC_GOSTCPXCHB | GOSTCPXCHB | |
| SB_EC_BRAINPOOLP160R1 | BRAINPOOLP160R1 | |
| SB_EC_BRAINPOOLP160T1 | BRAINPOOLP160T1 | |
| SB_EC_BRAINPOOLP192R1 | BRAINPOOLP192R1 | |
| SB_EC_BRAINPOOLP192T1 | BRAINPOOLP192T1 | |
| SB_EC_BRAINPOOLP224R1 | BRAINPOOLP224R1 | |
| SB_EC_BRAINPOOLP224T1 | BRAINPOOLP224T1 | |
| SB_EC_BRAINPOOLP256R1 | BRAINPOOLP256R1 | |
| SB_EC_BRAINPOOLP256T1 | BRAINPOOLP256T1 | |
| SB_EC_BRAINPOOLP320R1 | BRAINPOOLP320R1 | |
| SB_EC_BRAINPOOLP320T1 | BRAINPOOLP320T1 | |
| SB_EC_BRAINPOOLP384R1 | BRAINPOOLP384R1 | |
| SB_EC_BRAINPOOLP384T1 | BRAINPOOLP384T1 | |
| SB_EC_BRAINPOOLP512R1 | BRAINPOOLP512R1 | |
| SB_EC_BRAINPOOLP512T1 | BRAINPOOLP512T1 | |
| SB_EC_CURVE25519 | CURVE25519 | |
| SB_EC_CURVE448 | CURVE448 |
The $certindex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.
This property is read-only and not available at design time.
Data Type
String
CertFingerprint Property (SecureBlackbox_JAdESVerifier Class)
Contains the fingerprint (a hash imprint) of this certificate.
Object Oriented Interface
public function getCertFingerprint($certindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 44 , $certindex);
Remarks
Contains the fingerprint (a hash imprint) of this certificate.
The $certindex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.
This property is read-only and not available at design time.
Data Type
Byte Array
CertFriendlyName Property (SecureBlackbox_JAdESVerifier Class)
Contains an associated alias (friendly name) of the certificate.
Object Oriented Interface
public function getCertFriendlyName($certindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 45 , $certindex);
Default Value
''
Remarks
Contains an associated alias (friendly name) of the certificate.
The $certindex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.
This property is read-only and not available at design time.
Data Type
String
CertHandle Property (SecureBlackbox_JAdESVerifier Class)
Allows to get or set a 'handle', a unique identifier of the underlying property object.
Object Oriented Interface
public function getCertHandle($certindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 46 , $certindex);
Default Value
0
Remarks
Allows to get or set a 'handle', a unique identifier of the underlying property object. Use this property to assign objects of the same type in a quicker manner, without copying them fieldwise.
When you pass a handle of one object to another, the source object is copied to the destination rather than assigned. It is safe to get rid of the original object
after such operation.
pdfSigner.setSigningCertHandle(certMgr.getCertHandle());
The $certindex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.
This property is read-only and not available at design time.
Data Type
Long64
CertHashAlgorithm Property (SecureBlackbox_JAdESVerifier Class)
Specifies the hash algorithm to be used in the operations on the certificate (such as key signing) SB_HASH_ALGORITHM_SHA1 SHA1 SB_HASH_ALGORITHM_SHA224 SHA224 SB_HASH_ALGORITHM_SHA256 SHA256 SB_HASH_ALGORITHM_SHA384 SHA384 SB_HASH_ALGORITHM_SHA512 SHA512 SB_HASH_ALGORITHM_MD2 MD2 SB_HASH_ALGORITHM_MD4 MD4 SB_HASH_ALGORITHM_MD5 MD5 SB_HASH_ALGORITHM_RIPEMD160 RIPEMD160 SB_HASH_ALGORITHM_CRC32 CRC32 SB_HASH_ALGORITHM_SSL3 SSL3 SB_HASH_ALGORITHM_GOST_R3411_1994 GOST1994 SB_HASH_ALGORITHM_WHIRLPOOL WHIRLPOOL SB_HASH_ALGORITHM_POLY1305 POLY1305 SB_HASH_ALGORITHM_SHA3_224 SHA3_224 SB_HASH_ALGORITHM_SHA3_256 SHA3_256 SB_HASH_ALGORITHM_SHA3_384 SHA3_384 SB_HASH_ALGORITHM_SHA3_512 SHA3_512 SB_HASH_ALGORITHM_BLAKE2S_128 BLAKE2S_128 SB_HASH_ALGORITHM_BLAKE2S_160 BLAKE2S_160 SB_HASH_ALGORITHM_BLAKE2S_224 BLAKE2S_224 SB_HASH_ALGORITHM_BLAKE2S_256 BLAKE2S_256 SB_HASH_ALGORITHM_BLAKE2B_160 BLAKE2B_160 SB_HASH_ALGORITHM_BLAKE2B_256 BLAKE2B_256 SB_HASH_ALGORITHM_BLAKE2B_384 BLAKE2B_384 SB_HASH_ALGORITHM_BLAKE2B_512 BLAKE2B_512 SB_HASH_ALGORITHM_SHAKE_128 SHAKE_128 SB_HASH_ALGORITHM_SHAKE_256 SHAKE_256 SB_HASH_ALGORITHM_SHAKE_128_LEN SHAKE_128_LEN SB_HASH_ALGORITHM_SHAKE_256_LEN SHAKE_256_LEN .
Object Oriented Interface
public function getCertHashAlgorithm($certindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 47 , $certindex);
Default Value
''
Remarks
Specifies the hash algorithm to be used in the operations on the certificate (such as key signing)
| SB_HASH_ALGORITHM_SHA1 | SHA1 | |
| SB_HASH_ALGORITHM_SHA224 | SHA224 | |
| SB_HASH_ALGORITHM_SHA256 | SHA256 | |
| SB_HASH_ALGORITHM_SHA384 | SHA384 | |
| SB_HASH_ALGORITHM_SHA512 | SHA512 | |
| SB_HASH_ALGORITHM_MD2 | MD2 | |
| SB_HASH_ALGORITHM_MD4 | MD4 | |
| SB_HASH_ALGORITHM_MD5 | MD5 | |
| SB_HASH_ALGORITHM_RIPEMD160 | RIPEMD160 | |
| SB_HASH_ALGORITHM_CRC32 | CRC32 | |
| SB_HASH_ALGORITHM_SSL3 | SSL3 | |
| SB_HASH_ALGORITHM_GOST_R3411_1994 | GOST1994 | |
| SB_HASH_ALGORITHM_WHIRLPOOL | WHIRLPOOL | |
| SB_HASH_ALGORITHM_POLY1305 | POLY1305 | |
| SB_HASH_ALGORITHM_SHA3_224 | SHA3_224 | |
| SB_HASH_ALGORITHM_SHA3_256 | SHA3_256 | |
| SB_HASH_ALGORITHM_SHA3_384 | SHA3_384 | |
| SB_HASH_ALGORITHM_SHA3_512 | SHA3_512 | |
| SB_HASH_ALGORITHM_BLAKE2S_128 | BLAKE2S_128 | |
| SB_HASH_ALGORITHM_BLAKE2S_160 | BLAKE2S_160 | |
| SB_HASH_ALGORITHM_BLAKE2S_224 | BLAKE2S_224 | |
| SB_HASH_ALGORITHM_BLAKE2S_256 | BLAKE2S_256 | |
| SB_HASH_ALGORITHM_BLAKE2B_160 | BLAKE2B_160 | |
| SB_HASH_ALGORITHM_BLAKE2B_256 | BLAKE2B_256 | |
| SB_HASH_ALGORITHM_BLAKE2B_384 | BLAKE2B_384 | |
| SB_HASH_ALGORITHM_BLAKE2B_512 | BLAKE2B_512 | |
| SB_HASH_ALGORITHM_SHAKE_128 | SHAKE_128 | |
| SB_HASH_ALGORITHM_SHAKE_256 | SHAKE_256 | |
| SB_HASH_ALGORITHM_SHAKE_128_LEN | SHAKE_128_LEN | |
| SB_HASH_ALGORITHM_SHAKE_256_LEN | SHAKE_256_LEN |
The $certindex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.
This property is read-only and not available at design time.
Data Type
String
CertIssuer Property (SecureBlackbox_JAdESVerifier Class)
The common name of the certificate issuer (CA), typically a company name.
Object Oriented Interface
public function getCertIssuer($certindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 48 , $certindex);
Default Value
''
Remarks
The common name of the certificate issuer (CA), typically a company name.
The $certindex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.
This property is read-only and not available at design time.
Data Type
String
CertIssuerRDN Property (SecureBlackbox_JAdESVerifier Class)
A collection of information, in the form of [OID, Value] pairs, uniquely identifying the certificate issuer.
Object Oriented Interface
public function getCertIssuerRDN($certindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 49 , $certindex);
Default Value
''
Remarks
A collection of information, in the form of [OID, Value] pairs, uniquely identifying the certificate issuer.
The $certindex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.
This property is read-only and not available at design time.
Data Type
String
CertKeyAlgorithm Property (SecureBlackbox_JAdESVerifier Class)
Specifies the public key algorithm of this certificate.
Object Oriented Interface
public function getCertKeyAlgorithm($certindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 50 , $certindex);
Default Value
'0'
Remarks
Specifies the public key algorithm of this certificate.
| SB_CERT_ALGORITHM_ID_RSA_ENCRYPTION | rsaEncryption | |
| SB_CERT_ALGORITHM_MD2_RSA_ENCRYPTION | md2withRSAEncryption | |
| SB_CERT_ALGORITHM_MD5_RSA_ENCRYPTION | md5withRSAEncryption | |
| SB_CERT_ALGORITHM_SHA1_RSA_ENCRYPTION | sha1withRSAEncryption | |
| SB_CERT_ALGORITHM_ID_DSA | id-dsa | |
| SB_CERT_ALGORITHM_ID_DSA_SHA1 | id-dsa-with-sha1 | |
| SB_CERT_ALGORITHM_DH_PUBLIC | dhpublicnumber | |
| SB_CERT_ALGORITHM_SHA224_RSA_ENCRYPTION | sha224WithRSAEncryption | |
| SB_CERT_ALGORITHM_SHA256_RSA_ENCRYPTION | sha256WithRSAEncryption | |
| SB_CERT_ALGORITHM_SHA384_RSA_ENCRYPTION | sha384WithRSAEncryption | |
| SB_CERT_ALGORITHM_SHA512_RSA_ENCRYPTION | sha512WithRSAEncryption | |
| SB_CERT_ALGORITHM_ID_RSAPSS | id-RSASSA-PSS | |
| SB_CERT_ALGORITHM_ID_RSAOAEP | id-RSAES-OAEP | |
| SB_CERT_ALGORITHM_RSASIGNATURE_RIPEMD160 | ripemd160withRSA | |
| SB_CERT_ALGORITHM_ID_ELGAMAL | elGamal | |
| SB_CERT_ALGORITHM_SHA1_ECDSA | ecdsa-with-SHA1 | |
| SB_CERT_ALGORITHM_RECOMMENDED_ECDSA | ecdsa-recommended | |
| SB_CERT_ALGORITHM_SHA224_ECDSA | ecdsa-with-SHA224 | |
| SB_CERT_ALGORITHM_SHA256_ECDSA | ecdsa-with-SHA256 | |
| SB_CERT_ALGORITHM_SHA384_ECDSA | ecdsa-with-SHA384 | |
| SB_CERT_ALGORITHM_SHA512_ECDSA | ecdsa-with-SHA512 | |
| SB_CERT_ALGORITHM_EC | id-ecPublicKey | |
| SB_CERT_ALGORITHM_SPECIFIED_ECDSA | ecdsa-specified | |
| SB_CERT_ALGORITHM_GOST_R3410_1994 | id-GostR3410-94 | |
| SB_CERT_ALGORITHM_GOST_R3410_2001 | id-GostR3410-2001 | |
| SB_CERT_ALGORITHM_GOST_R3411_WITH_R3410_1994 | id-GostR3411-94-with-GostR3410-94 | |
| SB_CERT_ALGORITHM_GOST_R3411_WITH_R3410_2001 | id-GostR3411-94-with-GostR3410-2001 | |
| SB_CERT_ALGORITHM_SHA1_ECDSA_PLAIN | ecdsa-plain-SHA1 | |
| SB_CERT_ALGORITHM_SHA224_ECDSA_PLAIN | ecdsa-plain-SHA224 | |
| SB_CERT_ALGORITHM_SHA256_ECDSA_PLAIN | ecdsa-plain-SHA256 | |
| SB_CERT_ALGORITHM_SHA384_ECDSA_PLAIN | ecdsa-plain-SHA384 | |
| SB_CERT_ALGORITHM_SHA512_ECDSA_PLAIN | ecdsa-plain-SHA512 | |
| SB_CERT_ALGORITHM_RIPEMD160_ECDSA_PLAIN | ecdsa-plain-RIPEMD160 | |
| SB_CERT_ALGORITHM_WHIRLPOOL_RSA_ENCRYPTION | whirlpoolWithRSAEncryption | |
| SB_CERT_ALGORITHM_ID_DSA_SHA224 | id-dsa-with-sha224 | |
| SB_CERT_ALGORITHM_ID_DSA_SHA256 | id-dsa-with-sha256 | |
| SB_CERT_ALGORITHM_SHA3_224_RSA_ENCRYPTION | id-rsassa-pkcs1-v1_5-with-sha3-224 | |
| SB_CERT_ALGORITHM_SHA3_256_RSA_ENCRYPTION | id-rsassa-pkcs1-v1_5-with-sha3-256 | |
| SB_CERT_ALGORITHM_SHA3_384_RSA_ENCRYPTION | id-rsassa-pkcs1-v1_5-with-sha3-384 | |
| SB_CERT_ALGORITHM_SHA3_512_RSA_ENCRYPTION | id-rsassa-pkcs1-v1_5-with-sha3-512 | |
| SB_CERT_ALGORITHM_SHA3_224_ECDSA | id-ecdsa-with-sha3-224 | |
| SB_CERT_ALGORITHM_SHA3_256_ECDSA | id-ecdsa-with-sha3-256 | |
| SB_CERT_ALGORITHM_SHA3_384_ECDSA | id-ecdsa-with-sha3-384 | |
| SB_CERT_ALGORITHM_SHA3_512_ECDSA | id-ecdsa-with-sha3-512 | |
| SB_CERT_ALGORITHM_SHA3_224_ECDSA_PLAIN | id-ecdsa-plain-with-sha3-224 | |
| SB_CERT_ALGORITHM_SHA3_256_ECDSA_PLAIN | id-ecdsa-plain-with-sha3-256 | |
| SB_CERT_ALGORITHM_SHA3_384_ECDSA_PLAIN | id-ecdsa-plain-with-sha3-384 | |
| SB_CERT_ALGORITHM_SHA3_512_ECDSA_PLAIN | id-ecdsa-plain-with-sha3-512 | |
| SB_CERT_ALGORITHM_ID_DSA_SHA3_224 | id-dsa-with-sha3-224 | |
| SB_CERT_ALGORITHM_ID_DSA_SHA3_256 | id-dsa-with-sha3-256 | |
| SB_CERT_ALGORITHM_BLAKE2S_128_RSA_ENCRYPTION | id-rsassa-pkcs1-v1_5-with-blake2s128 | |
| SB_CERT_ALGORITHM_BLAKE2S_160_RSA_ENCRYPTION | id-rsassa-pkcs1-v1_5-with-blake2s160 | |
| SB_CERT_ALGORITHM_BLAKE2S_224_RSA_ENCRYPTION | id-rsassa-pkcs1-v1_5-with-blake2s224 | |
| SB_CERT_ALGORITHM_BLAKE2S_256_RSA_ENCRYPTION | id-rsassa-pkcs1-v1_5-with-blake2s256 | |
| SB_CERT_ALGORITHM_BLAKE2B_160_RSA_ENCRYPTION | id-rsassa-pkcs1-v1_5-with-blake2b160 | |
| SB_CERT_ALGORITHM_BLAKE2B_256_RSA_ENCRYPTION | id-rsassa-pkcs1-v1_5-with-blake2b256 | |
| SB_CERT_ALGORITHM_BLAKE2B_384_RSA_ENCRYPTION | id-rsassa-pkcs1-v1_5-with-blake2b384 | |
| SB_CERT_ALGORITHM_BLAKE2B_512_RSA_ENCRYPTION | id-rsassa-pkcs1-v1_5-with-blake2b512 | |
| SB_CERT_ALGORITHM_BLAKE2S_128_ECDSA | id-ecdsa-with-blake2s128 | |
| SB_CERT_ALGORITHM_BLAKE2S_160_ECDSA | id-ecdsa-with-blake2s160 | |
| SB_CERT_ALGORITHM_BLAKE2S_224_ECDSA | id-ecdsa-with-blake2s224 | |
| SB_CERT_ALGORITHM_BLAKE2S_256_ECDSA | id-ecdsa-with-blake2s256 | |
| SB_CERT_ALGORITHM_BLAKE2B_160_ECDSA | id-ecdsa-with-blake2b160 | |
| SB_CERT_ALGORITHM_BLAKE2B_256_ECDSA | id-ecdsa-with-blake2b256 | |
| SB_CERT_ALGORITHM_BLAKE2B_384_ECDSA | id-ecdsa-with-blake2b384 | |
| SB_CERT_ALGORITHM_BLAKE2B_512_ECDSA | id-ecdsa-with-blake2b512 | |
| SB_CERT_ALGORITHM_BLAKE2S_128_ECDSA_PLAIN | id-ecdsa-plain-with-blake2s128 | |
| SB_CERT_ALGORITHM_BLAKE2S_160_ECDSA_PLAIN | id-ecdsa-plain-with-blake2s160 | |
| SB_CERT_ALGORITHM_BLAKE2S_224_ECDSA_PLAIN | id-ecdsa-plain-with-blake2s224 | |
| SB_CERT_ALGORITHM_BLAKE2S_256_ECDSA_PLAIN | id-ecdsa-plain-with-blake2s256 | |
| SB_CERT_ALGORITHM_BLAKE2B_160_ECDSA_PLAIN | id-ecdsa-plain-with-blake2b160 | |
| SB_CERT_ALGORITHM_BLAKE2B_256_ECDSA_PLAIN | id-ecdsa-plain-with-blake2b256 | |
| SB_CERT_ALGORITHM_BLAKE2B_384_ECDSA_PLAIN | id-ecdsa-plain-with-blake2b384 | |
| SB_CERT_ALGORITHM_BLAKE2B_512_ECDSA_PLAIN | id-ecdsa-plain-with-blake2b512 | |
| SB_CERT_ALGORITHM_ID_DSA_BLAKE2S_224 | id-dsa-with-blake2s224 | |
| SB_CERT_ALGORITHM_ID_DSA_BLAKE2S_256 | id-dsa-with-blake2s256 | |
| SB_CERT_ALGORITHM_EDDSA_ED25519 | id-Ed25519 | |
| SB_CERT_ALGORITHM_EDDSA_ED448 | id-Ed448 | |
| SB_CERT_ALGORITHM_EDDSA_ED25519_PH | id-Ed25519ph | |
| SB_CERT_ALGORITHM_EDDSA_ED448_PH | id-Ed448ph | |
| SB_CERT_ALGORITHM_EDDSA | id-EdDSA | |
| SB_CERT_ALGORITHM_EDDSA_SIGNATURE | id-EdDSA-sig |
The $certindex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.
This property is read-only and not available at design time.
Data Type
String
CertKeyBits Property (SecureBlackbox_JAdESVerifier Class)
Returns the length of the public key.
Object Oriented Interface
public function getCertKeyBits($certindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 51 , $certindex);
Default Value
0
Remarks
Returns the length of the public key.
The $certindex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.
This property is read-only and not available at design time.
Data Type
Integer
CertKeyFingerprint Property (SecureBlackbox_JAdESVerifier Class)
Returns a fingerprint of the public key contained in the certificate.
Object Oriented Interface
public function getCertKeyFingerprint($certindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 52 , $certindex);
Remarks
Returns a fingerprint of the public key contained in the certificate.
The $certindex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.
This property is read-only and not available at design time.
Data Type
Byte Array
CertKeyUsage Property (SecureBlackbox_JAdESVerifier Class)
Indicates the purposes of the key contained in the certificate, in the form of an OR'ed flag set.
Object Oriented Interface
public function getCertKeyUsage($certindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 53 , $certindex);
Default Value
0
Remarks
Indicates the purposes of the key contained in the certificate, in the form of an OR'ed flag set.
This value is a bit mask of the following values:
| ckuUnknown | 0x00000 | Unknown key usage |
| ckuDigitalSignature | 0x00001 | Digital signature |
| ckuNonRepudiation | 0x00002 | Non-repudiation |
| ckuKeyEncipherment | 0x00004 | Key encipherment |
| ckuDataEncipherment | 0x00008 | Data encipherment |
| ckuKeyAgreement | 0x00010 | Key agreement |
| ckuKeyCertSign | 0x00020 | Certificate signing |
| ckuCRLSign | 0x00040 | Revocation signing |
| ckuEncipherOnly | 0x00080 | Encipher only |
| ckuDecipherOnly | 0x00100 | Decipher only |
| ckuServerAuthentication | 0x00200 | Server authentication |
| ckuClientAuthentication | 0x00400 | Client authentication |
| ckuCodeSigning | 0x00800 | Code signing |
| ckuEmailProtection | 0x01000 | Email protection |
| ckuTimeStamping | 0x02000 | Timestamping |
| ckuOCSPSigning | 0x04000 | OCSP signing |
| ckuSmartCardLogon | 0x08000 | Smartcard logon |
| ckuKeyPurposeClientAuth | 0x10000 | Kerberos - client authentication |
| ckuKeyPurposeKDC | 0x20000 | Kerberos - KDC |
The $certindex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.
This property is read-only and not available at design time.
Data Type
Integer
CertKeyValid Property (SecureBlackbox_JAdESVerifier Class)
Returns True if the certificate's key is cryptographically valid, and False otherwise.
Object Oriented Interface
public function getCertKeyValid($certindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 54 , $certindex);
Default Value
false
Remarks
Returns True if the certificate's key is cryptographically valid, and False otherwise.
The $certindex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.
This property is read-only and not available at design time.
Data Type
Boolean
CertOCSPLocations Property (SecureBlackbox_JAdESVerifier Class)
Locations of OCSP (Online Certificate Status Protocol) services that can be used to check this certificate's validity, as recorded by the CA.
Object Oriented Interface
public function getCertOCSPLocations($certindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 55 , $certindex);
Default Value
''
Remarks
Locations of OCSP (Online Certificate Status Protocol) services that can be used to check this certificate's validity, as recorded by the CA.
The $certindex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.
This property is read-only and not available at design time.
Data Type
String
CertPolicyIDs Property (SecureBlackbox_JAdESVerifier Class)
Contains identifiers (OIDs) of the applicable certificate policies.
Object Oriented Interface
public function getCertPolicyIDs($certindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 58 , $certindex);
Default Value
''
Remarks
Contains identifiers (OIDs) of the applicable certificate policies.
The Certificate Policies extension identifies a sequence of policies under which the certificate has been issued, and which regulate its usage.
The $certindex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.
This property is read-only and not available at design time.
Data Type
String
CertPublicKeyBytes Property (SecureBlackbox_JAdESVerifier Class)
Contains the certificate's public key in DER format.
Object Oriented Interface
public function getCertPublicKeyBytes($certindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 62 , $certindex);
Remarks
Contains the certificate's public key in DER format.
The $certindex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.
This property is read-only and not available at design time.
Data Type
Byte Array
CertSelfSigned Property (SecureBlackbox_JAdESVerifier Class)
Indicates whether the certificate is self-signed (root) or signed by an external CA.
Object Oriented Interface
public function getCertSelfSigned($certindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 64 , $certindex);
Default Value
false
Remarks
Indicates whether the certificate is self-signed (root) or signed by an external CA.
The $certindex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.
This property is read-only and not available at design time.
Data Type
Boolean
CertSerialNumber Property (SecureBlackbox_JAdESVerifier Class)
Returns the certificate's serial number.
Object Oriented Interface
public function getCertSerialNumber($certindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 65 , $certindex);
Remarks
Returns the certificate's serial number.
The $certindex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.
This property is read-only and not available at design time.
Data Type
Byte Array
CertSigAlgorithm Property (SecureBlackbox_JAdESVerifier Class)
Indicates the algorithm that was used by the CA to sign this certificate.
Object Oriented Interface
public function getCertSigAlgorithm($certindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 66 , $certindex);
Default Value
''
Remarks
Indicates the algorithm that was used by the CA to sign this certificate.
The $certindex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.
This property is read-only and not available at design time.
Data Type
String
CertSubject Property (SecureBlackbox_JAdESVerifier Class)
The common name of the certificate holder, typically an individual's name, a URL, an e-mail address, or a company name.
Object Oriented Interface
public function getCertSubject($certindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 67 , $certindex);
Default Value
''
Remarks
The common name of the certificate holder, typically an individual's name, a URL, an e-mail address, or a company name.
The $certindex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.
This property is read-only and not available at design time.
Data Type
String
CertSubjectKeyID Property (SecureBlackbox_JAdESVerifier Class)
Contains a unique identifier (fingerprint) of the certificate's private key.
Object Oriented Interface
public function getCertSubjectKeyID($certindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 69 , $certindex);
Remarks
Contains a unique identifier (fingerprint) of the certificate's private key.
Subject Key Identifier is a (non-critical) X.509 certificate extension which allows the identification of certificates containing a particular public key. In SecureBlackbox, the unique identifier is represented with a SHA1 hash of the bit string of the subject public key.
The $certindex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.
This property is read-only and not available at design time.
Data Type
Byte Array
CertSubjectRDN Property (SecureBlackbox_JAdESVerifier Class)
A collection of information, in the form of [OID, Value] pairs, uniquely identifying the certificate holder (subject).
Object Oriented Interface
public function getCertSubjectRDN($certindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 70 , $certindex);
Default Value
''
Remarks
A collection of information, in the form of [OID, Value] pairs, uniquely identifying the certificate holder (subject).
The $certindex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.
This property is read-only and not available at design time.
Data Type
String
CertValidFrom Property (SecureBlackbox_JAdESVerifier Class)
The time point at which the certificate becomes valid, in UTC.
Object Oriented Interface
public function getCertValidFrom($certindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 71 , $certindex);
Default Value
''
Remarks
The time point at which the certificate becomes valid, in UTC.
The $certindex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.
This property is read-only and not available at design time.
Data Type
String
CertValidTo Property (SecureBlackbox_JAdESVerifier Class)
The time point at which the certificate expires, in UTC.
Object Oriented Interface
public function getCertValidTo($certindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 72 , $certindex);
Default Value
''
Remarks
The time point at which the certificate expires, in UTC.
The $certindex parameter specifies the index of the item in the array. The size of the array is controlled by the CertCount property.
This property is read-only and not available at design time.
Data Type
String
CompactForm Property (SecureBlackbox_JAdESVerifier Class)
Specifies if the JWS compact serialization to be used.
Object Oriented Interface
public function getCompactForm(); public function setCompactForm($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 73 ); secureblackbox_jadesverifier_set($res, 73, $value );
Default Value
false
Remarks
When this property is set to "true" value, the JAdES component will use the JWS compact serialization format when saving a signature.
The JWS compact serialization format is a compact, Url safe representation of a JWS (JSON Web Signature) or JWE (JSON Web Encryption) object, used for transmitting security tokens.
The JWS compact serialization format supports only one signature without unprotected header (only JWS or JAdES BaselineB signature).
Data Type
Boolean
ContentType Property (SecureBlackbox_JAdESVerifier Class)
Specifies payload content type.
Object Oriented Interface
public function getContentType();
Procedural Interface
secureblackbox_jadesverifier_get($res, 74 );
Default Value
''
Remarks
Use this property to read the content type of the payload.
This property is read-only and not available at design time.
Data Type
String
CRLCount Property (SecureBlackbox_JAdESVerifier Class)
The number of records in the CRL arrays.
Object Oriented Interface
public function getCRLCount();
Procedural Interface
secureblackbox_jadesverifier_get($res, 75 );
Default Value
0
Remarks
This property controls the size of the following arrays:
The array indices start at 0 and end at CRLCount - 1.This property is read-only and not available at design time.
Data Type
Integer
CRLBytes Property (SecureBlackbox_JAdESVerifier Class)
Returns the raw CRL data in DER format.
Object Oriented Interface
public function getCRLBytes($crlindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 76 , $crlindex);
Remarks
Returns the raw CRL data in DER format.
The $crlindex parameter specifies the index of the item in the array. The size of the array is controlled by the CRLCount property.
This property is read-only and not available at design time.
Data Type
Byte Array
CRLHandle Property (SecureBlackbox_JAdESVerifier Class)
Allows to get or set a 'handle', a unique identifier of the underlying property object.
Object Oriented Interface
public function getCRLHandle($crlindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 79 , $crlindex);
Default Value
0
Remarks
Allows to get or set a 'handle', a unique identifier of the underlying property object. Use this property to assign objects of the same type in a quicker manner, without copying them fieldwise.
When you pass a handle of one object to another, the source object is copied to the destination rather than assigned. It is safe to get rid of the original object
after such operation.
pdfSigner.setSigningCertHandle(certMgr.getCertHandle());
The $crlindex parameter specifies the index of the item in the array. The size of the array is controlled by the CRLCount property.
This property is read-only and not available at design time.
Data Type
Long64
CRLIssuer Property (SecureBlackbox_JAdESVerifier Class)
The common name of the CRL issuer (CA), typically a company name.
Object Oriented Interface
public function getCRLIssuer($crlindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 80 , $crlindex);
Default Value
''
Remarks
The common name of the CRL issuer (CA), typically a company name.
The $crlindex parameter specifies the index of the item in the array. The size of the array is controlled by the CRLCount property.
This property is read-only and not available at design time.
Data Type
String
CRLIssuerRDN Property (SecureBlackbox_JAdESVerifier Class)
A collection of information, in the form of [OID, Value] pairs, uniquely identifying the CRL issuer.
Object Oriented Interface
public function getCRLIssuerRDN($crlindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 81 , $crlindex);
Default Value
''
Remarks
A collection of information, in the form of [OID, Value] pairs, uniquely identifying the CRL issuer.
The $crlindex parameter specifies the index of the item in the array. The size of the array is controlled by the CRLCount property.
This property is read-only and not available at design time.
Data Type
String
CRLLocation Property (SecureBlackbox_JAdESVerifier Class)
The URL that the CRL was downloaded from.
Object Oriented Interface
public function getCRLLocation($crlindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 82 , $crlindex);
Default Value
''
Remarks
The URL that the CRL was downloaded from.
The $crlindex parameter specifies the index of the item in the array. The size of the array is controlled by the CRLCount property.
This property is read-only and not available at design time.
Data Type
String
CRLNextUpdate Property (SecureBlackbox_JAdESVerifier Class)
The planned time and date of the next version of this CRL to be published.
Object Oriented Interface
public function getCRLNextUpdate($crlindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 83 , $crlindex);
Default Value
''
Remarks
The planned time and date of the next version of this CRL to be published.
The $crlindex parameter specifies the index of the item in the array. The size of the array is controlled by the CRLCount property.
This property is read-only and not available at design time.
Data Type
String
CRLThisUpdate Property (SecureBlackbox_JAdESVerifier Class)
The date and time at which this version of the CRL was published.
Object Oriented Interface
public function getCRLThisUpdate($crlindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 86 , $crlindex);
Default Value
''
Remarks
The date and time at which this version of the CRL was published.
The $crlindex parameter specifies the index of the item in the array. The size of the array is controlled by the CRLCount property.
This property is read-only and not available at design time.
Data Type
String
DataBytes Property (SecureBlackbox_JAdESVerifier Class)
Use this property to pass a payload or an object data to class in the byte array form.
Object Oriented Interface
public function getDataBytes(); public function setDataBytes($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 87 ); secureblackbox_jadesverifier_set($res, 87, $value );
Remarks
Assign a byte array containing a JWS payload or an object data to be processed to this property.
This property is not available at design time.
Data Type
Byte Array
DataFile Property (SecureBlackbox_JAdESVerifier Class)
A path to a file containing a payload or an object data.
Object Oriented Interface
public function getDataFile(); public function setDataFile($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 88 ); secureblackbox_jadesverifier_set($res, 88, $value );
Default Value
''
Remarks
Use this property to provide a JWS payload or an object data to be processed.
Data Type
String
DataString Property (SecureBlackbox_JAdESVerifier Class)
Use this property to pass a payload or an object data to class in the string form.
Object Oriented Interface
public function getDataString(); public function setDataString($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 89 ); secureblackbox_jadesverifier_set($res, 89, $value );
Default Value
''
Remarks
Assign a string containing a JWS payload or an object data to be processed to this property.
This property is not available at design time.
Data Type
String
Detached Property (SecureBlackbox_JAdESVerifier Class)
Specifies whether a detached signature should be produced or verified.
Object Oriented Interface
public function getDetached(); public function setDetached($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 90 ); secureblackbox_jadesverifier_set($res, 90, $value );
Default Value
false
Remarks
Use this property to specify whether a detached signature should be produced or verified.
When this property is set to "true" value, the JWS payload will be detached from the signature and may either be a single detached object or the result of concatenating multiple detached data objects. In other words, the JWS payload and the signature are stored in separate objects.
If this property is set to "true" value, the user must provide the detached content via the DataFile or DataStream or DataBytes or DataString properties.
When Detached is set to "false" value, the JWS payload is included with the signature as a single object.
Data Type
Boolean
ExtractPayload Property (SecureBlackbox_JAdESVerifier Class)
Specifies whether a payload should be extracted.
Object Oriented Interface
public function getExtractPayload(); public function setExtractPayload($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 91 ); secureblackbox_jadesverifier_set($res, 91, $value );
Default Value
false
Remarks
Use this property to specify whether a payload should be extracted when signature loaded. This applies only to non-detached signatures with a payload.
When this property is set to "true" value, the JWS payload will be extracted from the signature.
The user must provide the OutputFile or OutputStream properties with a filename or stream where to save the payload, if none is provided then payload is returned via OutputBytes or OutputString properties.
Data Type
Boolean
FIPSMode Property (SecureBlackbox_JAdESVerifier Class)
Reserved.
Object Oriented Interface
public function getFIPSMode(); public function setFIPSMode($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 92 ); secureblackbox_jadesverifier_set($res, 92, $value );
Default Value
false
Remarks
This property is reserved for future use.
Data Type
Boolean
FlattenedSignature Property (SecureBlackbox_JAdESVerifier Class)
Specifies if the flattened signature to be used.
Object Oriented Interface
public function getFlattenedSignature(); public function setFlattenedSignature($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 93 ); secureblackbox_jadesverifier_set($res, 93, $value );
Default Value
true
Remarks
This property determines whether to use the flattened JWS JSON serialization format. This format is optimized for the single digital signature case and flattens the general JWS JSON serialization syntax by removing the "signatures" member and instead placing the "protected", "header", and "signature" members at the top-level JSON object (at the same level as the "payload" member).
When the FlattenedSignature property is set to "true" value, the signature will be represented using the flattened JWS JSON serialization format, but it is only applicable when there is a single signature involved.
When the property is set to "false" value, the signature will be represented using the general JWS JSON serialization format.
Data Type
Boolean
IgnoreChainValidationErrors Property (SecureBlackbox_JAdESVerifier Class)
Makes the class tolerant to chain validation errors.
Object Oriented Interface
public function getIgnoreChainValidationErrors(); public function setIgnoreChainValidationErrors($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 94 ); secureblackbox_jadesverifier_set($res, 94, $value );
Default Value
false
Remarks
If this property is set to True, any errors emerging during certificate chain validation will be ignored. This setting may be handy if the purpose of validation is the creation of an LTV signature, and the validation is performed in an environment that doesn't trust the signer's certificate chain.
Data Type
Boolean
InputBytes Property (SecureBlackbox_JAdESVerifier Class)
Use this property to pass the input to class in byte array form.
Object Oriented Interface
public function getInputBytes(); public function setInputBytes($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 95 ); secureblackbox_jadesverifier_set($res, 95, $value );
Remarks
Assign a byte array containing the data to be processed to this property.
This property is not available at design time.
Data Type
Byte Array
InputFile Property (SecureBlackbox_JAdESVerifier Class)
The file to be signed.
Object Oriented Interface
public function getInputFile(); public function setInputFile($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 96 ); secureblackbox_jadesverifier_set($res, 96, $value );
Default Value
''
Remarks
Provide the path to the JSON to be signed.
Data Type
String
InputString Property (SecureBlackbox_JAdESVerifier Class)
Use this property to pass the input to class in the string form.
Object Oriented Interface
public function getInputString(); public function setInputString($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 97 ); secureblackbox_jadesverifier_set($res, 97, $value );
Default Value
''
Remarks
Assign a string containing the data to be processed to this property.
This property is not available at design time.
Data Type
String
KnownCertCount Property (SecureBlackbox_JAdESVerifier Class)
The number of records in the KnownCert arrays.
Object Oriented Interface
public function getKnownCertCount(); public function setKnownCertCount($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 98 ); secureblackbox_jadesverifier_set($res, 98, $value );
Default Value
0
Remarks
This property controls the size of the following arrays:
The array indices start at 0 and end at KnownCertCount - 1.This property is not available at design time.
Data Type
Integer
KnownCertBytes Property (SecureBlackbox_JAdESVerifier Class)
Returns the raw certificate data in DER format.
Object Oriented Interface
public function getKnownCertBytes($knowncertindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 99 , $knowncertindex);
Remarks
Returns the raw certificate data in DER format.
The $knowncertindex parameter specifies the index of the item in the array. The size of the array is controlled by the KnownCertCount property.
This property is read-only and not available at design time.
Data Type
Byte Array
KnownCertHandle Property (SecureBlackbox_JAdESVerifier Class)
Allows to get or set a 'handle', a unique identifier of the underlying property object.
Object Oriented Interface
public function getKnownCertHandle($knowncertindex); public function setKnownCertHandle($knowncertindex, $value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 106 , $knowncertindex); secureblackbox_jadesverifier_set($res, 106, $value , $knowncertindex);
Default Value
0
Remarks
Allows to get or set a 'handle', a unique identifier of the underlying property object. Use this property to assign objects of the same type in a quicker manner, without copying them fieldwise.
When you pass a handle of one object to another, the source object is copied to the destination rather than assigned. It is safe to get rid of the original object
after such operation.
pdfSigner.setSigningCertHandle(certMgr.getCertHandle());
The $knowncertindex parameter specifies the index of the item in the array. The size of the array is controlled by the KnownCertCount property.
This property is not available at design time.
Data Type
Long64
KnownCRLCount Property (SecureBlackbox_JAdESVerifier Class)
The number of records in the KnownCRL arrays.
Object Oriented Interface
public function getKnownCRLCount(); public function setKnownCRLCount($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 133 ); secureblackbox_jadesverifier_set($res, 133, $value );
Default Value
0
Remarks
This property controls the size of the following arrays:
The array indices start at 0 and end at KnownCRLCount - 1.This property is not available at design time.
Data Type
Integer
KnownCRLBytes Property (SecureBlackbox_JAdESVerifier Class)
Returns the raw CRL data in DER format.
Object Oriented Interface
public function getKnownCRLBytes($knowncrlindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 134 , $knowncrlindex);
Remarks
Returns the raw CRL data in DER format.
The $knowncrlindex parameter specifies the index of the item in the array. The size of the array is controlled by the KnownCRLCount property.
This property is read-only and not available at design time.
Data Type
Byte Array
KnownCRLHandle Property (SecureBlackbox_JAdESVerifier Class)
Allows to get or set a 'handle', a unique identifier of the underlying property object.
Object Oriented Interface
public function getKnownCRLHandle($knowncrlindex); public function setKnownCRLHandle($knowncrlindex, $value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 137 , $knowncrlindex); secureblackbox_jadesverifier_set($res, 137, $value , $knowncrlindex);
Default Value
0
Remarks
Allows to get or set a 'handle', a unique identifier of the underlying property object. Use this property to assign objects of the same type in a quicker manner, without copying them fieldwise.
When you pass a handle of one object to another, the source object is copied to the destination rather than assigned. It is safe to get rid of the original object
after such operation.
pdfSigner.setSigningCertHandle(certMgr.getCertHandle());
The $knowncrlindex parameter specifies the index of the item in the array. The size of the array is controlled by the KnownCRLCount property.
This property is not available at design time.
Data Type
Long64
KnownOCSPCount Property (SecureBlackbox_JAdESVerifier Class)
The number of records in the KnownOCSP arrays.
Object Oriented Interface
public function getKnownOCSPCount(); public function setKnownOCSPCount($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 145 ); secureblackbox_jadesverifier_set($res, 145, $value );
Default Value
0
Remarks
This property controls the size of the following arrays:
The array indices start at 0 and end at KnownOCSPCount - 1.This property is not available at design time.
Data Type
Integer
KnownOCSPBytes Property (SecureBlackbox_JAdESVerifier Class)
A buffer containing the raw OCSP response data.
Object Oriented Interface
public function getKnownOCSPBytes($knownocspindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 146 , $knownocspindex);
Remarks
A buffer containing the raw OCSP response data.
The $knownocspindex parameter specifies the index of the item in the array. The size of the array is controlled by the KnownOCSPCount property.
This property is read-only and not available at design time.
Data Type
Byte Array
KnownOCSPHandle Property (SecureBlackbox_JAdESVerifier Class)
Allows to get or set a 'handle', a unique identifier of the underlying property object.
Object Oriented Interface
public function getKnownOCSPHandle($knownocspindex); public function setKnownOCSPHandle($knownocspindex, $value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 148 , $knownocspindex); secureblackbox_jadesverifier_set($res, 148, $value , $knownocspindex);
Default Value
0
Remarks
Allows to get or set a 'handle', a unique identifier of the underlying property object. Use this property to assign objects of the same type in a quicker manner, without copying them fieldwise.
When you pass a handle of one object to another, the source object is copied to the destination rather than assigned. It is safe to get rid of the original object
after such operation.
pdfSigner.setSigningCertHandle(certMgr.getCertHandle());
The $knownocspindex parameter specifies the index of the item in the array. The size of the array is controlled by the KnownOCSPCount property.
This property is not available at design time.
Data Type
Long64
OCSPCount Property (SecureBlackbox_JAdESVerifier Class)
The number of records in the OCSP arrays.
Object Oriented Interface
public function getOCSPCount();
Procedural Interface
secureblackbox_jadesverifier_get($res, 153 );
Default Value
0
Remarks
This property controls the size of the following arrays:
The array indices start at 0 and end at OCSPCount - 1.This property is read-only and not available at design time.
Data Type
Integer
OCSPBytes Property (SecureBlackbox_JAdESVerifier Class)
A buffer containing the raw OCSP response data.
Object Oriented Interface
public function getOCSPBytes($ocspindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 154 , $ocspindex);
Remarks
A buffer containing the raw OCSP response data.
The $ocspindex parameter specifies the index of the item in the array. The size of the array is controlled by the OCSPCount property.
This property is read-only and not available at design time.
Data Type
Byte Array
OCSPHandle Property (SecureBlackbox_JAdESVerifier Class)
Allows to get or set a 'handle', a unique identifier of the underlying property object.
Object Oriented Interface
public function getOCSPHandle($ocspindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 156 , $ocspindex);
Default Value
0
Remarks
Allows to get or set a 'handle', a unique identifier of the underlying property object. Use this property to assign objects of the same type in a quicker manner, without copying them fieldwise.
When you pass a handle of one object to another, the source object is copied to the destination rather than assigned. It is safe to get rid of the original object
after such operation.
pdfSigner.setSigningCertHandle(certMgr.getCertHandle());
The $ocspindex parameter specifies the index of the item in the array. The size of the array is controlled by the OCSPCount property.
This property is read-only and not available at design time.
Data Type
Long64
OCSPIssuer Property (SecureBlackbox_JAdESVerifier Class)
Indicates the issuer of this response (a CA or its authorized representative).
Object Oriented Interface
public function getOCSPIssuer($ocspindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 157 , $ocspindex);
Default Value
''
Remarks
Indicates the issuer of this response (a CA or its authorized representative).
The $ocspindex parameter specifies the index of the item in the array. The size of the array is controlled by the OCSPCount property.
This property is read-only and not available at design time.
Data Type
String
OCSPIssuerRDN Property (SecureBlackbox_JAdESVerifier Class)
Indicates the RDN of the issuer of this response (a CA or its authorized representative).
Object Oriented Interface
public function getOCSPIssuerRDN($ocspindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 158 , $ocspindex);
Default Value
''
Remarks
Indicates the RDN of the issuer of this response (a CA or its authorized representative).
The $ocspindex parameter specifies the index of the item in the array. The size of the array is controlled by the OCSPCount property.
This property is read-only and not available at design time.
Data Type
String
OCSPLocation Property (SecureBlackbox_JAdESVerifier Class)
The location of the OCSP responder.
Object Oriented Interface
public function getOCSPLocation($ocspindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 159 , $ocspindex);
Default Value
''
Remarks
The location of the OCSP responder.
The $ocspindex parameter specifies the index of the item in the array. The size of the array is controlled by the OCSPCount property.
This property is read-only and not available at design time.
Data Type
String
OCSPProducedAt Property (SecureBlackbox_JAdESVerifier Class)
Specifies the time when the response was produced, in UTC.
Object Oriented Interface
public function getOCSPProducedAt($ocspindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 160 , $ocspindex);
Default Value
''
Remarks
Specifies the time when the response was produced, in UTC.
The $ocspindex parameter specifies the index of the item in the array. The size of the array is controlled by the OCSPCount property.
This property is read-only and not available at design time.
Data Type
String
OfflineMode Property (SecureBlackbox_JAdESVerifier Class)
Switches the class to offline mode.
Object Oriented Interface
public function getOfflineMode(); public function setOfflineMode($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 161 ); secureblackbox_jadesverifier_set($res, 161, $value );
Default Value
false
Remarks
When working in offline mode, the class restricts itself from using any online revocation information sources, such as CRL or OCSP responders.
Offline mode may be useful if there is a need to verify the completeness of the validation information included within the signature or provided via KnownCertificates, KnownCRLs, and other related properties.
Data Type
Boolean
OutputBytes Property (SecureBlackbox_JAdESVerifier Class)
Use this property to read the output the class object has produced.
Object Oriented Interface
public function getOutputBytes();
Procedural Interface
secureblackbox_jadesverifier_get($res, 162 );
Remarks
Read the contents of this property after the operation has completed to read the produced output. This property will only be set if the OutputFile and OutputStream properties had not been assigned.
This property is read-only and not available at design time.
Data Type
Byte Array
OutputFile Property (SecureBlackbox_JAdESVerifier Class)
Defines where to save the signature.
Object Oriented Interface
public function getOutputFile(); public function setOutputFile($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 163 ); secureblackbox_jadesverifier_set($res, 163, $value );
Default Value
''
Remarks
Specifies the path where the JWS/JAdES signature should be saved.
Data Type
String
OutputString Property (SecureBlackbox_JAdESVerifier Class)
Use this property to read the output the class object has produced.
Object Oriented Interface
public function getOutputString();
Procedural Interface
secureblackbox_jadesverifier_get($res, 164 );
Default Value
''
Remarks
Read the contents of this property after the operation is completed to read the produced output. This property will only be set if OutputFile and OutputStream properties had not been assigned.
This property is read-only and not available at design time.
Data Type
String
Profile Property (SecureBlackbox_JAdESVerifier Class)
Specifies a pre-defined profile to apply when creating the signature.
Object Oriented Interface
public function getProfile(); public function setProfile($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 165 ); secureblackbox_jadesverifier_set($res, 165, $value );
Default Value
''
Remarks
Advanced signatures come in many variants, which are often defined by parties that needs to process them or by local standards. SecureBlackbox profiles are sets of pre-defined configurations which correspond to particular signature variants. By specifying a profile, you are pre-configuring the component to make it produce the signature that matches the configuration corresponding to that profile.
Data Type
String
ProxyAddress Property (SecureBlackbox_JAdESVerifier Class)
The IP address of the proxy server.
Object Oriented Interface
public function getProxyAddress(); public function setProxyAddress($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 166 ); secureblackbox_jadesverifier_set($res, 166, $value );
Default Value
''
Remarks
The IP address of the proxy server.
Data Type
String
ProxyAuthentication Property (SecureBlackbox_JAdESVerifier Class)
The authentication type used by the proxy server.
Object Oriented Interface
public function getProxyAuthentication(); public function setProxyAuthentication($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 167 ); secureblackbox_jadesverifier_set($res, 167, $value );
Default Value
0
Remarks
The authentication type used by the proxy server.
| patNoAuthentication | 0 |
| patBasic | 1 |
| patDigest | 2 |
| patNTLM | 3 |
Data Type
Integer
ProxyPassword Property (SecureBlackbox_JAdESVerifier Class)
The password to authenticate to the proxy server.
Object Oriented Interface
public function getProxyPassword(); public function setProxyPassword($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 168 ); secureblackbox_jadesverifier_set($res, 168, $value );
Default Value
''
Remarks
The password to authenticate to the proxy server.
Data Type
String
ProxyPort Property (SecureBlackbox_JAdESVerifier Class)
The port on the proxy server to connect to.
Object Oriented Interface
public function getProxyPort(); public function setProxyPort($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 169 ); secureblackbox_jadesverifier_set($res, 169, $value );
Default Value
0
Remarks
The port on the proxy server to connect to.
Data Type
Integer
ProxyProxyType Property (SecureBlackbox_JAdESVerifier Class)
The type of the proxy server.
Object Oriented Interface
public function getProxyProxyType(); public function setProxyProxyType($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 170 ); secureblackbox_jadesverifier_set($res, 170, $value );
Default Value
0
Remarks
The type of the proxy server.
The WebTunnel proxy is also known as HTTPS proxy. Unlike HTTP proxy, HTTPS proxy (WebTunnel) provides end-to-end security.
| cptNone | 0 |
| cptSocks4 | 1 |
| cptSocks5 | 2 |
| cptWebTunnel | 3 |
| cptHTTP | 4 |
Data Type
Integer
ProxyRequestHeaders Property (SecureBlackbox_JAdESVerifier Class)
Contains HTTP request headers for WebTunnel and HTTP proxy.
Object Oriented Interface
public function getProxyRequestHeaders(); public function setProxyRequestHeaders($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 171 ); secureblackbox_jadesverifier_set($res, 171, $value );
Default Value
''
Remarks
Contains HTTP request headers for WebTunnel and HTTP proxy.
Data Type
String
ProxyResponseBody Property (SecureBlackbox_JAdESVerifier Class)
Contains the HTTP or HTTPS (WebTunnel) proxy response body.
Object Oriented Interface
public function getProxyResponseBody(); public function setProxyResponseBody($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 172 ); secureblackbox_jadesverifier_set($res, 172, $value );
Default Value
''
Remarks
Contains the HTTP or HTTPS (WebTunnel) proxy response body.
Data Type
String
ProxyResponseHeaders Property (SecureBlackbox_JAdESVerifier Class)
Contains response headers received from an HTTP or HTTPS (WebTunnel) proxy server.
Object Oriented Interface
public function getProxyResponseHeaders(); public function setProxyResponseHeaders($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 173 ); secureblackbox_jadesverifier_set($res, 173, $value );
Default Value
''
Remarks
Contains response headers received from an HTTP or HTTPS (WebTunnel) proxy server.
Data Type
String
ProxyUseIPv6 Property (SecureBlackbox_JAdESVerifier Class)
Specifies whether IPv6 should be used when connecting through the proxy.
Object Oriented Interface
public function getProxyUseIPv6(); public function setProxyUseIPv6($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 174 ); secureblackbox_jadesverifier_set($res, 174, $value );
Default Value
false
Remarks
Specifies whether IPv6 should be used when connecting through the proxy.
Data Type
Boolean
ProxyUseProxy Property (SecureBlackbox_JAdESVerifier Class)
Enables or disables proxy-driven connection.
Object Oriented Interface
public function getProxyUseProxy(); public function setProxyUseProxy($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 175 ); secureblackbox_jadesverifier_set($res, 175, $value );
Default Value
false
Remarks
Enables or disables proxy-driven connection.
Data Type
Boolean
ProxyUsername Property (SecureBlackbox_JAdESVerifier Class)
Specifies the username credential for proxy authentication.
Object Oriented Interface
public function getProxyUsername(); public function setProxyUsername($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 176 ); secureblackbox_jadesverifier_set($res, 176, $value );
Default Value
''
Remarks
Specifies the username credential for proxy authentication.
Data Type
String
RevocationCheck Property (SecureBlackbox_JAdESVerifier Class)
Specifies the kind(s) of revocation check to perform for all chain certificates.
Object Oriented Interface
public function getRevocationCheck(); public function setRevocationCheck($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 177 ); secureblackbox_jadesverifier_set($res, 177, $value );
Default Value
1
Remarks
Revocation checking is necessary to ensure the integrity of the chain and obtain up-to-date certificate validity and trustworthiness information.
Certificate Revocation Lists (CRLs) and Online Certificate Status Protocol (OCSP) responses serve the same purpose of ensuring that the certificate had not been revoked by the Certificate Authority (CA) at the time of use. Depending on your circumstances and security policy requirements, you may want to use either one or both of the revocation information source types.
| crcNone | 0 | No revocation checking. |
| crcAuto | 1 | Automatic mode selection. Currently this maps to crcAnyOCSPOrCRL, but it may change in the future. |
| crcAllCRL | 2 | All provided CRL endpoints will be checked, and all checks must succeed. |
| crcAllOCSP | 3 | All provided OCSP endpoints will be checked, and all checks must succeed. |
| crcAllCRLAndOCSP | 4 | All provided CRL and OCSP endpoints will be checked, and all checks must succeed. |
| crcAnyCRL | 5 | All provided CRL endpoints will be checked, and at least one check must succeed. |
| crcAnyOCSP | 6 | All provided OCSP endpoints will be checked, and at least one check must succeed. |
| crcAnyCRLOrOCSP | 7 | All provided CRL and OCSP endpoints will be checked, and at least one check must succeed. CRL endpoints are checked first. |
| crcAnyOCSPOrCRL | 8 | All provided CRL and OCSP endpoints will be checked, and at least one check must succeed. OCSP endpoints are checked first. |
This setting controls the way the revocation checks are performed for every certificate in the chain. Typically certificates come with two types of revocation information sources: CRL (certificate revocation lists) and OCSP responders. CRLs are static objects periodically published by the CA at some online location. OCSP responders are active online services maintained by the CA that can provide up-to-date information on certificate statuses in near real time.
There are some conceptual differences between the two. CRLs are normally larger in size. Their use involves some latency because there is normally some delay between the time when a certificate was revoked and the time the subsequent CRL mentioning that is published. The benefits of CRL is that the same object can provide statuses for all certificates issued by a particular CA, and that the whole technology is much simpler than OCSP (and thus is supported by more CAs).
This setting lets you adjust the validation course by including or excluding certain types of revocation sources from the validation process. The crcAnyOCSPOrCRL setting (give preference to the faster OCSP route and only demand one source to succeed) is a good choice for most typical validation environments. The "crcAll*" modes are much stricter, and may be used in scenarios where bulletproof validity information is essential.
Note: If no CRL or OCSP endpoints are provided by the CA, the revocation check will be considered successful. This is because the CA chose not to supply revocation information for its certificates, meaning they are considered irrevocable.
Note: Within each of the above settings, if any retrieved CRL or OCSP response indicates that the certificate has been revoked, the revocation check fails.
Data Type
Integer
SignatureCount Property (SecureBlackbox_JAdESVerifier Class)
The number of records in the Signature arrays.
Object Oriented Interface
public function getSignatureCount();
Procedural Interface
secureblackbox_jadesverifier_get($res, 178 );
Default Value
0
Remarks
This property controls the size of the following arrays:
- SignatureCertificateIndex
- SignatureChainValidationDetails
- SignatureChainValidationResult
- SignatureClaimedSigningTime
- SignatureContentType
- SignatureCountersigned
- SignatureHandle
- SignatureHashAlgorithm
- SignatureIssuerRDN
- SignatureJAdESVersion
- SignatureLastArchivalTime
- SignatureLevel
- SignatureObjectType
- SignatureParentSignatureIndex
- SignaturePolicyHash
- SignaturePolicyHashAlgorithm
- SignaturePolicyID
- SignaturePolicyURI
- SignatureSerialNumber
- SignatureSignatureBytes
- SignatureSignatureValidationResult
- SignatureSignedData
- SignatureSignedDataType
- SignatureSubjectKeyID
- SignatureSubjectRDN
- SignatureTimestamped
- SignatureValidatedSigningTime
- SignatureValidationLog
This property is read-only and not available at design time.
Data Type
Integer
SignatureCertificateIndex Property (SecureBlackbox_JAdESVerifier Class)
Returns the index of the signing certificate in the Certificates collection Use this property to look up the signing certificate in the Certificates collection.
Object Oriented Interface
public function getSignatureCertificateIndex($signatureindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 179 , $signatureindex);
Default Value
-1
Remarks
Returns the index of the signing certificate in the Certificates collection
Use this property to look up the signing certificate in the Certificates collection.
The $signatureindex parameter specifies the index of the item in the array. The size of the array is controlled by the SignatureCount property.
This property is read-only and not available at design time.
Data Type
Integer
SignatureChainValidationDetails Property (SecureBlackbox_JAdESVerifier Class)
The details of a certificate chain validation outcome.
Object Oriented Interface
public function getSignatureChainValidationDetails($signatureindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 180 , $signatureindex);
Default Value
0
Remarks
The details of a certificate chain validation outcome. They may often suggest the reasons that contributed to the overall validation result.
Returns a bit mask of the following options:
| cvrBadData | 0x0001 | One or more certificates in the validation path are malformed |
| cvrRevoked | 0x0002 | One or more certificates are revoked |
| cvrNotYetValid | 0x0004 | One or more certificates are not yet valid |
| cvrExpired | 0x0008 | One or more certificates are expired |
| cvrInvalidSignature | 0x0010 | A certificate contains a non-valid digital signature |
| cvrUnknownCA | 0x0020 | A CA certificate for one or more certificates has not been found (chain incomplete) |
| cvrCAUnauthorized | 0x0040 | One of the CA certificates are not authorized to act as CA |
| cvrCRLNotVerified | 0x0080 | One or more CRLs could not be verified |
| cvrOCSPNotVerified | 0x0100 | One or more OCSP responses could not be verified |
| cvrIdentityMismatch | 0x0200 | The identity protected by the certificate (a TLS endpoint or an e-mail addressee) does not match what is recorded in the certificate |
| cvrNoKeyUsage | 0x0400 | A mandatory key usage is not enabled in one of the chain certificates |
| cvrBlocked | 0x0800 | One or more certificates are blocked |
| cvrFailure | 0x1000 | General validation failure |
| cvrChainLoop | 0x2000 | Chain loop: one of the CA certificates recursively signs itself |
| cvrWeakAlgorithm | 0x4000 | A weak algorithm is used in one of certificates or revocation elements |
| cvrUserEnforced | 0x8000 | The chain was considered invalid following intervention from a user code |
The $signatureindex parameter specifies the index of the item in the array. The size of the array is controlled by the SignatureCount property.
This property is read-only and not available at design time.
Data Type
Integer
SignatureChainValidationResult Property (SecureBlackbox_JAdESVerifier Class)
The outcome of a certificate chain validation routine.
Object Oriented Interface
public function getSignatureChainValidationResult($signatureindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 181 , $signatureindex);
Default Value
0
Remarks
The outcome of a certificate chain validation routine.
Available options:
| cvtValid | 0 | The chain is valid |
| cvtValidButUntrusted | 1 | The chain is valid, but the root certificate is not trusted |
| cvtInvalid | 2 | The chain is not valid (some of certificates are revoked, expired, or contain an invalid signature) |
| cvtCantBeEstablished | 3 | The validity of the chain cannot be established because of missing or unavailable validation information (certificates, CRLs, or OCSP responses) |
Use the ValidationLog property to access the detailed validation log.
The $signatureindex parameter specifies the index of the item in the array. The size of the array is controlled by the SignatureCount property.
This property is read-only and not available at design time.
Data Type
Integer
SignatureClaimedSigningTime Property (SecureBlackbox_JAdESVerifier Class)
The signing time from the signer's computer.
Object Oriented Interface
public function getSignatureClaimedSigningTime($signatureindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 182 , $signatureindex);
Default Value
''
Remarks
The signing time from the signer's computer.
Use this property to provide the signature production time. The claimed time is not supported by a trusted source; it may be inaccurate, forfeited, or wrong, and as such is usually taken for informational purposes only by verifiers. Use timestamp servers to embed verifiable trusted timestamps. The time is in UTC.
The $signatureindex parameter specifies the index of the item in the array. The size of the array is controlled by the SignatureCount property.
This property is read-only and not available at design time.
Data Type
String
SignatureContentType Property (SecureBlackbox_JAdESVerifier Class)
Specifies payload content type.
Object Oriented Interface
public function getSignatureContentType($signatureindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 183 , $signatureindex);
Default Value
''
Remarks
Specifies payload content type.
Use this property to indicate the content type of the JWS Payload.
This property provides a way for the application to disambiguate among different kinds of objects that might be present in the payload, but it is typically not used when the kind of object is already known. The value of this property is a string that conforms to the Internet Media Type (MIME) format, such as "text/plain" or "application/json".
It is optional to use this property and it is recommended to omit the "application/" prefix of the media type value when it is not needed. The recipient of the signed message should treat the value as if "application/" were prepended to it, unless it already contains a '/'.
The $signatureindex parameter specifies the index of the item in the array. The size of the array is controlled by the SignatureCount property.
This property is read-only and not available at design time.
Data Type
String
SignatureCountersigned Property (SecureBlackbox_JAdESVerifier Class)
Indicates if the signature is countersigned.
Object Oriented Interface
public function getSignatureCountersigned($signatureindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 184 , $signatureindex);
Default Value
false
Remarks
Indicates if the signature is countersigned.
Use this property to find out whether the JWS/JAdES signature contains any countersignatures over the main signature(s).
The $signatureindex parameter specifies the index of the item in the array. The size of the array is controlled by the SignatureCount property.
This property is read-only and not available at design time.
Data Type
Boolean
SignatureHandle Property (SecureBlackbox_JAdESVerifier Class)
Allows to get or set a 'handle', a unique identifier of the underlying property object.
Object Oriented Interface
public function getSignatureHandle($signatureindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 185 , $signatureindex);
Default Value
0
Remarks
Allows to get or set a 'handle', a unique identifier of the underlying property object. Use this property to assign objects of the same type in a quicker manner, without copying them fieldwise.
When you pass a handle of one object to another, the source object is copied to the destination rather than assigned. It is safe to get rid of the original object
after such operation.
pdfSigner.setSigningCertHandle(certMgr.getCertHandle());
The $signatureindex parameter specifies the index of the item in the array. The size of the array is controlled by the SignatureCount property.
This property is read-only and not available at design time.
Data Type
Long64
SignatureHashAlgorithm Property (SecureBlackbox_JAdESVerifier Class)
Specifies the hash algorithm to be used.
Object Oriented Interface
public function getSignatureHashAlgorithm($signatureindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 186 , $signatureindex);
Default Value
'SHA256'
Remarks
Specifies the hash algorithm to be used.
Supported values:
| SB_HASH_ALGORITHM_SHA224 | SHA224 | |
| SB_HASH_ALGORITHM_SHA256 | SHA256 | |
| SB_HASH_ALGORITHM_SHA384 | SHA384 | |
| SB_HASH_ALGORITHM_SHA512 | SHA512 | |
| SB_HASH_ALGORITHM_SHA3_256 | SHA3_256 | |
| SB_HASH_ALGORITHM_SHA3_384 | SHA3_384 | |
| SB_HASH_ALGORITHM_SHA3_512 | SHA3_512 |
The $signatureindex parameter specifies the index of the item in the array. The size of the array is controlled by the SignatureCount property.
This property is read-only and not available at design time.
Data Type
String
SignatureIssuerRDN Property (SecureBlackbox_JAdESVerifier Class)
The Relative Distinguished Name of the signing certificate's issuer.
Object Oriented Interface
public function getSignatureIssuerRDN($signatureindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 187 , $signatureindex);
Default Value
''
Remarks
The Relative Distinguished Name of the signing certificate's issuer.
A collection of information, in the form of [OID, Value] pairs, about the company that issued the signing certificate.
The $signatureindex parameter specifies the index of the item in the array. The size of the array is controlled by the SignatureCount property.
This property is read-only and not available at design time.
Data Type
String
SignatureJAdESVersion Property (SecureBlackbox_JAdESVerifier Class)
Specifies JAdES version.
Object Oriented Interface
public function getSignatureJAdESVersion($signatureindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 188 , $signatureindex);
Default Value
1
Remarks
Specifies JAdES version.
This property specifies the version of the JAdES specification the signature should comply with.
The supported values are:
| javUnknown | 0 | Unknown |
| jav111 | 1 | JAdES v1.1.1 |
The $signatureindex parameter specifies the index of the item in the array. The size of the array is controlled by the SignatureCount property.
This property is read-only and not available at design time.
Data Type
Integer
SignatureLastArchivalTime Property (SecureBlackbox_JAdESVerifier Class)
Indicates the most recent archival time of an archived signature This property returns the time of the most recent archival timestamp applied to the signature.
Object Oriented Interface
public function getSignatureLastArchivalTime($signatureindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 189 , $signatureindex);
Default Value
''
Remarks
Indicates the most recent archival time of an archived signature
This property returns the time of the most recent archival timestamp applied to the signature. This property only makes sense for 'archived' (e.g. CAdES-A) signatures. Time is in UTC.
The $signatureindex parameter specifies the index of the item in the array. The size of the array is controlled by the SignatureCount property.
This property is read-only and not available at design time.
Data Type
String
SignatureLevel Property (SecureBlackbox_JAdESVerifier Class)
Specifies the signature kind and level.
Object Oriented Interface
public function getSignatureLevel($signatureindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 190 , $signatureindex);
Default Value
1
Remarks
Specifies the signature kind and level.
The supported values are:
| jaslJWS | 0 | JSON Web Signature (JWS) |
| jaslBaselineB | 1 | Baseline B (B-B, basic) |
| jaslBaselineT | 2 | Baseline T (B-T, timestamped) |
| jaslBaselineLT | 3 | Baseline LT (B-LT, long-term) |
| jaslBaselineLTA | 4 | Baseline LTA (B-LTA, long-term with archived timestamp) |
The $signatureindex parameter specifies the index of the item in the array. The size of the array is controlled by the SignatureCount property.
This property is read-only and not available at design time.
Data Type
Integer
SignatureObjectType Property (SecureBlackbox_JAdESVerifier Class)
Specifies signature object content type.
Object Oriented Interface
public function getSignatureObjectType($signatureindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 191 , $signatureindex);
Default Value
'jose+json'
Remarks
Specifies signature object content type.
Use this property to specify the content type of the signature object.
It is used by the application to differentiate between different types of objects that might be present in an application data structure containing a JWS or JAdES.
The default value is "jose+json" which indicates that it is a JWS or JAdES using the JWS JSON Serialization, and "jose" which indicates that the object is a JWS or JAdES using the JWS Compact Serialization. Other type values can also be used by the application.
The $signatureindex parameter specifies the index of the item in the array. The size of the array is controlled by the SignatureCount property.
This property is read-only and not available at design time.
Data Type
String
SignatureParentSignatureIndex Property (SecureBlackbox_JAdESVerifier Class)
Returns the index of the parent signature, if applicable.
Object Oriented Interface
public function getSignatureParentSignatureIndex($signatureindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 192 , $signatureindex);
Default Value
-1
Remarks
Returns the index of the parent signature, if applicable.
Use this property to establish the index of the associated parent signature object in the signature collection.
The $signatureindex parameter specifies the index of the item in the array. The size of the array is controlled by the SignatureCount property.
This property is read-only and not available at design time.
Data Type
Integer
SignaturePolicyHash Property (SecureBlackbox_JAdESVerifier Class)
The signature policy hash value.
Object Oriented Interface
public function getSignaturePolicyHash($signatureindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 193 , $signatureindex);
Default Value
''
Remarks
The signature policy hash value.
Use this property to get the signature policy hash from EPES signatures
The $signatureindex parameter specifies the index of the item in the array. The size of the array is controlled by the SignatureCount property.
This property is read-only and not available at design time.
Data Type
String
SignaturePolicyHashAlgorithm Property (SecureBlackbox_JAdESVerifier Class)
The algorithm that was used to calculate the signature policy hash Use this property to get or set the hash algorithm used to calculate the signature policy hash.
Object Oriented Interface
public function getSignaturePolicyHashAlgorithm($signatureindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 194 , $signatureindex);
Default Value
''
Remarks
The algorithm that was used to calculate the signature policy hash
Use this property to get or set the hash algorithm used to calculate the signature policy hash. Read the actual hash value from SignaturePolicyHash.
| SB_HASH_ALGORITHM_SHA1 | SHA1 | |
| SB_HASH_ALGORITHM_SHA224 | SHA224 | |
| SB_HASH_ALGORITHM_SHA256 | SHA256 | |
| SB_HASH_ALGORITHM_SHA384 | SHA384 | |
| SB_HASH_ALGORITHM_SHA512 | SHA512 | |
| SB_HASH_ALGORITHM_MD2 | MD2 | |
| SB_HASH_ALGORITHM_MD4 | MD4 | |
| SB_HASH_ALGORITHM_MD5 | MD5 | |
| SB_HASH_ALGORITHM_RIPEMD160 | RIPEMD160 | |
| SB_HASH_ALGORITHM_CRC32 | CRC32 | |
| SB_HASH_ALGORITHM_SSL3 | SSL3 | |
| SB_HASH_ALGORITHM_GOST_R3411_1994 | GOST1994 | |
| SB_HASH_ALGORITHM_WHIRLPOOL | WHIRLPOOL | |
| SB_HASH_ALGORITHM_POLY1305 | POLY1305 | |
| SB_HASH_ALGORITHM_SHA3_224 | SHA3_224 | |
| SB_HASH_ALGORITHM_SHA3_256 | SHA3_256 | |
| SB_HASH_ALGORITHM_SHA3_384 | SHA3_384 | |
| SB_HASH_ALGORITHM_SHA3_512 | SHA3_512 | |
| SB_HASH_ALGORITHM_BLAKE2S_128 | BLAKE2S_128 | |
| SB_HASH_ALGORITHM_BLAKE2S_160 | BLAKE2S_160 | |
| SB_HASH_ALGORITHM_BLAKE2S_224 | BLAKE2S_224 | |
| SB_HASH_ALGORITHM_BLAKE2S_256 | BLAKE2S_256 | |
| SB_HASH_ALGORITHM_BLAKE2B_160 | BLAKE2B_160 | |
| SB_HASH_ALGORITHM_BLAKE2B_256 | BLAKE2B_256 | |
| SB_HASH_ALGORITHM_BLAKE2B_384 | BLAKE2B_384 | |
| SB_HASH_ALGORITHM_BLAKE2B_512 | BLAKE2B_512 | |
| SB_HASH_ALGORITHM_SHAKE_128 | SHAKE_128 | |
| SB_HASH_ALGORITHM_SHAKE_256 | SHAKE_256 | |
| SB_HASH_ALGORITHM_SHAKE_128_LEN | SHAKE_128_LEN | |
| SB_HASH_ALGORITHM_SHAKE_256_LEN | SHAKE_256_LEN |
The $signatureindex parameter specifies the index of the item in the array. The size of the array is controlled by the SignatureCount property.
This property is read-only and not available at design time.
Data Type
String
SignaturePolicyID Property (SecureBlackbox_JAdESVerifier Class)
The policy ID that was included or to be included into the signature.
Object Oriented Interface
public function getSignaturePolicyID($signatureindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 195 , $signatureindex);
Default Value
''
Remarks
The policy ID that was included or to be included into the signature.
Use this property to retrieve the signature policy identifier from EPES signatures.
The $signatureindex parameter specifies the index of the item in the array. The size of the array is controlled by the SignatureCount property.
This property is read-only and not available at design time.
Data Type
String
SignaturePolicyURI Property (SecureBlackbox_JAdESVerifier Class)
The signature policy URI that was included in the signature.
Object Oriented Interface
public function getSignaturePolicyURI($signatureindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 196 , $signatureindex);
Default Value
''
Remarks
The signature policy URI that was included in the signature.
Use this property to set or retrieve the URI of the signature policy from EPES signatures.
The $signatureindex parameter specifies the index of the item in the array. The size of the array is controlled by the SignatureCount property.
This property is read-only and not available at design time.
Data Type
String
SignatureSerialNumber Property (SecureBlackbox_JAdESVerifier Class)
The serial number of the timestamp.
Object Oriented Interface
public function getSignatureSerialNumber($signatureindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 197 , $signatureindex);
Remarks
The serial number of the timestamp.
The $signatureindex parameter specifies the index of the item in the array. The size of the array is controlled by the SignatureCount property.
This property is read-only and not available at design time.
Data Type
Byte Array
SignatureSignatureBytes Property (SecureBlackbox_JAdESVerifier Class)
Returns the binary representation of the JSON/JAdES signature.
Object Oriented Interface
public function getSignatureSignatureBytes($signatureindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 198 , $signatureindex);
Remarks
Returns the binary representation of the JSON/JAdES signature.
The $signatureindex parameter specifies the index of the item in the array. The size of the array is controlled by the SignatureCount property.
This property is read-only and not available at design time.
Data Type
Byte Array
SignatureSignatureValidationResult Property (SecureBlackbox_JAdESVerifier Class)
The outcome of the cryptographic signature validation.
Object Oriented Interface
public function getSignatureSignatureValidationResult($signatureindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 199 , $signatureindex);
Default Value
0
Remarks
The outcome of the cryptographic signature validation.
The following signature validity values are supported:
| svtValid | 0 | The signature is valid |
| svtUnknown | 1 | Signature validity is unknown |
| svtCorrupted | 2 | The signature is corrupted |
| svtSignerNotFound | 3 | Failed to acquire the signing certificate. The signature cannot be validated. |
| svtFailure | 4 | General failure |
The $signatureindex parameter specifies the index of the item in the array. The size of the array is controlled by the SignatureCount property.
This property is read-only and not available at design time.
Data Type
Integer
SignatureSignedData Property (SecureBlackbox_JAdESVerifier Class)
The sigD header parameter in JSON format that was included or to be included into the signature.
Object Oriented Interface
public function getSignatureSignedData($signatureindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 200 , $signatureindex);
Default Value
''
Remarks
The sigD header parameter in JSON format that was included or to be included into the signature.
The $signatureindex parameter specifies the index of the item in the array. The size of the array is controlled by the SignatureCount property.
This property is read-only and not available at design time.
Data Type
String
SignatureSignedDataType Property (SecureBlackbox_JAdESVerifier Class)
Specifies the type of signed data.
Object Oriented Interface
public function getSignatureSignedDataType($signatureindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 201 , $signatureindex);
Default Value
0
Remarks
Specifies the type of signed data.
Supported values:
| jasdtPayload | 0 | JWS Payload |
| jasdtHttpHeaders | 1 | HttpHeaders mechanism |
| jasdtObjectIdByURI | 2 | ObjectIdByURI mechanism |
| jasdtObjectIdByURIHash | 3 | ObjectIdByURIHash mechanism |
| jasdtCustom | 4 | Custom mechanism |
The $signatureindex parameter specifies the index of the item in the array. The size of the array is controlled by the SignatureCount property.
This property is read-only and not available at design time.
Data Type
Integer
SignatureSubjectKeyID Property (SecureBlackbox_JAdESVerifier Class)
Contains the subject key identifier of the signing certificate.
Object Oriented Interface
public function getSignatureSubjectKeyID($signatureindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 202 , $signatureindex);
Remarks
Contains the subject key identifier of the signing certificate.
Subject Key Identifier is a (non-critical) X.509 certificate extension which allows the identification of certificates containing a particular public key. In SecureBlackbox, the unique identifier is represented by a SHA-1 hash of the bit string of the subject public key.
The $signatureindex parameter specifies the index of the item in the array. The size of the array is controlled by the SignatureCount property.
This property is read-only and not available at design time.
Data Type
Byte Array
SignatureSubjectRDN Property (SecureBlackbox_JAdESVerifier Class)
Contains information about the person owning the signing certificate.
Object Oriented Interface
public function getSignatureSubjectRDN($signatureindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 203 , $signatureindex);
Default Value
''
Remarks
Contains information about the person owning the signing certificate. Only certificates with given subject information will be enumerated during the search operation. Information is stored in the form of [Object Identifier, Value] pairs.
The $signatureindex parameter specifies the index of the item in the array. The size of the array is controlled by the SignatureCount property.
This property is read-only and not available at design time.
Data Type
String
SignatureTimestamped Property (SecureBlackbox_JAdESVerifier Class)
Use this property to establish whether the signature contains an embedded timestamp.
Object Oriented Interface
public function getSignatureTimestamped($signatureindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 204 , $signatureindex);
Default Value
false
Remarks
Use this property to establish whether the signature contains an embedded timestamp.
The $signatureindex parameter specifies the index of the item in the array. The size of the array is controlled by the SignatureCount property.
This property is read-only and not available at design time.
Data Type
Boolean
SignatureValidatedSigningTime Property (SecureBlackbox_JAdESVerifier Class)
Contains the certified signing time.
Object Oriented Interface
public function getSignatureValidatedSigningTime($signatureindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 205 , $signatureindex);
Default Value
''
Remarks
Contains the certified signing time.
Use this property to obtain the signing time as certified by a timestamp from a trusted timestamping authority. This property is only non-empty if there was a valid timestamp included in the signature.
SignatureClaimedSigningTime returns a non-trusted signing time from the signer's computer.
Both times are in UTC.
The $signatureindex parameter specifies the index of the item in the array. The size of the array is controlled by the SignatureCount property.
This property is read-only and not available at design time.
Data Type
String
SignatureValidationLog Property (SecureBlackbox_JAdESVerifier Class)
Contains the complete log of the certificate validation routine.
Object Oriented Interface
public function getSignatureValidationLog($signatureindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 206 , $signatureindex);
Default Value
''
Remarks
Contains the complete log of the certificate validation routine.
Use this property to access the chain validation log produced by the class. The log can be very useful when investigating issues with chain validation, as it contains a step-by-step trace of the entire validation procedure.
The $signatureindex parameter specifies the index of the item in the array. The size of the array is controlled by the SignatureCount property.
This property is read-only and not available at design time.
Data Type
String
SocketDNSMode Property (SecureBlackbox_JAdESVerifier Class)
Selects the DNS resolver to use: the class's (secure) built-in one, or the one provided by the system.
Object Oriented Interface
public function getSocketDNSMode(); public function setSocketDNSMode($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 207 ); secureblackbox_jadesverifier_set($res, 207, $value );
Default Value
0
Remarks
Selects the DNS resolver to use: the component's (secure) built-in one, or the one provided by the system.
| dmAuto | 0 |
| dmPlatform | 1 |
| dmOwn | 2 |
| dmOwnSecure | 3 |
Data Type
Integer
SocketDNSPort Property (SecureBlackbox_JAdESVerifier Class)
Specifies the port number to be used for sending queries to the DNS server.
Object Oriented Interface
public function getSocketDNSPort(); public function setSocketDNSPort($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 208 ); secureblackbox_jadesverifier_set($res, 208, $value );
Default Value
0
Remarks
Specifies the port number to be used for sending queries to the DNS server.
Data Type
Integer
SocketDNSQueryTimeout Property (SecureBlackbox_JAdESVerifier Class)
The timeout (in milliseconds) for each DNS query.
Object Oriented Interface
public function getSocketDNSQueryTimeout(); public function setSocketDNSQueryTimeout($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 209 ); secureblackbox_jadesverifier_set($res, 209, $value );
Default Value
0
Remarks
The timeout (in milliseconds) for each DNS query. The value of 0 indicates an infinite timeout.
Data Type
Integer
SocketDNSServers Property (SecureBlackbox_JAdESVerifier Class)
The addresses of DNS servers to use for address resolution, separated by commas or semicolons.
Object Oriented Interface
public function getSocketDNSServers(); public function setSocketDNSServers($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 210 ); secureblackbox_jadesverifier_set($res, 210, $value );
Default Value
''
Remarks
The addresses of DNS servers to use for address resolution, separated by commas or semicolons.
Data Type
String
SocketDNSTotalTimeout Property (SecureBlackbox_JAdESVerifier Class)
The timeout (in milliseconds) for the whole resolution process.
Object Oriented Interface
public function getSocketDNSTotalTimeout(); public function setSocketDNSTotalTimeout($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 211 ); secureblackbox_jadesverifier_set($res, 211, $value );
Default Value
0
Remarks
The timeout (in milliseconds) for the whole resolution process. The value of 0 indicates an infinite timeout.
Data Type
Integer
SocketIncomingSpeedLimit Property (SecureBlackbox_JAdESVerifier Class)
The maximum number of bytes to read from the socket, per second.
Object Oriented Interface
public function getSocketIncomingSpeedLimit(); public function setSocketIncomingSpeedLimit($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 212 ); secureblackbox_jadesverifier_set($res, 212, $value );
Default Value
0
Remarks
The maximum number of bytes to read from the socket, per second.
Data Type
Integer
SocketLocalAddress Property (SecureBlackbox_JAdESVerifier Class)
The local network interface to bind the socket to.
Object Oriented Interface
public function getSocketLocalAddress(); public function setSocketLocalAddress($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 213 ); secureblackbox_jadesverifier_set($res, 213, $value );
Default Value
''
Remarks
The local network interface to bind the socket to.
Data Type
String
SocketLocalPort Property (SecureBlackbox_JAdESVerifier Class)
The local port number to bind the socket to.
Object Oriented Interface
public function getSocketLocalPort(); public function setSocketLocalPort($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 214 ); secureblackbox_jadesverifier_set($res, 214, $value );
Default Value
0
Remarks
The local port number to bind the socket to.
Data Type
Integer
SocketOutgoingSpeedLimit Property (SecureBlackbox_JAdESVerifier Class)
The maximum number of bytes to write to the socket, per second.
Object Oriented Interface
public function getSocketOutgoingSpeedLimit(); public function setSocketOutgoingSpeedLimit($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 215 ); secureblackbox_jadesverifier_set($res, 215, $value );
Default Value
0
Remarks
The maximum number of bytes to write to the socket, per second.
Data Type
Integer
SocketTimeout Property (SecureBlackbox_JAdESVerifier Class)
The maximum period of waiting, in milliseconds, after which the socket operation is considered unsuccessful.
Object Oriented Interface
public function getSocketTimeout(); public function setSocketTimeout($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 216 ); secureblackbox_jadesverifier_set($res, 216, $value );
Default Value
60000
Remarks
The maximum period of waiting, in milliseconds, after which the socket operation is considered unsuccessful.
If Timeout is set to 0, a socket operation will expire after the system-default timeout (2 hrs 8 min for TCP stack).
Data Type
Integer
SocketUseIPv6 Property (SecureBlackbox_JAdESVerifier Class)
Enables or disables IP protocol version 6.
Object Oriented Interface
public function getSocketUseIPv6(); public function setSocketUseIPv6($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 217 ); secureblackbox_jadesverifier_set($res, 217, $value );
Default Value
false
Remarks
Enables or disables IP protocol version 6.
Data Type
Boolean
TimestampCount Property (SecureBlackbox_JAdESVerifier Class)
The number of records in the Timestamp arrays.
Object Oriented Interface
public function getTimestampCount();
Procedural Interface
secureblackbox_jadesverifier_get($res, 218 );
Default Value
0
Remarks
This property controls the size of the following arrays:
- TimestampAccuracy
- TimestampBytes
- TimestampCertificateIndex
- TimestampChainValidationDetails
- TimestampChainValidationResult
- TimestampHashAlgorithm
- TimestampSerialNumber
- TimestampSignatureIndex
- TimestampTime
- TimestampTimestampType
- TimestampTSAName
- TimestampValidationLog
- TimestampValidationResult
This property is read-only and not available at design time.
Data Type
Integer
TimestampAccuracy Property (SecureBlackbox_JAdESVerifier Class)
This property indicates the accuracy of the included time mark, in microseconds.
Object Oriented Interface
public function getTimestampAccuracy($timestampindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 219 , $timestampindex);
Default Value
0
Remarks
This field indicates the accuracy of the included time mark, in microseconds.
The $timestampindex parameter specifies the index of the item in the array. The size of the array is controlled by the TimestampCount property.
This property is read-only and not available at design time.
Data Type
Long64
TimestampBytes Property (SecureBlackbox_JAdESVerifier Class)
Returns the raw timestamp data in DER format.
Object Oriented Interface
public function getTimestampBytes($timestampindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 220 , $timestampindex);
Remarks
Returns the raw timestamp data in DER format.
The $timestampindex parameter specifies the index of the item in the array. The size of the array is controlled by the TimestampCount property.
This property is read-only and not available at design time.
Data Type
Byte Array
TimestampCertificateIndex Property (SecureBlackbox_JAdESVerifier Class)
Returns the index of the TSA certificate in the Certificates collection.
Object Oriented Interface
public function getTimestampCertificateIndex($timestampindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 221 , $timestampindex);
Default Value
-1
Remarks
Returns the index of the TSA certificate in the Certificates collection.
Use this property to look up the TSA certificate in the Certificates collection.
The $timestampindex parameter specifies the index of the item in the array. The size of the array is controlled by the TimestampCount property.
This property is read-only and not available at design time.
Data Type
Integer
TimestampChainValidationDetails Property (SecureBlackbox_JAdESVerifier Class)
The details of a certificate chain validation outcome.
Object Oriented Interface
public function getTimestampChainValidationDetails($timestampindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 222 , $timestampindex);
Default Value
0
Remarks
The details of a certificate chain validation outcome. They may often suggest the reasons that contributed to the overall validation result.
Returns a bit mask of the following options:
| cvrBadData | 0x0001 | One or more certificates in the validation path are malformed |
| cvrRevoked | 0x0002 | One or more certificates are revoked |
| cvrNotYetValid | 0x0004 | One or more certificates are not yet valid |
| cvrExpired | 0x0008 | One or more certificates are expired |
| cvrInvalidSignature | 0x0010 | A certificate contains a non-valid digital signature |
| cvrUnknownCA | 0x0020 | A CA certificate for one or more certificates has not been found (chain incomplete) |
| cvrCAUnauthorized | 0x0040 | One of the CA certificates are not authorized to act as CA |
| cvrCRLNotVerified | 0x0080 | One or more CRLs could not be verified |
| cvrOCSPNotVerified | 0x0100 | One or more OCSP responses could not be verified |
| cvrIdentityMismatch | 0x0200 | The identity protected by the certificate (a TLS endpoint or an e-mail addressee) does not match what is recorded in the certificate |
| cvrNoKeyUsage | 0x0400 | A mandatory key usage is not enabled in one of the chain certificates |
| cvrBlocked | 0x0800 | One or more certificates are blocked |
| cvrFailure | 0x1000 | General validation failure |
| cvrChainLoop | 0x2000 | Chain loop: one of the CA certificates recursively signs itself |
| cvrWeakAlgorithm | 0x4000 | A weak algorithm is used in one of certificates or revocation elements |
| cvrUserEnforced | 0x8000 | The chain was considered invalid following intervention from a user code |
The $timestampindex parameter specifies the index of the item in the array. The size of the array is controlled by the TimestampCount property.
This property is read-only and not available at design time.
Data Type
Integer
TimestampChainValidationResult Property (SecureBlackbox_JAdESVerifier Class)
The outcome of a certificate chain validation routine.
Object Oriented Interface
public function getTimestampChainValidationResult($timestampindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 223 , $timestampindex);
Default Value
0
Remarks
The outcome of a certificate chain validation routine.
Available options:
| cvtValid | 0 | The chain is valid |
| cvtValidButUntrusted | 1 | The chain is valid, but the root certificate is not trusted |
| cvtInvalid | 2 | The chain is not valid (some of certificates are revoked, expired, or contain an invalid signature) |
| cvtCantBeEstablished | 3 | The validity of the chain cannot be established because of missing or unavailable validation information (certificates, CRLs, or OCSP responses) |
Use the ValidationLog property to access the detailed validation log.
The $timestampindex parameter specifies the index of the item in the array. The size of the array is controlled by the TimestampCount property.
This property is read-only and not available at design time.
Data Type
Integer
TimestampHashAlgorithm Property (SecureBlackbox_JAdESVerifier Class)
Returns the timestamp's hash algorithm.
Object Oriented Interface
public function getTimestampHashAlgorithm($timestampindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 224 , $timestampindex);
Default Value
''
Remarks
Returns the timestamp's hash algorithm.
| SB_HASH_ALGORITHM_SHA1 | SHA1 | |
| SB_HASH_ALGORITHM_SHA224 | SHA224 | |
| SB_HASH_ALGORITHM_SHA256 | SHA256 | |
| SB_HASH_ALGORITHM_SHA384 | SHA384 | |
| SB_HASH_ALGORITHM_SHA512 | SHA512 | |
| SB_HASH_ALGORITHM_MD2 | MD2 | |
| SB_HASH_ALGORITHM_MD4 | MD4 | |
| SB_HASH_ALGORITHM_MD5 | MD5 | |
| SB_HASH_ALGORITHM_RIPEMD160 | RIPEMD160 | |
| SB_HASH_ALGORITHM_CRC32 | CRC32 | |
| SB_HASH_ALGORITHM_SSL3 | SSL3 | |
| SB_HASH_ALGORITHM_GOST_R3411_1994 | GOST1994 | |
| SB_HASH_ALGORITHM_WHIRLPOOL | WHIRLPOOL | |
| SB_HASH_ALGORITHM_POLY1305 | POLY1305 | |
| SB_HASH_ALGORITHM_SHA3_224 | SHA3_224 | |
| SB_HASH_ALGORITHM_SHA3_256 | SHA3_256 | |
| SB_HASH_ALGORITHM_SHA3_384 | SHA3_384 | |
| SB_HASH_ALGORITHM_SHA3_512 | SHA3_512 | |
| SB_HASH_ALGORITHM_BLAKE2S_128 | BLAKE2S_128 | |
| SB_HASH_ALGORITHM_BLAKE2S_160 | BLAKE2S_160 | |
| SB_HASH_ALGORITHM_BLAKE2S_224 | BLAKE2S_224 | |
| SB_HASH_ALGORITHM_BLAKE2S_256 | BLAKE2S_256 | |
| SB_HASH_ALGORITHM_BLAKE2B_160 | BLAKE2B_160 | |
| SB_HASH_ALGORITHM_BLAKE2B_256 | BLAKE2B_256 | |
| SB_HASH_ALGORITHM_BLAKE2B_384 | BLAKE2B_384 | |
| SB_HASH_ALGORITHM_BLAKE2B_512 | BLAKE2B_512 | |
| SB_HASH_ALGORITHM_SHAKE_128 | SHAKE_128 | |
| SB_HASH_ALGORITHM_SHAKE_256 | SHAKE_256 | |
| SB_HASH_ALGORITHM_SHAKE_128_LEN | SHAKE_128_LEN | |
| SB_HASH_ALGORITHM_SHAKE_256_LEN | SHAKE_256_LEN |
The $timestampindex parameter specifies the index of the item in the array. The size of the array is controlled by the TimestampCount property.
This property is read-only and not available at design time.
Data Type
String
TimestampSerialNumber Property (SecureBlackbox_JAdESVerifier Class)
Returns the timestamp's serial number.
Object Oriented Interface
public function getTimestampSerialNumber($timestampindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 225 , $timestampindex);
Remarks
Returns the timestamp's serial number.
The $timestampindex parameter specifies the index of the item in the array. The size of the array is controlled by the TimestampCount property.
This property is read-only and not available at design time.
Data Type
Byte Array
TimestampSignatureIndex Property (SecureBlackbox_JAdESVerifier Class)
Returns the index of the owner signature, if applicable.
Object Oriented Interface
public function getTimestampSignatureIndex($timestampindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 226 , $timestampindex);
Default Value
-1
Remarks
Returns the index of the owner signature, if applicable.
Use this property to establish the index of the associated signature object in the signature collection.
The $timestampindex parameter specifies the index of the item in the array. The size of the array is controlled by the TimestampCount property.
This property is read-only and not available at design time.
Data Type
Integer
TimestampTime Property (SecureBlackbox_JAdESVerifier Class)
The time point incorporated into the timestamp.
Object Oriented Interface
public function getTimestampTime($timestampindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 227 , $timestampindex);
Default Value
''
Remarks
The time point incorporated into the timestamp.
The $timestampindex parameter specifies the index of the item in the array. The size of the array is controlled by the TimestampCount property.
This property is read-only and not available at design time.
Data Type
String
TimestampTimestampType Property (SecureBlackbox_JAdESVerifier Class)
Returns the type of the timestamp.
Object Oriented Interface
public function getTimestampTimestampType($timestampindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 228 , $timestampindex);
Default Value
0
Remarks
Returns the type of the timestamp.
Available options:
| tstUnknown | 0 | |
| tstLegacy | 1 | Supported by: Authenticode components |
| tstTrusted | 2 | Supported by: Authenticode components |
| tstGeneric | 3 | Supported by: CAdES components |
| tstESC | 4 | Supported by: CAdES components |
| tstContent | 5 | Supported by: CAdES components |
| tstCertsAndCRLs | 6 | Supported by: CAdES components |
| tstArchive | 7 | Archive timestamp. Supported by: ASiC, CAdES, JAdES, Office, SOAP, XAdES components |
| tstArchive2 | 8 | Archive v2 timestamp. Supported by: ASiC, CAdES components |
| tstArchive3 | 9 | Archive v3 timestamp. Supported by: ASiC, CAdES components |
| tstIndividualDataObjects | 10 | Individual data objects timetamp. Supported by: ASiC, Office, SOAP, XAdES components |
| tstAllDataObjects | 11 | All data objects timestamp. Supported by: ASiC, Office, SOAP, XAdES components |
| tstSignature | 12 | Signature timestamp. Supported by: ASiC, JAdES, Office, SOAP, XAdES components |
| tstRefsOnly | 13 | RefsOnly timestamp. Supported by: ASiC, JAdES, Office, SOAP, XAdES components |
| tstSigAndRefs | 14 | SigAndRefs timestamp. Supported by: ASiC, JAdES, Office, SOAP, XAdES components |
| tstSignedData | 15 | SignedData timestamp. Supported by: JAdES components |
| tstArchive141 | 16 | Archive timestamp v1.4.1. Supported by: ASiC, Office, SOAP, XAdES components |
Not all of the above timestamp types can be supported by a specific signature technology used (CAdES, PDF, XAdES).
The $timestampindex parameter specifies the index of the item in the array. The size of the array is controlled by the TimestampCount property.
This property is read-only and not available at design time.
Data Type
Integer
TimestampTSAName Property (SecureBlackbox_JAdESVerifier Class)
This value uniquely identifies the Timestamp Authority (TSA).
Object Oriented Interface
public function getTimestampTSAName($timestampindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 229 , $timestampindex);
Default Value
''
Remarks
This value uniquely identifies the Timestamp Authority (TSA).
This property provides information about the entity that manages the TSA.
The $timestampindex parameter specifies the index of the item in the array. The size of the array is controlled by the TimestampCount property.
This property is read-only and not available at design time.
Data Type
String
TimestampValidationLog Property (SecureBlackbox_JAdESVerifier Class)
Contains the TSA certificate chain validation log.
Object Oriented Interface
public function getTimestampValidationLog($timestampindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 230 , $timestampindex);
Default Value
''
Remarks
Contains the TSA certificate chain validation log. This information is extremely useful if the timestamp validation fails.
The $timestampindex parameter specifies the index of the item in the array. The size of the array is controlled by the TimestampCount property.
This property is read-only and not available at design time.
Data Type
String
TimestampValidationResult Property (SecureBlackbox_JAdESVerifier Class)
Contains the timestamp validation outcome.
Object Oriented Interface
public function getTimestampValidationResult($timestampindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 231 , $timestampindex);
Default Value
0
Remarks
Contains the timestamp validation outcome.
Use this property to check the result of the most recent timestamp validation.
| svtValid | 0 | The signature is valid |
| svtUnknown | 1 | Signature validity is unknown |
| svtCorrupted | 2 | The signature is corrupted |
| svtSignerNotFound | 3 | Failed to acquire the signing certificate. The signature cannot be validated. |
| svtFailure | 4 | General failure |
The $timestampindex parameter specifies the index of the item in the array. The size of the array is controlled by the TimestampCount property.
This property is read-only and not available at design time.
Data Type
Integer
TLSClientCertCount Property (SecureBlackbox_JAdESVerifier Class)
The number of records in the TLSClientCert arrays.
Object Oriented Interface
public function getTLSClientCertCount(); public function setTLSClientCertCount($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 232 ); secureblackbox_jadesverifier_set($res, 232, $value );
Default Value
0
Remarks
This property controls the size of the following arrays:
The array indices start at 0 and end at TLSClientCertCount - 1.This property is not available at design time.
Data Type
Integer
TLSClientCertBytes Property (SecureBlackbox_JAdESVerifier Class)
Returns the raw certificate data in DER format.
Object Oriented Interface
public function getTLSClientCertBytes($tlsclientcertindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 233 , $tlsclientcertindex);
Remarks
Returns the raw certificate data in DER format.
The $tlsclientcertindex parameter specifies the index of the item in the array. The size of the array is controlled by the TLSClientCertCount property.
This property is read-only and not available at design time.
Data Type
Byte Array
TLSClientCertHandle Property (SecureBlackbox_JAdESVerifier Class)
Allows to get or set a 'handle', a unique identifier of the underlying property object.
Object Oriented Interface
public function getTLSClientCertHandle($tlsclientcertindex); public function setTLSClientCertHandle($tlsclientcertindex, $value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 240 , $tlsclientcertindex); secureblackbox_jadesverifier_set($res, 240, $value , $tlsclientcertindex);
Default Value
0
Remarks
Allows to get or set a 'handle', a unique identifier of the underlying property object. Use this property to assign objects of the same type in a quicker manner, without copying them fieldwise.
When you pass a handle of one object to another, the source object is copied to the destination rather than assigned. It is safe to get rid of the original object
after such operation.
pdfSigner.setSigningCertHandle(certMgr.getCertHandle());
The $tlsclientcertindex parameter specifies the index of the item in the array. The size of the array is controlled by the TLSClientCertCount property.
This property is not available at design time.
Data Type
Long64
TLSServerCertCount Property (SecureBlackbox_JAdESVerifier Class)
The number of records in the TLSServerCert arrays.
Object Oriented Interface
public function getTLSServerCertCount();
Procedural Interface
secureblackbox_jadesverifier_get($res, 267 );
Default Value
0
Remarks
This property controls the size of the following arrays:
The array indices start at 0 and end at TLSServerCertCount - 1.This property is read-only and not available at design time.
Data Type
Integer
TLSServerCertBytes Property (SecureBlackbox_JAdESVerifier Class)
Returns the raw certificate data in DER format.
Object Oriented Interface
public function getTLSServerCertBytes($tlsservercertindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 268 , $tlsservercertindex);
Remarks
Returns the raw certificate data in DER format.
The $tlsservercertindex parameter specifies the index of the item in the array. The size of the array is controlled by the TLSServerCertCount property.
This property is read-only and not available at design time.
Data Type
Byte Array
TLSServerCertHandle Property (SecureBlackbox_JAdESVerifier Class)
Allows to get or set a 'handle', a unique identifier of the underlying property object.
Object Oriented Interface
public function getTLSServerCertHandle($tlsservercertindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 275 , $tlsservercertindex);
Default Value
0
Remarks
Allows to get or set a 'handle', a unique identifier of the underlying property object. Use this property to assign objects of the same type in a quicker manner, without copying them fieldwise.
When you pass a handle of one object to another, the source object is copied to the destination rather than assigned. It is safe to get rid of the original object
after such operation.
pdfSigner.setSigningCertHandle(certMgr.getCertHandle());
The $tlsservercertindex parameter specifies the index of the item in the array. The size of the array is controlled by the TLSServerCertCount property.
This property is read-only and not available at design time.
Data Type
Long64
TLSAutoValidateCertificates Property (SecureBlackbox_JAdESVerifier Class)
Specifies whether server-side TLS certificates should be validated automatically using internal validation rules.
Object Oriented Interface
public function getTLSAutoValidateCertificates(); public function setTLSAutoValidateCertificates($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 302 ); secureblackbox_jadesverifier_set($res, 302, $value );
Default Value
true
Remarks
Specifies whether server-side TLS certificates should be validated automatically using internal validation rules.
Data Type
Boolean
TLSBaseConfiguration Property (SecureBlackbox_JAdESVerifier Class)
Selects the base configuration for the TLS settings.
Object Oriented Interface
public function getTLSBaseConfiguration(); public function setTLSBaseConfiguration($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 303 ); secureblackbox_jadesverifier_set($res, 303, $value );
Default Value
0
Remarks
Selects the base configuration for the TLS settings. Several profiles are offered and tuned up for different purposes, such as high security or higher compatibility.
| stpcDefault | 0 | |
| stpcCompatible | 1 | |
| stpcComprehensiveInsecure | 2 | |
| stpcHighlySecure | 3 |
Data Type
Integer
TLSCiphersuites Property (SecureBlackbox_JAdESVerifier Class)
A list of ciphersuites separated with commas or semicolons.
Object Oriented Interface
public function getTLSCiphersuites(); public function setTLSCiphersuites($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 304 ); secureblackbox_jadesverifier_set($res, 304, $value );
Default Value
''
Remarks
A list of ciphersuites separated with commas or semicolons. Each ciphersuite in the list may be prefixed with a minus sign (-) to indicate that the ciphersuite should be disabled rather than enabled. Besides the specific ciphersuite modifiers, this property supports the all (and -all) aliases, allowing all ciphersuites to be blanketly enabled or disabled at once.
Note: the list of ciphersuites provided to this property alters the baseline list of ciphersuites as defined by TLSBaseConfiguration. Remember to start your ciphersuite string with -all; if you need to only enable a specific fixed set of ciphersuites. The list of supported ciphersuites is provided below:
- NULL_NULL_NULL
- RSA_NULL_MD5
- RSA_NULL_SHA
- RSA_RC4_MD5
- RSA_RC4_SHA
- RSA_RC2_MD5
- RSA_IDEA_MD5
- RSA_IDEA_SHA
- RSA_DES_MD5
- RSA_DES_SHA
- RSA_3DES_MD5
- RSA_3DES_SHA
- RSA_AES128_SHA
- RSA_AES256_SHA
- DH_DSS_DES_SHA
- DH_DSS_3DES_SHA
- DH_DSS_AES128_SHA
- DH_DSS_AES256_SHA
- DH_RSA_DES_SHA
- DH_RSA_3DES_SHA
- DH_RSA_AES128_SHA
- DH_RSA_AES256_SHA
- DHE_DSS_DES_SHA
- DHE_DSS_3DES_SHA
- DHE_DSS_AES128_SHA
- DHE_DSS_AES256_SHA
- DHE_RSA_DES_SHA
- DHE_RSA_3DES_SHA
- DHE_RSA_AES128_SHA
- DHE_RSA_AES256_SHA
- DH_ANON_RC4_MD5
- DH_ANON_DES_SHA
- DH_ANON_3DES_SHA
- DH_ANON_AES128_SHA
- DH_ANON_AES256_SHA
- RSA_RC2_MD5_EXPORT
- RSA_RC4_MD5_EXPORT
- RSA_DES_SHA_EXPORT
- DH_DSS_DES_SHA_EXPORT
- DH_RSA_DES_SHA_EXPORT
- DHE_DSS_DES_SHA_EXPORT
- DHE_RSA_DES_SHA_EXPORT
- DH_ANON_RC4_MD5_EXPORT
- DH_ANON_DES_SHA_EXPORT
- RSA_CAMELLIA128_SHA
- DH_DSS_CAMELLIA128_SHA
- DH_RSA_CAMELLIA128_SHA
- DHE_DSS_CAMELLIA128_SHA
- DHE_RSA_CAMELLIA128_SHA
- DH_ANON_CAMELLIA128_SHA
- RSA_CAMELLIA256_SHA
- DH_DSS_CAMELLIA256_SHA
- DH_RSA_CAMELLIA256_SHA
- DHE_DSS_CAMELLIA256_SHA
- DHE_RSA_CAMELLIA256_SHA
- DH_ANON_CAMELLIA256_SHA
- PSK_RC4_SHA
- PSK_3DES_SHA
- PSK_AES128_SHA
- PSK_AES256_SHA
- DHE_PSK_RC4_SHA
- DHE_PSK_3DES_SHA
- DHE_PSK_AES128_SHA
- DHE_PSK_AES256_SHA
- RSA_PSK_RC4_SHA
- RSA_PSK_3DES_SHA
- RSA_PSK_AES128_SHA
- RSA_PSK_AES256_SHA
- RSA_SEED_SHA
- DH_DSS_SEED_SHA
- DH_RSA_SEED_SHA
- DHE_DSS_SEED_SHA
- DHE_RSA_SEED_SHA
- DH_ANON_SEED_SHA
- SRP_SHA_3DES_SHA
- SRP_SHA_RSA_3DES_SHA
- SRP_SHA_DSS_3DES_SHA
- SRP_SHA_AES128_SHA
- SRP_SHA_RSA_AES128_SHA
- SRP_SHA_DSS_AES128_SHA
- SRP_SHA_AES256_SHA
- SRP_SHA_RSA_AES256_SHA
- SRP_SHA_DSS_AES256_SHA
- ECDH_ECDSA_NULL_SHA
- ECDH_ECDSA_RC4_SHA
- ECDH_ECDSA_3DES_SHA
- ECDH_ECDSA_AES128_SHA
- ECDH_ECDSA_AES256_SHA
- ECDHE_ECDSA_NULL_SHA
- ECDHE_ECDSA_RC4_SHA
- ECDHE_ECDSA_3DES_SHA
- ECDHE_ECDSA_AES128_SHA
- ECDHE_ECDSA_AES256_SHA
- ECDH_RSA_NULL_SHA
- ECDH_RSA_RC4_SHA
- ECDH_RSA_3DES_SHA
- ECDH_RSA_AES128_SHA
- ECDH_RSA_AES256_SHA
- ECDHE_RSA_NULL_SHA
- ECDHE_RSA_RC4_SHA
- ECDHE_RSA_3DES_SHA
- ECDHE_RSA_AES128_SHA
- ECDHE_RSA_AES256_SHA
- ECDH_ANON_NULL_SHA
- ECDH_ANON_RC4_SHA
- ECDH_ANON_3DES_SHA
- ECDH_ANON_AES128_SHA
- ECDH_ANON_AES256_SHA
- RSA_NULL_SHA256
- RSA_AES128_SHA256
- RSA_AES256_SHA256
- DH_DSS_AES128_SHA256
- DH_RSA_AES128_SHA256
- DHE_DSS_AES128_SHA256
- DHE_RSA_AES128_SHA256
- DH_DSS_AES256_SHA256
- DH_RSA_AES256_SHA256
- DHE_DSS_AES256_SHA256
- DHE_RSA_AES256_SHA256
- DH_ANON_AES128_SHA256
- DH_ANON_AES256_SHA256
- RSA_AES128_GCM_SHA256
- RSA_AES256_GCM_SHA384
- DHE_RSA_AES128_GCM_SHA256
- DHE_RSA_AES256_GCM_SHA384
- DH_RSA_AES128_GCM_SHA256
- DH_RSA_AES256_GCM_SHA384
- DHE_DSS_AES128_GCM_SHA256
- DHE_DSS_AES256_GCM_SHA384
- DH_DSS_AES128_GCM_SHA256
- DH_DSS_AES256_GCM_SHA384
- DH_ANON_AES128_GCM_SHA256
- DH_ANON_AES256_GCM_SHA384
- ECDHE_ECDSA_AES128_SHA256
- ECDHE_ECDSA_AES256_SHA384
- ECDH_ECDSA_AES128_SHA256
- ECDH_ECDSA_AES256_SHA384
- ECDHE_RSA_AES128_SHA256
- ECDHE_RSA_AES256_SHA384
- ECDH_RSA_AES128_SHA256
- ECDH_RSA_AES256_SHA384
- ECDHE_ECDSA_AES128_GCM_SHA256
- ECDHE_ECDSA_AES256_GCM_SHA384
- ECDH_ECDSA_AES128_GCM_SHA256
- ECDH_ECDSA_AES256_GCM_SHA384
- ECDHE_RSA_AES128_GCM_SHA256
- ECDHE_RSA_AES256_GCM_SHA384
- ECDH_RSA_AES128_GCM_SHA256
- ECDH_RSA_AES256_GCM_SHA384
- PSK_AES128_GCM_SHA256
- PSK_AES256_GCM_SHA384
- DHE_PSK_AES128_GCM_SHA256
- DHE_PSK_AES256_GCM_SHA384
- RSA_PSK_AES128_GCM_SHA256
- RSA_PSK_AES256_GCM_SHA384
- PSK_AES128_SHA256
- PSK_AES256_SHA384
- PSK_NULL_SHA256
- PSK_NULL_SHA384
- DHE_PSK_AES128_SHA256
- DHE_PSK_AES256_SHA384
- DHE_PSK_NULL_SHA256
- DHE_PSK_NULL_SHA384
- RSA_PSK_AES128_SHA256
- RSA_PSK_AES256_SHA384
- RSA_PSK_NULL_SHA256
- RSA_PSK_NULL_SHA384
- RSA_CAMELLIA128_SHA256
- DH_DSS_CAMELLIA128_SHA256
- DH_RSA_CAMELLIA128_SHA256
- DHE_DSS_CAMELLIA128_SHA256
- DHE_RSA_CAMELLIA128_SHA256
- DH_ANON_CAMELLIA128_SHA256
- RSA_CAMELLIA256_SHA256
- DH_DSS_CAMELLIA256_SHA256
- DH_RSA_CAMELLIA256_SHA256
- DHE_DSS_CAMELLIA256_SHA256
- DHE_RSA_CAMELLIA256_SHA256
- DH_ANON_CAMELLIA256_SHA256
- ECDHE_ECDSA_CAMELLIA128_SHA256
- ECDHE_ECDSA_CAMELLIA256_SHA384
- ECDH_ECDSA_CAMELLIA128_SHA256
- ECDH_ECDSA_CAMELLIA256_SHA384
- ECDHE_RSA_CAMELLIA128_SHA256
- ECDHE_RSA_CAMELLIA256_SHA384
- ECDH_RSA_CAMELLIA128_SHA256
- ECDH_RSA_CAMELLIA256_SHA384
- RSA_CAMELLIA128_GCM_SHA256
- RSA_CAMELLIA256_GCM_SHA384
- DHE_RSA_CAMELLIA128_GCM_SHA256
- DHE_RSA_CAMELLIA256_GCM_SHA384
- DH_RSA_CAMELLIA128_GCM_SHA256
- DH_RSA_CAMELLIA256_GCM_SHA384
- DHE_DSS_CAMELLIA128_GCM_SHA256
- DHE_DSS_CAMELLIA256_GCM_SHA384
- DH_DSS_CAMELLIA128_GCM_SHA256
- DH_DSS_CAMELLIA256_GCM_SHA384
- DH_anon_CAMELLIA128_GCM_SHA256
- DH_anon_CAMELLIA256_GCM_SHA384
- ECDHE_ECDSA_CAMELLIA128_GCM_SHA256
- ECDHE_ECDSA_CAMELLIA256_GCM_SHA384
- ECDH_ECDSA_CAMELLIA128_GCM_SHA256
- ECDH_ECDSA_CAMELLIA256_GCM_SHA384
- ECDHE_RSA_CAMELLIA128_GCM_SHA256
- ECDHE_RSA_CAMELLIA256_GCM_SHA384
- ECDH_RSA_CAMELLIA128_GCM_SHA256
- ECDH_RSA_CAMELLIA256_GCM_SHA384
- PSK_CAMELLIA128_GCM_SHA256
- PSK_CAMELLIA256_GCM_SHA384
- DHE_PSK_CAMELLIA128_GCM_SHA256
- DHE_PSK_CAMELLIA256_GCM_SHA384
- RSA_PSK_CAMELLIA128_GCM_SHA256
- RSA_PSK_CAMELLIA256_GCM_SHA384
- PSK_CAMELLIA128_SHA256
- PSK_CAMELLIA256_SHA384
- DHE_PSK_CAMELLIA128_SHA256
- DHE_PSK_CAMELLIA256_SHA384
- RSA_PSK_CAMELLIA128_SHA256
- RSA_PSK_CAMELLIA256_SHA384
- ECDHE_PSK_CAMELLIA128_SHA256
- ECDHE_PSK_CAMELLIA256_SHA384
- ECDHE_PSK_RC4_SHA
- ECDHE_PSK_3DES_SHA
- ECDHE_PSK_AES128_SHA
- ECDHE_PSK_AES256_SHA
- ECDHE_PSK_AES128_SHA256
- ECDHE_PSK_AES256_SHA384
- ECDHE_PSK_NULL_SHA
- ECDHE_PSK_NULL_SHA256
- ECDHE_PSK_NULL_SHA384
- ECDHE_RSA_CHACHA20_POLY1305_SHA256
- ECDHE_ECDSA_CHACHA20_POLY1305_SHA256
- DHE_RSA_CHACHA20_POLY1305_SHA256
- PSK_CHACHA20_POLY1305_SHA256
- ECDHE_PSK_CHACHA20_POLY1305_SHA256
- DHE_PSK_CHACHA20_POLY1305_SHA256
- RSA_PSK_CHACHA20_POLY1305_SHA256
- AES128_GCM_SHA256
- AES256_GCM_SHA384
- CHACHA20_POLY1305_SHA256
- AES128_CCM_SHA256
- AES128_CCM8_SHA256
Data Type
String
TLSECCurves Property (SecureBlackbox_JAdESVerifier Class)
Defines the elliptic curves to enable.
Object Oriented Interface
public function getTLSECCurves(); public function setTLSECCurves($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 305 ); secureblackbox_jadesverifier_set($res, 305, $value );
Default Value
''
Remarks
Defines the elliptic curves to enable.
Data Type
String
TLSExtensions Property (SecureBlackbox_JAdESVerifier Class)
Provides access to TLS extensions.
Object Oriented Interface
public function getTLSExtensions(); public function setTLSExtensions($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 306 ); secureblackbox_jadesverifier_set($res, 306, $value );
Default Value
''
Remarks
Provides access to TLS extensions.
Data Type
String
TLSForceResumeIfDestinationChanges Property (SecureBlackbox_JAdESVerifier Class)
Whether to force TLS session resumption when the destination address changes.
Object Oriented Interface
public function getTLSForceResumeIfDestinationChanges(); public function setTLSForceResumeIfDestinationChanges($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 307 ); secureblackbox_jadesverifier_set($res, 307, $value );
Default Value
false
Remarks
Whether to force TLS session resumption when the destination address changes.
Data Type
Boolean
TLSPreSharedIdentity Property (SecureBlackbox_JAdESVerifier Class)
Defines the identity used when the PSK (Pre-Shared Key) key-exchange mechanism is negotiated.
Object Oriented Interface
public function getTLSPreSharedIdentity(); public function setTLSPreSharedIdentity($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 308 ); secureblackbox_jadesverifier_set($res, 308, $value );
Default Value
''
Remarks
Defines the identity used when the PSK (Pre-Shared Key) key-exchange mechanism is negotiated.
This property is not available at design time.
Data Type
String
TLSPreSharedKey Property (SecureBlackbox_JAdESVerifier Class)
Contains the pre-shared key for the PSK (Pre-Shared Key) key-exchange mechanism, encoded with base16.
Object Oriented Interface
public function getTLSPreSharedKey(); public function setTLSPreSharedKey($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 309 ); secureblackbox_jadesverifier_set($res, 309, $value );
Default Value
''
Remarks
Contains the pre-shared key for the PSK (Pre-Shared Key) key-exchange mechanism, encoded with base16.
This property is not available at design time.
Data Type
String
TLSPreSharedKeyCiphersuite Property (SecureBlackbox_JAdESVerifier Class)
Defines the ciphersuite used for PSK (Pre-Shared Key) negotiation.
Object Oriented Interface
public function getTLSPreSharedKeyCiphersuite(); public function setTLSPreSharedKeyCiphersuite($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 310 ); secureblackbox_jadesverifier_set($res, 310, $value );
Default Value
''
Remarks
Defines the ciphersuite used for PSK (Pre-Shared Key) negotiation.
Data Type
String
TLSRenegotiationAttackPreventionMode Property (SecureBlackbox_JAdESVerifier Class)
Selects the renegotiation attack prevention mechanism.
Object Oriented Interface
public function getTLSRenegotiationAttackPreventionMode(); public function setTLSRenegotiationAttackPreventionMode($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 311 ); secureblackbox_jadesverifier_set($res, 311, $value );
Default Value
0
Remarks
Selects the renegotiation attack prevention mechanism.
The following options are available:
| crapmCompatible | 0 | TLS 1.0 and 1.1 compatibility mode (renegotiation indication extension is disabled). |
| crapmStrict | 1 | Renegotiation attack prevention is enabled and enforced. |
| crapmAuto | 2 | Automatically choose whether to enable or disable renegotiation attack prevention. |
Data Type
Integer
TLSRevocationCheck Property (SecureBlackbox_JAdESVerifier Class)
Specifies the kind(s) of revocation check to perform.
Object Oriented Interface
public function getTLSRevocationCheck(); public function setTLSRevocationCheck($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 312 ); secureblackbox_jadesverifier_set($res, 312, $value );
Default Value
1
Remarks
Specifies the kind(s) of revocation check to perform.
Revocation checking is necessary to ensure the integrity of the chain and obtain up-to-date certificate validity and trustworthiness information.
| crcNone | 0 | No revocation checking. |
| crcAuto | 1 | Automatic mode selection. Currently this maps to crcAnyOCSPOrCRL, but it may change in the future. |
| crcAllCRL | 2 | All provided CRL endpoints will be checked, and all checks must succeed. |
| crcAllOCSP | 3 | All provided OCSP endpoints will be checked, and all checks must succeed. |
| crcAllCRLAndOCSP | 4 | All provided CRL and OCSP endpoints will be checked, and all checks must succeed. |
| crcAnyCRL | 5 | All provided CRL endpoints will be checked, and at least one check must succeed. |
| crcAnyOCSP | 6 | All provided OCSP endpoints will be checked, and at least one check must succeed. |
| crcAnyCRLOrOCSP | 7 | All provided CRL and OCSP endpoints will be checked, and at least one check must succeed. CRL endpoints are checked first. |
| crcAnyOCSPOrCRL | 8 | All provided CRL and OCSP endpoints will be checked, and at least one check must succeed. OCSP endpoints are checked first. |
This setting controls the way the revocation checks are performed for every certificate in the chain. Typically certificates come with two types of revocation information sources: CRL (certificate revocation lists) and OCSP responders. CRLs are static objects periodically published by the CA at some online location. OCSP responders are active online services maintained by the CA that can provide up-to-date information on certificate statuses in near real time.
There are some conceptual differences between the two. CRLs are normally larger in size. Their use involves some latency because there is normally some delay between the time when a certificate was revoked and the time the subsequent CRL mentioning that is published. The benefits of CRL is that the same object can provide statuses for all certificates issued by a particular CA, and that the whole technology is much simpler than OCSP (and thus is supported by more CAs).
This setting lets you adjust the validation course by including or excluding certain types of revocation sources from the validation process. The crcAnyOCSPOrCRL setting (give preference to the faster OCSP route and only demand one source to succeed) is a good choice for most typical validation environments. The "crcAll*" modes are much stricter, and may be used in scenarios where bulletproof validity information is essential.
Note: If no CRL or OCSP endpoints are provided by the CA, the revocation check will be considered successful. This is because the CA chose not to supply revocation information for its certificates, meaning they are considered irrevocable.
Note: Within each of the above settings, if any retrieved CRL or OCSP response indicates that the certificate has been revoked, the revocation check fails.
This property is not available at design time.
Data Type
Integer
TLSSSLOptions Property (SecureBlackbox_JAdESVerifier Class)
Various SSL (TLS) protocol options, set of cssloExpectShutdownMessage 0x001 Wait for the close-notify message when shutting down the connection cssloOpenSSLDTLSWorkaround 0x002 (DEPRECATED) Use a DTLS version workaround when talking to very old OpenSSL versions cssloDisableKexLengthAlignment 0x004 Do not align the client-side PMS by the RSA modulus size.
Object Oriented Interface
public function getTLSSSLOptions(); public function setTLSSSLOptions($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 313 ); secureblackbox_jadesverifier_set($res, 313, $value );
Default Value
16
Remarks
Various SSL (TLS) protocol options, set of
| cssloExpectShutdownMessage | 0x001 | Wait for the close-notify message when shutting down the connection |
| cssloOpenSSLDTLSWorkaround | 0x002 | (DEPRECATED) Use a DTLS version workaround when talking to very old OpenSSL versions |
| cssloDisableKexLengthAlignment | 0x004 | Do not align the client-side PMS by the RSA modulus size. It is unlikely that you will ever need to adjust it. |
| cssloForceUseOfClientCertHashAlg | 0x008 | Enforce the use of the client certificate hash algorithm. It is unlikely that you will ever need to adjust it. |
| cssloAutoAddServerNameExtension | 0x010 | Automatically add the server name extension when known |
| cssloAcceptTrustedSRPPrimesOnly | 0x020 | Accept trusted SRP primes only |
| cssloDisableSignatureAlgorithmsExtension | 0x040 | Disable (do not send) the signature algorithms extension. It is unlikely that you will ever need to adjust it. |
| cssloIntolerateHigherProtocolVersions | 0x080 | (server option) Do not allow fallback from TLS versions higher than currently enabled |
| cssloStickToPrefCertHashAlg | 0x100 | Stick to preferred certificate hash algorithms |
| cssloNoImplicitTLS12Fallback | 0x200 | Disable implicit TLS 1.3 to 1.2 fallbacks |
| cssloUseHandshakeBatches | 0x400 | Send the handshake message as large batches rather than individually |
Data Type
Integer
TLSTLSMode Property (SecureBlackbox_JAdESVerifier Class)
Specifies the TLS mode to use.
Object Oriented Interface
public function getTLSTLSMode(); public function setTLSTLSMode($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 314 ); secureblackbox_jadesverifier_set($res, 314, $value );
Default Value
0
Remarks
Specifies the TLS mode to use.
| smDefault | 0 | |
| smNoTLS | 1 | Do not use TLS |
| smExplicitTLS | 2 | Connect to the server without any encryption and then request an SSL session. |
| smImplicitTLS | 3 | Connect to the specified port, and establish the SSL session at once. |
| smMixedTLS | 4 | Connect to the specified port, and establish the SSL session at once, but allow plain data. |
Data Type
Integer
TLSUseExtendedMasterSecret Property (SecureBlackbox_JAdESVerifier Class)
Enables the Extended Master Secret Extension, as defined in RFC 7627.
Object Oriented Interface
public function getTLSUseExtendedMasterSecret(); public function setTLSUseExtendedMasterSecret($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 315 ); secureblackbox_jadesverifier_set($res, 315, $value );
Default Value
false
Remarks
Enables the Extended Master Secret Extension, as defined in RFC 7627.
Data Type
Boolean
TLSUseSessionResumption Property (SecureBlackbox_JAdESVerifier Class)
Enables or disables the TLS session resumption capability.
Object Oriented Interface
public function getTLSUseSessionResumption(); public function setTLSUseSessionResumption($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 316 ); secureblackbox_jadesverifier_set($res, 316, $value );
Default Value
false
Remarks
Enables or disables the TLS session resumption capability.
Data Type
Boolean
TLSVersions Property (SecureBlackbox_JAdESVerifier Class)
The SSL/TLS versions to enable by default.
Object Oriented Interface
public function getTLSVersions(); public function setTLSVersions($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 317 ); secureblackbox_jadesverifier_set($res, 317, $value );
Default Value
16
Remarks
The SSL/TLS versions to enable by default.
| csbSSL2 | 0x01 | SSL 2 |
| csbSSL3 | 0x02 | SSL 3 |
| csbTLS1 | 0x04 | TLS 1.0 |
| csbTLS11 | 0x08 | TLS 1.1 |
| csbTLS12 | 0x10 | TLS 1.2 |
| csbTLS13 | 0x20 | TLS 1.3 |
Data Type
Integer
TrustedCertCount Property (SecureBlackbox_JAdESVerifier Class)
The number of records in the TrustedCert arrays.
Object Oriented Interface
public function getTrustedCertCount(); public function setTrustedCertCount($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 318 ); secureblackbox_jadesverifier_set($res, 318, $value );
Default Value
0
Remarks
This property controls the size of the following arrays:
The array indices start at 0 and end at TrustedCertCount - 1.This property is not available at design time.
Data Type
Integer
TrustedCertBytes Property (SecureBlackbox_JAdESVerifier Class)
Returns the raw certificate data in DER format.
Object Oriented Interface
public function getTrustedCertBytes($trustedcertindex);
Procedural Interface
secureblackbox_jadesverifier_get($res, 319 , $trustedcertindex);
Remarks
Returns the raw certificate data in DER format.
The $trustedcertindex parameter specifies the index of the item in the array. The size of the array is controlled by the TrustedCertCount property.
This property is read-only and not available at design time.
Data Type
Byte Array
TrustedCertHandle Property (SecureBlackbox_JAdESVerifier Class)
Allows to get or set a 'handle', a unique identifier of the underlying property object.
Object Oriented Interface
public function getTrustedCertHandle($trustedcertindex); public function setTrustedCertHandle($trustedcertindex, $value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 326 , $trustedcertindex); secureblackbox_jadesverifier_set($res, 326, $value , $trustedcertindex);
Default Value
0
Remarks
Allows to get or set a 'handle', a unique identifier of the underlying property object. Use this property to assign objects of the same type in a quicker manner, without copying them fieldwise.
When you pass a handle of one object to another, the source object is copied to the destination rather than assigned. It is safe to get rid of the original object
after such operation.
pdfSigner.setSigningCertHandle(certMgr.getCertHandle());
The $trustedcertindex parameter specifies the index of the item in the array. The size of the array is controlled by the TrustedCertCount property.
This property is not available at design time.
Data Type
Long64
ValidationMoment Property (SecureBlackbox_JAdESVerifier Class)
The time point at which signature validity is to be established.
Object Oriented Interface
public function getValidationMoment(); public function setValidationMoment($value);
Procedural Interface
secureblackbox_jadesverifier_get($res, 353 ); secureblackbox_jadesverifier_set($res, 353, $value );
Default Value
''
Remarks
Use this property to specify the moment in time at which signature validity should be established. The time is in UTC. Leave the setting empty to stick to the default moment (either the signature creation time or the current time).
The validity of the same signature may differ depending on the time point chosen due to temporal changes in chain validities, revocation statuses, and timestamp times.
Data Type
String
Close Method (SecureBlackbox_JAdESVerifier Class)
Closes an opened JWS/JAdES signature.
Object Oriented Interface
public function doClose($savechanges);
Procedural Interface
secureblackbox_jadesverifier_do_close($res, $savechanges);
Remarks
Use this method to close a previously opened JWS/JAdES signature. Set SaveChanges to true to apply any changes made.
Config Method (SecureBlackbox_JAdESVerifier Class)
Sets or retrieves a configuration setting.
Object Oriented Interface
public function doConfig($configurationstring);
Procedural Interface
secureblackbox_jadesverifier_do_config($res, $configurationstring);
Remarks
Config is a generic method available in every class. It is used to set and retrieve configuration settings for the class.
These settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the class, access to these internal properties is provided through the Config method.
To set a configuration setting named PROPERTY, you must call Config("PROPERTY=VALUE"), where VALUE is the value of the setting expressed as a string. For boolean values, use the strings "True", "False", "0", "1", "Yes", or "No" (case does not matter).
To read (query) the value of a configuration setting, you must call Config("PROPERTY"). The value will be returned as a string.
DoAction Method (SecureBlackbox_JAdESVerifier Class)
Performs an additional action.
Object Oriented Interface
public function doDoAction($actionid, $actionparams);
Procedural Interface
secureblackbox_jadesverifier_do_doaction($res, $actionid, $actionparams);
Remarks
DoAction is a generic method available in every class. It is used to perform an additional action introduced after the product major release. The list of actions is not fixed, and may be flexibly extended over time.
The unique identifier (case insensitive) of the action is provided in the ActionID parameter.
ActionParams contains the value of a single parameter, or a list of multiple parameters for the action in the form of PARAM1=VALUE1;PARAM2=VALUE2;....
Open Method (SecureBlackbox_JAdESVerifier Class)
Opens a JSON for verifying or removing signatures.
Object Oriented Interface
public function doOpen();
Procedural Interface
secureblackbox_jadesverifier_do_open($res);
Remarks
Use this method to open a JSON for verifying or removing signatures. When finished, call Close to complete or discard the operation.
Revalidate Method (SecureBlackbox_JAdESVerifier Class)
Revalidates a signature in accordance with current settings.
Object Oriented Interface
public function doRevalidate($sigindex);
Procedural Interface
secureblackbox_jadesverifier_do_revalidate($res, $sigindex);
Remarks
Use this method to re-validate a signature in the opened JWS/JAdES signature.
Unsign Method (SecureBlackbox_JAdESVerifier Class)
Deletes a signature from the JWS/JAdES signature.
Object Oriented Interface
public function doUnsign($sigindex);
Procedural Interface
secureblackbox_jadesverifier_do_unsign($res, $sigindex);
Remarks
Use this method to delete an existing signature from the JWS/JAdES signature. Use SigIndex parameter to specify the signature to be removed.
Verify Method (SecureBlackbox_JAdESVerifier Class)
Verifies the JWS/JAdES signature.
Object Oriented Interface
public function doVerify();
Procedural Interface
secureblackbox_jadesverifier_do_verify($res);
Remarks
Use this method to verify the JWS/JAdES signature.
ChainElementDownload Event (SecureBlackbox_JAdESVerifier Class)
Fires when there is a need to download a chain element from an online source.
Object Oriented Interface
public function fireChainElementDownload($param);
Procedural Interface
secureblackbox_jadesverifier_register_callback($res, 1, array($this, 'fireChainElementDownload'));
Parameter List
'kind'
'certrdn'
'cacertrdn'
'location'
'action'
Remarks
Subscribe to this event to be notified about validation element retrievals. Use the Action parameter to suppress the download if required.
| veaAuto | 0 | Handle the action automatically (the default behaviour) |
| veaContinue | 1 | Accept the request implied by the event (accept the certificate, allow the object retrieval) |
| veaReject | 2 | Reject the request implied by the event (reject the certificate, disallow the object retrieval) |
| veaAcceptNow | 3 | Accept the validated certificate immediately |
| veaAbortNow | 4 | Abort the validation, reject the certificate |
ChainElementNeeded Event (SecureBlackbox_JAdESVerifier Class)
Fires when an element required to validate the chain was not located.
Object Oriented Interface
public function fireChainElementNeeded($param);
Procedural Interface
secureblackbox_jadesverifier_register_callback($res, 2, array($this, 'fireChainElementNeeded'));
Parameter List
'kind'
'certrdn'
'cacertrdn'
Remarks
Subscribe to this event to be notified about missing validation elements. Use the KnownCRLs, KnownCertificates, and KnownOCSPs properties in the event handler to provide the missing piece.
ChainElementStore Event (SecureBlackbox_JAdESVerifier Class)
This event is fired when a chain element (certificate, CRL, or OCSP response) should be stored along with a signature.
Object Oriented Interface
public function fireChainElementStore($param);
Procedural Interface
secureblackbox_jadesverifier_register_callback($res, 3, array($this, 'fireChainElementStore'));
Parameter List
'kind'
'body'
'uri'
Remarks
This event could occur if you are verifying XAdES-C form or higher. The Body parameter contains the element in binary form that should be stored along with a signature. Use the URI parameter to provide an URI of the stored element.
ChainValidated Event (SecureBlackbox_JAdESVerifier Class)
Reports the completion of a certificate chain validation.
Object Oriented Interface
public function fireChainValidated($param);
Procedural Interface
secureblackbox_jadesverifier_register_callback($res, 4, array($this, 'fireChainValidated'));
Parameter List
'index'
'subjectrdn'
'validationresult'
'validationdetails'
Remarks
This event is fired when a certificate chain validation routine completes. SubjectRDN identifies the owner of the validated certificate.
ValidationResult set to 0 (zero) indicates successful chain validation.
| cvtValid | 0 | The chain is valid |
| cvtValidButUntrusted | 1 | The chain is valid, but the root certificate is not trusted |
| cvtInvalid | 2 | The chain is not valid (some of certificates are revoked, expired, or contain an invalid signature) |
| cvtCantBeEstablished | 3 | The validity of the chain cannot be established because of missing or unavailable validation information (certificates, CRLs, or OCSP responses) |
| cvrBadData | 0x0001 | One or more certificates in the validation path are malformed |
| cvrRevoked | 0x0002 | One or more certificates are revoked |
| cvrNotYetValid | 0x0004 | One or more certificates are not yet valid |
| cvrExpired | 0x0008 | One or more certificates are expired |
| cvrInvalidSignature | 0x0010 | A certificate contains a non-valid digital signature |
| cvrUnknownCA | 0x0020 | A CA certificate for one or more certificates has not been found (chain incomplete) |
| cvrCAUnauthorized | 0x0040 | One of the CA certificates are not authorized to act as CA |
| cvrCRLNotVerified | 0x0080 | One or more CRLs could not be verified |
| cvrOCSPNotVerified | 0x0100 | One or more OCSP responses could not be verified |
| cvrIdentityMismatch | 0x0200 | The identity protected by the certificate (a TLS endpoint or an e-mail addressee) does not match what is recorded in the certificate |
| cvrNoKeyUsage | 0x0400 | A mandatory key usage is not enabled in one of the chain certificates |
| cvrBlocked | 0x0800 | One or more certificates are blocked |
| cvrFailure | 0x1000 | General validation failure |
| cvrChainLoop | 0x2000 | Chain loop: one of the CA certificates recursively signs itself |
| cvrWeakAlgorithm | 0x4000 | A weak algorithm is used in one of certificates or revocation elements |
| cvrUserEnforced | 0x8000 | The chain was considered invalid following intervention from a user code |
ChainValidationProgress Event (SecureBlackbox_JAdESVerifier Class)
This event is fired multiple times during chain validation to report various stages of the validation procedure.
Object Oriented Interface
public function fireChainValidationProgress($param);
Procedural Interface
secureblackbox_jadesverifier_register_callback($res, 5, array($this, 'fireChainValidationProgress'));
Parameter List
'eventkind'
'certrdn'
'cacertrdn'
'action'
Remarks
Subscribe to this event to be notified about chain validation progress. Use the Action parameter to alter the validation flow.
The EventKind parameter reports the nature of the event being reported. The CertRDN and CACertRDN parameters report the distinguished names of the certificates that are relevant for the event invocation (one or both can be empty, depending on EventKind). Use the Action parameter to adjust the validation flow.
| veaAuto | 0 | Handle the action automatically (the default behaviour) |
| veaContinue | 1 | Accept the request implied by the event (accept the certificate, allow the object retrieval) |
| veaReject | 2 | Reject the request implied by the event (reject the certificate, disallow the object retrieval) |
| veaAcceptNow | 3 | Accept the validated certificate immediately |
| veaAbortNow | 4 | Abort the validation, reject the certificate |
Error Event (SecureBlackbox_JAdESVerifier Class)
Information about errors during signing.
Object Oriented Interface
public function fireError($param);
Procedural Interface
secureblackbox_jadesverifier_register_callback($res, 6, array($this, 'fireError'));
Parameter List
'errorcode'
'description'
Remarks
This event is fired in case of exceptional conditions during the JSON processing.
ErrorCode contains an error code and Description contains a textual description of the error.
HTTPHeaderFieldNeeded Event (SecureBlackbox_JAdESVerifier Class)
This event is fired when HTTP header field value is required.
Object Oriented Interface
public function fireHTTPHeaderFieldNeeded($param);
Procedural Interface
secureblackbox_jadesverifier_register_callback($res, 7, array($this, 'fireHTTPHeaderFieldNeeded'));
Parameter List
'fieldname'
'fieldvalues'
Remarks
This event is triggered when the type of signed data is HttpHeaders mechanism (jasdtHttpHeaders). It indicates that a HTTP header field value is needed.
For "(request target)" field name value return request method and target URI seperated by space character. For example: "GET https://nsoftware.com/sbb/"
Loaded Event (SecureBlackbox_JAdESVerifier Class)
This event is fired when the JSON has been loaded into memory.
Object Oriented Interface
public function fireLoaded($param);
Procedural Interface
secureblackbox_jadesverifier_register_callback($res, 8, array($this, 'fireLoaded'));
Parameter List
'cancel'
Remarks
The handler for this event is a good place to check JWS/JAdES signature properties, which may be useful when preparing the signature.
Set Cancel to true to terminate JSON processing on this stage.
Notification Event (SecureBlackbox_JAdESVerifier Class)
This event notifies the application about an underlying control flow event.
Object Oriented Interface
public function fireNotification($param);
Procedural Interface
secureblackbox_jadesverifier_register_callback($res, 9, array($this, 'fireNotification'));
Parameter List
'eventid'
'eventparam'
Remarks
The class fires this event to let the application know about some event, occurrence, or milestone in the class. For example, it may fire to report completion of the document processing. The list of events being reported is not fixed, and may be flexibly extended over time.
The unique identifier of the event is provided in the EventID parameter. EventParam contains any parameters accompanying the occurrence. Depending on the type of the class, the exact action it is performing, or the document being processed, one or both may be omitted.
This class can fire this event with the following EventID values:
| Loaded | Reports the completion of signature processing by the component. Use the event handler to access signature-related information. The EventParam value passed with this EventID is empty. |
| PayloadExtracted | Reports the completion of payload extraction by the component if ExtractPayload property is enabled. Use the event handler to access payload. The EventParam value passed with this EventID is empty. |
ObjectNeeded Event (SecureBlackbox_JAdESVerifier Class)
This event is fired when object is required.
Object Oriented Interface
public function fireObjectNeeded($param);
Procedural Interface
secureblackbox_jadesverifier_register_callback($res, 10, array($this, 'fireObjectNeeded'));
Parameter List
'uri'
'contenttype'
'base64'
Remarks
This event is triggered when the type of signed data is ObjectIdByURI mechanism (jasdtObjectIdByURI). It is fired to request the data to be signed/verified.
The event handler must pass object data to the component via DataFile or DataStream or DataBytes or DataString property.
ObjectValidate Event (SecureBlackbox_JAdESVerifier Class)
This event is fired when object should be verified by user.
Object Oriented Interface
public function fireObjectValidate($param);
Procedural Interface
secureblackbox_jadesverifier_register_callback($res, 11, array($this, 'fireObjectValidate'));
Parameter List
'uri'
'contenttype'
'hashalgorithm'
'hash'
'base64'
'valid'
Remarks
This event is triggered when the type of signed data is ObjectIdByURIHash mechanism (jasdtObjectIdByURIHash). It is fired to validate the detached object.
The event handler must pass the object validity to the component via Valid parameter.
SignatureFound Event (SecureBlackbox_JAdESVerifier Class)
Signifies the start of signature validation.
Object Oriented Interface
public function fireSignatureFound($param);
Procedural Interface
secureblackbox_jadesverifier_register_callback($res, 12, array($this, 'fireSignatureFound'));
Parameter List
'index'
'issuerrdn'
'serialnumber'
'subjectkeyid'
'certfound'
'validatesignature'
'validatechain'
Remarks
This event tells the application that signature validation is about to start, and provides the details about the signer's certificate via its IssuerRDN, SerialNumber, and SubjectKeyID parameters. It fires for every signature located in the verified document or message.
The CertFound parameter is set to True if the class has found the needed certificate in one of the known locations, and to False otherwise, in which case you must provide it manually via the KnownCertificates property.
Signature validation consists of two independent stages: cryptographic signature validation and chain validation. Separate validation results are reported for each, with the and properties respectively.
Use the ValidateSignature and ValidateChain parameters to tell the verifier which stages to include in the validation.
SignatureValidated Event (SecureBlackbox_JAdESVerifier Class)
Marks the completion of the signature validation routine.
Object Oriented Interface
public function fireSignatureValidated($param);
Procedural Interface
secureblackbox_jadesverifier_register_callback($res, 13, array($this, 'fireSignatureValidated'));
Parameter List
'index'
'issuerrdn'
'serialnumber'
'subjectkeyid'
'validationresult'
Remarks
This event is fired upon the completion of the signature validation routine, and reports the respective validation result.
Use the IssuerRDN, SerialNumber, and/or SubjectKeyID parameters to identify the signing certificate.
ValidationResult is set to 0 if the validation has been successful, or to a non-zero value in case of a validation failure.
| svtValid | 0 | The signature is valid |
| svtUnknown | 1 | Signature validity is unknown |
| svtCorrupted | 2 | The signature is corrupted |
| svtSignerNotFound | 3 | Failed to acquire the signing certificate. The signature cannot be validated. |
| svtFailure | 4 | General failure |
TimestampFound Event (SecureBlackbox_JAdESVerifier Class)
Signifies the start of a timestamp validation routine.
Object Oriented Interface
public function fireTimestampFound($param);
Procedural Interface
secureblackbox_jadesverifier_register_callback($res, 14, array($this, 'fireTimestampFound'));
Parameter List
'index'
'issuerrdn'
'serialnumber'
'subjectkeyid'
'certfound'
'validatetimestamp'
'validatechain'
Remarks
This event fires for every timestamp identified during signature processing, and reports the details about the signer's certificate via its IssuerRDN, SerialNumber, and SubjectKeyID parameters.
The CertFound parameter is set to True if the class has found the needed certificate in one of the known locations, and to False otherwise, in which case you must provide it manually via the KnownCertificates property.
Just like with signature validation, timestamp validation consists of two independent stages: cryptographic signature validation and chain validation. Separate validation results are reported for each, with the and properties respectively.
Use the ValidateSignature and ValidateChain parameters to tell the verifier which stages to include in the validation.
TimestampValidated Event (SecureBlackbox_JAdESVerifier Class)
Reports the completion of the timestamp validation routine.
Object Oriented Interface
public function fireTimestampValidated($param);
Procedural Interface
secureblackbox_jadesverifier_register_callback($res, 15, array($this, 'fireTimestampValidated'));
Parameter List
'index'
'issuerrdn'
'serialnumber'
'subjectkeyid'
'time'
'validationresult'
'chainvalidationresult'
'chainvalidationdetails'
Remarks
This event is fired upon the completion of the timestamp validation routine, and reports the respective validation result.
ValidationResult is set to 0 if the validation has been successful, or to a non-zero value in case of a failure.
| svtValid | 0 | The signature is valid |
| svtUnknown | 1 | Signature validity is unknown |
| svtCorrupted | 2 | The signature is corrupted |
| svtSignerNotFound | 3 | Failed to acquire the signing certificate. The signature cannot be validated. |
| svtFailure | 4 | General failure |
TLSCertNeeded Event (SecureBlackbox_JAdESVerifier Class)
Fires when a remote TLS party requests a client certificate.
Object Oriented Interface
public function fireTLSCertNeeded($param);
Procedural Interface
secureblackbox_jadesverifier_register_callback($res, 16, array($this, 'fireTLSCertNeeded'));
Parameter List
'host'
'canames'
Remarks
This event fires to notify the implementation that a remote TLS server has requested a client certificate. The Host parameter identifies the host that makes a request, and the CANames parameter (optional, according to the TLS spec) advises on the accepted issuing CAs.
Use the TLSClientChain property in response to this event to provide the requested certificate. Please make sure the client certificate includes the associated private key. Note that you may set the certificates before the connection without waiting for this event to fire.
This event is preceded by the TLSHandshake event for the given host and, if the certificate was accepted, succeeded by the TLSEstablished event.
TLSCertValidate Event (SecureBlackbox_JAdESVerifier Class)
This event is fired upon receipt of the TLS server's certificate, allowing the user to control its acceptance.
Object Oriented Interface
public function fireTLSCertValidate($param);
Procedural Interface
secureblackbox_jadesverifier_register_callback($res, 17, array($this, 'fireTLSCertValidate'));
Parameter List
'serverhost'
'serverip'
'accept'
Remarks
This event is fired during a TLS handshake. Use the TLSServerChain property to access the certificate chain. In general, classes may contact a number of TLS endpoints during their work, depending on their configuration.
Accept is assigned in accordance with the outcome of the internal validation check performed by the class, and can be adjusted if needed.
TLSEstablished Event (SecureBlackbox_JAdESVerifier Class)
Fires when a TLS handshake with Host successfully completes.
Object Oriented Interface
public function fireTLSEstablished($param);
Procedural Interface
secureblackbox_jadesverifier_register_callback($res, 18, array($this, 'fireTLSEstablished'));
Parameter List
'host'
'version'
'ciphersuite'
'connectionid'
'abort'
Remarks
The class uses this event to notify the application about a successful completion of a TLS handshake.
The Version, Ciphersuite, and ConnectionId parameters indicate the security parameters of the new connection. Use the Abort parameter if you need to terminate the connection at this stage.
TLSHandshake Event (SecureBlackbox_JAdESVerifier Class)
Fires when a new TLS handshake is initiated, before the handshake commences.
Object Oriented Interface
public function fireTLSHandshake($param);
Procedural Interface
secureblackbox_jadesverifier_register_callback($res, 19, array($this, 'fireTLSHandshake'));
Parameter List
'host'
'abort'
Remarks
The class uses this event to notify the application about the start of a new TLS handshake to Host. If the handshake is successful, this event will be followed by the TLSEstablished event. If the server chooses to request a client certificate, the TLSCertNeeded event will also be fired.
TLSShutdown Event (SecureBlackbox_JAdESVerifier Class)
Reports the graceful closure of a TLS connection.
Object Oriented Interface
public function fireTLSShutdown($param);
Procedural Interface
secureblackbox_jadesverifier_register_callback($res, 20, array($this, 'fireTLSShutdown'));
Parameter List
'host'
Remarks
This event notifies the application about the closure of an earlier established TLS connection. Note that only graceful connection closures are reported.
Config Settings (JAdESVerifier Class)
The class accepts one or more of the following configuration settings. Configuration settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the class, access to these internal properties is provided through the Config method.JAdESVerifier Config Settings
The certificate URL is the "x5u" (X.509 URL) Header Parameter that refers to a resource for the X.509 public key certificate or certificate chain corresponding to the key used to digitally sign the JWS or JAdES.
If the value is set to "true", the JWS payload will be represented as a Base64-URL-encoded string.
If the value is "false", the JWS payload will be represented without any encoding.
The default value of this property is "true".
If IgnoreSystemTrust is True, certificates residing in the trusted root store are treated as if they are known, rather than trusted. Only certificates provided via other means (such as the TrustedCertificates property) are considered trusted.
Key ID is a hint indicating which key was used to secure the JWS or JAdES.
Sample value: '{"addressCountry": "UK", "addressLocality": "London", "postalCode": "N1 7GU", "streetAddress": "20-22 Wenlock Road"}'
- CA, revocation source, TLS key usage requirements are not mandated
- Violation of OCSP issuer requirements are ignored
- The AuthorityKeyID extension in CRL- and certificate-issuing CAs are ignored (helps with incorrectly renewed certificates)
- Basic constraints and name constraints of CA certificates are ignored
- Some weaker algorithms are tolerated
Base Config Settings
You can switch this property off to improve performance if your project only uses known, good private keys.
Supported values are:
| off | No caching (default) | |
| local | Local caching | |
| global | Global caching |
This setting only applies to sessions negotiated with TLS version 1.3.
Supported values are:
| file | File | |
| console | Console | |
| systemlog | System Log (supported for Android only) | |
| debugger | Debugger (supported for VCL for Windows and .Net) |
Supported values are:
| time | Current time | |
| level | Level | |
| package | Package name | |
| module | Module name | |
| class | Class name | |
| method | Method name | |
| threadid | Thread Id | |
| contenttype | Content type | |
| content | Content | |
| all | All details |
Supported filter names are:
| exclude-package | Exclude a package specified in the value | |
| exclude-module | Exclude a module specified in the value | |
| exclude-class | Exclude a class specified in the value | |
| exclude-method | Exclude a method specified in the value | |
| include-package | Include a package specified in the value | |
| include-module | Include a module specified in the value | |
| include-class | Include a class specified in the value | |
| include-method | Include a method specified in the value |
| none | No flush (caching only) | |
| immediate | Immediate flush (real-time logging) | |
| maxcount | Flush cached entries upon reaching LogMaxEventCount entries in the cache. |
Supported values are:
| none | None (by default) | |
| fatal | Severe errors that cause premature termination. | |
| error | Other runtime errors or unexpected conditions. | |
| warning | Use of deprecated APIs, poor use of API, 'almost' errors, other runtime situations that are undesirable or unexpected, but not necessarily "wrong". | |
| info | Interesting runtime events (startup/shutdown). | |
| debug | Detailed information on flow of through the system. | |
| trace | More detailed information. |
The default value of this setting is 100.
| none | No rotation | |
| deleteolder | Delete older entries from the cache upon reaching LogMaxEventCount | |
| keepolder | Keep older entries in the cache upon reaching LogMaxEventCount (newer entries are discarded) |
Supported values are:
| none | No static DNS rules (default) | |
| local | Local static DNS rules | |
| global | Global static DNS rules |
This setting only applies to certificates originating from a Windows system store.
Trappable Errors (JAdESVerifier Class)
JAdESVerifier Errors
| 1048577 Invalid parameter value (SB_ERROR_INVALID_PARAMETER) | |
| 1048578 Class is configured incorrectly (SB_ERROR_INVALID_SETUP) | |
| 1048579 Operation cannot be executed in the current state (SB_ERROR_INVALID_STATE) | |
| 1048580 Attempt to set an invalid value to a property (SB_ERROR_INVALID_VALUE) | |
| 1048581 Certificate does not have its private key loaded (SB_ERROR_NO_PRIVATE_KEY) | |
| 1048581 Cancelled by the user (SB_ERROR_CANCELLED_BY_USER) | |
| 53477377 Input file does not exist (SB_ERROR_JADES_INPUTFILE_NOT_EXISTS) |