MessageVerifier Class

Properties   Methods   Events   Config Settings   Errors  

The MessageVerifier class verifies digital signatures of data stored in the PKCS#7 format.

Syntax

class secureblackbox.MessageVerifier

Remarks

PKCS#7 (Public Key Cryptography Standard #7) is a common format used to store encrypted and signed data. It is used by a variety of protocols, including S/MIME and CMS.

Property List

---

The following is the full list of the properties of the class with short descriptions. Click on the links for further details.

Method List

---

The following is the full list of the methods of the class with short descriptions. Click on the links for further details.

Event List

---

The following is the full list of the events fired by the class with short descriptions. Click on the links for further details.

Config Settings

---

The following is a list of config settings for the class with short descriptions. Click on the links for further details.

cert_count Property

The number of records in the Cert arrays.

Syntax

def get_cert_count() -> int: ...

cert_count = property(get_cert_count, None)

Default Value

0

Remarks

This property controls the size of the following arrays:

• cert_bytes
• cert_ca
• cert_ca_key_id
• cert_crl_distribution_points
• cert_curve
• cert_fingerprint
• cert_friendly_name
• cert_handle
• cert_hash_algorithm
• cert_issuer
• cert_issuer_rdn
• cert_key_algorithm
• cert_key_bits
• cert_key_fingerprint
• cert_key_usage
• cert_key_valid
• cert_ocsp_locations
• cert_policy_i_ds
• cert_public_key_bytes
• cert_self_signed
• cert_serial_number
• cert_sig_algorithm
• cert_subject
• cert_subject_key_id
• cert_subject_rdn
• cert_valid_from
• cert_valid_to

The array indices start at 0 and end at cert_count - 1.

This property is read-only.

cert_bytes Property

Returns raw certificate data in DER format.

Syntax

def get_cert_bytes(cert_index: int) -> bytes: ...

Remarks

Returns raw certificate data in DER format.

The cert_index parameter specifies the index of the item in the array. The size of the array is controlled by the cert_count property.

This property is read-only.

cert_ca Property

Indicates whether the certificate has a CA capability (a setting in BasicConstraints extension).

Syntax

def get_cert_ca(cert_index: int) -> bool: ...

Default Value

FALSE

Remarks

Indicates whether the certificate has a CA capability (a setting in BasicConstraints extension).

The cert_index parameter specifies the index of the item in the array. The size of the array is controlled by the cert_count property.

This property is read-only.

cert_ca_key_id Property

A unique identifier (fingerprint) of the CA certificate's private key.

Syntax

def get_cert_ca_key_id(cert_index: int) -> bytes: ...

Remarks

A unique identifier (fingerprint) of the CA certificate's private key.

Authority Key Identifier is a (non-critical) X.509 certificate extension which allows the identification of certificates produced by the same issuer, but with different public keys.

The cert_index parameter specifies the index of the item in the array. The size of the array is controlled by the cert_count property.

This property is read-only.

cert_crl_distribution_points Property

Locations of the CRL (Certificate Revocation List) distribution points used to check this certificate's validity.

Syntax

def get_cert_crl_distribution_points(cert_index: int) -> str: ...

Default Value

""

Remarks

Locations of the CRL (Certificate Revocation List) distribution points used to check this certificate's validity.

The cert_index parameter specifies the index of the item in the array. The size of the array is controlled by the cert_count property.

This property is read-only.

cert_curve Property

Specifies the elliptic curve of the EC public key.

Syntax

def get_cert_curve(cert_index: int) -> str: ...

Default Value

""

Remarks

Specifies the elliptic curve of the EC public key.

The cert_index parameter specifies the index of the item in the array. The size of the array is controlled by the cert_count property.

This property is read-only.

cert_fingerprint Property

Contains the fingerprint (a hash imprint) of this certificate.

Syntax

def get_cert_fingerprint(cert_index: int) -> bytes: ...

Remarks

Contains the fingerprint (a hash imprint) of this certificate.

The cert_index parameter specifies the index of the item in the array. The size of the array is controlled by the cert_count property.

This property is read-only.

cert_friendly_name Property

Contains an associated alias (friendly name) of the certificate.

Syntax

def get_cert_friendly_name(cert_index: int) -> str: ...

Default Value

""

Remarks

Contains an associated alias (friendly name) of the certificate.

The cert_index parameter specifies the index of the item in the array. The size of the array is controlled by the cert_count property.

This property is read-only.

cert_handle Property

Allows to get or set a 'handle', a unique identifier of the underlying property object.

Syntax

def get_cert_handle(cert_index: int) -> int: ...

Default Value

0

Remarks

Allows to get or set a 'handle', a unique identifier of the underlying property object. Use this property to assign objects of the same type in a quicker manner, without copying them fieldwise.

When you pass a handle of one object to another, the source object is copied to the destination rather than assigned. It is safe to get rid of the original object after such operation. pdfSigner.setSigningCertHandle(certMgr.getCertHandle());

The cert_index parameter specifies the index of the item in the array. The size of the array is controlled by the cert_count property.

This property is read-only.

cert_hash_algorithm Property

Specifies the hash algorithm to be used in the operations on the certificate (such as key signing) SB_HASH_ALGORITHM_SHA1 SHA1 SB_HASH_ALGORITHM_SHA224 SHA224 SB_HASH_ALGORITHM_SHA256 SHA256 SB_HASH_ALGORITHM_SHA384 SHA384 SB_HASH_ALGORITHM_SHA512 SHA512 SB_HASH_ALGORITHM_MD2 MD2 SB_HASH_ALGORITHM_MD4 MD4 SB_HASH_ALGORITHM_MD5 MD5 SB_HASH_ALGORITHM_RIPEMD160 RIPEMD160 SB_HASH_ALGORITHM_CRC32 CRC32 SB_HASH_ALGORITHM_SSL3 SSL3 SB_HASH_ALGORITHM_GOST_R3411_1994 GOST1994 SB_HASH_ALGORITHM_WHIRLPOOL WHIRLPOOL SB_HASH_ALGORITHM_POLY1305 POLY1305 SB_HASH_ALGORITHM_SHA3_224 SHA3_224 SB_HASH_ALGORITHM_SHA3_256 SHA3_256 SB_HASH_ALGORITHM_SHA3_384 SHA3_384 SB_HASH_ALGORITHM_SHA3_512 SHA3_512 SB_HASH_ALGORITHM_BLAKE2S_128 BLAKE2S_128 SB_HASH_ALGORITHM_BLAKE2S_160 BLAKE2S_160 SB_HASH_ALGORITHM_BLAKE2S_224 BLAKE2S_224 SB_HASH_ALGORITHM_BLAKE2S_256 BLAKE2S_256 SB_HASH_ALGORITHM_BLAKE2B_160 BLAKE2B_160 SB_HASH_ALGORITHM_BLAKE2B_256 BLAKE2B_256 SB_HASH_ALGORITHM_BLAKE2B_384 BLAKE2B_384 SB_HASH_ALGORITHM_BLAKE2B_512 BLAKE2B_512 SB_HASH_ALGORITHM_SHAKE_128 SHAKE_128 SB_HASH_ALGORITHM_SHAKE_256 SHAKE_256 SB_HASH_ALGORITHM_SHAKE_128_LEN SHAKE_128_LEN SB_HASH_ALGORITHM_SHAKE_256_LEN SHAKE_256_LEN .

Syntax

def get_cert_hash_algorithm(cert_index: int) -> str: ...

Default Value

""

Remarks

Specifies the hash algorithm to be used in the operations on the certificate (such as key signing)

The cert_index parameter specifies the index of the item in the array. The size of the array is controlled by the cert_count property.

This property is read-only.

cert_issuer Property

The common name of the certificate issuer (CA), typically a company name.

Syntax

def get_cert_issuer(cert_index: int) -> str: ...

Default Value

""

Remarks

The common name of the certificate issuer (CA), typically a company name.

The cert_index parameter specifies the index of the item in the array. The size of the array is controlled by the cert_count property.

This property is read-only.

cert_issuer_rdn Property

A collection of information, in the form of [OID, Value] pairs, uniquely identifying the certificate issuer.

Syntax

def get_cert_issuer_rdn(cert_index: int) -> str: ...

Default Value

""

Remarks

A collection of information, in the form of [OID, Value] pairs, uniquely identifying the certificate issuer.

The cert_index parameter specifies the index of the item in the array. The size of the array is controlled by the cert_count property.

This property is read-only.

cert_key_algorithm Property

Specifies the public key algorithm of this certificate.

Syntax

def get_cert_key_algorithm(cert_index: int) -> str: ...

Default Value

"0"

Remarks

Specifies the public key algorithm of this certificate.

The cert_index parameter specifies the index of the item in the array. The size of the array is controlled by the cert_count property.

This property is read-only.

cert_key_bits Property

Returns the length of the public key.

Syntax

def get_cert_key_bits(cert_index: int) -> int: ...

Default Value

0

Remarks

Returns the length of the public key.

The cert_index parameter specifies the index of the item in the array. The size of the array is controlled by the cert_count property.

This property is read-only.

cert_key_fingerprint Property

Returns a fingerprint of the public key contained in the certificate.

Syntax

def get_cert_key_fingerprint(cert_index: int) -> bytes: ...

Remarks

Returns a fingerprint of the public key contained in the certificate.

The cert_index parameter specifies the index of the item in the array. The size of the array is controlled by the cert_count property.

This property is read-only.

cert_key_usage Property

Indicates the purposes of the key contained in the certificate, in the form of an OR'ed flag set.

Syntax

def get_cert_key_usage(cert_index: int) -> int: ...

Default Value

0

Remarks

Indicates the purposes of the key contained in the certificate, in the form of an OR'ed flag set.

This value is a bit mask of the following values:

The cert_index parameter specifies the index of the item in the array. The size of the array is controlled by the cert_count property.

This property is read-only.

cert_key_valid Property

Returns True if the certificate's key is cryptographically valid, and False otherwise.

Syntax

def get_cert_key_valid(cert_index: int) -> bool: ...

Default Value

FALSE

Remarks

Returns True if the certificate's key is cryptographically valid, and False otherwise.

The cert_index parameter specifies the index of the item in the array. The size of the array is controlled by the cert_count property.

This property is read-only.

cert_ocsp_locations Property

Locations of OCSP (Online Certificate Status Protocol) services that can be used to check this certificate's validity, as recorded by the CA.

Syntax

def get_cert_ocsp_locations(cert_index: int) -> str: ...

Default Value

""

Remarks

Locations of OCSP (Online Certificate Status Protocol) services that can be used to check this certificate's validity, as recorded by the CA.

The cert_index parameter specifies the index of the item in the array. The size of the array is controlled by the cert_count property.

This property is read-only.

cert_policy_i_ds Property

Contains identifiers (OIDs) of the applicable certificate policies.

Syntax

def get_cert_policy_i_ds(cert_index: int) -> str: ...

Default Value

""

Remarks

Contains identifiers (OIDs) of the applicable certificate policies.

The Certificate Policies extension identifies a sequence of policies under which the certificate has been issued, and which regulate its usage.

The cert_index parameter specifies the index of the item in the array. The size of the array is controlled by the cert_count property.

This property is read-only.

cert_public_key_bytes Property

Contains the certificate's public key in DER format.

Syntax

def get_cert_public_key_bytes(cert_index: int) -> bytes: ...

Remarks

Contains the certificate's public key in DER format.

The cert_index parameter specifies the index of the item in the array. The size of the array is controlled by the cert_count property.

This property is read-only.

cert_self_signed Property

Indicates whether the certificate is self-signed (root) or signed by an external CA.

Syntax

def get_cert_self_signed(cert_index: int) -> bool: ...

Default Value

FALSE

Remarks

Indicates whether the certificate is self-signed (root) or signed by an external CA.

The cert_index parameter specifies the index of the item in the array. The size of the array is controlled by the cert_count property.

This property is read-only.

cert_serial_number Property

Returns the certificate's serial number.

Syntax

def get_cert_serial_number(cert_index: int) -> bytes: ...

Remarks

Returns the certificate's serial number.

The cert_index parameter specifies the index of the item in the array. The size of the array is controlled by the cert_count property.

This property is read-only.

cert_sig_algorithm Property

Indicates the algorithm that was used by the CA to sign this certificate.

Syntax

def get_cert_sig_algorithm(cert_index: int) -> str: ...

Default Value

""

Remarks

Indicates the algorithm that was used by the CA to sign this certificate.

The cert_index parameter specifies the index of the item in the array. The size of the array is controlled by the cert_count property.

This property is read-only.

cert_subject Property

The common name of the certificate holder, typically an individual's name, a URL, an e-mail address, or a company name.

Syntax

def get_cert_subject(cert_index: int) -> str: ...

Default Value

""

Remarks

The common name of the certificate holder, typically an individual's name, a URL, an e-mail address, or a company name.

The cert_index parameter specifies the index of the item in the array. The size of the array is controlled by the cert_count property.

This property is read-only.

cert_subject_key_id Property

Contains a unique identifier (fingerprint) of the certificate's private key.

Syntax

def get_cert_subject_key_id(cert_index: int) -> bytes: ...

Remarks

Contains a unique identifier (fingerprint) of the certificate's private key.

Subject Key Identifier is a (non-critical) X.509 certificate extension which allows the identification of certificates containing a particular public key. In SecureBlackbox, the unique identifier is represented with a SHA1 hash of the bit string of the subject public key.

The cert_index parameter specifies the index of the item in the array. The size of the array is controlled by the cert_count property.

This property is read-only.

cert_subject_rdn Property

A collection of information, in the form of [OID, Value] pairs, uniquely identifying the certificate holder (subject).

Syntax

def get_cert_subject_rdn(cert_index: int) -> str: ...

Default Value

""

Remarks

A collection of information, in the form of [OID, Value] pairs, uniquely identifying the certificate holder (subject).

The cert_index parameter specifies the index of the item in the array. The size of the array is controlled by the cert_count property.

This property is read-only.

cert_valid_from Property

The time point at which the certificate becomes valid, in UTC.

Syntax

def get_cert_valid_from(cert_index: int) -> str: ...

Default Value

""

Remarks

The time point at which the certificate becomes valid, in UTC.

The cert_index parameter specifies the index of the item in the array. The size of the array is controlled by the cert_count property.

This property is read-only.

cert_valid_to Property

The time point at which the certificate expires, in UTC.

Syntax

def get_cert_valid_to(cert_index: int) -> str: ...

Default Value

""

Remarks

The time point at which the certificate expires, in UTC.

The cert_index parameter specifies the index of the item in the array. The size of the array is controlled by the cert_count property.

This property is read-only.

claimed_signing_time Property

Returns a signature's claimed signing time.

Syntax

def get_claimed_signing_time() -> str: ...

claimed_signing_time = property(get_claimed_signing_time, None)

Default Value

""

Remarks

Use this property to get the signature creation time from the signer's computer. Note that the claimed time is not covered by the signature and may be forfeited or wrong. Use validated_signing_time to obtain the signing time figure verified by a trusted timestamping authority. The time is in UTC.

This property is read-only.

content_type Property

A content type property of the signed message.

Syntax

def get_content_type() -> str: ...

content_type = property(get_content_type, None)

Default Value

""

Remarks

Use this property to check the content type property of the processed signed message.

This property is read-only.

data_bytes Property

Use this property to pass the original signed data to class in the byte array form.

Syntax

def get_data_bytes() -> bytes: ...
def set_data_bytes(value: bytes) -> None: ...

data_bytes = property(get_data_bytes, set_data_bytes)

Remarks

When validating detached signatures, assign a byte array containing the signed data to this property.

data_file Property

The name of the file containing the original signed data.

Syntax

def get_data_file() -> str: ...
def set_data_file(value: str) -> None: ...

data_file = property(get_data_file, set_data_file)

Default Value

""

Remarks

Use this property to provide the original data when validating detached signatures with verify_detached.

fips_mode Property

Reserved.

Syntax

def get_fips_mode() -> bool: ...
def set_fips_mode(value: bool) -> None: ...

fips_mode = property(get_fips_mode, set_fips_mode)

Default Value

FALSE

Remarks

This property is reserved for future use.

hash_algorithm Property

Hash algorithm which was used to calculate the signature.

Syntax

def get_hash_algorithm() -> str: ...
def set_hash_algorithm(value: str) -> None: ...

hash_algorithm = property(get_hash_algorithm, set_hash_algorithm)

Default Value

""

Remarks

Check this property after calling verify or verify_detached to get the hash algorithm that was used to calculate the signature message digest.

input_bytes Property

Use this property to pass the input to class in the byte array form.

Syntax

def get_input_bytes() -> bytes: ...
def set_input_bytes(value: bytes) -> None: ...

input_bytes = property(get_input_bytes, set_input_bytes)

Remarks

Assign a byte array containing the data to be processed to this property.

input_file Property

Path to the file containing the signed message.

Syntax

def get_input_file() -> str: ...
def set_input_file(value: str) -> None: ...

input_file = property(get_input_file, set_input_file)

Default Value

""

Remarks

Use this property to provide a file containing the signed data, either enveloping or detached.

input_is_hash Property

Specifies whether the input source contains the hash of the data or the actual data.

Syntax

def get_input_is_hash() -> bool: ...
def set_input_is_hash(value: bool) -> None: ...

input_is_hash = property(get_input_is_hash, set_input_is_hash)

Default Value

FALSE

Remarks

Use this property to tell the component whether the input source contains the actual data or its hash.

known_cert_count Property

The number of records in the KnownCert arrays.

Syntax

def get_known_cert_count() -> int: ...
def set_known_cert_count(value: int) -> None: ...

known_cert_count = property(get_known_cert_count, set_known_cert_count)

Default Value

0

Remarks

This property controls the size of the following arrays:

• known_cert_bytes
• known_cert_handle

The array indices start at 0 and end at known_cert_count - 1.

known_cert_bytes Property

Returns raw certificate data in DER format.

Syntax

def get_known_cert_bytes(known_cert_index: int) -> bytes: ...

Remarks

Returns raw certificate data in DER format.

The known_cert_index parameter specifies the index of the item in the array. The size of the array is controlled by the known_cert_count property.

This property is read-only.

known_cert_handle Property

Allows to get or set a 'handle', a unique identifier of the underlying property object.

Syntax

def get_known_cert_handle(known_cert_index: int) -> int: ...
def set_known_cert_handle(known_cert_index: int, value: int) -> None: ...

Default Value

0

Remarks

Allows to get or set a 'handle', a unique identifier of the underlying property object. Use this property to assign objects of the same type in a quicker manner, without copying them fieldwise.

When you pass a handle of one object to another, the source object is copied to the destination rather than assigned. It is safe to get rid of the original object after such operation. pdfSigner.setSigningCertHandle(certMgr.getCertHandle());

The known_cert_index parameter specifies the index of the item in the array. The size of the array is controlled by the known_cert_count property.

mac_algorithm Property

Specifies the hash algorithm to be used.

Syntax

def get_mac_algorithm() -> str: ...

mac_algorithm = property(get_mac_algorithm, None)

Default Value

"SHA256"

Remarks

This property specifies the MAC algorithm that was used to calculate an authenticated signature.

This property is read-only.

output_bytes Property

Use this property to read the output the class object has produced.

Syntax

def get_output_bytes() -> bytes: ...

output_bytes = property(get_output_bytes, None)

Remarks

Read the contents of this property after the operation is completed to read the produced output. This property will only be set if output_file and output_stream properties had not been assigned.

This property is read-only.

output_file Property

Path to the file to save the extracted data to.

Syntax

def get_output_file() -> str: ...
def set_output_file(value: str) -> None: ...

output_file = property(get_output_file, set_output_file)

Default Value

""

Remarks

Use this property when validating enveloping signatures to specify the output file where the extracted message should be saved.

signature_type Property

The type of the processed signature.

Syntax

def get_signature_type() -> int: ...

signature_type = property(get_signature_type, None)

Default Value

0

Remarks

Use this property to check the result of the most recent signature validation.

This property is read-only.

signature_validation_result Property

The signature validation result.

Syntax

def get_signature_validation_result() -> int: ...

signature_validation_result = property(get_signature_validation_result, None)

Default Value

0

Remarks

Use this property to check the result of the most recent signature validation.

This property is read-only.

signed_attribute_count Property

The number of records in the SignedAttribute arrays.

Syntax

def get_signed_attribute_count() -> int: ...

signed_attribute_count = property(get_signed_attribute_count, None)

Default Value

0

Remarks

This property controls the size of the following arrays:

• signed_attribute_oid
• signed_attribute_value

The array indices start at 0 and end at signed_attribute_count - 1.

This property is read-only.

signed_attribute_oid Property

The object identifier of the attribute.

Syntax

def get_signed_attribute_oid(signed_attribute_index: int) -> str: ...

Default Value

""

Remarks

The object identifier of the attribute.

The signed_attribute_index parameter specifies the index of the item in the array. The size of the array is controlled by the signed_attribute_count property.

This property is read-only.

signed_attribute_value Property

The value of the attribute.

Syntax

def get_signed_attribute_value(signed_attribute_index: int) -> bytes: ...

Remarks

The value of the attribute.

The signed_attribute_index parameter specifies the index of the item in the array. The size of the array is controlled by the signed_attribute_count property.

This property is read-only.

signing_cert_bytes Property

Returns raw certificate data in DER format.

Syntax

def get_signing_cert_bytes() -> bytes: ...

signing_cert_bytes = property(get_signing_cert_bytes, None)

Remarks

Returns raw certificate data in DER format.

This property is read-only.

signing_cert_ca Property

Indicates whether the certificate has a CA capability (a setting in BasicConstraints extension).

Syntax

def get_signing_cert_ca() -> bool: ...

signing_cert_ca = property(get_signing_cert_ca, None)

Default Value

FALSE

Remarks

Indicates whether the certificate has a CA capability (a setting in BasicConstraints extension).

This property is read-only.

signing_cert_ca_key_id Property

A unique identifier (fingerprint) of the CA certificate's private key.

Syntax

def get_signing_cert_ca_key_id() -> bytes: ...

signing_cert_ca_key_id = property(get_signing_cert_ca_key_id, None)

Remarks

A unique identifier (fingerprint) of the CA certificate's private key.

Authority Key Identifier is a (non-critical) X.509 certificate extension which allows the identification of certificates produced by the same issuer, but with different public keys.

This property is read-only.

signing_cert_crl_distribution_points Property

Locations of the CRL (Certificate Revocation List) distribution points used to check this certificate's validity.

Syntax

def get_signing_cert_crl_distribution_points() -> str: ...

signing_cert_crl_distribution_points = property(get_signing_cert_crl_distribution_points, None)

Default Value

""

Remarks

Locations of the CRL (Certificate Revocation List) distribution points used to check this certificate's validity.

This property is read-only.

signing_cert_curve Property

Specifies the elliptic curve of the EC public key.

Syntax

def get_signing_cert_curve() -> str: ...

signing_cert_curve = property(get_signing_cert_curve, None)

Default Value

""

Remarks

Specifies the elliptic curve of the EC public key.

This property is read-only.

signing_cert_fingerprint Property

Contains the fingerprint (a hash imprint) of this certificate.

Syntax

def get_signing_cert_fingerprint() -> bytes: ...

signing_cert_fingerprint = property(get_signing_cert_fingerprint, None)

Remarks

Contains the fingerprint (a hash imprint) of this certificate.

This property is read-only.

signing_cert_friendly_name Property

Contains an associated alias (friendly name) of the certificate.

Syntax

def get_signing_cert_friendly_name() -> str: ...

signing_cert_friendly_name = property(get_signing_cert_friendly_name, None)

Default Value

""

Remarks

Contains an associated alias (friendly name) of the certificate.

This property is read-only.

signing_cert_handle Property

Allows to get or set a 'handle', a unique identifier of the underlying property object.

Syntax

def get_signing_cert_handle() -> int: ...

signing_cert_handle = property(get_signing_cert_handle, None)

Default Value

0

Remarks

Allows to get or set a 'handle', a unique identifier of the underlying property object. Use this property to assign objects of the same type in a quicker manner, without copying them fieldwise.

When you pass a handle of one object to another, the source object is copied to the destination rather than assigned. It is safe to get rid of the original object after such operation. pdfSigner.setSigningCertHandle(certMgr.getCertHandle());

This property is read-only.

signing_cert_hash_algorithm Property

Specifies the hash algorithm to be used in the operations on the certificate (such as key signing) SB_HASH_ALGORITHM_SHA1 SHA1 SB_HASH_ALGORITHM_SHA224 SHA224 SB_HASH_ALGORITHM_SHA256 SHA256 SB_HASH_ALGORITHM_SHA384 SHA384 SB_HASH_ALGORITHM_SHA512 SHA512 SB_HASH_ALGORITHM_MD2 MD2 SB_HASH_ALGORITHM_MD4 MD4 SB_HASH_ALGORITHM_MD5 MD5 SB_HASH_ALGORITHM_RIPEMD160 RIPEMD160 SB_HASH_ALGORITHM_CRC32 CRC32 SB_HASH_ALGORITHM_SSL3 SSL3 SB_HASH_ALGORITHM_GOST_R3411_1994 GOST1994 SB_HASH_ALGORITHM_WHIRLPOOL WHIRLPOOL SB_HASH_ALGORITHM_POLY1305 POLY1305 SB_HASH_ALGORITHM_SHA3_224 SHA3_224 SB_HASH_ALGORITHM_SHA3_256 SHA3_256 SB_HASH_ALGORITHM_SHA3_384 SHA3_384 SB_HASH_ALGORITHM_SHA3_512 SHA3_512 SB_HASH_ALGORITHM_BLAKE2S_128 BLAKE2S_128 SB_HASH_ALGORITHM_BLAKE2S_160 BLAKE2S_160 SB_HASH_ALGORITHM_BLAKE2S_224 BLAKE2S_224 SB_HASH_ALGORITHM_BLAKE2S_256 BLAKE2S_256 SB_HASH_ALGORITHM_BLAKE2B_160 BLAKE2B_160 SB_HASH_ALGORITHM_BLAKE2B_256 BLAKE2B_256 SB_HASH_ALGORITHM_BLAKE2B_384 BLAKE2B_384 SB_HASH_ALGORITHM_BLAKE2B_512 BLAKE2B_512 SB_HASH_ALGORITHM_SHAKE_128 SHAKE_128 SB_HASH_ALGORITHM_SHAKE_256 SHAKE_256 SB_HASH_ALGORITHM_SHAKE_128_LEN SHAKE_128_LEN SB_HASH_ALGORITHM_SHAKE_256_LEN SHAKE_256_LEN .

Syntax

def get_signing_cert_hash_algorithm() -> str: ...

signing_cert_hash_algorithm = property(get_signing_cert_hash_algorithm, None)

Default Value

""

Remarks

Specifies the hash algorithm to be used in the operations on the certificate (such as key signing)

This property is read-only.

signing_cert_issuer Property

The common name of the certificate issuer (CA), typically a company name.

Syntax

def get_signing_cert_issuer() -> str: ...

signing_cert_issuer = property(get_signing_cert_issuer, None)

Default Value

""

Remarks

The common name of the certificate issuer (CA), typically a company name.

This property is read-only.

signing_cert_issuer_rdn Property

A collection of information, in the form of [OID, Value] pairs, uniquely identifying the certificate issuer.

Syntax

def get_signing_cert_issuer_rdn() -> str: ...

signing_cert_issuer_rdn = property(get_signing_cert_issuer_rdn, None)

Default Value

""

Remarks

A collection of information, in the form of [OID, Value] pairs, uniquely identifying the certificate issuer.

This property is read-only.

signing_cert_key_algorithm Property

Specifies the public key algorithm of this certificate.

Syntax

def get_signing_cert_key_algorithm() -> str: ...

signing_cert_key_algorithm = property(get_signing_cert_key_algorithm, None)

Default Value

"0"

Remarks

Specifies the public key algorithm of this certificate.

This property is read-only.

signing_cert_key_bits Property

Returns the length of the public key.

Syntax

def get_signing_cert_key_bits() -> int: ...

signing_cert_key_bits = property(get_signing_cert_key_bits, None)

Default Value

0

Remarks

Returns the length of the public key.

This property is read-only.

signing_cert_key_fingerprint Property

Returns a fingerprint of the public key contained in the certificate.

Syntax

def get_signing_cert_key_fingerprint() -> bytes: ...

signing_cert_key_fingerprint = property(get_signing_cert_key_fingerprint, None)

Remarks

Returns a fingerprint of the public key contained in the certificate.

This property is read-only.

signing_cert_key_usage Property

Indicates the purposes of the key contained in the certificate, in the form of an OR'ed flag set.

Syntax

def get_signing_cert_key_usage() -> int: ...

signing_cert_key_usage = property(get_signing_cert_key_usage, None)

Default Value

0

Remarks

Indicates the purposes of the key contained in the certificate, in the form of an OR'ed flag set.

This value is a bit mask of the following values:

This property is read-only.

signing_cert_key_valid Property

Returns True if the certificate's key is cryptographically valid, and False otherwise.

Syntax

def get_signing_cert_key_valid() -> bool: ...

signing_cert_key_valid = property(get_signing_cert_key_valid, None)

Default Value

FALSE

Remarks

Returns True if the certificate's key is cryptographically valid, and False otherwise.

This property is read-only.

signing_cert_ocsp_locations Property

Locations of OCSP (Online Certificate Status Protocol) services that can be used to check this certificate's validity, as recorded by the CA.

Syntax

def get_signing_cert_ocsp_locations() -> str: ...

signing_cert_ocsp_locations = property(get_signing_cert_ocsp_locations, None)

Default Value

""

Remarks

Locations of OCSP (Online Certificate Status Protocol) services that can be used to check this certificate's validity, as recorded by the CA.

This property is read-only.

signing_cert_ocsp_no_check Property

Accessor to the value of the certificates ocsp-no-check extension.

Syntax

def get_signing_cert_ocsp_no_check() -> bool: ...

signing_cert_ocsp_no_check = property(get_signing_cert_ocsp_no_check, None)

Default Value

FALSE

Remarks

Accessor to the value of the certificates ocsp-no-check extension.

This property is read-only.

signing_cert_origin Property

Returns the origin of this certificate.

Syntax

def get_signing_cert_origin() -> int: ...

signing_cert_origin = property(get_signing_cert_origin, None)

Default Value

0

Remarks

Returns the origin of this certificate.

This property is read-only.

signing_cert_policy_i_ds Property

Contains identifiers (OIDs) of the applicable certificate policies.

Syntax

def get_signing_cert_policy_i_ds() -> str: ...

signing_cert_policy_i_ds = property(get_signing_cert_policy_i_ds, None)

Default Value

""

Remarks

Contains identifiers (OIDs) of the applicable certificate policies.

The Certificate Policies extension identifies a sequence of policies under which the certificate has been issued, and which regulate its usage.

This property is read-only.

signing_cert_private_key_bytes Property

Contains the certificate's private key.

Syntax

def get_signing_cert_private_key_bytes() -> bytes: ...

signing_cert_private_key_bytes = property(get_signing_cert_private_key_bytes, None)

Remarks

Contains the certificate's private key. It is normal for this property to be empty if the private key is non-exportable.

This property is read-only.

signing_cert_private_key_exists Property

Indicates whether the certificate has an associated private key.

Syntax

def get_signing_cert_private_key_exists() -> bool: ...

signing_cert_private_key_exists = property(get_signing_cert_private_key_exists, None)

Default Value

FALSE

Remarks

Indicates whether the certificate has an associated private key.

This property is read-only.

signing_cert_private_key_extractable Property

Indicates whether the private key is extractable.

Syntax

def get_signing_cert_private_key_extractable() -> bool: ...

signing_cert_private_key_extractable = property(get_signing_cert_private_key_extractable, None)

Default Value

FALSE

Remarks

Indicates whether the private key is extractable

This property is read-only.

signing_cert_public_key_bytes Property

Contains the certificate's public key in DER format.

Syntax

def get_signing_cert_public_key_bytes() -> bytes: ...

signing_cert_public_key_bytes = property(get_signing_cert_public_key_bytes, None)

Remarks

Contains the certificate's public key in DER format.

This property is read-only.

signing_cert_qualified_statements Property

Returns the qualified status of the certificate.

Syntax

def get_signing_cert_qualified_statements() -> int: ...

signing_cert_qualified_statements = property(get_signing_cert_qualified_statements, None)

Default Value

0

Remarks

Returns the qualified status of the certificate.

This property is read-only.

signing_cert_self_signed Property

Indicates whether the certificate is self-signed (root) or signed by an external CA.

Syntax

def get_signing_cert_self_signed() -> bool: ...

signing_cert_self_signed = property(get_signing_cert_self_signed, None)

Default Value

FALSE

Remarks

Indicates whether the certificate is self-signed (root) or signed by an external CA.

This property is read-only.

signing_cert_serial_number Property

Returns the certificate's serial number.

Syntax

def get_signing_cert_serial_number() -> bytes: ...

signing_cert_serial_number = property(get_signing_cert_serial_number, None)

Remarks

Returns the certificate's serial number.

This property is read-only.

signing_cert_sig_algorithm Property

Indicates the algorithm that was used by the CA to sign this certificate.

Syntax

def get_signing_cert_sig_algorithm() -> str: ...

signing_cert_sig_algorithm = property(get_signing_cert_sig_algorithm, None)

Default Value

""

Remarks

Indicates the algorithm that was used by the CA to sign this certificate.

This property is read-only.

signing_cert_subject Property

The common name of the certificate holder, typically an individual's name, a URL, an e-mail address, or a company name.

Syntax

def get_signing_cert_subject() -> str: ...

signing_cert_subject = property(get_signing_cert_subject, None)

Default Value

""

Remarks

The common name of the certificate holder, typically an individual's name, a URL, an e-mail address, or a company name.

This property is read-only.

signing_cert_subject_alternative_name Property

Returns or sets the value of the Subject Alternative Name extension of the certificate.

Syntax

def get_signing_cert_subject_alternative_name() -> str: ...

signing_cert_subject_alternative_name = property(get_signing_cert_subject_alternative_name, None)

Default Value

""

Remarks

Returns or sets the value of the Subject Alternative Name extension of the certificate.

This property is read-only.

signing_cert_subject_key_id Property

Contains a unique identifier (fingerprint) of the certificate's private key.

Syntax

def get_signing_cert_subject_key_id() -> bytes: ...

signing_cert_subject_key_id = property(get_signing_cert_subject_key_id, None)

Remarks

Contains a unique identifier (fingerprint) of the certificate's private key.

Subject Key Identifier is a (non-critical) X.509 certificate extension which allows the identification of certificates containing a particular public key. In SecureBlackbox, the unique identifier is represented with a SHA1 hash of the bit string of the subject public key.

This property is read-only.

signing_cert_subject_rdn Property

A collection of information, in the form of [OID, Value] pairs, uniquely identifying the certificate holder (subject).

Syntax

def get_signing_cert_subject_rdn() -> str: ...

signing_cert_subject_rdn = property(get_signing_cert_subject_rdn, None)

Default Value

""

Remarks

A collection of information, in the form of [OID, Value] pairs, uniquely identifying the certificate holder (subject).

This property is read-only.

signing_cert_valid_from Property

The time point at which the certificate becomes valid, in UTC.

Syntax

def get_signing_cert_valid_from() -> str: ...

signing_cert_valid_from = property(get_signing_cert_valid_from, None)

Default Value

""

Remarks

The time point at which the certificate becomes valid, in UTC.

This property is read-only.

signing_cert_valid_to Property

The time point at which the certificate expires, in UTC.

Syntax

def get_signing_cert_valid_to() -> str: ...

signing_cert_valid_to = property(get_signing_cert_valid_to, None)

Default Value

""

Remarks

The time point at which the certificate expires, in UTC.

This property is read-only.

timestamp_accuracy Property

This property indicates the accuracy of the included time mark, in microseconds.

Syntax

def get_timestamp_accuracy() -> int: ...

timestamp_accuracy = property(get_timestamp_accuracy, None)

Default Value

0

Remarks

This field indicates the accuracy of the included time mark, in microseconds.

This property is read-only.

timestamp_bytes Property

Returns raw timestamp data in DER format.

Syntax

def get_timestamp_bytes() -> bytes: ...

timestamp_bytes = property(get_timestamp_bytes, None)

Remarks

Returns raw timestamp data in DER format.

This property is read-only.

timestamp_certificate_index Property

Returns the index of the TSA certificate in the Certificates collection Use this property to look up the TSA certificate in the Certificates collection.

Syntax

def get_timestamp_certificate_index() -> int: ...

timestamp_certificate_index = property(get_timestamp_certificate_index, None)

Default Value

-1

Remarks

Returns the index of the TSA certificate in the Certificates collection

Use this property to look up the TSA certificate in the Certificates collection.

This property is read-only.

timestamp_chain_validation_details Property

The details of a certificate chain validation outcome.

Syntax

def get_timestamp_chain_validation_details() -> int: ...

timestamp_chain_validation_details = property(get_timestamp_chain_validation_details, None)

Default Value

0

Remarks

The details of a certificate chain validation outcome. They may often suggest what reasons that contributed to the overall validation result.

Returns a bit mask of the following options:

This property is read-only.

timestamp_chain_validation_result Property

The outcome of a certificate chain validation routine.

Syntax

def get_timestamp_chain_validation_result() -> int: ...

timestamp_chain_validation_result = property(get_timestamp_chain_validation_result, None)

Default Value

0

Remarks

The outcome of a certificate chain validation routine.

Available options:

Use the ValidationLog property to access the detailed validation log.

This property is read-only.

timestamp_hash_algorithm Property

Returns the timestamp's hash algorithm SB_HASH_ALGORITHM_SHA1 SHA1 SB_HASH_ALGORITHM_SHA224 SHA224 SB_HASH_ALGORITHM_SHA256 SHA256 SB_HASH_ALGORITHM_SHA384 SHA384 SB_HASH_ALGORITHM_SHA512 SHA512 SB_HASH_ALGORITHM_MD2 MD2 SB_HASH_ALGORITHM_MD4 MD4 SB_HASH_ALGORITHM_MD5 MD5 SB_HASH_ALGORITHM_RIPEMD160 RIPEMD160 SB_HASH_ALGORITHM_CRC32 CRC32 SB_HASH_ALGORITHM_SSL3 SSL3 SB_HASH_ALGORITHM_GOST_R3411_1994 GOST1994 SB_HASH_ALGORITHM_WHIRLPOOL WHIRLPOOL SB_HASH_ALGORITHM_POLY1305 POLY1305 SB_HASH_ALGORITHM_SHA3_224 SHA3_224 SB_HASH_ALGORITHM_SHA3_256 SHA3_256 SB_HASH_ALGORITHM_SHA3_384 SHA3_384 SB_HASH_ALGORITHM_SHA3_512 SHA3_512 SB_HASH_ALGORITHM_BLAKE2S_128 BLAKE2S_128 SB_HASH_ALGORITHM_BLAKE2S_160 BLAKE2S_160 SB_HASH_ALGORITHM_BLAKE2S_224 BLAKE2S_224 SB_HASH_ALGORITHM_BLAKE2S_256 BLAKE2S_256 SB_HASH_ALGORITHM_BLAKE2B_160 BLAKE2B_160 SB_HASH_ALGORITHM_BLAKE2B_256 BLAKE2B_256 SB_HASH_ALGORITHM_BLAKE2B_384 BLAKE2B_384 SB_HASH_ALGORITHM_BLAKE2B_512 BLAKE2B_512 SB_HASH_ALGORITHM_SHAKE_128 SHAKE_128 SB_HASH_ALGORITHM_SHAKE_256 SHAKE_256 SB_HASH_ALGORITHM_SHAKE_128_LEN SHAKE_128_LEN SB_HASH_ALGORITHM_SHAKE_256_LEN SHAKE_256_LEN .

Syntax

def get_timestamp_hash_algorithm() -> str: ...

timestamp_hash_algorithm = property(get_timestamp_hash_algorithm, None)

Default Value

""

Remarks

Returns the timestamp's hash algorithm

This property is read-only.

timestamp_serial_number Property

Returns the timestamp's serial number.

Syntax

def get_timestamp_serial_number() -> bytes: ...

timestamp_serial_number = property(get_timestamp_serial_number, None)

Remarks

Returns the timestamp's serial number.

This property is read-only.

timestamp_signature_index Property

Returns the index of the owner signature, if applicable.

Syntax

def get_timestamp_signature_index() -> int: ...

timestamp_signature_index = property(get_timestamp_signature_index, None)

Default Value

-1

Remarks

Returns the index of the owner signature, if applicable.

Use this property to establish the index of the associated signature object in the signature collection.

This property is read-only.

timestamp_time Property

The time point incorporated into the timestamp.

Syntax

def get_timestamp_time() -> str: ...

timestamp_time = property(get_timestamp_time, None)

Default Value

""

Remarks

The time point incorporated into the timestamp.

This property is read-only.

timestamp_timestamp_type Property

Returns the type of the timestamp.

Syntax

def get_timestamp_timestamp_type() -> int: ...

timestamp_timestamp_type = property(get_timestamp_timestamp_type, None)

Default Value

0

Remarks

Returns the type of the timestamp.

Available options:

Not all of the above timestamp types can be supported by a specific signature technology used (CAdES, PDF, XAdES).

This property is read-only.

timestamp_tsa_name Property

This value uniquely identifies the Timestamp Authority (TSA).

Syntax

def get_timestamp_tsa_name() -> str: ...

timestamp_tsa_name = property(get_timestamp_tsa_name, None)

Default Value

""

Remarks

This value uniquely identifies the Timestamp Authority (TSA).

This property provides information about the entity that manages the TSA.

This property is read-only.

timestamp_validation_log Property

Contains the TSA certificate chain validation log.

Syntax

def get_timestamp_validation_log() -> str: ...

timestamp_validation_log = property(get_timestamp_validation_log, None)

Default Value

""

Remarks

Contains the TSA certificate chain validation log. This information is extremely useful if the timestamp validation fails.

This property is read-only.

timestamp_validation_result Property

Contains timestamp validation outcome.

Syntax

def get_timestamp_validation_result() -> int: ...

timestamp_validation_result = property(get_timestamp_validation_result, None)

Default Value

0

Remarks

Contains timestamp validation outcome.

Use this property to check the result of the most recent timestamp validation.

This property is read-only.

timestamped Property

Indicates whether or not the signature is timestamped.

Syntax

def get_timestamped() -> bool: ...

timestamped = property(get_timestamped, None)

Default Value

FALSE

Remarks

This property returns True if the signature is timestamped, and False otherwise.

This property is read-only.

tsa_cert_bytes Property

Returns raw certificate data in DER format.

Syntax

def get_tsa_cert_bytes() -> bytes: ...

tsa_cert_bytes = property(get_tsa_cert_bytes, None)

Remarks

Returns raw certificate data in DER format.

This property is read-only.

tsa_cert_ca Property

Indicates whether the certificate has a CA capability (a setting in BasicConstraints extension).

Syntax

def get_tsa_cert_ca() -> bool: ...

tsa_cert_ca = property(get_tsa_cert_ca, None)

Default Value

FALSE

Remarks

Indicates whether the certificate has a CA capability (a setting in BasicConstraints extension).

This property is read-only.

tsa_cert_ca_key_id Property

A unique identifier (fingerprint) of the CA certificate's private key.

Syntax

def get_tsa_cert_ca_key_id() -> bytes: ...

tsa_cert_ca_key_id = property(get_tsa_cert_ca_key_id, None)

Remarks

A unique identifier (fingerprint) of the CA certificate's private key.

Authority Key Identifier is a (non-critical) X.509 certificate extension which allows the identification of certificates produced by the same issuer, but with different public keys.

This property is read-only.

tsa_cert_crl_distribution_points Property

Locations of the CRL (Certificate Revocation List) distribution points used to check this certificate's validity.

Syntax

def get_tsa_cert_crl_distribution_points() -> str: ...

tsa_cert_crl_distribution_points = property(get_tsa_cert_crl_distribution_points, None)

Default Value

""

Remarks

Locations of the CRL (Certificate Revocation List) distribution points used to check this certificate's validity.

This property is read-only.

tsa_cert_curve Property

Specifies the elliptic curve of the EC public key.

Syntax

def get_tsa_cert_curve() -> str: ...

tsa_cert_curve = property(get_tsa_cert_curve, None)

Default Value

""

Remarks

Specifies the elliptic curve of the EC public key.

This property is read-only.

tsa_cert_fingerprint Property

Contains the fingerprint (a hash imprint) of this certificate.

Syntax

def get_tsa_cert_fingerprint() -> bytes: ...

tsa_cert_fingerprint = property(get_tsa_cert_fingerprint, None)

Remarks

Contains the fingerprint (a hash imprint) of this certificate.

This property is read-only.

tsa_cert_friendly_name Property

Contains an associated alias (friendly name) of the certificate.

Syntax

def get_tsa_cert_friendly_name() -> str: ...

tsa_cert_friendly_name = property(get_tsa_cert_friendly_name, None)

Default Value

""

Remarks

Contains an associated alias (friendly name) of the certificate.

This property is read-only.

tsa_cert_handle Property

Allows to get or set a 'handle', a unique identifier of the underlying property object.

Syntax

def get_tsa_cert_handle() -> int: ...

tsa_cert_handle = property(get_tsa_cert_handle, None)

Default Value

0

Remarks

Allows to get or set a 'handle', a unique identifier of the underlying property object. Use this property to assign objects of the same type in a quicker manner, without copying them fieldwise.

When you pass a handle of one object to another, the source object is copied to the destination rather than assigned. It is safe to get rid of the original object after such operation. pdfSigner.setSigningCertHandle(certMgr.getCertHandle());

This property is read-only.

tsa_cert_hash_algorithm Property

Specifies the hash algorithm to be used in the operations on the certificate (such as key signing) SB_HASH_ALGORITHM_SHA1 SHA1 SB_HASH_ALGORITHM_SHA224 SHA224 SB_HASH_ALGORITHM_SHA256 SHA256 SB_HASH_ALGORITHM_SHA384 SHA384 SB_HASH_ALGORITHM_SHA512 SHA512 SB_HASH_ALGORITHM_MD2 MD2 SB_HASH_ALGORITHM_MD4 MD4 SB_HASH_ALGORITHM_MD5 MD5 SB_HASH_ALGORITHM_RIPEMD160 RIPEMD160 SB_HASH_ALGORITHM_CRC32 CRC32 SB_HASH_ALGORITHM_SSL3 SSL3 SB_HASH_ALGORITHM_GOST_R3411_1994 GOST1994 SB_HASH_ALGORITHM_WHIRLPOOL WHIRLPOOL SB_HASH_ALGORITHM_POLY1305 POLY1305 SB_HASH_ALGORITHM_SHA3_224 SHA3_224 SB_HASH_ALGORITHM_SHA3_256 SHA3_256 SB_HASH_ALGORITHM_SHA3_384 SHA3_384 SB_HASH_ALGORITHM_SHA3_512 SHA3_512 SB_HASH_ALGORITHM_BLAKE2S_128 BLAKE2S_128 SB_HASH_ALGORITHM_BLAKE2S_160 BLAKE2S_160 SB_HASH_ALGORITHM_BLAKE2S_224 BLAKE2S_224 SB_HASH_ALGORITHM_BLAKE2S_256 BLAKE2S_256 SB_HASH_ALGORITHM_BLAKE2B_160 BLAKE2B_160 SB_HASH_ALGORITHM_BLAKE2B_256 BLAKE2B_256 SB_HASH_ALGORITHM_BLAKE2B_384 BLAKE2B_384 SB_HASH_ALGORITHM_BLAKE2B_512 BLAKE2B_512 SB_HASH_ALGORITHM_SHAKE_128 SHAKE_128 SB_HASH_ALGORITHM_SHAKE_256 SHAKE_256 SB_HASH_ALGORITHM_SHAKE_128_LEN SHAKE_128_LEN SB_HASH_ALGORITHM_SHAKE_256_LEN SHAKE_256_LEN .

Syntax

def get_tsa_cert_hash_algorithm() -> str: ...

tsa_cert_hash_algorithm = property(get_tsa_cert_hash_algorithm, None)

Default Value

""

Remarks

Specifies the hash algorithm to be used in the operations on the certificate (such as key signing)

This property is read-only.

tsa_cert_issuer Property

The common name of the certificate issuer (CA), typically a company name.

Syntax

def get_tsa_cert_issuer() -> str: ...

tsa_cert_issuer = property(get_tsa_cert_issuer, None)

Default Value

""

Remarks

The common name of the certificate issuer (CA), typically a company name.

This property is read-only.

tsa_cert_issuer_rdn Property

A collection of information, in the form of [OID, Value] pairs, uniquely identifying the certificate issuer.

Syntax

def get_tsa_cert_issuer_rdn() -> str: ...

tsa_cert_issuer_rdn = property(get_tsa_cert_issuer_rdn, None)

Default Value

""

Remarks

A collection of information, in the form of [OID, Value] pairs, uniquely identifying the certificate issuer.

This property is read-only.

tsa_cert_key_algorithm Property

Specifies the public key algorithm of this certificate.

Syntax

def get_tsa_cert_key_algorithm() -> str: ...

tsa_cert_key_algorithm = property(get_tsa_cert_key_algorithm, None)

Default Value

"0"

Remarks

Specifies the public key algorithm of this certificate.

This property is read-only.

tsa_cert_key_bits Property

Returns the length of the public key.

Syntax

def get_tsa_cert_key_bits() -> int: ...

tsa_cert_key_bits = property(get_tsa_cert_key_bits, None)

Default Value

0

Remarks

Returns the length of the public key.

This property is read-only.

tsa_cert_key_fingerprint Property

Returns a fingerprint of the public key contained in the certificate.

Syntax

def get_tsa_cert_key_fingerprint() -> bytes: ...

tsa_cert_key_fingerprint = property(get_tsa_cert_key_fingerprint, None)

Remarks

Returns a fingerprint of the public key contained in the certificate.

This property is read-only.

tsa_cert_key_usage Property

Indicates the purposes of the key contained in the certificate, in the form of an OR'ed flag set.

Syntax

def get_tsa_cert_key_usage() -> int: ...

tsa_cert_key_usage = property(get_tsa_cert_key_usage, None)

Default Value

0

Remarks

Indicates the purposes of the key contained in the certificate, in the form of an OR'ed flag set.

This value is a bit mask of the following values:

This property is read-only.

tsa_cert_key_valid Property

Returns True if the certificate's key is cryptographically valid, and False otherwise.

Syntax

def get_tsa_cert_key_valid() -> bool: ...

tsa_cert_key_valid = property(get_tsa_cert_key_valid, None)

Default Value

FALSE

Remarks

Returns True if the certificate's key is cryptographically valid, and False otherwise.

This property is read-only.

tsa_cert_ocsp_locations Property

Locations of OCSP (Online Certificate Status Protocol) services that can be used to check this certificate's validity, as recorded by the CA.

Syntax

def get_tsa_cert_ocsp_locations() -> str: ...

tsa_cert_ocsp_locations = property(get_tsa_cert_ocsp_locations, None)

Default Value

""

Remarks

Locations of OCSP (Online Certificate Status Protocol) services that can be used to check this certificate's validity, as recorded by the CA.

This property is read-only.

tsa_cert_policy_i_ds Property

Contains identifiers (OIDs) of the applicable certificate policies.

Syntax

def get_tsa_cert_policy_i_ds() -> str: ...

tsa_cert_policy_i_ds = property(get_tsa_cert_policy_i_ds, None)

Default Value

""

Remarks

Contains identifiers (OIDs) of the applicable certificate policies.

The Certificate Policies extension identifies a sequence of policies under which the certificate has been issued, and which regulate its usage.

This property is read-only.

tsa_cert_public_key_bytes Property

Contains the certificate's public key in DER format.

Syntax

def get_tsa_cert_public_key_bytes() -> bytes: ...

tsa_cert_public_key_bytes = property(get_tsa_cert_public_key_bytes, None)

Remarks

Contains the certificate's public key in DER format.

This property is read-only.

tsa_cert_self_signed Property

Indicates whether the certificate is self-signed (root) or signed by an external CA.

Syntax

def get_tsa_cert_self_signed() -> bool: ...

tsa_cert_self_signed = property(get_tsa_cert_self_signed, None)

Default Value

FALSE

Remarks

Indicates whether the certificate is self-signed (root) or signed by an external CA.

This property is read-only.

tsa_cert_serial_number Property

Returns the certificate's serial number.

Syntax

def get_tsa_cert_serial_number() -> bytes: ...

tsa_cert_serial_number = property(get_tsa_cert_serial_number, None)

Remarks

Returns the certificate's serial number.

This property is read-only.

tsa_cert_sig_algorithm Property

Indicates the algorithm that was used by the CA to sign this certificate.

Syntax

def get_tsa_cert_sig_algorithm() -> str: ...

tsa_cert_sig_algorithm = property(get_tsa_cert_sig_algorithm, None)

Default Value

""

Remarks

Indicates the algorithm that was used by the CA to sign this certificate.

This property is read-only.

tsa_cert_subject Property

The common name of the certificate holder, typically an individual's name, a URL, an e-mail address, or a company name.

Syntax

def get_tsa_cert_subject() -> str: ...

tsa_cert_subject = property(get_tsa_cert_subject, None)

Default Value

""

Remarks

The common name of the certificate holder, typically an individual's name, a URL, an e-mail address, or a company name.

This property is read-only.

tsa_cert_subject_key_id Property

Contains a unique identifier (fingerprint) of the certificate's private key.

Syntax

def get_tsa_cert_subject_key_id() -> bytes: ...

tsa_cert_subject_key_id = property(get_tsa_cert_subject_key_id, None)

Remarks

Contains a unique identifier (fingerprint) of the certificate's private key.

Subject Key Identifier is a (non-critical) X.509 certificate extension which allows the identification of certificates containing a particular public key. In SecureBlackbox, the unique identifier is represented with a SHA1 hash of the bit string of the subject public key.

This property is read-only.

tsa_cert_subject_rdn Property

A collection of information, in the form of [OID, Value] pairs, uniquely identifying the certificate holder (subject).

Syntax

def get_tsa_cert_subject_rdn() -> str: ...

tsa_cert_subject_rdn = property(get_tsa_cert_subject_rdn, None)

Default Value

""

Remarks

A collection of information, in the form of [OID, Value] pairs, uniquely identifying the certificate holder (subject).

This property is read-only.

tsa_cert_valid_from Property

The time point at which the certificate becomes valid, in UTC.

Syntax

def get_tsa_cert_valid_from() -> str: ...

tsa_cert_valid_from = property(get_tsa_cert_valid_from, None)

Default Value

""

Remarks

The time point at which the certificate becomes valid, in UTC.

This property is read-only.

tsa_cert_valid_to Property

The time point at which the certificate expires, in UTC.

Syntax

def get_tsa_cert_valid_to() -> str: ...

tsa_cert_valid_to = property(get_tsa_cert_valid_to, None)

Default Value

""

Remarks

The time point at which the certificate expires, in UTC.

This property is read-only.

unsigned_attribute_count Property

The number of records in the UnsignedAttribute arrays.

Syntax

def get_unsigned_attribute_count() -> int: ...

unsigned_attribute_count = property(get_unsigned_attribute_count, None)

Default Value

0

Remarks

This property controls the size of the following arrays:

• unsigned_attribute_oid
• unsigned_attribute_value

The array indices start at 0 and end at unsigned_attribute_count - 1.

This property is read-only.

unsigned_attribute_oid Property

The object identifier of the attribute.

Syntax

def get_unsigned_attribute_oid(unsigned_attribute_index: int) -> str: ...

Default Value

""

Remarks

The object identifier of the attribute.

The unsigned_attribute_index parameter specifies the index of the item in the array. The size of the array is controlled by the unsigned_attribute_count property.

This property is read-only.

unsigned_attribute_value Property

The value of the attribute.

Syntax

def get_unsigned_attribute_value(unsigned_attribute_index: int) -> bytes: ...

Remarks

The value of the attribute.

The unsigned_attribute_index parameter specifies the index of the item in the array. The size of the array is controlled by the unsigned_attribute_count property.

This property is read-only.

validated_signing_time Property

Contains the certified signing time.

Syntax

def get_validated_signing_time() -> str: ...

validated_signing_time = property(get_validated_signing_time, None)

Default Value

""

Remarks

Use this property to obtain the signing time as certified by an external timestamp. The time is in UTC.

This property is read-only.

check_signature_type Method

Determines the signature kind.

Syntax

def check_signature_type() -> int: ...

Remarks

Use this method to determine the kind of the signature stored in input_file (input_stream).

config Method

Sets or retrieves a configuration setting.

Syntax

def config(configuration_string: str) -> str: ...

Remarks

config is a generic method available in every class. It is used to set and retrieve configuration settings for the class.

These settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the class, access to these internal properties is provided through the config method.

To set a configuration setting named PROPERTY, you must call Config("PROPERTY=VALUE"), where VALUE is the value of the setting expressed as a string. For boolean values, use the strings "True", "False", "0", "1", "Yes", or "No" (case does not matter).

To read (query) the value of a configuration setting, you must call Config("PROPERTY"). The value will be returned as a string.

do_action Method

Performs an additional action.

Syntax

def do_action(action_id: str, action_params: str) -> str: ...

Remarks

do_action is a generic method available in every class. It is used to perform an additional action introduced after the product major release. The list of actions is not fixed, and may be flexibly extended over time.

The unique identifier (case insencitive) of the action is provided in the ActionID parameter.

ActionParams contains the value of a single parameter, or a list of multiple parameters for the action in the form of PARAM1=VALUE1;PARAM2=VALUE2;....

verify Method

Verifies digitally signed data.

Syntax

def verify() -> None: ...

Remarks

PKCS#7 and its successor, CMS, support two types of signatures: (1) enveloping signatures, where the signed data and its signature are combined in the same message, and (2) detached signatures, where the signature is stored as a separate entity. This method verifies enveloped signatures and extracts data contained in them. Use verify_detached to verify detached signatures.

This method expects the enveloping signature to be provided via input_file or input_stream properties.

Note that this method only checks the integrity of the signature, i.e., that it is signed with the claimed certificate and has not been altered. It does not validate the signing certificate chain. To validate the certificate chain, either use CertificateValidator component together with MessageVerifier, or consider using CAdESVerifier component instead.

verify_detached Method

Verifies a detached signature.

Syntax

def verify_detached() -> None: ...

Remarks

Use this method to verify detached signatures. Pass the signature via input_file (or input_stream) property, and the original data via data_file (data_stream).

on_error Event

Information about errors during PKCS#7 message verification.

Syntax

class MessageVerifierErrorEventParams(object):
  @property
  def error_code() -> int: ...

  @property
  def description() -> str: ...

# In class MessageVerifier:
@property
def on_error() -> Callable[[MessageVerifierErrorEventParams], None]: ...
@on_error.setter
def on_error(event_hook: Callable[[MessageVerifierErrorEventParams], None]) -> None: ...

Remarks

The event is fired in case of exceptional conditions during message processing.

ErrorCode contains an error code and Description contains a textual description of the error. For a list of valid error codes and their descriptions, please refer to the Messages section.

on_notification Event

This event notifies the application about an underlying control flow event.

Syntax

class MessageVerifierNotificationEventParams(object):
  @property
  def event_id() -> str: ...

  @property
  def event_param() -> str: ...

# In class MessageVerifier:
@property
def on_notification() -> Callable[[MessageVerifierNotificationEventParams], None]: ...
@on_notification.setter
def on_notification(event_hook: Callable[[MessageVerifierNotificationEventParams], None]) -> None: ...

Remarks

The class fires this event to let the application know about some event, occurrence, or milestone in the component. For example, it may fire to report completion of the document processing. The list of events being reported is not fixed, and may be flexibly extended over time.

The unique identifier of the event is provided in EventID parameter. EventParam contains any parameters accompanying the occurrence. Depending on the type of the component, the exact action it is performing, or the document being processed, one or both may be omitted.

on_recipient_found Event

Fires to report a message addressee parameters.

Syntax

class MessageVerifierRecipientFoundEventParams(object):
  @property
  def issuer_rdn() -> str: ...

  @property
  def serial_number() -> bytes: ...

  @property
  def subject_key_id() -> bytes: ...

  @property
  def cert_found() -> bool: ...

# In class MessageVerifier:
@property
def on_recipient_found() -> Callable[[MessageVerifierRecipientFoundEventParams], None]: ...
@on_recipient_found.setter
def on_recipient_found(event_hook: Callable[[MessageVerifierRecipientFoundEventParams], None]) -> None: ...

Remarks

This event is fired for each addressee the message is encrypted for. It may fire several times in a row if the message is encrypted for more than one recipient.

The IssuerRDN, SerialNumber, and SubjectKeyID parameters to identify the recipient's certificate. CertFound indicates if the specified certificate has been located in certificates collection. If it wasn't, you might want to look up the certificate manually, and add it to the collection inside the event handler.

on_signature_found Event

Signifies the start of signature validation.

Syntax

class MessageVerifierSignatureFoundEventParams(object):
  @property
  def issuer_rdn() -> str: ...

  @property
  def serial_number() -> bytes: ...

  @property
  def subject_key_id() -> bytes: ...

  @property
  def cert_found() -> bool: ...

  @property
  def validate_signature() -> bool: ...
  @validate_signature.setter
  def validate_signature(value) -> None: ...

  @property
  def validate_chain() -> bool: ...
  @validate_chain.setter
  def validate_chain(value) -> None: ...

# In class MessageVerifier:
@property
def on_signature_found() -> Callable[[MessageVerifierSignatureFoundEventParams], None]: ...
@on_signature_found.setter
def on_signature_found(event_hook: Callable[[MessageVerifierSignatureFoundEventParams], None]) -> None: ...

Remarks

This event tells the application that signature validation is about to start, and provides the details about the signer's certificate via its IssuerRDN, SerialNumber, and SubjectKeyID parameters. It fires for every signature located in the verified document or message.

The CertFound is set to True if the class has found the needed certificate in one of the known locations, and to False otherwise, in which case you must provide it manually via KnownCertificates property.

Signature validation consists of two independent stages: cryptographic signature validation and chain validation. Separate validation results are reported for each, with signature_validation_result and chain_validation_result properties respectively.

Use the ValidateSignature and ValidateChain parameters to tell the verifier which stages to include in the validation.

on_signature_validated Event

Marks the completion of the signature validation routine.

Syntax

class MessageVerifierSignatureValidatedEventParams(object):
  @property
  def issuer_rdn() -> str: ...

  @property
  def serial_number() -> bytes: ...

  @property
  def subject_key_id() -> bytes: ...

  @property
  def validation_result() -> int: ...

# In class MessageVerifier:
@property
def on_signature_validated() -> Callable[[MessageVerifierSignatureValidatedEventParams], None]: ...
@on_signature_validated.setter
def on_signature_validated(event_hook: Callable[[MessageVerifierSignatureValidatedEventParams], None]) -> None: ...

Remarks

This event is fired upon the completion of the signature validation routine, and reports the respective validation result.

Use the IssuerRDN, SerialNumber, and/or SubjectKeyID parameters to identify the signing certificate.

ValidationResult is set to 0 if the validation has been successful, or to a non-zero value in case of a validation failure.

on_timestamp_found Event

Signifies the start of a timestamp validation routine.

Syntax

class MessageVerifierTimestampFoundEventParams(object):
  @property
  def issuer_rdn() -> str: ...

  @property
  def serial_number() -> bytes: ...

  @property
  def subject_key_id() -> bytes: ...

  @property
  def cert_found() -> bool: ...

  @property
  def validate_timestamp() -> bool: ...
  @validate_timestamp.setter
  def validate_timestamp(value) -> None: ...

  @property
  def validate_chain() -> bool: ...
  @validate_chain.setter
  def validate_chain(value) -> None: ...

# In class MessageVerifier:
@property
def on_timestamp_found() -> Callable[[MessageVerifierTimestampFoundEventParams], None]: ...
@on_timestamp_found.setter
def on_timestamp_found(event_hook: Callable[[MessageVerifierTimestampFoundEventParams], None]) -> None: ...

Remarks

This event fires for every timestamp identified during signature processing, and reports the details about the signer's certificate via its IssuerRDN, SerialNumber, and SubjectKeyID parameters.

The CertFound is set to True if the class has found the needed certificate in one of the known locations, and to False otherwise, in which case you must provide it manually via KnownCertificates property.

Just like with signature validation, timestamp validation consists of two independent stages: cryptographic signature validation and chain validation. Separate validation results are reported for each, with signature_validation_result and chain_validation_result properties respectively.

Use the ValidateSignature and ValidateChain parameters to tell the verifier which stages to include in the validation.

on_timestamp_validated Event

Reports the completion of the timestamp validation routine.

Syntax

class MessageVerifierTimestampValidatedEventParams(object):
  @property
  def issuer_rdn() -> str: ...

  @property
  def serial_number() -> bytes: ...

  @property
  def subject_key_id() -> bytes: ...

  @property
  def time() -> str: ...

  @property
  def validation_result() -> int: ...

  @property
  def chain_validation_result() -> int: ...

  @property
  def chain_validation_details() -> int: ...

# In class MessageVerifier:
@property
def on_timestamp_validated() -> Callable[[MessageVerifierTimestampValidatedEventParams], None]: ...
@on_timestamp_validated.setter
def on_timestamp_validated(event_hook: Callable[[MessageVerifierTimestampValidatedEventParams], None]) -> None: ...

Remarks

This event is fired upon the completion of the timestamp validation routine, and reports the respective validation result.

ValidationResult is set to 0 if the validation has been successful, or to a non-zero value in case of a failure.

MessageVerifier Config Settings

The class accepts one or more of the following configuration settings. Configuration settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the class, access to these internal properties is provided through the config method.

MessageVerifier Config Settings

Base Config Settings

MessageVerifier Errors

MessageVerifier Errors

	1048577   Invalid parameter value (SB_ERROR_INVALID_PARAMETER)
	1048578   Class is configured incorrectly (SB_ERROR_INVALID_SETUP)
	1048579   Operation cannot be executed in the current state (SB_ERROR_INVALID_STATE)
	1048580   Attempt to set an invalid value to a property (SB_ERROR_INVALID_VALUE)
	1048581   Certificate does not have its private key loaded (SB_ERROR_NO_PRIVATE_KEY)
	1048581   Cancelled by the user (SB_ERROR_CANCELLED_BY_USER)