Syntax:
com.ibi.agents.XDXAdESVerifyAgent
iIT Service Object:
format: XAdES Digital Signature Verify
Description: Verifies an XAdES XML Digital Signature.
Parameters:
Parameter |
Description |
---|---|
XML Namespace Provider |
The provider for the mapping between the XML namespace prefix and the namespace URI. If left blank, the XPath expression in the Signature Element Path and Required Signature Coverage parameters cannot contain namespaces. |
XPath Syntax |
Determines which syntax level of the XPath should be used. The default option selects the syntax level as set in the console global settings. |
Signature Element Path |
The path to the signature XML element. If left blank, the agent will search throughout the document for an element named Signature in the namespace http://www.w3.org/2000/09/xmldsig#. |
Remove Security Parent Element |
After successful verification, determines whether to remove the WSSE Security parent element and all of its contents. |
Signature Criteria |
|
TrustStore Provider * |
The provider for the keystore containing the Certificate Authorities. |
Certificate Store Providers |
A comma-separated list of Keystore, Directory CertStore, or LDAP providers for the certificate stores used to complete the certificate chain and to retrieve revocation material. |
Enable Certificate Revocation |
Enables CRL checking of signer certificates. |
Maximum Path Length |
The maximum number of non-self-issued intermediate certificates that may exist in a certification path. The last certificate in a certification path is not included in this limit. 0 implies that the path can only contain a single certificate. -1 implies that there is no maximum. If any of the CA certificates contain the BasicConstraintsExtension, the value of the pathLenConstraint field of the extension overrides the Maximum Path Length parameter. |
Enforce KeyUsage Extension |
Determines how the KeyUsage Extension is verified when present in the signer certificate. |
Message Digest JCE Provider |
The JCE Provider for the MessageDigest service. |
Required Signature Coverage |
An XPath expression that returns a NodeSet, where each node in the set must have been signed by the Signature to be considered valid. |
Unsigned Attachment |
The action to perform when a document contains an unsigned attachment. |
XAdES Criteria |
|
Minimum XAdES Form |
Specifies the minimum acceptable XAdES form. Signatures simpler than this form will cause a validation failure. |
Signature Policy Provider |
The name of a Signature Policy Provider. This specifies the mapping from ObjectIdentifier (URI or OID) to the policy file. The policy file is needed to verify signatures with an explicit policy. If left blank, only absent or implied policies can be validated. |
Accept Implied Policy |
Indicates whether the verifier should accept an implied signature policy. |
Accept Unknown Properties |
Indicates whether the verifier should accept unknown properties. This only affects the unsigned properties. |
Edges:
The following table lists the available Line Edges for the XAdES Digital Signature Verify Service (com.ibi.agents.XDXAdESVerifyAgent).
Line Edge |
Description |
---|---|
OnError |
An exception occurred during execution. |
OnSuccess |
The operation was successful. |
OnFailure |
A fail condition occurred during execution. |
OnParseError |
Could not parse a document. |
OnFailedOperation |
Could not perform the operation requested. |
failed_unsigned |
Signature not found. |
failed_verify |
Failed security validation. |
failed_coverage |
Signature failed coverage verification. |