Signature validity information associated with a signed signature field.
| name | data type | type | namespace | min/max occurs | description |
|---|---|---|---|---|---|
| contentAppended | boolean | element | 1/1 | Flag that indicates if there has been any content appended to this PDF. If content has been appended, the signature does not cover the additional content, but might still be valid for the original content, if it has not been modified. | |
| documentReconstructed | boolean | element | 1/1 | Flag that indicates whether there was a problem reading the xref table that resulted in the document being reconstructed. | |
| documentTimestamp | boolean | element | 1/1 | Flag that indicates whether this signature is a document timestamp. | |
| trustedChain | boolean | element | 1/1 | Flag that indicates whether the chain of certificates in the signature starts with a certificate from a trusted certificate authority (CA). | |
| tsaTimestamp | boolean | element | 1/1 | Flag that indicates whether the signature has a timestamp from a timestamp authority. | |
| tsaTrustedChain | boolean | element | 1/1 | Flag that indicates whether the TSA certificate chain is trusted. | |
| validByteRange | boolean | element | 1/1 | Flag that indicates whether the byte range in the signature covers the entire file, including the signature dictionary but excluding the signature value itself. | |
| validCertificateChain | boolean | element | 1/1 | Flag that indicates the validity of the certificate chain. | |
| validExpiration | boolean | element | 1/1 | Flag that indicates whether the start and expiration dates on the signature are valid and within range. | |
| validKeyUsage | boolean | element | 1/1 | Flag that indicates whether the key usage is valid. It is set to true when the KU field allows for signing documents. | |
| validPadesCertificate | boolean | element | 1/1 | Flag that indicates if this is a PAdES signature and the certificate is valid OR if this is not a PAdES signature. False if it's a PAdES signature with an invalid certificate. | |
| validRevocationList | boolean | element | 1/1 | Flag that indicates the status of the revocation list validity. When this is false, at least one of the certificates in the certificate chain has been revoked. | |
| validSignatureHash | boolean | element | 1/1 | Flag that indicates whether the stored signature hash matches the calculated signature hash. | |
| validSignatureObject | boolean | element | 1/1 | Flag that indicates whether the signature object was readable. If there are any errors reading the signature object, this flag is set to false. | |
| validTimestampCertificate | boolean | element | 1/1 | Flag that indicates whether the certificate of the timestamp token is valid, when present. | |
| validTimestampToken | boolean | element | 1/1 | Flag that indicates whether a timestamp token is valid, when present. | |
| validityText | string | element | 0/1 | A textual description of the state of the signature. This method looks at all the different flags and composes a human readable description of the validity of the signature. |
Example
<SignatureValidity> <validSignatureObject>...</validSignatureObject> <validSignatureHash>...</validSignatureHash> <validRevocationList>...</validRevocationList> <validExpiration>...</validExpiration> <validCertificateChain>...</validCertificateChain> <trustedChain>...</trustedChain> <contentAppended>...</contentAppended> <validByteRange>...</validByteRange> <documentReconstructed>...</documentReconstructed> <documentTimestamp>...</documentTimestamp> <tsaTimestamp>...</tsaTimestamp> <validTimestampToken>...</validTimestampToken> <validTimestampCertificate>...</validTimestampCertificate> <tsaTrustedChain>...</tsaTrustedChain> <validPadesCertificate>...</validPadesCertificate> <validKeyUsage>...</validKeyUsage> <validityText>...</validityText> </SignatureValidity>