Validation API
Scope
To receive validation data of signed document.
Descriprion
1. Validation information is returned for the specified file;
2. If the file is not signed, an error message is returned;
Request
The Service provider's application sends the following GET request using TLS:
GET /api-validation/v1.0/{sessionId}/{documentId}/validate
Property | Type | Usage | Description |
|---|---|---|---|
sessionId | String (64) | Mandatory | File processing session identifier |
documentId | String (64) | Mandatory | Document identifier, received from "upload" or "list" operation as "id" property |
Authorization
The request must contain an Authorization header with an OAuth Introspect access token obtained via Integration Platform a Service provider's credentials grant flow.
Example
GET /api-validation/v1.0/965af52843d969ab6011c6ba8effbdc307e26517280566ce18a807f37a9029aa/c97823faa1a54658e75207e1a791da2c/validate HTTP/1.1 Authorization: Bearer a477b3a3366768c07e4c458f518711b4b351e8d2c2f0f78a1524e4d3efd00603 Host: signapi-prep.eparaksts.lv
Response
General structure of validation response (JSON object):
{
"data": {
"includedFiles": [
{
"filename": {String}
}
],
"signatureForm": {String},
"signaturesExt": [
{
"id": {String},
"info": {
"bestSignatureTime": {Datetime},
"timestampCreationTime": {Datetime},
"ocspResponseCreationTime": {Datetime},
"timeAssertionMessageImprint": {String},
"signingReason": {String},
"signerRole": [
{
"claimedRole": {String}
}
],
"signatureProductionPlace": {
"countryName": {String},
"stateOrProvince": {String},
"city": {String},
"postalCode": {String}
}
},
"errors": [
{
"content": {String}
}
],
"signedBy": {String},
"warnings": [
{
"content": {String}
}
],
"indication": {String},
"subIndication": {String},
"signatureLevel": {String},
"signatureFormat": {String},
"signerSerialNumber": {String},
"registrationNumber": {String}
}
],
"validationTime": {Datetime},
"signaturesCount": {Number},
"validationLevel": {String},
"validatedDocument": {
"filename": {String}
},
"validSignaturesCount": {Number}
}
}
| Property | Description | |
|---|---|---|
includedFiles | Array | Information about files included in the ASIC container. |
includedFiles.filename | String | Name of the faile included in the ASIC container. |
signatureForm | String | Format (and optionally version) of the digitally signed document container. |
signaturesExt | Array | Collection of signatures found in digitally signed document |
signaturesExt.id | String | Signature ID attribute |
signaturesExt.info | Object | Object containing trusted signing time information. |
signaturesExt.info.bestSignatureTime | Date | Time value that is regarded as trusted signing time, denoting the earliest time when it can be trusted by the validation application (because proven by some Proof-of-Existence present in the signature) that a signature has existed. The source of the value depends on the signature profile (see also SignatureFormat parameter): - Signature with time-mark (LT_TM level) - the producedAt value of the earliest valid time-mark (OCSP confirmation of the signer's certificate) in the signature. - Signature with time-stamp (LT or LTA level) - the genTime value of the earliest valid signature time-stamp token in the signature. - Signature with BES or EPES level - the value is empty, i.e. there is no trusted signing time value available. |
signaturesExt.signedBy | String | Signature/Seal Creator. CN (common name) value portion in signer's certificate's subject distinguished name |
signaturesExt.errors | Array | Information about validation error(s), array of error messages. |
signaturesExt.warnings | Array | Block of validation warnings that do not affect the overall validation result. |
signaturesExt.indication | String | Overall result of the signature's validation process, according to ETSI EN 319 102-1 "Table 5: Status indications of the signature validation process". Note that the validation results of different signatures in one signed document (signature container) may vary. Possible values: TOTAL-PASSED TOTAL-FAILED INDETERMINATE |
| signaturesExt.subindication | String | Additional subindication in case of failed or indeterminate validation result, according to ETSI EN 319 102-1 "Table 6: Validation Report Structure and Semantics" |
signaturesExt.signatureLevel | String | Legal level of the signature, according to Regulation (EU) No 910/2014. - Possible values on positive validation result: QESIG QESEAL QES QES_EDL - "ADES_QC" signature, which according to Latvian Electronic Documents Law is equivalent to a handwritten signature ADESIG_QC ADESEAL_QC ADES_QC ADESIG ADESEAL ADES - Possible values on indeterminate validation result: prefix INDETERMINATE is added to the level described in positive result. For example INDETERMINATE_QESIG - Possible values on negative validation result: In addition to abovementioned NOT_ADES_QC_QSCD NOT_ADES_QC NOT_ADES NA |
signaturesExt.signatureFormat | String | Format and profile (according to Baseline Profile) of the signature. See XAdES Baseline Profile, CAdES Baseline Profile and PAdES Baseline Profile for detailed description of the Baseline Profile levels. Possible values: XAdES_BASELINE_B XAdES_BASELINE_B_BES XAdES_BASELINE_B_EPES XAdES_BASELINE_T XAdES_BASELINE_LT - long-term level XAdES signature where time-stamp is used as a assertion of trusted signing time XAdES_BASELINE_LT_TM - long-term level XAdES signature where time-mark is used as a assertion of trusted signing time. XAdES_BASELINE_LTA CAdES_BASELINE_B CAdES_BASELINE_T CAdES_BASELINE_LT CAdES_BASELINE_LTA PAdES_BASELINE_B PAdES_BASELINE_T PAdES_BASELINE_LT PAdES_BASELINE_LTA |
signaturesExt.signerSerialNumber | String | SERIALNUMBER value portion in signer's (natural person) certificate's subject distinguished name. |
signaturesExt.registrationNumber | String | OID 2.5.4.97 (organizationIdentifier) value portion in signer's (legal person) certificate's subject distinguished name. |
validationTime | Date | Time of validating the signature by the service. |
signaturesCount | Number | Number of signatures found inside digitally signed file. |
validSignaturesCount | Number | Signatures count that have validated to TOTAL-PASSED. See also SignatureExt.Indication field. |
validationLevel | String | Validation process against what the document is validated, only applicable on DSS based validations. Possible values: ARCHIVAL_DATA |
validatedDocument | Object | Object containing information about validated document. |
validatedDocument. filename | String | Digitally signed document's file name. |
Example
{
"data": {
"signatureForm": "ASiC-E",
"signaturesExt": [
{
"id": "S1",
"info": {
"bestSignatureTime": "11.11.2019. 08:32:04"
},
"signedBy": "ANDRIS PARAUDZIŅŠ",
"warnings": [
{
"content": "Signature warnings here"
}
],
"indication": "TOTAL-PASSED",
"subindication": "subindication details here"
"signatureLevel": "QESIG",
"signatureFormat": "XAdES_BASELINE_LT",
"signerSerialNumber": "PNOLV-324954-21338"
}
],
"validationTime": "30.12.2019. 06:39",
"signaturesCount": 1,
"validationLevel": "ARCHIVAL_DATA",
"validatedDocument": {
"filename": "test.edoc"
},
"validSignaturesCount": 1
}
}
