Namespace SimpleSign.Core.Validation
Classes
- CertificateChainService
Default implementation of ICertificateChainService.
- CertificateValidationException
Thrown when a certificate fails validation — for example, when the certificate chain cannot be built, the certificate has expired, or the root CA is not trusted.
- CryptoVerifier
Verifies cryptographic signature validity and PAdES attribute binding. All methods are static — no state needed. Uses Span<byte> to minimize allocations.
- CryptoVerifierService
Default implementation of ICryptoVerifier.
- RevocationCheckException
Thrown when a certificate revocation check fails — for example, when an OCSP responder times out, a CRL cannot be downloaded, or the certificate has been revoked.
- SignatureValidationResult
Complete result of a PDF signature validation.
- TimestampValidator
Validates RFC 3161 timestamp tokens embedded in CMS signatures. Verifies TSA signature, nonce, and extracts timestamp date.
- TimestampValidatorService
Default implementation of ITimestampValidator.
- ValidationException
Thrown when the PDF validation engine encounters a structural or cryptographic error that prevents validation from completing.
- ValidationOptions
Options for the validation engine.
Interfaces
- ICertificateChainService
Service for certificate chain operations: AIA chasing, certificate loading.
- ICryptoVerifier
Cryptographic signature verification and signing-certificate binding validation.
- IRevocationChecker
Checks certificate revocation status via embedded CRLs, OCSP, and online CRL.
- ITimestampValidator
Validates RFC 3161 timestamp tokens embedded in signatures.
Enums
- RevocationSource
Describes the mechanism used to verify the revocation status of a signer's certificate. Useful for distinguishing offline (B-LT/B-LTA) from online (B-T) revocation checks.
Delegates
- TimestampValidator.CertificateChainValidatorDelegate
Delegate for certificate chain validation, allowing the caller to supply its own implementation.