Class VerifySignatureResult

Object
VerifySignatureResult
public final class VerifySignatureResult extends Object

VerifySignatureResult

Immutable value object returned by

invalid reference 
AnkaSecureSdk#verifySignature
. It conveys the outcome of a detached-signature verification together with exhaustive metadata emitted by the Anka Secure platform.

Detached Compact JWS Structure

The service returns a Compact JWS in detached form: three Base64URL-encoded segments separated by dots, where the payload segment is empty: 


   BASE64URL(Header) .. BASE64URL(Signature)
  • Header: JSON object containing signature metadata such as alg (e.g. Falcon-512 or hybrid RSA-3072+SHA256) and kid (key identifier).
  • Payload: omitted here (detached); the original file data is supplied separately and verified against the signature.
  • Signature: computed over the header and external payload using the negotiated PQC, classical or hybrid algorithm.

Usage example


 Path payload   = Path.of("data/report.pdf");
 Path signature = Path.of("data/report.pdf.sig");
 VerifySignatureResult result = sdk.verifySignature(payload, signature);
 if (!result.isValid()) {
     // Block the workflow or log warning
 }
 result.getWarnings().forEach(log::warn);

Outcome and Metadata

  • Validity flagisValid() reports whether the detached signature matches the supplied payload and the key’s current status permits verification (revocation, expiry, usage caps).
  • Key metadata – the key initially requested by the caller and the key effectively used after server-side rotation or succession logic.
  • Algorithm negotiated – post-quantum, classical or hybrid algorithm chosen by the crypto-engine (e.g. Falcon-512, RSA-3072+SHA256).
  • Warnings – non-fatal advisories such as usage caps, nearing expiry or algorithm deprecation notices. May be null or empty if none.

Thread-safety

Instances are effectively immutable once created by the SDK. They may be shared across threads safely provided no setter is invoked.

All getters return non-null values except getWarnings(), which may be null or empty.

Since:
1.0.0
Author:
Anka Technologies SDK Team

  • Constructor Details

    • VerifySignatureResult

      public VerifySignatureResult()

  • Method Details

    • isValid

      public boolean isValid()
      Indicates whether verification succeeded both cryptographically and against server-side policy checks.
      Returns:
      true if valid; false otherwise

    • getKeyRequested

      public String getKeyRequested()
      Returns:
      key identifier originally requested by the caller

    • getActualKeyUsed

      public String getActualKeyUsed()
      Returns:
      key identifier effectively used by the server, or null if same as keyRequested

    • getAlgorithmUsed

      public String getAlgorithmUsed()
      Returns:
      algorithm negotiated by the crypto-engine

    • getWarnings

      public List<String> getWarnings()
      Returns:
      warnings or null/empty if none

    • toString

      public String toString()
      Overrides:
      toString in class Object

    • equals

      public boolean equals(Object o)
      Overrides:
      equals in class Object

    • hashCode

      public int hashCode()
      Overrides:
      hashCode in class Object