|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object com.itextpdf.text.pdf.security.CertificateVerifier com.itextpdf.text.pdf.security.RootStoreVerifier com.itextpdf.text.pdf.security.CRLVerifier
public class CRLVerifier
Class that allows you to verify a certificate against one or more Certificate Revocation Lists.
Field Summary | |
---|---|
protected static Logger |
LOGGER
The Logger instance |
Fields inherited from class com.itextpdf.text.pdf.security.RootStoreVerifier |
---|
rootStore |
Fields inherited from class com.itextpdf.text.pdf.security.CertificateVerifier |
---|
onlineCheckingAllowed, verifier |
Constructor Summary | |
---|---|
CRLVerifier(CertificateVerifier verifier,
List<X509CRL> crls)
Creates a CRLVerifier instance. |
Method Summary | |
---|---|
X509CRL |
getCRL(X509Certificate signCert,
X509Certificate issuerCert)
Fetches a CRL for a specific certificate online (without further checking). |
boolean |
isSignatureValid(X509CRL crl,
X509Certificate crlIssuer)
Checks if a CRL verifies against the issuer certificate or a trusted anchor. |
List<VerificationOK> |
verify(X509Certificate signCert,
X509Certificate issuerCert,
Date signDate)
Verifies if a a valid CRL is found for the certificate. |
boolean |
verify(X509CRL crl,
X509Certificate signCert,
X509Certificate issuerCert,
Date signDate)
Verifies a certificate against a single CRL. |
Methods inherited from class com.itextpdf.text.pdf.security.RootStoreVerifier |
---|
setRootStore |
Methods inherited from class com.itextpdf.text.pdf.security.CertificateVerifier |
---|
setOnlineCheckingAllowed |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
protected static final Logger LOGGER
Constructor Detail |
---|
public CRLVerifier(CertificateVerifier verifier, List<X509CRL> crls)
verifier
- the next verifier in the chaincrls
- a list of CRLsMethod Detail |
---|
public List<VerificationOK> verify(X509Certificate signCert, X509Certificate issuerCert, Date signDate) throws GeneralSecurityException, IOException
verify
in class RootStoreVerifier
signCert
- the certificate that needs to be checkedissuerCert
- its issuersignDate
- the date the certificate needs to be valid
VerificationOK
objects.
The list will be empty if the certificate couldn't be verified.
GeneralSecurityException
IOException
RootStoreVerifier.verify(java.security.cert.X509Certificate, java.security.cert.X509Certificate, java.util.Date)
public boolean verify(X509CRL crl, X509Certificate signCert, X509Certificate issuerCert, Date signDate) throws GeneralSecurityException
crl
- the Certificate Revocation ListsignCert
- a certificate that needs to be verifiedissuerCert
- its issuersignDate
- the sign date
GeneralSecurityException
public X509CRL getCRL(X509Certificate signCert, X509Certificate issuerCert)
signCert
- the certificateissuerCert
- its issuer
public boolean isSignatureValid(X509CRL crl, X509Certificate crlIssuer)
crl
- the CRLcrlIssuer
- the trusted anchor
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |