com.itextpdf.text.pdf.security
Class CertificateVerification

java.lang.Object
  com.itextpdf.text.pdf.security.CertificateVerification

public class CertificateVerification
extends Object

This class consists of some methods that allow you to verify certificates.

Constructor Summary

CertificateVerification()

Method Summary

static String	verifyCertificate(X509Certificate cert, Collection<CRL> crls, Calendar calendar) Verifies a single certificate.
static List<VerificationException>	verifyCertificates(Certificate[] certs, KeyStore keystore, Calendar calendar) Verifies a certificate chain against a KeyStore.
static List<VerificationException>	verifyCertificates(Certificate[] certs, KeyStore keystore, Collection<CRL> crls, Calendar calendar) Verifies a certificate chain against a KeyStore.
static boolean	verifyOcspCertificates(org.bouncycastle.cert.ocsp.BasicOCSPResp ocsp, KeyStore keystore, String provider) Verifies an OCSP response against a KeyStore.
static boolean	verifyTimestampCertificates(org.bouncycastle.tsp.TimeStampToken ts, KeyStore keystore, String provider) Verifies a time stamp against a KeyStore.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

CertificateVerification

public CertificateVerification()

Method Detail

verifyCertificate

public static String verifyCertificate(X509Certificate cert,
                                       Collection<CRL> crls,
                                       Calendar calendar)

Verifies a single certificate.

Parameters:

cert - the certificate to verify

crls - the certificate revocation list or null

calendar - the date or null for the current date

Returns:

a String with the error description or null if no error

verifyCertificates

public static List<VerificationException> verifyCertificates(Certificate[] certs,
                                                             KeyStore keystore,
                                                             Collection<CRL> crls,
                                                             Calendar calendar)

Verifies a certificate chain against a KeyStore.

Parameters:

certs - the certificate chain

keystore - the KeyStore

crls - the certificate revocation list or null

calendar - the date or null for the current date

Returns:

null if the certificate chain could be validated or a Object[]{cert,error} where cert is the failed certificate and error is the error message

verifyCertificates

public static List<VerificationException> verifyCertificates(Certificate[] certs,
                                                             KeyStore keystore,
                                                             Calendar calendar)

Verifies a certificate chain against a KeyStore.

Parameters:

certs - the certificate chain

keystore - the KeyStore

calendar - the date or null for the current date

Returns:

null if the certificate chain could be validated or a Object[]{cert,error} where cert is the failed certificate and error is the error message

verifyOcspCertificates

public static boolean verifyOcspCertificates(org.bouncycastle.cert.ocsp.BasicOCSPResp ocsp,
                                             KeyStore keystore,
                                             String provider)

Verifies an OCSP response against a KeyStore.

Parameters:

ocsp - the OCSP response

keystore - the KeyStore

provider - the provider or null to use the BouncyCastle provider

Returns:

true is a certificate was found

verifyTimestampCertificates

public static boolean verifyTimestampCertificates(org.bouncycastle.tsp.TimeStampToken ts,
                                                  KeyStore keystore,
                                                  String provider)

Verifies a time stamp against a KeyStore.

Parameters:

ts - the time stamp

keystore - the KeyStore

provider - the provider or null to use the BouncyCastle provider

Returns:

true is a certificate was found