|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectcom.itextpdf.text.pdf.security.CertificateVerifier
com.itextpdf.text.pdf.security.RootStoreVerifier
com.itextpdf.text.pdf.security.CRLVerifier
public class CRLVerifier
Class that allows you to verify a certificate against one or more Certificate Revocation Lists.
Field Summary | |
---|---|
protected static Logger |
LOGGER
The Logger instance |
Fields inherited from class com.itextpdf.text.pdf.security.RootStoreVerifier |
---|
rootStore |
Fields inherited from class com.itextpdf.text.pdf.security.CertificateVerifier |
---|
onlineCheckingAllowed, verifier |
Constructor Summary | |
---|---|
CRLVerifier(CertificateVerifier verifier,
java.util.List<java.security.cert.X509CRL> crls)
Creates a CRLVerifier instance. |
Method Summary | |
---|---|
java.security.cert.X509CRL |
getCRL(java.security.cert.X509Certificate signCert,
java.security.cert.X509Certificate issuerCert)
Fetches a CRL for a specific certificate online (without further checking). |
boolean |
isSignatureValid(java.security.cert.X509CRL crl,
java.security.cert.X509Certificate crlIssuer)
Checks if a CRL verifies against the issuer certificate or a trusted anchor. |
java.util.List<VerificationOK> |
verify(java.security.cert.X509Certificate signCert,
java.security.cert.X509Certificate issuerCert,
java.util.Date signDate)
Verifies if a a valid CRL is found for the certificate. |
boolean |
verify(java.security.cert.X509CRL crl,
java.security.cert.X509Certificate signCert,
java.security.cert.X509Certificate issuerCert,
java.util.Date signDate)
Verifies a certificate against a single CRL. |
Methods inherited from class com.itextpdf.text.pdf.security.RootStoreVerifier |
---|
setRootStore |
Methods inherited from class com.itextpdf.text.pdf.security.CertificateVerifier |
---|
setOnlineCheckingAllowed |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
protected static final Logger LOGGER
Constructor Detail |
---|
public CRLVerifier(CertificateVerifier verifier, java.util.List<java.security.cert.X509CRL> crls)
verifier
- the next verifier in the chaincrls
- a list of CRLsMethod Detail |
---|
public java.util.List<VerificationOK> verify(java.security.cert.X509Certificate signCert, java.security.cert.X509Certificate issuerCert, java.util.Date signDate) throws java.security.GeneralSecurityException, java.io.IOException
verify
in class RootStoreVerifier
signCert
- the certificate that needs to be checkedissuerCert
- its issuersignDate
- the date the certificate needs to be valid
VerificationOK
objects.
The list will be empty if the certificate couldn't be verified.
java.security.GeneralSecurityException
java.io.IOException
RootStoreVerifier.verify(java.security.cert.X509Certificate, java.security.cert.X509Certificate, java.util.Date)
public boolean verify(java.security.cert.X509CRL crl, java.security.cert.X509Certificate signCert, java.security.cert.X509Certificate issuerCert, java.util.Date signDate) throws java.security.GeneralSecurityException
crl
- the Certificate Revocation ListsignCert
- a certificate that needs to be verifiedissuerCert
- its issuersignDate
- the sign date
java.security.GeneralSecurityException
public java.security.cert.X509CRL getCRL(java.security.cert.X509Certificate signCert, java.security.cert.X509Certificate issuerCert)
signCert
- the certificateissuerCert
- its issuer
public boolean isSignatureValid(java.security.cert.X509CRL crl, java.security.cert.X509Certificate crlIssuer)
crl
- the CRLcrlIssuer
- the trusted anchor
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |