public class LtvVerifier extends RootStoreVerifier
Modifier and Type | Field | Description |
---|---|---|
protected PdfDictionary |
dss |
The document security store for the revision that is being verified
|
protected AcroFields |
fields |
The fields in the revision that is being verified.
|
protected boolean |
latestRevision |
Indicates if we're working with the latest revision.
|
protected static Logger |
LOGGER |
The Logger instance
|
protected LtvVerification.CertificateOption |
option |
Do we need to check all certificate, or only the signing certificate?
|
protected PdfPKCS7 |
pkcs7 |
The PdfPKCS7 object for the signature.
|
protected PdfReader |
reader |
A reader object for the revision that is being verified.
|
protected java.lang.String |
signatureName |
The signature that covers the revision.
|
protected java.util.Date |
signDate |
The date the revision was signed, or
null for the highest revision. |
protected boolean |
verifyRootCertificate |
Verify root.
|
onlineCheckingAllowed, verifier
rootStore
Constructor | Description |
---|---|
LtvVerifier(PdfReader reader) |
Creates a VerificationData object for a PdfReader
|
Modifier and Type | Method | Description |
---|---|---|
protected PdfPKCS7 |
coversWholeDocument() |
Checks if the signature covers the whole document
and throws an exception if the document was altered
|
java.util.List<java.security.cert.X509CRL> |
getCRLsFromDSS() |
Gets a list of X509CRL objects from a Document Security Store.
|
java.util.List<org.bouncycastle.cert.ocsp.BasicOCSPResp> |
getOCSPResponsesFromDSS() |
Gets OCSP responses from the Document Security Store.
|
void |
setCertificateOption(LtvVerification.CertificateOption option) |
Sets the certificate option.
|
void |
setVerifier(CertificateVerifier verifier) |
Sets an extra verifier.
|
void |
setVerifyRootCertificate(boolean verifyRootCertificate) |
Set the verifyRootCertificate to false if you can't verify the root certificate.
|
void |
switchToPreviousRevision() |
Switches to the previous revision.
|
java.util.List<VerificationOK> |
verify(java.security.cert.X509Certificate signCert,
java.security.cert.X509Certificate issuerCert,
java.util.Date signDate) |
Verifies certificates against a list of CRLs and OCSP responses.
|
java.util.List<VerificationOK> |
verify(java.util.List<VerificationOK> result) |
Verifies all the document-level timestamps and all the signatures in the document.
|
void |
verifyChain(java.security.cert.Certificate[] chain) |
Checks the certificates in a certificate chain:
are they valid on a specific date, and
do they chain up correctly?
|
java.util.List<VerificationOK> |
verifySignature() |
Verifies a document level timestamp.
|
setOnlineCheckingAllowed
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
setRootStore
protected static final Logger LOGGER
protected LtvVerification.CertificateOption option
protected boolean verifyRootCertificate
protected PdfReader reader
protected AcroFields fields
protected java.util.Date signDate
null
for the highest revision.protected java.lang.String signatureName
protected PdfPKCS7 pkcs7
protected boolean latestRevision
protected PdfDictionary dss
public LtvVerifier(PdfReader reader) throws java.security.GeneralSecurityException
reader
- a reader for the document we want to verify.java.security.GeneralSecurityException
public void setVerifier(CertificateVerifier verifier)
verifier
- the verifier to setpublic void setCertificateOption(LtvVerification.CertificateOption option)
option
- Either CertificateOption.SIGNING_CERTIFICATE (default) or CertificateOption.WHOLE_CHAINpublic void setVerifyRootCertificate(boolean verifyRootCertificate)
protected PdfPKCS7 coversWholeDocument() throws java.security.GeneralSecurityException
java.security.GeneralSecurityException
public java.util.List<VerificationOK> verify(java.util.List<VerificationOK> result) throws java.io.IOException, java.security.GeneralSecurityException
java.io.IOException
java.security.GeneralSecurityException
public java.util.List<VerificationOK> verifySignature() throws java.security.GeneralSecurityException, java.io.IOException
java.security.GeneralSecurityException
java.io.IOException
public void verifyChain(java.security.cert.Certificate[] chain) throws java.security.GeneralSecurityException
chain
- java.security.GeneralSecurityException
public java.util.List<VerificationOK> verify(java.security.cert.X509Certificate signCert, java.security.cert.X509Certificate issuerCert, java.util.Date signDate) throws java.security.GeneralSecurityException, java.io.IOException
verify
in class RootStoreVerifier
signingCert
- issuerCert
- VerificationOK
objects.
The list will be empty if the certificate couldn't be verified.java.security.GeneralSecurityException
java.io.IOException
com.itextpdf.text.pdf.security.RootStoreVerifier#verify(java.security.cert.X509Certificate, java.security.cert.X509Certificate)
public void switchToPreviousRevision() throws java.io.IOException, java.security.GeneralSecurityException
java.io.IOException
java.security.GeneralSecurityException
public java.util.List<java.security.cert.X509CRL> getCRLsFromDSS() throws java.security.GeneralSecurityException, java.io.IOException
java.security.GeneralSecurityException
java.io.IOException
public java.util.List<org.bouncycastle.cert.ocsp.BasicOCSPResp> getOCSPResponsesFromDSS() throws java.io.IOException, java.security.GeneralSecurityException
java.io.IOException
java.security.GeneralSecurityException
Copyright © 1998–2018. All rights reserved.