Class SignatureValidator
- java.lang.Object
-
- com.itextpdf.signatures.validation.SignatureValidator
-
public class SignatureValidator extends java.lang.Object
Validator class, which is expected to be used for signatures validation.
-
-
Field Summary
Fields Modifier and Type Field Description (package private) static java.lang.String
ADD_KNOWN_CERTIFICATES_FAILED
private static IBouncyCastleFactory
BOUNCY_CASTLE_FACTORY
private ValidatorChainBuilder
builder
(package private) static java.lang.String
CANNOT_PARSE_CERT_FROM_DSS
(package private) static java.lang.String
CANNOT_PARSE_CRL_FROM_DSS
(package private) static java.lang.String
CANNOT_PARSE_OCSP_FROM_DSS
(package private) static java.lang.String
CANNOT_VERIFY_SIGNATURE
(package private) static java.lang.String
CANNOT_VERIFY_TIMESTAMP
private CertificateChainValidator
certificateChainValidator
private IssuingCertificateRetriever
certificateRetriever
(package private) static java.lang.String
CHAIN_VALIDATION_FAILED
(package private) static java.lang.String
DOCUMENT_IS_NOT_COVERED
private DocumentRevisionsValidator
documentRevisionsValidator
private java.util.Date
lastKnownPoE
private IMetaInfo
metaInfo
private PdfDocument
originalDocument
private SignatureValidationProperties
properties
(package private) static java.lang.String
REVISIONS_RETRIEVAL_FAILED
(package private) static java.lang.String
REVISIONS_VALIDATION_FAILED
(package private) static java.lang.String
SIGNATURE_NOT_FOUND
(package private) static java.lang.String
SIGNATURE_VERIFICATION
(package private) static java.lang.String
TIMESTAMP_EXTRACTION_FAILED
(package private) static java.lang.String
TIMESTAMP_VERIFICATION
(package private) static java.lang.String
TIMESTAMP_VERIFICATION_FAILED
static java.lang.String
VALIDATING_SIGNATURE_NAME
(package private) static java.lang.String
VALIDATION_PERFORMED
private ValidationContext
validationContext
private ValidationCrlClient
validationCrlClient
private ValidationOcspClient
validationOcspClient
private boolean
validationPerformed
-
Constructor Summary
Constructors Modifier Constructor Description protected
SignatureValidator(PdfDocument originalDocument, ValidatorChainBuilder builder)
Creates new instance ofSignatureValidator
.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description private void
findValidationClients()
private java.util.List<java.security.cert.Certificate>
getCertificatesFromDss(ValidationReport validationReport, PdfDocument document)
private PdfPKCS7
mathematicallyVerifySignature(ValidationReport validationReport, PdfDocument document)
private void
reportResult(ValidationReport validationReport)
private void
retrieveCrlResponsesFromDss(ValidationReport validationReport, ValidationContext context, PdfDocument document)
private void
retrieveNotSignedRevocationInfoFromSignatureContainer(PdfPKCS7 pkcs7, ValidationContext validationContext)
private void
retrieveOcspResponsesFromDss(ValidationReport validationReport, ValidationContext context, PdfDocument document)
private void
retrieveSignedRevocationInfoFromSignatureContainer(PdfPKCS7 pkcs7, ValidationContext validationContext)
SignatureValidator
setEventCountingMetaInfo(IMetaInfo metaInfo)
Sets theIMetaInfo
that will be used during newPdfDocument
creations.private boolean
stopValidation(ValidationReport result, ValidationContext validationContext)
private boolean
updateLastKnownPoE(ValidationReport tsValidationReport, ITSTInfo timeStampTokenInfo)
private void
updateValidationClients(PdfPKCS7 pkcs7, ValidationReport validationReport, ValidationContext validationContext, PdfDocument document)
private ValidationReport
validate(java.lang.String signatureName)
private ValidationReport
validateEmbeddedTimestamp(PdfPKCS7 pkcs7)
(package private) ValidationReport
validateLatestSignature(PdfDocument document)
ValidationReport
validateSignature(java.lang.String signatureName)
Validate single signature in the document.ValidationReport
validateSignatures()
Validate all signatures in the document.private void
validateTimestampChain(ValidationReport validationReport, java.security.cert.Certificate[] knownCerts, java.security.cert.X509Certificate signingCert)
-
-
-
Field Detail
-
VALIDATING_SIGNATURE_NAME
public static final java.lang.String VALIDATING_SIGNATURE_NAME
- See Also:
- Constant Field Values
-
TIMESTAMP_VERIFICATION
static final java.lang.String TIMESTAMP_VERIFICATION
- See Also:
- Constant Field Values
-
SIGNATURE_VERIFICATION
static final java.lang.String SIGNATURE_VERIFICATION
- See Also:
- Constant Field Values
-
CANNOT_PARSE_CERT_FROM_DSS
static final java.lang.String CANNOT_PARSE_CERT_FROM_DSS
- See Also:
- Constant Field Values
-
CANNOT_PARSE_OCSP_FROM_DSS
static final java.lang.String CANNOT_PARSE_OCSP_FROM_DSS
- See Also:
- Constant Field Values
-
CANNOT_PARSE_CRL_FROM_DSS
static final java.lang.String CANNOT_PARSE_CRL_FROM_DSS
- See Also:
- Constant Field Values
-
CANNOT_VERIFY_SIGNATURE
static final java.lang.String CANNOT_VERIFY_SIGNATURE
- See Also:
- Constant Field Values
-
DOCUMENT_IS_NOT_COVERED
static final java.lang.String DOCUMENT_IS_NOT_COVERED
- See Also:
- Constant Field Values
-
CANNOT_VERIFY_TIMESTAMP
static final java.lang.String CANNOT_VERIFY_TIMESTAMP
- See Also:
- Constant Field Values
-
TIMESTAMP_VERIFICATION_FAILED
static final java.lang.String TIMESTAMP_VERIFICATION_FAILED
- See Also:
- Constant Field Values
-
REVISIONS_RETRIEVAL_FAILED
static final java.lang.String REVISIONS_RETRIEVAL_FAILED
- See Also:
- Constant Field Values
-
TIMESTAMP_EXTRACTION_FAILED
static final java.lang.String TIMESTAMP_EXTRACTION_FAILED
- See Also:
- Constant Field Values
-
CHAIN_VALIDATION_FAILED
static final java.lang.String CHAIN_VALIDATION_FAILED
- See Also:
- Constant Field Values
-
REVISIONS_VALIDATION_FAILED
static final java.lang.String REVISIONS_VALIDATION_FAILED
- See Also:
- Constant Field Values
-
ADD_KNOWN_CERTIFICATES_FAILED
static final java.lang.String ADD_KNOWN_CERTIFICATES_FAILED
- See Also:
- Constant Field Values
-
SIGNATURE_NOT_FOUND
static final java.lang.String SIGNATURE_NOT_FOUND
- See Also:
- Constant Field Values
-
VALIDATION_PERFORMED
static final java.lang.String VALIDATION_PERFORMED
- See Also:
- Constant Field Values
-
BOUNCY_CASTLE_FACTORY
private static final IBouncyCastleFactory BOUNCY_CASTLE_FACTORY
-
builder
private final ValidatorChainBuilder builder
-
validationContext
private ValidationContext validationContext
-
certificateChainValidator
private final CertificateChainValidator certificateChainValidator
-
documentRevisionsValidator
private final DocumentRevisionsValidator documentRevisionsValidator
-
certificateRetriever
private final IssuingCertificateRetriever certificateRetriever
-
properties
private final SignatureValidationProperties properties
-
lastKnownPoE
private java.util.Date lastKnownPoE
-
metaInfo
private IMetaInfo metaInfo
-
originalDocument
private final PdfDocument originalDocument
-
validationOcspClient
private ValidationOcspClient validationOcspClient
-
validationCrlClient
private ValidationCrlClient validationCrlClient
-
validationPerformed
private boolean validationPerformed
-
-
Constructor Detail
-
SignatureValidator
protected SignatureValidator(PdfDocument originalDocument, ValidatorChainBuilder builder)
Creates new instance ofSignatureValidator
.- Parameters:
originalDocument
-PdfDocument
instance which will be validatedbuilder
- seeValidatorChainBuilder
-
-
Method Detail
-
setEventCountingMetaInfo
public SignatureValidator setEventCountingMetaInfo(IMetaInfo metaInfo)
Sets theIMetaInfo
that will be used during newPdfDocument
creations.- Parameters:
metaInfo
- meta info to set- Returns:
- the same
SignatureValidator
instance
-
validateSignatures
public ValidationReport validateSignatures()
Validate all signatures in the document.- Returns:
ValidationReport
which contains detailed validation results
-
validateSignature
public ValidationReport validateSignature(java.lang.String signatureName)
Validate single signature in the document.- Parameters:
signatureName
- name of the signature to validate- Returns:
ValidationReport
which contains detailed validation results.
-
validateLatestSignature
ValidationReport validateLatestSignature(PdfDocument document)
-
reportResult
private void reportResult(ValidationReport validationReport)
-
validate
private ValidationReport validate(java.lang.String signatureName)
-
findValidationClients
private void findValidationClients()
-
mathematicallyVerifySignature
private PdfPKCS7 mathematicallyVerifySignature(ValidationReport validationReport, PdfDocument document)
-
validateEmbeddedTimestamp
private ValidationReport validateEmbeddedTimestamp(PdfPKCS7 pkcs7)
-
validateTimestampChain
private void validateTimestampChain(ValidationReport validationReport, java.security.cert.Certificate[] knownCerts, java.security.cert.X509Certificate signingCert)
-
updateLastKnownPoE
private boolean updateLastKnownPoE(ValidationReport tsValidationReport, ITSTInfo timeStampTokenInfo)
-
updateValidationClients
private void updateValidationClients(PdfPKCS7 pkcs7, ValidationReport validationReport, ValidationContext validationContext, PdfDocument document)
-
retrieveSignedRevocationInfoFromSignatureContainer
private void retrieveSignedRevocationInfoFromSignatureContainer(PdfPKCS7 pkcs7, ValidationContext validationContext)
-
retrieveNotSignedRevocationInfoFromSignatureContainer
private void retrieveNotSignedRevocationInfoFromSignatureContainer(PdfPKCS7 pkcs7, ValidationContext validationContext)
-
retrieveOcspResponsesFromDss
private void retrieveOcspResponsesFromDss(ValidationReport validationReport, ValidationContext context, PdfDocument document)
-
retrieveCrlResponsesFromDss
private void retrieveCrlResponsesFromDss(ValidationReport validationReport, ValidationContext context, PdfDocument document)
-
getCertificatesFromDss
private java.util.List<java.security.cert.Certificate> getCertificatesFromDss(ValidationReport validationReport, PdfDocument document)
-
stopValidation
private boolean stopValidation(ValidationReport result, ValidationContext validationContext)
-
-