Class SignatureValidator
java.lang.Object
com.itextpdf.signatures.validation.v1.SignatureValidator
Validator class, which is expected to be used for signatures validation.
-
Field Summary
FieldsModifier and TypeFieldDescription(package private) static final String
private static final IBouncyCastleFactory
(package private) static final String
(package private) static final String
(package private) static final String
(package private) static final String
(package private) static final String
private final CertificateChainValidator
private final IssuingCertificateRetriever
(package private) static final String
(package private) static final String
private final DocumentRevisionsValidator
private Date
private IMetaInfo
private final PdfDocument
private final SignatureValidationProperties
(package private) static final String
(package private) static final String
(package private) static final String
(package private) static final String
(package private) static final String
(package private) static final String
static final String
private ValidationContext
private ValidationCrlClient
private ValidationOcspClient
-
Constructor Summary
ConstructorsModifierConstructorDescriptionprotected
SignatureValidator
(PdfDocument originalDocument, ValidatorChainBuilder builder) Creates new instance ofSignatureValidator
. -
Method Summary
Modifier and TypeMethodDescriptionprivate void
private List
<Certificate> getCertificatesFromDss
(ValidationReport validationReport, PdfDocument document) private PdfPKCS7
mathematicallyVerifySignature
(ValidationReport validationReport, PdfDocument document) private void
retrieveCrlResponsesFromDss
(ValidationReport validationReport, ValidationContext context, PdfDocument document) private void
retrieveNotSignedRevocationInfoFromSignatureContainer
(PdfPKCS7 pkcs7, ValidationContext validationContext) private void
retrieveOcspResponsesFromDss
(ValidationReport validationReport, ValidationContext context, PdfDocument document) private void
retrieveSignedRevocationInfoFromSignatureContainer
(PdfPKCS7 pkcs7, ValidationContext validationContext) setEventCountingMetaInfo
(IMetaInfo metaInfo) Sets theIMetaInfo
that will be used during newPdfDocument
creations.private boolean
stopValidation
(ValidationReport result, ValidationContext validationContext) private boolean
updateLastKnownPoE
(ValidationReport tsValidationReport, ITSTInfo timeStampTokenInfo) private void
updateValidationClients
(PdfPKCS7 pkcs7, ValidationReport validationReport, ValidationContext validationContext, PdfDocument document) private ValidationReport
(package private) ValidationReport
validateLatestSignature
(PdfDocument document) Validate all signatures in the document.private void
validateTimestampChain
(ValidationReport validationReport, Certificate[] knownCerts, X509Certificate signingCert)
-
Field Details
-
VALIDATING_SIGNATURE_NAME
- See Also:
-
TIMESTAMP_VERIFICATION
- See Also:
-
SIGNATURE_VERIFICATION
- See Also:
-
CANNOT_PARSE_CERT_FROM_DSS
- See Also:
-
CANNOT_PARSE_OCSP_FROM_DSS
- See Also:
-
CANNOT_PARSE_CRL_FROM_DSS
- See Also:
-
CANNOT_VERIFY_SIGNATURE
- See Also:
-
DOCUMENT_IS_NOT_COVERED
- See Also:
-
CANNOT_VERIFY_TIMESTAMP
- See Also:
-
TIMESTAMP_VERIFICATION_FAILED
- See Also:
-
REVISIONS_RETRIEVAL_FAILED
- See Also:
-
TIMESTAMP_EXTRACTION_FAILED
- See Also:
-
CHAIN_VALIDATION_FAILED
- See Also:
-
REVISIONS_VALIDATION_FAILED
- See Also:
-
ADD_KNOWN_CERTIFICATES_FAILED
- See Also:
-
BOUNCY_CASTLE_FACTORY
-
validationContext
-
certificateChainValidator
-
documentRevisionsValidator
-
certificateRetriever
-
properties
-
lastKnownPoE
-
metaInfo
-
originalDocument
-
validationOcspClient
-
validationCrlClient
-
-
Constructor Details
-
SignatureValidator
Creates new instance ofSignatureValidator
.- Parameters:
originalDocument
-PdfDocument
instance which will be validatedbuilder
- seeValidatorChainBuilder
-
-
Method Details
-
setEventCountingMetaInfo
Sets theIMetaInfo
that will be used during newPdfDocument
creations.- Parameters:
metaInfo
- meta info to set- Returns:
- the same
SignatureValidator
instance
-
validateSignatures
Validate all signatures in the document.- Returns:
ValidationReport
which contains detailed validation results
-
validateLatestSignature
-
findValidationClients
private void findValidationClients() -
mathematicallyVerifySignature
private PdfPKCS7 mathematicallyVerifySignature(ValidationReport validationReport, PdfDocument document) -
validateEmbeddedTimestamp
-
validateTimestampChain
private void validateTimestampChain(ValidationReport validationReport, Certificate[] knownCerts, X509Certificate signingCert) -
updateLastKnownPoE
private boolean updateLastKnownPoE(ValidationReport tsValidationReport, ITSTInfo timeStampTokenInfo) -
updateValidationClients
private void updateValidationClients(PdfPKCS7 pkcs7, ValidationReport validationReport, ValidationContext validationContext, PdfDocument document) -
retrieveSignedRevocationInfoFromSignatureContainer
private void retrieveSignedRevocationInfoFromSignatureContainer(PdfPKCS7 pkcs7, ValidationContext validationContext) -
retrieveNotSignedRevocationInfoFromSignatureContainer
private void retrieveNotSignedRevocationInfoFromSignatureContainer(PdfPKCS7 pkcs7, ValidationContext validationContext) -
retrieveOcspResponsesFromDss
private void retrieveOcspResponsesFromDss(ValidationReport validationReport, ValidationContext context, PdfDocument document) -
retrieveCrlResponsesFromDss
private void retrieveCrlResponsesFromDss(ValidationReport validationReport, ValidationContext context, PdfDocument document) -
getCertificatesFromDss
private List<Certificate> getCertificatesFromDss(ValidationReport validationReport, PdfDocument document) -
stopValidation
-