Class CertificateVerification


  • @Deprecated
    public class CertificateVerification
    extends java.lang.Object
    Deprecated.
    starting from 9.0.0. CertificateChainValidator should be used instead.
    This class consists of some methods that allow you to verify certificates.
    • Method Summary

      All Methods Static Methods Concrete Methods Deprecated Methods 
      Modifier and Type Method Description
      protected static boolean hasUnsupportedCriticalExtension​(java.security.cert.X509Certificate cert)
      Deprecated.
      Check if the provided certificate has a critical extension that iText doesn't support.
      private static void logExceptionMessages​(java.util.List<java.lang.Exception> exceptionsThrown)
      Deprecated.
       
      static java.lang.String verifyCertificate​(java.security.cert.X509Certificate cert, java.util.Collection<java.security.cert.CRL> crls)
      Deprecated.
      Verifies a single certificate for the current date.
      static java.lang.String verifyCertificate​(java.security.cert.X509Certificate cert, java.util.Collection<java.security.cert.CRL> crls, java.util.Calendar calendar)
      Deprecated.
      Verifies a single certificate.
      static java.util.List<VerificationException> verifyCertificates​(java.security.cert.Certificate[] certs, java.security.KeyStore keystore)
      Deprecated.
      Verifies a certificate chain against a KeyStore for the current date.
      static java.util.List<VerificationException> verifyCertificates​(java.security.cert.Certificate[] certs, java.security.KeyStore keystore, java.util.Calendar calendar)
      Deprecated.
      Verifies a certificate chain against a KeyStore.
      static java.util.List<VerificationException> verifyCertificates​(java.security.cert.Certificate[] certs, java.security.KeyStore keystore, java.util.Collection<java.security.cert.CRL> crls)
      Deprecated.
      Verifies a certificate chain against a KeyStore for the current date.
      static java.util.List<VerificationException> verifyCertificates​(java.security.cert.Certificate[] certs, java.security.KeyStore keystore, java.util.Collection<java.security.cert.CRL> crls, java.util.Calendar calendar)
      Deprecated.
      Verifies a certificate chain against a KeyStore.
      static boolean verifyOcspCertificates​(IBasicOCSPResp ocsp, java.security.KeyStore keystore, java.lang.String provider)
      Deprecated.
      Verifies an OCSP response against a KeyStore.
      static boolean verifyTimestampCertificates​(ITimeStampToken ts, java.security.KeyStore keystore, java.lang.String provider)
      Deprecated.
      Verifies a time stamp against a KeyStore.
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Field Detail

      • HAS_UNSUPPORTED_EXTENSIONS

        public static final java.lang.String HAS_UNSUPPORTED_EXTENSIONS
        Deprecated.
        See Also:
        Constant Field Values
      • CERTIFICATE_REVOKED

        public static final java.lang.String CERTIFICATE_REVOKED
        Deprecated.
        See Also:
        Constant Field Values
      • LOGGER

        private static final org.slf4j.Logger LOGGER
        Deprecated.
        The Logger instance.
    • Constructor Detail

      • CertificateVerification

        public CertificateVerification()
        Deprecated.
    • Method Detail

      • verifyCertificate

        public static java.lang.String verifyCertificate​(java.security.cert.X509Certificate cert,
                                                         java.util.Collection<java.security.cert.CRL> crls)
        Deprecated.
        Verifies a single certificate for the current date.
        Parameters:
        cert - the certificate to verify
        crls - the certificate revocation list or null
        Returns:
        a String with the error description or null if no error
      • verifyCertificate

        public static java.lang.String verifyCertificate​(java.security.cert.X509Certificate cert,
                                                         java.util.Collection<java.security.cert.CRL> crls,
                                                         java.util.Calendar calendar)
        Deprecated.
        Verifies a single certificate.
        Parameters:
        cert - the certificate to verify
        crls - the certificate revocation list or null
        calendar - the date, shall not be null
        Returns:
        a String with the error description or null if no error
      • verifyCertificates

        public static java.util.List<VerificationException> verifyCertificates​(java.security.cert.Certificate[] certs,
                                                                               java.security.KeyStore keystore,
                                                                               java.util.Collection<java.security.cert.CRL> crls)
                                                                        throws java.security.cert.CertificateEncodingException
        Deprecated.
        Verifies a certificate chain against a KeyStore for the current date.
        Parameters:
        certs - the certificate chain
        keystore - the KeyStore
        crls - the certificate revocation list or null
        Returns:
        empty list if the certificate chain could be validated or a Object[]{cert,error} where cert is the failed certificate and error is the error message
        Throws:
        java.security.cert.CertificateEncodingException - if an encoding error occurs in Certificate.
      • verifyCertificates

        public static java.util.List<VerificationException> verifyCertificates​(java.security.cert.Certificate[] certs,
                                                                               java.security.KeyStore keystore,
                                                                               java.util.Collection<java.security.cert.CRL> crls,
                                                                               java.util.Calendar calendar)
                                                                        throws java.security.cert.CertificateEncodingException
        Deprecated.
        Verifies a certificate chain against a KeyStore.
        Parameters:
        certs - the certificate chain
        keystore - the KeyStore
        crls - the certificate revocation list or null
        calendar - the date, shall not be null
        Returns:
        empty list if the certificate chain could be validated or a Object[]{cert,error} where cert is the failed certificate and error is the error message
        Throws:
        java.security.cert.CertificateEncodingException - if an encoding error occurs in Certificate.
      • verifyCertificates

        public static java.util.List<VerificationException> verifyCertificates​(java.security.cert.Certificate[] certs,
                                                                               java.security.KeyStore keystore)
                                                                        throws java.security.cert.CertificateEncodingException
        Deprecated.
        Verifies a certificate chain against a KeyStore for the current date.
        Parameters:
        certs - the certificate chain
        keystore - the KeyStore
        Returns:
        null if the certificate chain could be validated or a Object[]{cert,error} where cert is the failed certificate and error is the error message
        Throws:
        java.security.cert.CertificateEncodingException - if an encoding error occurs in Certificate.
      • verifyCertificates

        public static java.util.List<VerificationException> verifyCertificates​(java.security.cert.Certificate[] certs,
                                                                               java.security.KeyStore keystore,
                                                                               java.util.Calendar calendar)
                                                                        throws java.security.cert.CertificateEncodingException
        Deprecated.
        Verifies a certificate chain against a KeyStore.
        Parameters:
        certs - the certificate chain
        keystore - the KeyStore
        calendar - the date, shall not be null
        Returns:
        null if the certificate chain could be validated or a Object[]{cert,error} where cert is the failed certificate and error is the error message
        Throws:
        java.security.cert.CertificateEncodingException - if an encoding error occurs in Certificate.
      • verifyOcspCertificates

        public static boolean verifyOcspCertificates​(IBasicOCSPResp ocsp,
                                                     java.security.KeyStore keystore,
                                                     java.lang.String provider)
        Deprecated.
        Verifies an OCSP response against a KeyStore.
        Parameters:
        ocsp - the OCSP response
        keystore - the KeyStore
        provider - the provider or null to use the BouncyCastle provider
        Returns:
        true is a certificate was found
      • verifyTimestampCertificates

        public static boolean verifyTimestampCertificates​(ITimeStampToken ts,
                                                          java.security.KeyStore keystore,
                                                          java.lang.String provider)
        Deprecated.
        Verifies a time stamp against a KeyStore.
        Parameters:
        ts - the time stamp
        keystore - the KeyStore
        provider - the provider or null to use the BouncyCastle provider
        Returns:
        true is a certificate was found
      • hasUnsupportedCriticalExtension

        protected static boolean hasUnsupportedCriticalExtension​(java.security.cert.X509Certificate cert)
        Deprecated.
        Check if the provided certificate has a critical extension that iText doesn't support.
        Parameters:
        cert - X509Certificate instance to check
        Returns:
        true if there are unsupported critical extensions, false if there are none
      • logExceptionMessages

        private static void logExceptionMessages​(java.util.List<java.lang.Exception> exceptionsThrown)
        Deprecated.