Package com.itextpdf.signatures
Class CertificateVerification
- java.lang.Object
-
- com.itextpdf.signatures.CertificateVerification
-
@Deprecated public class CertificateVerification extends java.lang.Object
Deprecated.starting from 9.0.0.CertificateChainValidator
should be used instead.This class consists of some methods that allow you to verify certificates.
-
-
Field Summary
Fields Modifier and Type Field Description static java.lang.String
CERTIFICATE_REVOKED
Deprecated.static java.lang.String
HAS_UNSUPPORTED_EXTENSIONS
Deprecated.private static org.slf4j.Logger
LOGGER
Deprecated.The Logger instance.
-
Constructor Summary
Constructors Constructor Description CertificateVerification()
Deprecated.
-
Method Summary
All Methods Static Methods Concrete Methods Deprecated Methods Modifier and Type Method Description protected static boolean
hasUnsupportedCriticalExtension(java.security.cert.X509Certificate cert)
Deprecated.Check if the provided certificate has a critical extension that iText doesn't support.private static void
logExceptionMessages(java.util.List<java.lang.Exception> exceptionsThrown)
Deprecated.static java.lang.String
verifyCertificate(java.security.cert.X509Certificate cert, java.util.Collection<java.security.cert.CRL> crls)
Deprecated.Verifies a single certificate for the current date.static java.lang.String
verifyCertificate(java.security.cert.X509Certificate cert, java.util.Collection<java.security.cert.CRL> crls, java.util.Calendar calendar)
Deprecated.Verifies a single certificate.static java.util.List<VerificationException>
verifyCertificates(java.security.cert.Certificate[] certs, java.security.KeyStore keystore)
Deprecated.Verifies a certificate chain against a KeyStore for the current date.static java.util.List<VerificationException>
verifyCertificates(java.security.cert.Certificate[] certs, java.security.KeyStore keystore, java.util.Calendar calendar)
Deprecated.Verifies a certificate chain against a KeyStore.static java.util.List<VerificationException>
verifyCertificates(java.security.cert.Certificate[] certs, java.security.KeyStore keystore, java.util.Collection<java.security.cert.CRL> crls)
Deprecated.Verifies a certificate chain against a KeyStore for the current date.static java.util.List<VerificationException>
verifyCertificates(java.security.cert.Certificate[] certs, java.security.KeyStore keystore, java.util.Collection<java.security.cert.CRL> crls, java.util.Calendar calendar)
Deprecated.Verifies a certificate chain against a KeyStore.static boolean
verifyOcspCertificates(IBasicOCSPResp ocsp, java.security.KeyStore keystore, java.lang.String provider)
Deprecated.Verifies an OCSP response against a KeyStore.static boolean
verifyTimestampCertificates(ITimeStampToken ts, java.security.KeyStore keystore, java.lang.String provider)
Deprecated.Verifies a time stamp against a KeyStore.
-
-
-
Field Detail
-
HAS_UNSUPPORTED_EXTENSIONS
public static final java.lang.String HAS_UNSUPPORTED_EXTENSIONS
Deprecated.- See Also:
- Constant Field Values
-
CERTIFICATE_REVOKED
public static final java.lang.String CERTIFICATE_REVOKED
Deprecated.- See Also:
- Constant Field Values
-
LOGGER
private static final org.slf4j.Logger LOGGER
Deprecated.The Logger instance.
-
-
Method Detail
-
verifyCertificate
public static java.lang.String verifyCertificate(java.security.cert.X509Certificate cert, java.util.Collection<java.security.cert.CRL> crls)
Deprecated.Verifies a single certificate for the current date.- Parameters:
cert
- the certificate to verifycrls
- the certificate revocation list ornull
- Returns:
- a
String
with the error description ornull
if no error
-
verifyCertificate
public static java.lang.String verifyCertificate(java.security.cert.X509Certificate cert, java.util.Collection<java.security.cert.CRL> crls, java.util.Calendar calendar)
Deprecated.Verifies a single certificate.- Parameters:
cert
- the certificate to verifycrls
- the certificate revocation list ornull
calendar
- the date, shall not be null- Returns:
- a
String
with the error description ornull
if no error
-
verifyCertificates
public static java.util.List<VerificationException> verifyCertificates(java.security.cert.Certificate[] certs, java.security.KeyStore keystore, java.util.Collection<java.security.cert.CRL> crls) throws java.security.cert.CertificateEncodingException
Deprecated.Verifies a certificate chain against a KeyStore for the current date.- Parameters:
certs
- the certificate chainkeystore
- theKeyStore
crls
- the certificate revocation list ornull
- Returns:
- empty list if the certificate chain could be validated or a
Object[]{cert,error}
wherecert
is the failed certificate anderror
is the error message - Throws:
java.security.cert.CertificateEncodingException
- if an encoding error occurs inCertificate
.
-
verifyCertificates
public static java.util.List<VerificationException> verifyCertificates(java.security.cert.Certificate[] certs, java.security.KeyStore keystore, java.util.Collection<java.security.cert.CRL> crls, java.util.Calendar calendar) throws java.security.cert.CertificateEncodingException
Deprecated.Verifies a certificate chain against a KeyStore.- Parameters:
certs
- the certificate chainkeystore
- theKeyStore
crls
- the certificate revocation list ornull
calendar
- the date, shall not be null- Returns:
- empty list if the certificate chain could be validated or a
Object[]{cert,error}
wherecert
is the failed certificate anderror
is the error message - Throws:
java.security.cert.CertificateEncodingException
- if an encoding error occurs inCertificate
.
-
verifyCertificates
public static java.util.List<VerificationException> verifyCertificates(java.security.cert.Certificate[] certs, java.security.KeyStore keystore) throws java.security.cert.CertificateEncodingException
Deprecated.Verifies a certificate chain against a KeyStore for the current date.- Parameters:
certs
- the certificate chainkeystore
- theKeyStore
- Returns:
null
if the certificate chain could be validated or aObject[]{cert,error}
wherecert
is the failed certificate anderror
is the error message- Throws:
java.security.cert.CertificateEncodingException
- if an encoding error occurs inCertificate
.
-
verifyCertificates
public static java.util.List<VerificationException> verifyCertificates(java.security.cert.Certificate[] certs, java.security.KeyStore keystore, java.util.Calendar calendar) throws java.security.cert.CertificateEncodingException
Deprecated.Verifies a certificate chain against a KeyStore.- Parameters:
certs
- the certificate chainkeystore
- theKeyStore
calendar
- the date, shall not be null- Returns:
null
if the certificate chain could be validated or aObject[]{cert,error}
wherecert
is the failed certificate anderror
is the error message- Throws:
java.security.cert.CertificateEncodingException
- if an encoding error occurs inCertificate
.
-
verifyOcspCertificates
public static boolean verifyOcspCertificates(IBasicOCSPResp ocsp, java.security.KeyStore keystore, java.lang.String provider)
Deprecated.Verifies an OCSP response against a KeyStore.- Parameters:
ocsp
- the OCSP responsekeystore
- theKeyStore
provider
- the provider ornull
to use the BouncyCastle provider- Returns:
true
is a certificate was found
-
verifyTimestampCertificates
public static boolean verifyTimestampCertificates(ITimeStampToken ts, java.security.KeyStore keystore, java.lang.String provider)
Deprecated.Verifies a time stamp against a KeyStore.- Parameters:
ts
- the time stampkeystore
- theKeyStore
provider
- the provider ornull
to use the BouncyCastle provider- Returns:
true
is a certificate was found
-
hasUnsupportedCriticalExtension
protected static boolean hasUnsupportedCriticalExtension(java.security.cert.X509Certificate cert)
Deprecated.Check if the provided certificate has a critical extension that iText doesn't support.- Parameters:
cert
- X509Certificate instance to check- Returns:
true
if there are unsupported critical extensions, false if there are none
-
logExceptionMessages
private static void logExceptionMessages(java.util.List<java.lang.Exception> exceptionsThrown)
Deprecated.
-
-