Class SignatureValidationProperties

java.lang.Object
com.itextpdf.signatures.validation.SignatureValidationProperties

public class SignatureValidationProperties extends Object
Class which stores properties, which are related to signature validation process.
  • Field Details

  • Constructor Details

  • Method Details

    • getFreshness

      public Duration getFreshness(ValidationContext validationContext)
      Returns the freshness setting for the provided validation context or the default context in milliseconds.
      Parameters:
      validationContext - the validation context for which to retrieve the freshness setting
      Returns:
      the freshness setting for the provided validation context or the default context in milliseconds
    • setFreshness

      public final SignatureValidationProperties setFreshness(ValidatorContexts validatorContexts, CertificateSources certificateSources, TimeBasedContexts timeBasedContexts, Duration value)
      Sets the freshness setting for the specified validator, time based and certificate source contexts in milliseconds.

      This parameter specifies how old revocation data can be, compared to validation time, in order to be trustworthy.

      Parameters:
      validatorContexts - the validators for which to apply the setting
      certificateSources - the certificate sources to
      timeBasedContexts - the date comparison context for which to apply the setting
      value - the settings value in milliseconds
      Returns:
      this same SignatureValidationProperties instance.
    • getContinueAfterFailure

      public boolean getContinueAfterFailure(ValidationContext validationContext)
      Returns the Continue after failure setting for the provided context or the default context.
      Parameters:
      validationContext - the context for which to retrieve the Continue after failure setting
      Returns:
      the Continue after failure setting for the provided context or the default context
    • setContinueAfterFailure

      public final SignatureValidationProperties setContinueAfterFailure(ValidatorContexts validatorContexts, CertificateSources certificateSources, boolean value)
      Sets the Continue after failure setting for the provided context.

      This parameter specifies if validation is expected to continue after first failure is encountered. Only ValidationReport.ValidationResult.INVALID is considered to be a failure.

      Parameters:
      validatorContexts - the validators for which to set the Continue after failure setting
      certificateSources - the certificateSources for which to set the Continue after failure setting
      value - the Continue after failure setting
      Returns:
      this same SignatureValidationProperties instance.
    • getRevocationOnlineFetching

      public SignatureValidationProperties.OnlineFetching getRevocationOnlineFetching(ValidationContext validationContext)
      Sets the onlineFetching property representing possible online fetching permissions.
      Parameters:
      validationContext - the context for which to retrieve the online fetching setting
      Returns:
      the online fetching setting.
    • setRevocationOnlineFetching

      public final SignatureValidationProperties setRevocationOnlineFetching(ValidatorContexts validatorContexts, CertificateSources certificateSources, TimeBasedContexts timeBasedContexts, SignatureValidationProperties.OnlineFetching onlineFetching)
      Sets the onlineFetching property representing possible online fetching permissions.
      Parameters:
      validatorContexts - the validators for which to set this value
      certificateSources - the certificate source for which to set this value
      timeBasedContexts - time perspective context, at which validation is happening
      onlineFetching - onlineFetching property value to set
      Returns:
      this same SignatureValidationProperties instance.
    • getRequiredExtensions

      public List<CertificateExtension> getRequiredExtensions(ValidationContext validationContext)
      Returns required extension for the provided validation context.
      Parameters:
      validationContext - the validation context for which to retrieve required extensions
      Returns:
      required extensions for the provided validation context
    • setRequiredExtensions

      public final SignatureValidationProperties setRequiredExtensions(CertificateSources certificateSources, List<CertificateExtension> requiredExtensions)
      Set list of extensions which are required to be set to a certificate depending on certificate source.

      By default, required extensions are set to be compliant with common validation norms. Changing those can result in falsely positive validation result.

      Parameters:
      certificateSources - CertificateSource for extensions to be present
      requiredExtensions - list of required CertificateExtension
      Returns:
      this same SignatureValidationProperties instance
    • getCrlClients

      public List<ICrlClient> getCrlClients()
      Gets all ICrlClient instances which will be used to retrieve CRL responses during the validation.
      Returns:
      all ICrlClient instances which will be used to retrieve CRL responses during the validation
    • addCrlClient

      public final SignatureValidationProperties addCrlClient(ICrlClient crlClient)
      Adds new ICrlClient instance which will be used to retrieve CRL responses during the validation.
      Parameters:
      crlClient - ICrlClient instance which will be used to retrieve CRL responses during the validation
      Returns:
      this same SignatureValidationProperties instance
    • getOcspClients

      public List<IOcspClient> getOcspClients()
      Gets all IOcspClient instances which will be used to retrieve OCSP responses during the validation.
      Returns:
      all IOcspClient instances which will be used to retrieve OCSP responses during the validation
    • addOcspClient

      public final SignatureValidationProperties addOcspClient(IOcspClient ocspClient)
      Adds new IOcspClient instance which will be used to retrieve OCSP response during the validation.
      Parameters:
      ocspClient - IOcspClient instance which will be used to retrieve OCSP response during the validation
      Returns:
      this same SignatureValidationProperties instance
    • setParameterValueFor

      final void setParameterValueFor(EnumSet<ValidatorContext> validatorContexts, EnumSet<CertificateSource> certificateSources, EnumSet<TimeBasedContext> timeBasedContexts, Consumer<SignatureValidationProperties.ContextProperties> setter)
      This method executes the setter method for every combination of selected validators and certificateSources
      Parameters:
      validatorContexts - the validators to execute the setter on
      certificateSources - the certificate sources to execute the setter on
      setter - the setter to execute
    • getParametersValueFor

      <T> T getParametersValueFor(ValidatorContext validatorContext, CertificateSource certSource, TimeBasedContext timeBasedContext, Function<SignatureValidationProperties.ContextProperties,T> getter)
      This method executes the getter method to the most granular parameters set down until the getter returns a non-null value
      Type Parameters:
      T - the type of the return value of this method and the getter method
      Parameters:
      validatorContext - the validator for which the value is to be retrieved
      certSource - the certificate source for which the value is to be retrieved
      getter - the getter to get the value from the parameters set
      Returns:
      the first non-null value returned.