Class TrustedCertificatesStore
- java.lang.Object
-
- com.itextpdf.signatures.validation.v1.TrustedCertificatesStore
-
public class TrustedCertificatesStore extends java.lang.Object
Trusted certificates storage class to be used to configure trusted certificates in a particular way.
-
-
Field Summary
Fields Modifier and Type Field Description private java.util.Map<java.lang.String,java.security.cert.Certificate>
caTrustedCertificates
private java.util.Map<java.lang.String,java.security.cert.Certificate>
crlTrustedCertificates
private java.util.Map<java.lang.String,java.security.cert.Certificate>
generallyTrustedCertificates
private java.util.Map<java.lang.String,java.security.cert.Certificate>
ocspTrustedCertificates
private java.util.Map<java.lang.String,java.security.cert.Certificate>
timestampTrustedCertificates
-
Constructor Summary
Constructors Constructor Description TrustedCertificatesStore()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
addCATrustedCertificates(java.util.Collection<java.security.cert.Certificate> certificates)
Add collection of certificates to be trusted to be CA certificates.void
addCrlTrustedCertificates(java.util.Collection<java.security.cert.Certificate> certificates)
Add collection of certificates to be trusted for CRL signing.void
addGenerallyTrustedCertificates(java.util.Collection<java.security.cert.Certificate> certificates)
Add collection of certificates to be trusted for any possible usage.void
addOcspTrustedCertificates(java.util.Collection<java.security.cert.Certificate> certificates)
Add collection of certificates to be trusted for OCSP response signing.void
addTimestampTrustedCertificates(java.util.Collection<java.security.cert.Certificate> certificates)
Add collection of certificates to be trusted for timestamping.java.util.Collection<java.security.cert.Certificate>
getAllTrustedCertificates()
Get all the certificates, which where provided to this storage as trusted certificate.java.security.cert.Certificate
getCertificateTrustedForCA(java.lang.String certificateName)
Get certificate, if any, which is trusted to be a CA, which corresponds to the provided certificate name.java.security.cert.Certificate
getCertificateTrustedForCrl(java.lang.String certificateName)
Get certificate, if any, which is trusted for CRL generation, which corresponds to the provided certificate name.java.security.cert.Certificate
getCertificateTrustedForOcsp(java.lang.String certificateName)
Get certificate, if any, which is trusted for OCSP response generation, which corresponds to the provided certificate name.java.security.cert.Certificate
getCertificateTrustedForTimestamp(java.lang.String certificateName)
Get certificate, if any, which is trusted for timestamp generation, which corresponds to the provided certificate name.java.security.cert.Certificate
getGenerallyTrustedCertificate(java.lang.String certificateName)
Get certificate, if any, which is trusted for any usage, which corresponds to the provided certificate name.java.security.cert.Certificate
getKnownCertificate(java.lang.String certificateName)
Get certificate, if any, which corresponds to the provided certificate name.boolean
isCertificateGenerallyTrusted(java.security.cert.Certificate certificate)
Check if provided certificate is configured to be trusted for any purpose.boolean
isCertificateTrustedForCA(java.security.cert.Certificate certificate)
Check if provided certificate is configured to be trusted to be CA.boolean
isCertificateTrustedForCrl(java.security.cert.Certificate certificate)
Check if provided certificate is configured to be trusted for CRL generation.boolean
isCertificateTrustedForOcsp(java.security.cert.Certificate certificate)
Check if provided certificate is configured to be trusted for OCSP response generation.boolean
isCertificateTrustedForTimestamp(java.security.cert.Certificate certificate)
Check if provided certificate is configured to be trusted for timestamp generation.
-
-
-
Field Detail
-
generallyTrustedCertificates
private final java.util.Map<java.lang.String,java.security.cert.Certificate> generallyTrustedCertificates
-
ocspTrustedCertificates
private final java.util.Map<java.lang.String,java.security.cert.Certificate> ocspTrustedCertificates
-
timestampTrustedCertificates
private final java.util.Map<java.lang.String,java.security.cert.Certificate> timestampTrustedCertificates
-
crlTrustedCertificates
private final java.util.Map<java.lang.String,java.security.cert.Certificate> crlTrustedCertificates
-
caTrustedCertificates
private final java.util.Map<java.lang.String,java.security.cert.Certificate> caTrustedCertificates
-
-
Method Detail
-
addGenerallyTrustedCertificates
public void addGenerallyTrustedCertificates(java.util.Collection<java.security.cert.Certificate> certificates)
Add collection of certificates to be trusted for any possible usage.- Parameters:
certificates
-Collection
ofCertificate
instances
-
addOcspTrustedCertificates
public void addOcspTrustedCertificates(java.util.Collection<java.security.cert.Certificate> certificates)
Add collection of certificates to be trusted for OCSP response signing. These certificates are considered to be valid trust anchors for arbitrarily long certificate chain responsible for OCSP response generation.- Parameters:
certificates
-Collection
ofCertificate
instances
-
addCrlTrustedCertificates
public void addCrlTrustedCertificates(java.util.Collection<java.security.cert.Certificate> certificates)
Add collection of certificates to be trusted for CRL signing. These certificates are considered to be valid trust anchors for arbitrarily long certificate chain responsible for CRL generation.- Parameters:
certificates
-Collection
ofCertificate
instances
-
addTimestampTrustedCertificates
public void addTimestampTrustedCertificates(java.util.Collection<java.security.cert.Certificate> certificates)
Add collection of certificates to be trusted for timestamping. These certificates are considered to be valid trust anchors for arbitrarily long certificate chain responsible for timestamp generation.- Parameters:
certificates
-Collection
ofCertificate
instances
-
addCATrustedCertificates
public void addCATrustedCertificates(java.util.Collection<java.security.cert.Certificate> certificates)
Add collection of certificates to be trusted to be CA certificates. These certificates are considered to be valid trust anchors for certificate generation.- Parameters:
certificates
-Collection
ofCertificate
instances
-
isCertificateGenerallyTrusted
public boolean isCertificateGenerallyTrusted(java.security.cert.Certificate certificate)
Check if provided certificate is configured to be trusted for any purpose.- Parameters:
certificate
-Certificate
to be checked- Returns:
true
is provided certificate is generally trusted,false
otherwise
-
isCertificateTrustedForOcsp
public boolean isCertificateTrustedForOcsp(java.security.cert.Certificate certificate)
Check if provided certificate is configured to be trusted for OCSP response generation.- Parameters:
certificate
-Certificate
to be checked- Returns:
true
is provided certificate is trusted for OCSP generation,false
otherwise
-
isCertificateTrustedForCrl
public boolean isCertificateTrustedForCrl(java.security.cert.Certificate certificate)
Check if provided certificate is configured to be trusted for CRL generation.- Parameters:
certificate
-Certificate
to be checked- Returns:
true
is provided certificate is trusted for CRL generation,false
otherwise
-
isCertificateTrustedForTimestamp
public boolean isCertificateTrustedForTimestamp(java.security.cert.Certificate certificate)
Check if provided certificate is configured to be trusted for timestamp generation.- Parameters:
certificate
-Certificate
to be checked- Returns:
true
is provided certificate is trusted for timestamp generation,false
otherwise
-
isCertificateTrustedForCA
public boolean isCertificateTrustedForCA(java.security.cert.Certificate certificate)
Check if provided certificate is configured to be trusted to be CA.- Parameters:
certificate
-Certificate
to be checked- Returns:
true
is provided certificate is trusted for certificates generation,false
otherwise
-
getGenerallyTrustedCertificate
public java.security.cert.Certificate getGenerallyTrustedCertificate(java.lang.String certificateName)
Get certificate, if any, which is trusted for any usage, which corresponds to the provided certificate name.- Parameters:
certificateName
-String
certificate name- Returns:
Certificate
which corresponds to the provided certificate name
-
getCertificateTrustedForOcsp
public java.security.cert.Certificate getCertificateTrustedForOcsp(java.lang.String certificateName)
Get certificate, if any, which is trusted for OCSP response generation, which corresponds to the provided certificate name.- Parameters:
certificateName
-String
certificate name- Returns:
Certificate
which corresponds to the provided certificate name
-
getCertificateTrustedForCrl
public java.security.cert.Certificate getCertificateTrustedForCrl(java.lang.String certificateName)
Get certificate, if any, which is trusted for CRL generation, which corresponds to the provided certificate name.- Parameters:
certificateName
-String
certificate name- Returns:
Certificate
which corresponds to the provided certificate name
-
getCertificateTrustedForTimestamp
public java.security.cert.Certificate getCertificateTrustedForTimestamp(java.lang.String certificateName)
Get certificate, if any, which is trusted for timestamp generation, which corresponds to the provided certificate name.- Parameters:
certificateName
-String
certificate name- Returns:
Certificate
which corresponds to the provided certificate name
-
getCertificateTrustedForCA
public java.security.cert.Certificate getCertificateTrustedForCA(java.lang.String certificateName)
Get certificate, if any, which is trusted to be a CA, which corresponds to the provided certificate name.- Parameters:
certificateName
-String
certificate name- Returns:
Certificate
which corresponds to the provided certificate name
-
getKnownCertificate
public java.security.cert.Certificate getKnownCertificate(java.lang.String certificateName)
Get certificate, if any, which corresponds to the provided certificate name.- Parameters:
certificateName
-String
certificate name- Returns:
Certificate
which corresponds to the provided certificate name
-
getAllTrustedCertificates
public java.util.Collection<java.security.cert.Certificate> getAllTrustedCertificates()
Get all the certificates, which where provided to this storage as trusted certificate.- Returns:
Collection
ofCertificate
instances
-
-