Class SignatureValidator
- java.lang.Object
-
- com.itextpdf.signatures.validation.v1.SignatureValidator
-
public class SignatureValidator extends java.lang.Object
Validator class, which is expected to be used for signatures validation.
-
-
Field Summary
Fields Modifier and Type Field Description (package private) static java.lang.String
ADD_KNOWN_CERTIFICATES_FAILED
private static IBouncyCastleFactory
BOUNCY_CASTLE_FACTORY
(package private) static java.lang.String
CANNOT_PARSE_CERT_FROM_DSS
(package private) static java.lang.String
CANNOT_PARSE_CRL_FROM_DSS
(package private) static java.lang.String
CANNOT_PARSE_OCSP_FROM_DSS
(package private) static java.lang.String
CANNOT_VERIFY_SIGNATURE
(package private) static java.lang.String
CANNOT_VERIFY_TIMESTAMP
private CertificateChainValidator
certificateChainValidator
private IssuingCertificateRetriever
certificateRetriever
(package private) static java.lang.String
CHAIN_VALIDATION_FAILED
(package private) static java.lang.String
DOCUMENT_IS_NOT_COVERED
private DocumentRevisionsValidator
documentRevisionsValidator
private java.util.Date
lastKnownPoE
private IMetaInfo
metaInfo
private PdfDocument
originalDocument
private SignatureValidationProperties
properties
(package private) static java.lang.String
REVISIONS_RETRIEVAL_FAILED
(package private) static java.lang.String
REVISIONS_VALIDATION_FAILED
(package private) static java.lang.String
SIGNATURE_VERIFICATION
(package private) static java.lang.String
TIMESTAMP_EXTRACTION_FAILED
(package private) static java.lang.String
TIMESTAMP_VERIFICATION
(package private) static java.lang.String
TIMESTAMP_VERIFICATION_FAILED
static java.lang.String
VALIDATING_SIGNATURE_NAME
private ValidationContext
validationContext
private ValidationCrlClient
validationCrlClient
private ValidationOcspClient
validationOcspClient
-
Constructor Summary
Constructors Modifier Constructor Description protected
SignatureValidator(PdfDocument originalDocument, ValidatorChainBuilder builder)
Creates new instance ofSignatureValidator
.
-
Method Summary
-
-
-
Field Detail
-
VALIDATING_SIGNATURE_NAME
public static final java.lang.String VALIDATING_SIGNATURE_NAME
- See Also:
- Constant Field Values
-
TIMESTAMP_VERIFICATION
static final java.lang.String TIMESTAMP_VERIFICATION
- See Also:
- Constant Field Values
-
SIGNATURE_VERIFICATION
static final java.lang.String SIGNATURE_VERIFICATION
- See Also:
- Constant Field Values
-
CANNOT_PARSE_CERT_FROM_DSS
static final java.lang.String CANNOT_PARSE_CERT_FROM_DSS
- See Also:
- Constant Field Values
-
CANNOT_PARSE_OCSP_FROM_DSS
static final java.lang.String CANNOT_PARSE_OCSP_FROM_DSS
- See Also:
- Constant Field Values
-
CANNOT_PARSE_CRL_FROM_DSS
static final java.lang.String CANNOT_PARSE_CRL_FROM_DSS
- See Also:
- Constant Field Values
-
CANNOT_VERIFY_SIGNATURE
static final java.lang.String CANNOT_VERIFY_SIGNATURE
- See Also:
- Constant Field Values
-
DOCUMENT_IS_NOT_COVERED
static final java.lang.String DOCUMENT_IS_NOT_COVERED
- See Also:
- Constant Field Values
-
CANNOT_VERIFY_TIMESTAMP
static final java.lang.String CANNOT_VERIFY_TIMESTAMP
- See Also:
- Constant Field Values
-
TIMESTAMP_VERIFICATION_FAILED
static final java.lang.String TIMESTAMP_VERIFICATION_FAILED
- See Also:
- Constant Field Values
-
REVISIONS_RETRIEVAL_FAILED
static final java.lang.String REVISIONS_RETRIEVAL_FAILED
- See Also:
- Constant Field Values
-
TIMESTAMP_EXTRACTION_FAILED
static final java.lang.String TIMESTAMP_EXTRACTION_FAILED
- See Also:
- Constant Field Values
-
CHAIN_VALIDATION_FAILED
static final java.lang.String CHAIN_VALIDATION_FAILED
- See Also:
- Constant Field Values
-
REVISIONS_VALIDATION_FAILED
static final java.lang.String REVISIONS_VALIDATION_FAILED
- See Also:
- Constant Field Values
-
ADD_KNOWN_CERTIFICATES_FAILED
static final java.lang.String ADD_KNOWN_CERTIFICATES_FAILED
- See Also:
- Constant Field Values
-
BOUNCY_CASTLE_FACTORY
private static final IBouncyCastleFactory BOUNCY_CASTLE_FACTORY
-
validationContext
private ValidationContext validationContext
-
certificateChainValidator
private final CertificateChainValidator certificateChainValidator
-
documentRevisionsValidator
private final DocumentRevisionsValidator documentRevisionsValidator
-
certificateRetriever
private final IssuingCertificateRetriever certificateRetriever
-
properties
private final SignatureValidationProperties properties
-
lastKnownPoE
private java.util.Date lastKnownPoE
-
metaInfo
private IMetaInfo metaInfo
-
originalDocument
private final PdfDocument originalDocument
-
validationOcspClient
private ValidationOcspClient validationOcspClient
-
validationCrlClient
private ValidationCrlClient validationCrlClient
-
-
Constructor Detail
-
SignatureValidator
protected SignatureValidator(PdfDocument originalDocument, ValidatorChainBuilder builder)
Creates new instance ofSignatureValidator
.- Parameters:
originalDocument
-PdfDocument
instance which will be validatedbuilder
- seeValidatorChainBuilder
-
-
Method Detail
-
setEventCountingMetaInfo
public SignatureValidator setEventCountingMetaInfo(IMetaInfo metaInfo)
Sets theIMetaInfo
that will be used during newPdfDocument
creations.- Parameters:
metaInfo
- meta info to set- Returns:
- the same
SignatureValidator
instance
-
validateSignatures
public ValidationReport validateSignatures()
Validate all signatures in the document.- Returns:
ValidationReport
which contains detailed validation results
-
validateLatestSignature
ValidationReport validateLatestSignature(PdfDocument document)
-
findValidationClients
private void findValidationClients()
-
mathematicallyVerifySignature
private PdfPKCS7 mathematicallyVerifySignature(ValidationReport validationReport, PdfDocument document)
-
validateEmbeddedTimestamp
private ValidationReport validateEmbeddedTimestamp(PdfPKCS7 pkcs7)
-
validateTimestampChain
private void validateTimestampChain(ValidationReport validationReport, java.security.cert.Certificate[] knownCerts, java.security.cert.X509Certificate signingCert)
-
updateLastKnownPoE
private boolean updateLastKnownPoE(ValidationReport tsValidationReport, ITSTInfo timeStampTokenInfo)
-
updateValidationClients
private void updateValidationClients(PdfPKCS7 pkcs7, ValidationReport validationReport, ValidationContext validationContext, PdfDocument document)
-
retrieveSignedRevocationInfoFromSignatureContainer
private void retrieveSignedRevocationInfoFromSignatureContainer(PdfPKCS7 pkcs7, ValidationContext validationContext)
-
retrieveNotSignedRevocationInfoFromSignatureContainer
private void retrieveNotSignedRevocationInfoFromSignatureContainer(PdfPKCS7 pkcs7, ValidationContext validationContext)
-
retrieveOcspResponsesFromDss
private void retrieveOcspResponsesFromDss(ValidationReport validationReport, ValidationContext context, PdfDocument document)
-
retrieveCrlResponsesFromDss
private void retrieveCrlResponsesFromDss(ValidationReport validationReport, ValidationContext context, PdfDocument document)
-
getCertificatesFromDss
private java.util.List<java.security.cert.Certificate> getCertificatesFromDss(ValidationReport validationReport, PdfDocument document)
-
stopValidation
private boolean stopValidation(ValidationReport result, ValidationContext validationContext)
-
-