Class CertificateChainValidator
java.lang.Object
com.itextpdf.signatures.validation.CertificateChainValidator
Validator class, which is expected to be used for certificates chain validation.
-
Field Summary
FieldsModifier and TypeFieldDescription(package private) static final String
(package private) static final String
(package private) static final String
private final IssuingCertificateRetriever
(package private) static final String
(package private) static final String
(package private) static final String
(package private) static final String
(package private) static final String
(package private) static final String
(package private) static final String
(package private) static final String
private final SignatureValidationProperties
(package private) static final String
private final RevocationDataValidator
(package private) static final String
(package private) static final String
(package private) static final String
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionprivate boolean
checkIfCertIsTrusted
(ValidationReport result, ValidationContext context, X509Certificate certificate) private boolean
stopValidation
(ValidationReport result, ValidationContext context) validate
(ValidationReport result, ValidationContext context, X509Certificate certificate, Date validationDate) Validate given certificate using provided validation date and required extensions.private ValidationReport
validate
(ValidationReport result, ValidationContext context, X509Certificate certificate, Date validationDate, int certificateChainSize) validateCertificate
(ValidationContext context, X509Certificate certificate, Date validationDate) Validate given certificate using provided validation date and required extensions.private void
validateChain
(ValidationReport result, ValidationContext context, X509Certificate certificate, Date validationDate, int certificateChainSize) private void
validateRequiredExtensions
(ValidationReport result, ValidationContext context, X509Certificate certificate, int certificateChainSize) private void
validateRevocationData
(ValidationReport report, ValidationContext context, X509Certificate certificate, Date validationDate) private void
validateValidityPeriod
(ValidationReport result, X509Certificate certificate, Date validationDate)
-
Field Details
-
CERTIFICATE_CHECK
- See Also:
-
VALIDITY_CHECK
- See Also:
-
EXTENSIONS_CHECK
- See Also:
-
CERTIFICATE_TRUSTED
- See Also:
-
CERTIFICATE_TRUSTED_FOR_DIFFERENT_CONTEXT
- See Also:
-
EXTENSION_MISSING
- See Also:
-
ISSUER_MISSING
- See Also:
-
EXPIRED_CERTIFICATE
- See Also:
-
NOT_YET_VALID_CERTIFICATE
- See Also:
-
ISSUER_CANNOT_BE_VERIFIED
- See Also:
-
ISSUER_VERIFICATION_FAILED
- See Also:
-
ISSUER_RETRIEVAL_FAILED
- See Also:
-
TRUSTSTORE_RETRIEVAL_FAILED
- See Also:
-
REVOCATION_VALIDATION_FAILED
- See Also:
-
VALIDITY_PERIOD_CHECK_FAILED
- See Also:
-
properties
-
certificateRetriever
-
revocationDataValidator
-
-
Constructor Details
-
CertificateChainValidator
Create new instance ofCertificateChainValidator
.- Parameters:
builder
- SeeValidatorChainBuilder
-
-
Method Details
-
validateCertificate
public ValidationReport validateCertificate(ValidationContext context, X509Certificate certificate, Date validationDate) Validate given certificate using provided validation date and required extensions.- Parameters:
context
- the validation context in which to validate the certificate chaincertificate
-X509Certificate
to be validatedvalidationDate
-Date
against which certificate is expected to be validated. Usually signing date- Returns:
ValidationReport
which contains detailed validation results.
-
validate
public ValidationReport validate(ValidationReport result, ValidationContext context, X509Certificate certificate, Date validationDate) Validate given certificate using provided validation date and required extensions. Result is added into provided report.- Parameters:
result
-ValidationReport
which is populated with detailed validation resultscontext
- the context in which to perform the validationcertificate
-X509Certificate
to be validatedvalidationDate
-Date
against which certificate is expected to be validated. Usually signing date- Returns:
ValidationReport
which contains both provided and new validation results.
-
validate
private ValidationReport validate(ValidationReport result, ValidationContext context, X509Certificate certificate, Date validationDate, int certificateChainSize) -
checkIfCertIsTrusted
private boolean checkIfCertIsTrusted(ValidationReport result, ValidationContext context, X509Certificate certificate) -
stopValidation
-
validateValidityPeriod
private void validateValidityPeriod(ValidationReport result, X509Certificate certificate, Date validationDate) -
validateRequiredExtensions
private void validateRequiredExtensions(ValidationReport result, ValidationContext context, X509Certificate certificate, int certificateChainSize) -
validateRevocationData
private void validateRevocationData(ValidationReport report, ValidationContext context, X509Certificate certificate, Date validationDate) -
validateChain
private void validateChain(ValidationReport result, ValidationContext context, X509Certificate certificate, Date validationDate, int certificateChainSize)
-