Class CRLValidator
java.lang.Object
com.itextpdf.signatures.validation.v1.CRLValidator
Class that allows you to validate a certificate against a Certificate Revocation List (CRL) Response.
-
Field Summary
FieldsModifier and TypeFieldDescription(package private) static final int
(package private) static final String
private final ValidatorChainBuilder
(package private) static final String
(package private) static final String
(package private) static final String
private final IssuingCertificateRetriever
private final Map
<Certificate, Integer> (package private) static final String
(package private) static final String
(package private) static final String
(package private) static final String
private static final IBouncyCastleFactory
(package private) static final String
(package private) static final String
private final SignatureValidationProperties
(package private) static final String
(package private) static final String
-
Constructor Summary
ConstructorsConstructorDescriptionCRLValidator
(ValidatorChainBuilder builder) Creates newCRLValidator
instance. -
Method Summary
Modifier and TypeMethodDescriptionprivate static int
computeInterimReasonsMask
(IIssuingDistributionPoint issuingDistPoint, IDistributionPoint distributionPoint) private static IIssuingDistributionPoint
private Certificate
getRoot
(Certificate cert) void
validate
(ValidationReport report, ValidationContext context, X509Certificate certificate, X509CRL crl, Date validationDate) Validates a certificate against Certificate Revocation List (CRL) Responses.private void
verifyCrlIntegrity
(ValidationReport report, ValidationContext context, X509Certificate certificate, X509CRL crl) private static void
verifyRevocation
(ValidationReport report, X509Certificate certificate, Date verificationDate, X509CRL crl)
-
Field Details
-
CRL_CHECK
- See Also:
-
ATTRIBUTE_CERTS_ASSERTED
- See Also:
-
CERTIFICATE_IS_UNREVOKED
- See Also:
-
CERTIFICATE_IS_NOT_IN_THE_CRL_SCOPE
- See Also:
-
CERTIFICATE_REVOKED
- See Also:
-
CRL_ISSUER_NOT_FOUND
- See Also:
-
CRL_ISSUER_NO_COMMON_ROOT
- See Also:
-
CRL_INVALID
- See Also:
-
FRESHNESS_CHECK
- See Also:
-
ONLY_SOME_REASONS_CHECKED
- See Also:
-
SAME_REASONS_CHECK
- See Also:
-
UPDATE_DATE_BEFORE_CHECK_DATE
- See Also:
-
ALL_REASONS
static final int ALL_REASONS- See Also:
-
FACTORY
-
checkedReasonsMask
-
certificateRetriever
-
properties
-
builder
-
-
Constructor Details
-
CRLValidator
CRLValidator(ValidatorChainBuilder builder) Creates newCRLValidator
instance.- Parameters:
builder
- SeeValidatorChainBuilder
-
-
Method Details
-
validate
public void validate(ValidationReport report, ValidationContext context, X509Certificate certificate, X509CRL crl, Date validationDate) Validates a certificate against Certificate Revocation List (CRL) Responses.- Parameters:
report
- to store all the chain verification resultscontext
- the context in which to perform the validationcertificate
- the certificate to check against CRL responsecrl
- the crl response to be validatedvalidationDate
- validation date to check for
-
verifyRevocation
private static void verifyRevocation(ValidationReport report, X509Certificate certificate, Date verificationDate, X509CRL crl) -
getIssuingDistributionPointExtension
-
computeInterimReasonsMask
private static int computeInterimReasonsMask(IIssuingDistributionPoint issuingDistPoint, IDistributionPoint distributionPoint) -
verifyCrlIntegrity
private void verifyCrlIntegrity(ValidationReport report, ValidationContext context, X509Certificate certificate, X509CRL crl) -
getRoot
-