iText 9.0.0 API
|
This class contains a series of static methods that allow you to retrieve information from a Certificate. More...
Static Public Member Functions |
|
static IList< IX509Crl > | GetCRLs (IX509Certificate certificate) |
Gets a CRLs from the X509 certificate. More... |
|
static IList< String > | GetCRLURLs (IX509Certificate certificate) |
Gets the list of the Certificate Revocation List URLs for a Certificate. More... |
|
static IDistributionPoint | GetDistributionPointByName (IX509Certificate certificate, IDistributionPointName issuingDistributionPointName) |
Gets the Distribution Point from the certificate by name specified in the Issuing Distribution Point from the Certificate Revocation List for a Certificate. More... |
|
static IX509Crl | GetCRL (String url) |
Gets the CRL object using a CRL URL. More... |
|
static IX509Crl | ParseCrlFromStream (Stream input) |
Parses a CRL from an InputStream. More... |
|
static IX509Crl | ParseCrlFromBytes (byte[] crlBytes) |
Parses a CRL from bytes. More... |
|
static String | GetIssuerCertURL (IX509Crl crl) |
Retrieves the URL for the issuer certificate for the given CRL. More... |
|
static String | GetOCSPURL (IX509Certificate certificate) |
Retrieves the OCSP URL from the given certificate. More... |
|
static String | GetIssuerCertURL (IX509Certificate certificate) |
Retrieves the URL for the issuer lists certificates for the given certificate. More... |
|
static String | GetTSAURL (IX509Certificate certificate) |
Gets the URL of the TSA if it's available on the certificate More... |
|
static IX509Certificate | GenerateCertificate (Stream data) |
Generates a certificate object and initializes it with the data read from the input stream inStream. More... |
|
static void | RetrieveRevocationInfoFromSignedData (IAsn1TaggedObject taggedObj, ICollection< IX509Crl > crls, ICollection< IBasicOcspResponse > ocsps, ICollection< IAsn1Sequence > otherRevocationInfoFormats) |
Try to retrieve CRL and OCSP responses from the signed data crls field. More... |
|
static IDerSet | CreateRevocationInfoChoices (ICollection< IX509Crl > crls, ICollection< IBasicOcspResponse > ocsps, ICollection< IAsn1Sequence > otherRevocationInfoFormats) |
Creates the revocation info (crls field) for SignedData structure: RevocationInfoChoices ::= SET OF RevocationInfoChoice RevocationInfoChoice ::= CHOICE { crl CertificateList, other [1] IMPLICIT OtherRevocationInfoFormat } OtherRevocationInfoFormat ::= SEQUENCE { otherRevInfoFormat OBJECT IDENTIFIER, otherRevInfo ANY DEFINED BY otherRevInfoFormat } CertificateList ::= SEQUENCE { tbsCertList TBSCertList, signatureAlgorithm AlgorithmIdentifier, signatureValue BIT STRING } More... |
|
static bool | CheckIfIssuersMatch (ICertID certID, IX509Certificate issuerCert) |
Checks if the issuer of the provided certID (specified in the OCSP response) and provided issuer of the certificate in question matches, i.e. checks that issuerNameHash and issuerKeyHash fields of the certID is the hash of the issuer's name and public key. More... |
|
static byte[] | GetExtensionValueByOid (IX509Certificate certificate, String id) |
Retrieves certificate extension value by its OID. More... |
|
static bool | IsSignatureValid (IBasicOcspResponse ocspResp, IX509Certificate responderCert) |
Checks if an OCSP response is genuine. More... |
|
static bool | IsSelfSigned (IX509Certificate certificate) |
Checks if the certificate is self-signed. More... |
|
static IAsn1Object | GetExtensionValue (IX509Certificate certificate, String oid) |
Gets certificate extension value. More... |
|
static IAsn1Object | GetExtensionValue (IX509Crl crl, String oid) |
Gets CRL extension value. More... |
|
This class contains a series of static methods that allow you to retrieve information from a Certificate.
|
inlinestatic |
Checks if the issuer of the provided certID (specified in the OCSP response) and provided issuer of the certificate in question matches, i.e. checks that issuerNameHash and issuerKeyHash fields of the certID is the hash of the issuer's name and public key.
Checks if the issuer of the provided certID (specified in the OCSP response) and provided issuer of the certificate in question matches, i.e. checks that issuerNameHash and issuerKeyHash fields of the certID is the hash of the issuer's name and public key.
SingleResp contains the basic information of the status of the certificate identified by the certID. The issuer name and serial number identify a unique certificate, so if serial numbers of the certificate in question and certID serial number are equals and issuers match, then SingleResp contains the information about the status of the certificate in question.
certID | certID specified in the OCSP response |
issuerCert | the issuer of the certificate in question |
|
inlinestatic |
Creates the revocation info (crls field) for SignedData structure: RevocationInfoChoices ::= SET OF RevocationInfoChoice RevocationInfoChoice ::= CHOICE { crl CertificateList, other [1] IMPLICIT OtherRevocationInfoFormat } OtherRevocationInfoFormat ::= SEQUENCE { otherRevInfoFormat OBJECT IDENTIFIER, otherRevInfo ANY DEFINED BY otherRevInfoFormat } CertificateList ::= SEQUENCE { tbsCertList TBSCertList, signatureAlgorithm AlgorithmIdentifier, signatureValue BIT STRING }
crls | collection of CRL revocation status information. |
ocsps | collection of OCSP revocation status information. |
otherRevocationInfoFormats | collection of revocation info other than OCSP and CRL responses, e.g. SCVP Request and Response, stored as iText.Commons.Bouncycastle.Asn1.IAsn1Sequence. |
crls [1] RevocationInfoChoices
field of SignedData structure. Null if SignedData has no revocation data.
|
inlinestatic |
Generates a certificate object and initializes it with the data read from the input stream inStream.
data | the input stream with the certificates. |
|
inlinestatic |
Gets the CRL object using a CRL URL.
url | the URL where the CRL is located |
|
inlinestatic |
Gets a CRLs from the X509 certificate.
certificate | the X509Certificate to extract the CRLs from |
|
inlinestatic |
Gets the list of the Certificate Revocation List URLs for a Certificate.
certificate | the Certificate to get CRL URLs for |
|
inlinestatic |
Gets the Distribution Point from the certificate by name specified in the Issuing Distribution Point from the Certificate Revocation List for a Certificate.
certificate | the certificate to retrieve Distribution Points |
issuingDistributionPointName | distributionPointName retrieved from the IDP of the CRL |
|
inlinestatic |
Gets certificate extension value.
certificate | the certificate from which we need the ExtensionValue |
oid | the Object Identifier value for the extension |
|
inlinestatic |
Gets CRL extension value.
crl | the CRL from which we need the ExtensionValue |
oid | the Object Identifier value for the extension |
|
inlinestatic |
Retrieves certificate extension value by its OID.
certificate | to get extension from |
id | extension OID to retrieve |
|
inlinestatic |
Retrieves the URL for the issuer lists certificates for the given certificate.
certificate | the certificate |
|
inlinestatic |
Retrieves the URL for the issuer certificate for the given CRL.
crl | the CRL response |
|
inlinestatic |
Retrieves the OCSP URL from the given certificate.
certificate | the certificate |
|
inlinestatic |
Gets the URL of the TSA if it's available on the certificate
certificate | a certificate |
|
inlinestatic |
Checks if the certificate is self-signed.
certificate | a certificate to check |
|
inlinestatic |
Checks if an OCSP response is genuine.
ocspResp |
iText.Commons.Bouncycastle.Asn1.Ocsp.IBasicOcspResponse the OCSP response wrapper
responderCert | the responder certificate |
|
inlinestatic |
Parses a CRL from bytes.
crlBytes | the bytes holding the unparsed CRL |
|
inlinestatic |
Parses a CRL from an InputStream.
input | the InputStream holding the unparsed CRL |
|
inlinestatic |
Try to retrieve CRL and OCSP responses from the signed data crls field.
taggedObj | signed data crls field as iText.Commons.Bouncycastle.Asn1.IAsn1TaggedObject. |
crls | collection to store retrieved CRL responses. |
ocsps | collection of iText.Commons.Bouncycastle.Asn1.Ocsp.IBasicOcspResponse wrappers to store retrieved OCSP responses. |
otherRevocationInfoFormats | collection of revocation info other than OCSP and CRL responses, e.g. SCVP Request and Response, stored as iText.Commons.Bouncycastle.Asn1.IAsn1Sequence. |