IIssuingCertificateRetriever default implementation. More...
Public Member Functions |
|
| IssuingCertificateRetriever () | |
| Creates IssuingCertificateRetriever instance. More... |
|
| virtual IX509Certificate[] | RetrieveMissingCertificates (IX509Certificate[] chain) |
| Retrieves missing certificates in chain using certificate Authority Information Access (AIA) Extension. More... |
|
| virtual IList< IX509Certificate[]> | BuildCertificateChains (IX509Certificate certificate) |
| This method tries to rebuild certificate issuer chain. More... |
|
| virtual IList< IX509Certificate[]> | BuildCertificateChains (IX509Certificate[] certificate) |
| This method tries to rebuild certificate issuer chain. More... |
|
| virtual IList< IX509Certificate > | RetrieveIssuerCertificate (IX509Certificate certificate) |
| Retrieve issuer certificate for the provided certificate. More... |
|
| virtual ICollection< IX509Certificate > | RetrieveOCSPResponderByNameCertificate (IBasicOcspResponse ocspResp) |
| Retrieves OCSP responder certificate candidates either from the response certs or trusted store in case responder certificate isn't found in /Certs. More... |
|
| virtual IX509Certificate[] | GetCrlIssuerCertificates (IX509Crl crl) |
| Retrieves the certificate chain for the certificate that should be used to verify the signature on the CRL response using CRL Authority Information Access (AIA) Extension and known certificates. More... |
|
| virtual IX509Certificate[][] | GetCrlIssuerCertificatesByName (IX509Crl crl) |
| Retrieves the certificate chaind for the certificates that could be used to verify the signature on the CRL response using CRL Authority Information Access (AIA) Extension and known certificates. More... |
|
| virtual void | SetTrustedCertificates (ICollection< IX509Certificate > certificates) |
| Sets trusted certificate list to be used as certificates trusted for any possible usage. More... |
|
| virtual void | AddTrustedCertificates (ICollection< IX509Certificate > certificates) |
| Add trusted certificates collection to trusted certificates storage. More... |
|
| virtual void | AddKnownCertificates (ICollection< IX509Certificate > certificates) |
| Add certificates collection to known certificates storage, which is used for issuer certificates retrieval. More... |
|
| virtual TrustedCertificatesStore | GetTrustedCertificatesStore () |
| Gets iText.Signatures.Validation.TrustedCertificatesStore to be used to provide more complex trusted certificates configuration. More... |
|
| virtual bool | IsCertificateTrusted (IX509Certificate certificate) |
| Check if provided certificate is present in trusted certificates storage. More... |
|
Package Functions |
|
| virtual Stream | GetIssuerCertByURI (String uri) |
| Get CA issuers certificates represented as System.IO.Stream. More... |
|
| virtual ICollection< IX509Certificate > | ParseCertificates (Stream certsData) |
| Parses certificates represented as byte array. More... |
|
Detailed Description
IIssuingCertificateRetriever default implementation.
Constructor & Destructor Documentation
◆ IssuingCertificateRetriever()
|
inline |
Creates IssuingCertificateRetriever instance.
Member Function Documentation
◆ AddKnownCertificates()
|
inlinevirtual |
Add certificates collection to known certificates storage, which is used for issuer certificates retrieval.
- Parameters
-
certificates certificates System.Collections.ICollection to be added
◆ AddTrustedCertificates()
|
inlinevirtual |
Add trusted certificates collection to trusted certificates storage.
- Parameters
-
certificates certificates System.Collections.ICollection to be added
◆ BuildCertificateChains() [1/2]
|
inlinevirtual |
This method tries to rebuild certificate issuer chain.
This method tries to rebuild certificate issuer chain. The result contains all possible chains starting with the given certificate based on issuer names and public keys.
- Parameters
-
certificate
iText.Commons.Bouncycastle.Cert.IX509Certificate for which issuer chains shall be built
- Returns
- all possible issuer chains
◆ BuildCertificateChains() [2/2]
|
inlinevirtual |
This method tries to rebuild certificate issuer chain.
This method tries to rebuild certificate issuer chain. The result contains all possible chains starting with the given certificate array based on issuer names and public keys.
- Parameters
-
certificate
iText.Commons.Bouncycastle.Cert.IX509Certificate array for which issuer chains shall be built
- Returns
- all possible issuer chains
◆ GetCrlIssuerCertificates()
|
inlinevirtual |
Retrieves the certificate chain for the certificate that should be used to verify the signature on the CRL response using CRL Authority Information Access (AIA) Extension and known certificates.
- Parameters
-
crl
Retrieves the certificate chain for the certificate that should be used to verify the signature on the CRL response using CRL Authority Information Access (AIA) Extension and known certificates.
- Returns
-
Retrieves the certificate chain for the certificate that should be used to verify the signature on the CRL response using CRL Authority Information Access (AIA) Extension and known certificates.
Implements iText.Signatures.IIssuingCertificateRetriever.
◆ GetCrlIssuerCertificatesByName()
|
inlinevirtual |
Retrieves the certificate chaind for the certificates that could be used to verify the signature on the CRL response using CRL Authority Information Access (AIA) Extension and known certificates.
- Parameters
-
crl
Retrieves the certificate chaind for the certificates that could be used to verify the signature on the CRL response using CRL Authority Information Access (AIA) Extension and known certificates.
- Returns
-
Retrieves the certificate chaind for the certificates that could be used to verify the signature on the CRL response using CRL Authority Information Access (AIA) Extension and known certificates.
Implements iText.Signatures.IIssuingCertificateRetriever.
◆ GetIssuerCertByURI()
|
inlinepackagevirtual |
Get CA issuers certificates represented as System.IO.Stream.
- Parameters
-
uri
System.Uri URI, which is expected to be used to get issuer certificates from. Usually CA Issuers value from Authority Information Access (AIA) certificate extension.
- Returns
- CA issuer certificate (or chain) bytes, represented as System.IO.Stream.
◆ GetTrustedCertificatesStore()
|
inlinevirtual |
Gets iText.Signatures.Validation.TrustedCertificatesStore to be used to provide more complex trusted certificates configuration.
- Returns
-
iText.Signatures.Validation.TrustedCertificatesStore storage
◆ IsCertificateTrusted()
|
inlinevirtual |
Check if provided certificate is present in trusted certificates storage.
- Parameters
-
certificate
iText.Commons.Bouncycastle.Cert.IX509Certificate to be checked
- Returns
-
trueif certificate is present in trusted certificates storage,falseotherwise
◆ ParseCertificates()
|
inlinepackagevirtual |
Parses certificates represented as byte array.
- Parameters
-
certsData stream which contains one or more X509 certificates.
- Returns
- a (possibly empty) collection of the certificates read from the given byte array.
◆ RetrieveIssuerCertificate()
|
inlinevirtual |
Retrieve issuer certificate for the provided certificate.
- Parameters
-
certificate
iText.Commons.Bouncycastle.Cert.IX509Certificate for which issuer certificate shall be retrieved
- Returns
-
issuer certificate.
nullif there is no issuer certificate, or it cannot be retrieved.
◆ RetrieveMissingCertificates()
|
inlinevirtual |
Retrieves missing certificates in chain using certificate Authority Information Access (AIA) Extension.
- Parameters
-
chain
Retrieves missing certificates in chain using certificate Authority Information Access (AIA) Extension.
- Returns
-
Retrieves missing certificates in chain using certificate Authority Information Access (AIA) Extension.
Implements iText.Signatures.IIssuingCertificateRetriever.
◆ RetrieveOCSPResponderByNameCertificate()
|
inlinevirtual |
Retrieves OCSP responder certificate candidates either from the response certs or trusted store in case responder certificate isn't found in /Certs.
- Parameters
-
ocspResp basic OCSP response to get responder certificate for
- Returns
- retrieved OCSP responder candidates or an empty set in case none were found.
◆ SetTrustedCertificates()
|
inlinevirtual |
Sets trusted certificate list to be used as certificates trusted for any possible usage.
Sets trusted certificate list to be used as certificates trusted for any possible usage. In case more specific trusted is desired to be configured GetTrustedCertificatesStore() method is expected to be used.
- Parameters
-
certificates certificate list to be used as certificates trusted for any possible usage.
Implements iText.Signatures.IIssuingCertificateRetriever.
