public class LtvVerifier extends RootStoreVerifier
Modifier and Type | Field and Description |
---|---|
protected PdfAcroForm |
acroForm
The fields in the revision that is being verified.
|
protected PdfDocument |
document
A document object for the revision that is being verified.
|
protected PdfDictionary |
dss
The document security store for the revision that is being verified
|
protected boolean |
latestRevision
Indicates if we're working with the latest revision.
|
protected static Logger |
LOGGER
The Logger instance
|
protected LtvVerification.CertificateOption |
option
Option to specify level of verification; signing certificate only or the entire chain.
|
protected PdfPKCS7 |
pkcs7
The PdfPKCS7 object for the signature.
|
protected String |
signatureName
The signature that covers the revision.
|
protected Date |
signDate
The date the revision was signed, or null for the highest revision.
|
protected boolean |
verifyRootCertificate
Verify root.
|
rootStore
onlineCheckingAllowed, verifier
Constructor and Description |
---|
LtvVerifier(PdfDocument document)
Creates a VerificationData object for a PdfReader
|
Modifier and Type | Method and Description |
---|---|
protected PdfPKCS7 |
coversWholeDocument()
Checks if the signature covers the whole document and throws an exception if the document was altered
|
List<X509CRL> |
getCRLsFromDSS()
Gets a list of X509CRL objects from a Document Security Store.
|
List |
getOCSPResponsesFromDSS()
Gets OCSP responses from the Document Security Store.
|
void |
setCertificateOption(LtvVerification.CertificateOption option)
Sets the certificate option.
|
void |
setVerifier(CertificateVerifier verifier)
Sets an extra verifier.
|
void |
setVerifyRootCertificate(boolean verifyRootCertificate)
Set the verifyRootCertificate to false if you can't verify the root certificate.
|
void |
switchToPreviousRevision()
Switches to the previous revision.
|
List<VerificationOK> |
verify(List<VerificationOK> result)
Verifies all the document-level timestamps and all the signatures in the document.
|
List<VerificationOK> |
verify(X509Certificate signCert, X509Certificate issuerCert, Date signDate)
Verifies certificates against a list of CRLs and OCSP responses.
|
void |
verifyChain(Certificate[] chain)
Checks the certificates in a certificate chain: are they valid on a specific date, and do they chain up correctly?
|
List<VerificationOK> |
verifySignature()
Verifies a document level timestamp.
|
setRootStore
setOnlineCheckingAllowed
protected static final Logger LOGGER
protected LtvVerification.CertificateOption option
protected boolean verifyRootCertificate
protected PdfDocument document
protected PdfAcroForm acroForm
protected Date signDate
null
for the highest revision.
protected String signatureName
protected PdfPKCS7 pkcs7
protected boolean latestRevision
protected PdfDictionary dss
public LtvVerifier(PdfDocument document) throws GeneralSecurityException
document
- The document we want to verify.
GeneralSecurityException
public void setVerifier(CertificateVerifier verifier)
verifier
- the verifier to set
public void setCertificateOption(LtvVerification.CertificateOption option)
option
- Either CertificateOption.SIGNING_CERTIFICATE (default) or CertificateOption.WHOLE_CHAIN
public void setVerifyRootCertificate(boolean verifyRootCertificate)
protected PdfPKCS7 coversWholeDocument() throws GeneralSecurityException
GeneralSecurityException
public List<VerificationOK> verify(List<VerificationOK> result) throws IOException, GeneralSecurityException
IOException
GeneralSecurityException
public List<VerificationOK> verifySignature() throws GeneralSecurityException, IOException
GeneralSecurityException
IOException
public void verifyChain(Certificate[] chain) throws GeneralSecurityException
chain
- the certificate chain
GeneralSecurityException
public List<VerificationOK> verify(X509Certificate signCert, X509Certificate issuerCert, Date signDate) throws GeneralSecurityException, IOException
verify
in class RootStoreVerifier
signCert
- the signing certificate
issuerCert
- the issuer's certificate
signDate
- the date the certificate needs to be valid
VerificationOK
objects. The list will be empty if the certificate couldn't be verified.
GeneralSecurityException
IOException
RootStoreVerifier.verify(java.security.cert.X509Certificate, java.security.cert.X509Certificate, java.util.Date)
public void switchToPreviousRevision() throws IOException, GeneralSecurityException
IOException
GeneralSecurityException
public List<X509CRL> getCRLsFromDSS() throws GeneralSecurityException, IOException
GeneralSecurityException
IOException
public ListgetOCSPResponsesFromDSS() throws IOException, GeneralSecurityException
IOException
GeneralSecurityException
Copyright © 1998–2016 iText Group NV. All rights reserved.