public class LtvVerifier extends RootStoreVerifier
Modifier and Type | Field and Description |
---|---|
protected PdfAcroForm |
acroForm
The fields in the revision that is being verified.
|
protected PdfDocument |
document
A document object for the revision that is being verified.
|
protected PdfDictionary |
dss
The document security store for the revision that is being verified
|
protected boolean |
latestRevision
Indicates if we're working with the latest revision.
|
protected static org.slf4j.Logger |
LOGGER
The Logger instance
|
protected LtvVerification.CertificateOption |
option
Option to specify level of verification; signing certificate only or the entire chain.
|
protected PdfPKCS7 |
pkcs7
The PdfPKCS7 object for the signature.
|
protected String |
securityProviderCode
Security provider to use, use null for default
|
protected String |
signatureName
The signature that covers the revision.
|
protected Date |
signDate
The date the revision was signed, or null for the highest revision.
|
protected boolean |
verifyRootCertificate
Verify root.
|
rootStore
onlineCheckingAllowed, verifier
Constructor and Description |
---|
LtvVerifier(PdfDocument document)
Creates a VerificationData object for a PdfReader
|
LtvVerifier(PdfDocument document, String securityProviderCode) |
Modifier and Type | Method and Description |
---|---|
protected PdfPKCS7 |
coversWholeDocument()
Checks if the signature covers the whole document and throws an exception if the document was altered
|
List<X509CRL> |
getCRLsFromDSS()
Gets a list of X509CRL objects from a Document Security Store.
|
List |
getOCSPResponsesFromDSS()
Gets OCSP responses from the Document Security Store.
|
protected void |
initLtvVerifier(PdfDocument document) |
void |
setCertificateOption(LtvVerification.CertificateOption option)
Sets the certificate option.
|
void |
setVerifier(CertificateVerifier verifier)
Sets an extra verifier.
|
void |
setVerifyRootCertificate(boolean verifyRootCertificate)
Set the verifyRootCertificate to false if you can't verify the root certificate.
|
void |
switchToPreviousRevision()
Switches to the previous revision.
|
List<VerificationOK> |
verify(List<VerificationOK> result)
Verifies all the document-level timestamps and all the signatures in the document.
|
List<VerificationOK> |
verify(X509Certificate signCert, X509Certificate issuerCert, Date signDate)
Verifies certificates against a list of CRLs and OCSP responses.
|
void |
verifyChain(Certificate[] chain)
Checks the certificates in a certificate chain: are they valid on a specific date, and do they chain up correctly?
|
List<VerificationOK> |
verifySignature()
Verifies a document level timestamp.
|
setRootStore
setOnlineCheckingAllowed
protected static final org.slf4j.Logger LOGGER
protected LtvVerification.CertificateOption option
protected boolean verifyRootCertificate
protected PdfDocument document
protected PdfAcroForm acroForm
protected Date signDate
null
for the highest revision.
protected String signatureName
protected PdfPKCS7 pkcs7
protected boolean latestRevision
protected PdfDictionary dss
protected String securityProviderCode
public LtvVerifier(PdfDocument document) throws GeneralSecurityException
document
- The document we want to verify.
GeneralSecurityException
public LtvVerifier(PdfDocument document, String securityProviderCode) throws GeneralSecurityException
GeneralSecurityException
public void setVerifier(CertificateVerifier verifier)
verifier
- the verifier to set
public void setCertificateOption(LtvVerification.CertificateOption option)
option
- Either CertificateOption.SIGNING_CERTIFICATE (default) or CertificateOption.WHOLE_CHAIN
public void setVerifyRootCertificate(boolean verifyRootCertificate)
public List<VerificationOK> verify(List<VerificationOK> result) throws IOException, GeneralSecurityException
IOException
GeneralSecurityException
public List<VerificationOK> verifySignature() throws GeneralSecurityException, IOException
GeneralSecurityException
IOException
public void verifyChain(Certificate[] chain) throws GeneralSecurityException
chain
- the certificate chain
GeneralSecurityException
public List<VerificationOK> verify(X509Certificate signCert, X509Certificate issuerCert, Date signDate) throws GeneralSecurityException, IOException
verify
in class RootStoreVerifier
signCert
- the signing certificate
issuerCert
- the issuer's certificate
signDate
- the date the certificate needs to be valid
VerificationOK
objects. The list will be empty if the certificate couldn't be verified.
GeneralSecurityException
IOException
RootStoreVerifier.verify(java.security.cert.X509Certificate, java.security.cert.X509Certificate, java.util.Date)
public void switchToPreviousRevision() throws IOException, GeneralSecurityException
IOException
GeneralSecurityException
public List<X509CRL> getCRLsFromDSS() throws GeneralSecurityException, IOException
GeneralSecurityException
IOException
public ListgetOCSPResponsesFromDSS() throws IOException, GeneralSecurityException
IOException
GeneralSecurityException
protected void initLtvVerifier(PdfDocument document) throws GeneralSecurityException
GeneralSecurityException
protected PdfPKCS7 coversWholeDocument() throws GeneralSecurityException
GeneralSecurityException
Copyright © 1998–2017 iText Group NV. All rights reserved.