Package com.itextpdf.signatures.validation.v1

Class CertificateChainValidator

java.lang.Object

com.itextpdf.signatures.validation.v1.CertificateChainValidator

       public class CertificateChainValidator extends Object
      

Validator class, which is expected to be used for certificates chain validation.

Constructor Summary

Constructors

Modifier	Constructor	Description
protected	CertificateChainValidator(ValidatorChainBuilder builder)	Create new instance of CertificateChainValidator.

Method Summary

Modifier and Type	Method	Description
CertificateChainValidator	addCrlClient(ICrlClient crlClient)	Deprecated. in favour of either SignatureValidationProperties.addCrlClient(com.itextpdf.signatures.ICrlClient) or RevocationDataValidator.addCrlClient(com.itextpdf.signatures.ICrlClient).
CertificateChainValidator	addOcspClient(IOcspClient ocpsClient)	Deprecated. in favour of either SignatureValidationProperties.addOcspClient(com.itextpdf.signatures.IOcspClient) or RevocationDataValidator.addOcspClient(com.itextpdf.signatures.IOcspClient).
ValidationReport	validate(ValidationReport result, ValidationContext context, X509Certificate certificate, Date validationDate)	Validate given certificate using provided validation date and required extensions.
ValidationReport	validateCertificate(ValidationContext context, X509Certificate certificate, Date validationDate)	Validate given certificate using provided validation date and required extensions.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

CertificateChainValidator

             protected CertificateChainValidator
             (ValidatorChainBuilder builder)
            

Create new instance of CertificateChainValidator.

Parameters:

builder - See ValidatorChainBuilder

Method Details

addCrlClient

             @Deprecated public CertificateChainValidator addCrlClient
             (ICrlClient crlClient)
            

Deprecated.

in favour of either SignatureValidationProperties.addCrlClient(com.itextpdf.signatures.ICrlClient) or RevocationDataValidator.addCrlClient(com.itextpdf.signatures.ICrlClient). TODO DEVSIX-8398 To be removed.

Add ICrlClient to be used for CRL responses receiving.

Parameters:

crlClient - ICrlClient to be used for CRL responses receiving

Returns:

same instance of CertificateChainValidator.

addOcspClient

             @Deprecated public CertificateChainValidator addOcspClient
             (IOcspClient ocpsClient)
            

Deprecated.

in favour of either SignatureValidationProperties.addOcspClient(com.itextpdf.signatures.IOcspClient) or RevocationDataValidator.addOcspClient(com.itextpdf.signatures.IOcspClient). TODO DEVSIX-8398 To be removed.

Add IOcspClient to be used for OCSP responses receiving.

Parameters:

ocpsClient - IOcspClient to be used for OCSP responses receiving

Returns:

same instance of CertificateChainValidator.

validateCertificate

             public ValidationReport validateCertificate
             (ValidationContext context, X509Certificate certificate, Date validationDate)
            

Validate given certificate using provided validation date and required extensions.

Parameters:

context - the validation context in which to validate the certificate chain

certificate - X509Certificate to be validated

validationDate - Date against which certificate is expected to be validated. Usually signing date

Returns:

ValidationReport which contains detailed validation results.

validate

             public ValidationReport validate
             (ValidationReport result, ValidationContext context, X509Certificate certificate, Date validationDate)
            

Validate given certificate using provided validation date and required extensions. Result is added into provided report.

Parameters:

result - ValidationReport which is populated with detailed validation results

context - the context in which to perform the validation

certificate - X509Certificate to be validated

validationDate - Date against which certificate is expected to be validated. Usually signing date

Returns:

ValidationReport which contains both provided and new validation results.