Package com.itextpdf.signatures.validation.v1

Class TrustedCertificatesStore

java.lang.Object
com.itextpdf.signatures.validation.v1.TrustedCertificatesStore
public class TrustedCertificatesStore extends Object
Trusted certificates storage class to be used to configure trusted certificates in a particular way.

  • Constructor Details

    • TrustedCertificatesStore

      public TrustedCertificatesStore()

  • Method Details

    • addGenerallyTrustedCertificates

      public void addGenerallyTrustedCertificates (Collection<Certificate> certificates)
      Add collection of certificates to be trusted for any possible usage.
      Parameters:
      certificates - Collection of Certificate instances

    • addOcspTrustedCertificates

      public void addOcspTrustedCertificates (Collection<Certificate> certificates)
      Add collection of certificates to be trusted for OCSP response signing. These certificates are considered to be valid trust anchors for arbitrarily long certificate chain responsible for OCSP response generation.
      Parameters:
      certificates - Collection of Certificate instances

    • addCrlTrustedCertificates

      public void addCrlTrustedCertificates (Collection<Certificate> certificates)
      Add collection of certificates to be trusted for CRL signing. These certificates are considered to be valid trust anchors for arbitrarily long certificate chain responsible for CRL generation.
      Parameters:
      certificates - Collection of Certificate instances

    • addTimestampTrustedCertificates

      public void addTimestampTrustedCertificates (Collection<Certificate> certificates)
      Add collection of certificates to be trusted for timestamping. These certificates are considered to be valid trust anchors for arbitrarily long certificate chain responsible for timestamp generation.
      Parameters:
      certificates - Collection of Certificate instances

    • addCATrustedCertificates

      public void addCATrustedCertificates (Collection<Certificate> certificates)
      Add collection of certificates to be trusted to be CA certificates. These certificates are considered to be valid trust anchors for certificate generation.
      Parameters:
      certificates - Collection of Certificate instances

    • isCertificateGenerallyTrusted

      public boolean isCertificateGenerallyTrusted (Certificate certificate)
      Check if provided certificate is configured to be trusted for any purpose.
      Parameters:
      certificate - Certificate to be checked
      Returns:
      true is provided certificate is generally trusted, false otherwise

    • isCertificateTrustedForOcsp

      public boolean isCertificateTrustedForOcsp (Certificate certificate)
      Check if provided certificate is configured to be trusted for OCSP response generation.
      Parameters:
      certificate - Certificate to be checked
      Returns:
      true is provided certificate is trusted for OCSP generation, false otherwise

    • isCertificateTrustedForCrl

      public boolean isCertificateTrustedForCrl (Certificate certificate)
      Check if provided certificate is configured to be trusted for CRL generation.
      Parameters:
      certificate - Certificate to be checked
      Returns:
      true is provided certificate is trusted for CRL generation, false otherwise

    • isCertificateTrustedForTimestamp

      public boolean isCertificateTrustedForTimestamp (Certificate certificate)
      Check if provided certificate is configured to be trusted for timestamp generation.
      Parameters:
      certificate - Certificate to be checked
      Returns:
      true is provided certificate is trusted for timestamp generation, false otherwise

    • isCertificateTrustedForCA

      public boolean isCertificateTrustedForCA (Certificate certificate)
      Check if provided certificate is configured to be trusted to be CA.
      Parameters:
      certificate - Certificate to be checked
      Returns:
      true is provided certificate is trusted for certificates generation, false otherwise

    • getGenerallyTrustedCertificate

      public Certificate getGenerallyTrustedCertificate (String certificateName)
      Get certificate, if any, which is trusted for any usage, which corresponds to the provided certificate name.
      Parameters:
      certificateName - String certificate name
      Returns:
      Certificate which corresponds to the provided certificate name

    • getCertificateTrustedForOcsp

      public Certificate getCertificateTrustedForOcsp (String certificateName)
      Get certificate, if any, which is trusted for OCSP response generation, which corresponds to the provided certificate name.
      Parameters:
      certificateName - String certificate name
      Returns:
      Certificate which corresponds to the provided certificate name

    • getCertificateTrustedForCrl

      public Certificate getCertificateTrustedForCrl (String certificateName)
      Get certificate, if any, which is trusted for CRL generation, which corresponds to the provided certificate name.
      Parameters:
      certificateName - String certificate name
      Returns:
      Certificate which corresponds to the provided certificate name

    • getCertificateTrustedForTimestamp

      public Certificate getCertificateTrustedForTimestamp (String certificateName)
      Get certificate, if any, which is trusted for timestamp generation, which corresponds to the provided certificate name.
      Parameters:
      certificateName - String certificate name
      Returns:
      Certificate which corresponds to the provided certificate name

    • getCertificateTrustedForCA

      public Certificate getCertificateTrustedForCA (String certificateName)
      Get certificate, if any, which is trusted to be a CA, which corresponds to the provided certificate name.
      Parameters:
      certificateName - String certificate name
      Returns:
      Certificate which corresponds to the provided certificate name

    • getKnownCertificate

      public Certificate getKnownCertificate (String certificateName)
      Get certificate, if any, which corresponds to the provided certificate name.
      Parameters:
      certificateName - String certificate name
      Returns:
      Certificate which corresponds to the provided certificate name

    • getAllTrustedCertificates

      public Collection<Certificate> getAllTrustedCertificates()
      Get all the certificates, which where provided to this storage as trusted certificate.
      Returns:
      Collection of Certificate instances