Package com.itextpdf.signatures

Interface IIssuingCertificateRetriever

All Known Implementing Classes:
IssuingCertificateRetriever
public interface IIssuingCertificateRetriever
Interface helper to support retrieving CAIssuers certificates from Authority Information Access (AIA) Extension in order to support certificate chains with missing certificates and getting CRL response issuer certificates.

  • Method Summary

    Modifier and Type
    Method
    Description
    Certificate[]
    getCrlIssuerCertificates(CRL crl)
    Retrieves the certificate chain for the certificate that should be used to verify the signature on the CRL response using CRL Authority Information Access (AIA) Extension and known certificates.
    Certificate[][]
    getCrlIssuerCertificatesByName(CRL crl)
    Retrieves the certificate chaind for the certificates that could be used to verify the signature on the CRL response using CRL Authority Information Access (AIA) Extension and known certificates.
    Certificate[]
    retrieveMissingCertificates(Certificate[] chain)
    Retrieves missing certificates in chain using certificate Authority Information Access (AIA) Extension.
    void
    setTrustedCertificates(Collection<Certificate> certificates)
    Sets trusted certificate list to be used for the missing certificates retrieving by the issuer name.

  • Method Details

    • retrieveMissingCertificates

      Certificate[] retrieveMissingCertificates (Certificate[] chain)
      Retrieves missing certificates in chain using certificate Authority Information Access (AIA) Extension.
      Parameters:
      chain - certificate chain to restore with at least signing certificate.
      Returns:
      full chain of trust or maximum chain that could be restored in case missing certificates cannot be retrieved from AIA extension.

    • getCrlIssuerCertificates

      Certificate[] getCrlIssuerCertificates (CRL crl)
      Retrieves the certificate chain for the certificate that should be used to verify the signature on the CRL response using CRL Authority Information Access (AIA) Extension and known certificates.
      Parameters:
      crl - CRL response to retrieve issuer for.
      Returns:
      certificates retrieved from CRL AIA extension or an empty list in case certificates cannot be retrieved.

    • getCrlIssuerCertificatesByName

      Certificate[][] getCrlIssuerCertificatesByName (CRL crl)
      Retrieves the certificate chaind for the certificates that could be used to verify the signature on the CRL response using CRL Authority Information Access (AIA) Extension and known certificates.
      Parameters:
      crl - CRL response to retrieve issuer for.
      Returns:
      certificates retrieved from CRL AIA extension or an empty list in case certificates cannot be retrieved.

    • setTrustedCertificates

      void setTrustedCertificates (Collection<Certificate> certificates)
      Sets trusted certificate list to be used for the missing certificates retrieving by the issuer name.
      Parameters:
      certificates - certificate list for getting missing certificates in chain or CRL response issuer certificates.