Package com.itextpdf.signatures.validation

Class TrustedCertificatesStore

java.lang.Object
com.itextpdf.signatures.validation.TrustedCertificatesStore
public class TrustedCertificatesStore extends Object
Trusted certificates storage class to be used to configure trusted certificates in a particular way.

  • Constructor Details

    • TrustedCertificatesStore

      public TrustedCertificatesStore()

  • Method Details

    • addGenerallyTrustedCertificates

      public void addGenerallyTrustedCertificates (Collection<Certificate> certificates)
      Add collection of certificates to be trusted for any possible usage.
      Parameters:
      certificates - Collection of Certificate instances

    • addOcspTrustedCertificates

      public void addOcspTrustedCertificates (Collection<Certificate> certificates)
      Add collection of certificates to be trusted for OCSP response signing. These certificates are considered to be valid trust anchors for arbitrarily long certificate chain responsible for OCSP response generation.
      Parameters:
      certificates - Collection of Certificate instances

    • addCrlTrustedCertificates

      public void addCrlTrustedCertificates (Collection<Certificate> certificates)
      Add collection of certificates to be trusted for CRL signing. These certificates are considered to be valid trust anchors for arbitrarily long certificate chain responsible for CRL generation.
      Parameters:
      certificates - Collection of Certificate instances

    • addTimestampTrustedCertificates

      public void addTimestampTrustedCertificates (Collection<Certificate> certificates)
      Add collection of certificates to be trusted for timestamping. These certificates are considered to be valid trust anchors for arbitrarily long certificate chain responsible for timestamp generation.
      Parameters:
      certificates - Collection of Certificate instances

    • addCATrustedCertificates

      public void addCATrustedCertificates (Collection<Certificate> certificates)
      Add collection of certificates to be trusted to be CA certificates. These certificates are considered to be valid trust anchors for certificate generation.
      Parameters:
      certificates - Collection of Certificate instances

    • isCertificateGenerallyTrusted

      public boolean isCertificateGenerallyTrusted (Certificate certificate)
      Check if provided certificate is configured to be trusted for any purpose.
      Parameters:
      certificate - Certificate to be checked
      Returns:
      true is provided certificate is generally trusted, false otherwise

    • isCertificateTrustedForOcsp

      public boolean isCertificateTrustedForOcsp (Certificate certificate)
      Check if provided certificate is configured to be trusted for OCSP response generation.
      Parameters:
      certificate - Certificate to be checked
      Returns:
      true is provided certificate is trusted for OCSP generation, false otherwise

    • isCertificateTrustedForCrl

      public boolean isCertificateTrustedForCrl (Certificate certificate)
      Check if provided certificate is configured to be trusted for CRL generation.
      Parameters:
      certificate - Certificate to be checked
      Returns:
      true is provided certificate is trusted for CRL generation, false otherwise

    • isCertificateTrustedForTimestamp

      public boolean isCertificateTrustedForTimestamp (Certificate certificate)
      Check if provided certificate is configured to be trusted for timestamp generation.
      Parameters:
      certificate - Certificate to be checked
      Returns:
      true is provided certificate is trusted for timestamp generation, false otherwise

    • isCertificateTrustedForCA

      public boolean isCertificateTrustedForCA (Certificate certificate)
      Check if provided certificate is configured to be trusted to be CA.
      Parameters:
      certificate - Certificate to be checked
      Returns:
      true is provided certificate is trusted for certificates generation, false otherwise

    • getGenerallyTrustedCertificates

      public Set<Certificate> getGenerallyTrustedCertificates (String certificateName)
      Get certificates, if any, which is trusted for any usage, which corresponds to the provided certificate name.
      Parameters:
      certificateName - String certificate name
      Returns:
      set of Certificate which correspond to the provided certificate name

    • getCertificatesTrustedForOcsp

      public Set<Certificate> getCertificatesTrustedForOcsp (String certificateName)
      Get certificates, if any, which is trusted for OCSP response generation, which corresponds to the provided certificate name.
      Parameters:
      certificateName - String certificate name
      Returns:
      set of Certificate which correspond to the provided certificate name

    • getCertificatesTrustedForCrl

      public Set<Certificate> getCertificatesTrustedForCrl (String certificateName)
      Get certificates, if any, which is trusted for CRL generation, which corresponds to the provided certificate name.
      Parameters:
      certificateName - String certificate name
      Returns:
      set of Certificate which correspond to the provided certificate name

    • getCertificatesTrustedForTimestamp

      public Set<Certificate> getCertificatesTrustedForTimestamp (String certificateName)
      Get certificate, if any, which is trusted for timestamp generation, which corresponds to the provided certificate name.
      Parameters:
      certificateName - String certificate name
      Returns:
      set of Certificate which correspond to the provided certificate name

    • getCertificatesTrustedForCA

      public Set<Certificate> getCertificatesTrustedForCA (String certificateName)
      Get certificates, if any, which is trusted to be a CA, which corresponds to the provided certificate name.
      Parameters:
      certificateName - String certificate name
      Returns:
      set of Certificate which correspond to the provided certificate name

    • getKnownCertificates

      public Set<Certificate> getKnownCertificates (String certificateName)
      Get certificates, if any, which corresponds to the provided certificate name.
      Parameters:
      certificateName - String certificate name
      Returns:
      set of Certificate which correspond to the provided certificate name

    • getAllTrustedCertificates

      public Collection<Certificate> getAllTrustedCertificates()
      Get all the certificates, which where provided to this storage as trusted certificate.
      Returns:
      Collection of Certificate instances

    • getAllTrustedCertificates

      public Set<Certificate> getAllTrustedCertificates (String name)
      Get all the certificates having name as subject, which where provided to this storage as trusted certificate.
      Parameters:
      name - the subject name value for which to retrieve all trusted certificate
      Returns:
      set of Certificate which correspond to the provided certificate name