Class LotlTrustedStore
java.lang.Object
com.itextpdf.signatures.validation.lotl.LotlTrustedStore
Trusted certificates storage class for country specific Lotl trusted certificates.
-
Constructor Summary
ConstructorsConstructorDescriptionLotlTrustedStore(ValidatorChainBuilder builder) Creates new instance ofLotlTrustedStore. -
Method Summary
Modifier and TypeMethodDescriptionbooleancheckIfCertIsTrusted(ValidationReport result, ValidationContext context, X509Certificate certificate, Date validationDate) Checks if given certificate is trusted according to context and time in which it is used.Gets all the certificates stored in this trusted store.protected Set<CertificateSource>getCertificateSourceBasedOnServiceType(String serviceType) Gets set ofCertificateSourceitems based on service type identifier of a given certificate in LOTL file.Gets lotl validation report.protected booleanisScopeCorrectlySpecified(List<ReportItem> reportItems, X509Certificate certificate, List<AdditionalServiceInformationExtension> extensions) Checks if scope specified by extensions contains valid types.setPreviousCertificates(List<X509Certificate> previousCertificates) Sets the certificate chain, corresponding to the certificate we are about to check.
-
Constructor Details
-
LotlTrustedStore
Creates new instance ofLotlTrustedStore. This constructor shall not be used directly. Instead, in order to create such instanceValidatorChainBuilder.getLotlTrustedStore()shall be used.- Parameters:
-
builder-ValidatorChainBuilderwhich was responsible for creation
-
-
Method Details
-
getCertificates
Gets all the certificates stored in this trusted store.- Returns:
-
Certificatestored
-
setPreviousCertificates
Sets the certificate chain, corresponding to the certificate we are about to check.- Parameters:
-
previousCertificates- list ofX509Certificatecertificates - Returns:
-
same instance of
LotlTrustedStore
-
checkIfCertIsTrusted
public boolean checkIfCertIsTrusted(ValidationReport result, ValidationContext context, X509Certificate certificate, Date validationDate) Checks if given certificate is trusted according to context and time in which it is used.- Parameters:
-
result-ValidationReportwhich stores check results -
context-ValidationContextin which certificate is used -
certificate-X509Certificatecertificate to be checked -
validationDate-Datedate time in which certificate is validated - Returns:
-
trueif certificate is trusted,falseotherwise
-
getLotlValidationReport
Gets lotl validation report.- Returns:
- validation report regarding trusted lists accessibility.
-
getCertificateSourceBasedOnServiceType
Gets set ofCertificateSourceitems based on service type identifier of a given certificate in LOTL file.Certificate source defines in which context this certificate is supposed to be trusted.
- Parameters:
-
serviceType-Stringrepresenting service type identifier field in LOTL file. - Returns:
-
set of
CertificateSourcerepresenting contexts, in which certificate is supposed to be trusted.
-
isScopeCorrectlySpecified
protected boolean isScopeCorrectlySpecified(List<ReportItem> reportItems, X509Certificate certificate, List<AdditionalServiceInformationExtension> extensions) Checks if scope specified by extensions contains valid types.- Parameters:
-
reportItems-ValidationReportwhich is populated with detailed validation results -
certificate-X509Certificateto be validated -
extensions-AdditionalServiceInformationExtensionthat specify scope - Returns:
- false if extensions specify scope only with invalid types.
-