public class LtvVerifier extends RootStoreVerifier
Modifier and Type | Field and Description |
---|---|
protected PdfDictionary |
dss
The document security store for the revision that is being verified
|
protected AcroFields |
fields
The fields in the revision that is being verified.
|
protected boolean |
latestRevision
Indicates if we're working with the latest revision.
|
protected static Logger |
LOGGER
The Logger instance
|
protected LtvVerification.CertificateOption |
option
Do we need to check all certificate, or only the signing certificate?
|
protected PdfPKCS7 |
pkcs7
The PdfPKCS7 object for the signature.
|
protected PdfReader |
reader
A reader object for the revision that is being verified.
|
protected String |
signatureName
The signature that covers the revision.
|
protected Date |
signDate
The date the revision was signed, or null for the highest revision.
|
protected boolean |
verifyRootCertificate
Verify root.
|
rootStore
onlineCheckingAllowed, verifier
Constructor and Description |
---|
LtvVerifier(PdfReader reader)
Creates a VerificationData object for a PdfReader
|
Modifier and Type | Method and Description |
---|---|
protected PdfPKCS7 |
coversWholeDocument()
Checks if the signature covers the whole document and throws an exception if the document was altered
|
List<X509CRL> |
getCRLsFromDSS()
Gets a list of X509CRL objects from a Document Security Store.
|
List |
getOCSPResponsesFromDSS()
Gets OCSP responses from the Document Security Store.
|
void |
setCertificateOption(LtvVerification.CertificateOption option)
Sets the certificate option.
|
void |
setVerifier(CertificateVerifier verifier)
Sets an extra verifier.
|
void |
setVerifyRootCertificate(boolean verifyRootCertificate)
Set the verifyRootCertificate to false if you can't verify the root certificate.
|
void |
switchToPreviousRevision()
Switches to the previous revision.
|
List<VerificationOK> |
verify(List<VerificationOK> result)
Verifies all the document-level timestamps and all the signatures in the document.
|
List<VerificationOK> |
verify(X509Certificate signCert, X509Certificate issuerCert, Date signDate)
Verifies certificates against a list of CRLs and OCSP responses.
|
void |
verifyChain(Certificate[] chain)
Checks the certificates in a certificate chain: are they valid on a specific date, and do they chain up correctly?
|
List<VerificationOK> |
verifySignature()
Verifies a document level timestamp.
|
setRootStore
setOnlineCheckingAllowed
protected static final Logger LOGGER
protected LtvVerification.CertificateOption option
protected boolean verifyRootCertificate
protected PdfReader reader
protected AcroFields fields
protected Date signDate
null
for the highest revision.
protected String signatureName
protected PdfPKCS7 pkcs7
protected boolean latestRevision
protected PdfDictionary dss
public LtvVerifier(PdfReader reader) throws GeneralSecurityException
reader
- a reader for the document we want to verify.
GeneralSecurityException
public void setVerifier(CertificateVerifier verifier)
verifier
- the verifier to set
public void setCertificateOption(LtvVerification.CertificateOption option)
option
- Either CertificateOption.SIGNING_CERTIFICATE (default) or CertificateOption.WHOLE_CHAIN
public void setVerifyRootCertificate(boolean verifyRootCertificate)
protected PdfPKCS7 coversWholeDocument() throws GeneralSecurityException
GeneralSecurityException
public List<VerificationOK> verify(List<VerificationOK> result) throws IOException, GeneralSecurityException
IOException
GeneralSecurityException
public List<VerificationOK> verifySignature() throws GeneralSecurityException, IOException
GeneralSecurityException
IOException
public void verifyChain(Certificate[] chain) throws GeneralSecurityException
chain
-
GeneralSecurityException
public List<VerificationOK> verify(X509Certificate signCert, X509Certificate issuerCert, Date signDate) throws GeneralSecurityException, IOException
verify
in class RootStoreVerifier
signingCert
-
issuerCert
-
VerificationOK
objects. The list will be empty if the certificate couldn't be verified.
GeneralSecurityException
IOException
com.itextpdf.text.pdf.security.RootStoreVerifier#verify(java.security.cert.X509Certificate, java.security.cert.X509Certificate)
public void switchToPreviousRevision() throws IOException, GeneralSecurityException
IOException
GeneralSecurityException
public List<X509CRL> getCRLsFromDSS() throws GeneralSecurityException, IOException
GeneralSecurityException
IOException
public ListgetOCSPResponsesFromDSS() throws IOException, GeneralSecurityException
IOException
GeneralSecurityException
Copyright © 1998–2018. All rights reserved.