public class LtvVerifier extends RootStoreVerifier
| Modifier and Type | Field and Description |
|---|---|
protected PdfDictionary |
dss
The document security store for the revision that is being verified
|
protected AcroFields |
fields
The fields in the revision that is being verified.
|
protected boolean |
latestRevision
Indicates if we're working with the latest revision.
|
protected static Logger |
LOGGER
The Logger instance
|
protected LtvVerification.CertificateOption |
option
Do we need to check all certificate, or only the signing certificate?
|
protected PdfPKCS7 |
pkcs7
The PdfPKCS7 object for the signature.
|
protected PdfReader |
reader
A reader object for the revision that is being verified.
|
protected java.lang.String |
signatureName
The signature that covers the revision.
|
protected java.util.Date |
signDate
The date the revision was signed, or
null for the highest revision. |
protected boolean |
verifyRootCertificate
Verify root.
|
rootStoreonlineCheckingAllowed, verifier| Constructor and Description |
|---|
LtvVerifier(PdfReader reader)
Creates a VerificationData object for a PdfReader
|
| Modifier and Type | Method and Description |
|---|---|
protected PdfPKCS7 |
coversWholeDocument()
Checks if the signature covers the whole document
and throws an exception if the document was altered
|
java.util.List<java.security.cert.X509CRL> |
getCRLsFromDSS()
Gets a list of X509CRL objects from a Document Security Store.
|
java.util.List<org.bouncycastle.cert.ocsp.BasicOCSPResp> |
getOCSPResponsesFromDSS()
Gets OCSP responses from the Document Security Store.
|
void |
setCertificateOption(LtvVerification.CertificateOption option)
Sets the certificate option.
|
void |
setVerifier(CertificateVerifier verifier)
Sets an extra verifier.
|
void |
setVerifyRootCertificate(boolean verifyRootCertificate)
Set the verifyRootCertificate to false if you can't verify the root certificate.
|
void |
switchToPreviousRevision()
Switches to the previous revision.
|
java.util.List<VerificationOK> |
verify(java.util.List<VerificationOK> result)
Verifies all the document-level timestamps and all the signatures in the document.
|
java.util.List<VerificationOK> |
verify(java.security.cert.X509Certificate signCert,
java.security.cert.X509Certificate issuerCert,
java.util.Date signDate)
Verifies certificates against a list of CRLs and OCSP responses.
|
void |
verifyChain(java.security.cert.Certificate[] chain)
Checks the certificates in a certificate chain:
are they valid on a specific date, and
do they chain up correctly?
|
java.util.List<VerificationOK> |
verifySignature()
Verifies a document level timestamp.
|
setRootStoresetOnlineCheckingAllowedprotected static final Logger LOGGER
protected LtvVerification.CertificateOption option
protected boolean verifyRootCertificate
protected PdfReader reader
protected AcroFields fields
protected java.util.Date signDate
null for the highest revision.protected java.lang.String signatureName
protected PdfPKCS7 pkcs7
protected boolean latestRevision
protected PdfDictionary dss
public LtvVerifier(PdfReader reader) throws java.security.GeneralSecurityException
reader - a reader for the document we want to verify.java.security.GeneralSecurityExceptionpublic void setVerifier(CertificateVerifier verifier)
verifier - the verifier to setpublic void setCertificateOption(LtvVerification.CertificateOption option)
option - Either CertificateOption.SIGNING_CERTIFICATE (default) or CertificateOption.WHOLE_CHAINpublic void setVerifyRootCertificate(boolean verifyRootCertificate)
protected PdfPKCS7 coversWholeDocument() throws java.security.GeneralSecurityException
java.security.GeneralSecurityExceptionpublic java.util.List<VerificationOK> verify(java.util.List<VerificationOK> result) throws java.io.IOException, java.security.GeneralSecurityException
java.io.IOExceptionjava.security.GeneralSecurityExceptionpublic java.util.List<VerificationOK> verifySignature() throws java.security.GeneralSecurityException, java.io.IOException
java.security.GeneralSecurityExceptionjava.io.IOExceptionpublic void verifyChain(java.security.cert.Certificate[] chain)
throws java.security.GeneralSecurityException
chain - java.security.GeneralSecurityExceptionpublic java.util.List<VerificationOK> verify(java.security.cert.X509Certificate signCert, java.security.cert.X509Certificate issuerCert, java.util.Date signDate) throws java.security.GeneralSecurityException, java.io.IOException
verify in class RootStoreVerifiersigningCert - issuerCert - VerificationOK objects.
The list will be empty if the certificate couldn't be verified.java.security.GeneralSecurityExceptionjava.io.IOExceptioncom.itextpdf.text.pdf.security.RootStoreVerifier#verify(java.security.cert.X509Certificate, java.security.cert.X509Certificate)public void switchToPreviousRevision()
throws java.io.IOException,
java.security.GeneralSecurityException
java.io.IOExceptionjava.security.GeneralSecurityExceptionpublic java.util.List<java.security.cert.X509CRL> getCRLsFromDSS()
throws java.security.GeneralSecurityException,
java.io.IOException
java.security.GeneralSecurityExceptionjava.io.IOExceptionpublic java.util.List<org.bouncycastle.cert.ocsp.BasicOCSPResp> getOCSPResponsesFromDSS()
throws java.io.IOException,
java.security.GeneralSecurityException
java.io.IOExceptionjava.security.GeneralSecurityExceptionCopyright © 2013. All Rights Reserved.