Package com.itextpdf.text.pdf.security
Class RootStoreVerifier
- java.lang.Object
-
- com.itextpdf.text.pdf.security.CertificateVerifier
-
- com.itextpdf.text.pdf.security.RootStoreVerifier
-
- Direct Known Subclasses:
CRLVerifier
,LtvVerifier
,OCSPVerifier
public class RootStoreVerifier extends CertificateVerifier
Verifies a certificate against aKeyStore
containing trusted anchors.
-
-
Field Summary
Fields Modifier and Type Field Description protected static Logger
LOGGER
The Logger instanceprotected java.security.KeyStore
rootStore
A key store against which certificates can be verified.-
Fields inherited from class com.itextpdf.text.pdf.security.CertificateVerifier
onlineCheckingAllowed, verifier
-
-
Constructor Summary
Constructors Constructor Description RootStoreVerifier(CertificateVerifier verifier)
Creates a RootStoreVerifier in a chain of verifiers.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
setRootStore(java.security.KeyStore keyStore)
Sets the Key Store against which a certificate can be checked.java.util.List<VerificationOK>
verify(java.security.cert.X509Certificate signCert, java.security.cert.X509Certificate issuerCert, java.util.Date signDate)
Verifies a single certificate against a key store (if present).-
Methods inherited from class com.itextpdf.text.pdf.security.CertificateVerifier
setOnlineCheckingAllowed
-
-
-
-
Field Detail
-
LOGGER
protected static final Logger LOGGER
The Logger instance
-
rootStore
protected java.security.KeyStore rootStore
A key store against which certificates can be verified.
-
-
Constructor Detail
-
RootStoreVerifier
public RootStoreVerifier(CertificateVerifier verifier)
Creates a RootStoreVerifier in a chain of verifiers.- Parameters:
verifier
- the next verifier in the chain
-
-
Method Detail
-
setRootStore
public void setRootStore(java.security.KeyStore keyStore)
Sets the Key Store against which a certificate can be checked.- Parameters:
keyStore
- a root store
-
verify
public java.util.List<VerificationOK> verify(java.security.cert.X509Certificate signCert, java.security.cert.X509Certificate issuerCert, java.util.Date signDate) throws java.security.GeneralSecurityException, java.io.IOException
Verifies a single certificate against a key store (if present).- Overrides:
verify
in classCertificateVerifier
- Parameters:
signCert
- the certificate to verifyissuerCert
- the issuer certificatesignDate
- the date the certificate needs to be valid- Returns:
- a list of
VerificationOK
objects. The list will be empty if the certificate couldn't be verified. - Throws:
java.security.GeneralSecurityException
java.io.IOException
-
-