Package com.itextpdf.text.pdf.security
Class CertificateVerification
java.lang.Object
com.itextpdf.text.pdf.security.CertificateVerification
This class consists of some methods that allow you to verify certificates.
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionstatic String
verifyCertificate
(X509Certificate cert, Collection<CRL> crls, Calendar calendar) Verifies a single certificate.static List<VerificationException>
verifyCertificates
(Certificate[] certs, KeyStore keystore, Calendar calendar) Verifies a certificate chain against a KeyStore.static List<VerificationException>
verifyCertificates
(Certificate[] certs, KeyStore keystore, Collection<CRL> crls, Calendar calendar) Verifies a certificate chain against a KeyStore.static boolean
verifyOcspCertificates
(org.bouncycastle.cert.ocsp.BasicOCSPResp ocsp, KeyStore keystore, String provider) Verifies an OCSP response against a KeyStore.static boolean
verifyTimestampCertificates
(org.bouncycastle.tsp.TimeStampToken ts, KeyStore keystore, String provider) Verifies a time stamp against a KeyStore.
-
Constructor Details
-
CertificateVerification
public CertificateVerification()
-
-
Method Details
-
verifyCertificate
public static String verifyCertificate(X509Certificate cert, Collection<CRL> crls, Calendar calendar) Verifies a single certificate.- Parameters:
cert
- the certificate to verifycrls
- the certificate revocation list ornull
calendar
- the date ornull
for the current date- Returns:
- a
String
with the error description ornull
if no error
-
verifyCertificates
public static List<VerificationException> verifyCertificates(Certificate[] certs, KeyStore keystore, Collection<CRL> crls, Calendar calendar) Verifies a certificate chain against a KeyStore.- Parameters:
certs
- the certificate chainkeystore
- theKeyStore
crls
- the certificate revocation list ornull
calendar
- the date ornull
for the current date- Returns:
null
if the certificate chain could be validated or aObject[]{cert,error}
wherecert
is the failed certificate anderror
is the error message
-
verifyCertificates
public static List<VerificationException> verifyCertificates(Certificate[] certs, KeyStore keystore, Calendar calendar) Verifies a certificate chain against a KeyStore.- Parameters:
certs
- the certificate chainkeystore
- theKeyStore
calendar
- the date ornull
for the current date- Returns:
null
if the certificate chain could be validated or aObject[]{cert,error}
wherecert
is the failed certificate anderror
is the error message
-
verifyOcspCertificates
public static boolean verifyOcspCertificates(org.bouncycastle.cert.ocsp.BasicOCSPResp ocsp, KeyStore keystore, String provider) Verifies an OCSP response against a KeyStore.- Parameters:
ocsp
- the OCSP responsekeystore
- theKeyStore
provider
- the provider ornull
to use the BouncyCastle provider- Returns:
true
is a certificate was found
-
verifyTimestampCertificates
public static boolean verifyTimestampCertificates(org.bouncycastle.tsp.TimeStampToken ts, KeyStore keystore, String provider) Verifies a time stamp against a KeyStore.- Parameters:
ts
- the time stampkeystore
- theKeyStore
provider
- the provider ornull
to use the BouncyCastle provider- Returns:
true
is a certificate was found
-