Package com.itextpdf.text.pdf.security
Class LtvVerification
java.lang.Object
com.itextpdf.text.pdf.security.LtvVerification
Add verification according to PAdES-LTV (part 4)
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionstatic enum
Certificate inclusion in the DSS and VRI dictionaries in the CERT and CERTS keysstatic enum
Options for how many certificates to includestatic enum
What type of verification to includeprivate static class
-
Field Summary
FieldsModifier and TypeFieldDescriptionprivate AcroFields
private Logger
private PdfReader
private PdfStamper
private boolean
private Map<PdfName,
LtvVerification.ValidationData> private PdfWriter
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionboolean
addVerification
(String signatureName, OcspClient ocsp, CrlClient crl, LtvVerification.CertificateOption certOption, LtvVerification.Level level, LtvVerification.CertificateInclusion certInclude) Add verification for a particular signatureboolean
addVerification
(String signatureName, Collection<byte[]> ocsps, Collection<byte[]> crls, Collection<byte[]> certs) Alternative addVerification.private static byte[]
buildOCSPResponse
(byte[] BasicOCSPResponse) private void
private static void
deleteOldReferences
(PdfArray all, PdfArray toDelete) private X509Certificate
getParent
(X509Certificate cert, Certificate[] certs) Returns the issuing certificate for a child certificate.private PdfName
getSignatureHashKey
(String signatureName) private static byte[]
hashBytesSha1
(byte[] b) void
merge()
Merges the validation with any validation already in the document or creates a new one.private void
outputDss
(PdfDictionary dss, PdfDictionary vrim, PdfArray ocsps, PdfArray crls, PdfArray certs) private void
-
Field Details
-
LOGGER
-
stp
-
writer
-
reader
-
acroFields
-
validated
-
used
private boolean used
-
-
Constructor Details
-
LtvVerification
The verification constructor. This class should only be created with PdfStamper.getLtvVerification() otherwise the information will not be added to the Pdf.- Parameters:
stp
- the PdfStamper to apply the validation to
-
-
Method Details
-
addVerification
public boolean addVerification(String signatureName, OcspClient ocsp, CrlClient crl, LtvVerification.CertificateOption certOption, LtvVerification.Level level, LtvVerification.CertificateInclusion certInclude) throws IOException, GeneralSecurityException Add verification for a particular signature- Parameters:
signatureName
- the signature to validate (it may be a timestamp)ocsp
- the interface to get the OCSPcrl
- the interface to get the CRLcertOption
-level
- the validation options to includecertInclude
-- Returns:
- true if a validation was generated, false otherwise
- Throws:
GeneralSecurityException
IOException
-
getParent
Returns the issuing certificate for a child certificate.- Parameters:
cert
- the certificate for which we search the parentcerts
- an array with certificates that contains the parent- Returns:
- the partent certificate
-
addVerification
public boolean addVerification(String signatureName, Collection<byte[]> ocsps, Collection<byte[]> crls, Collection<byte[]> certs) throws IOException, GeneralSecurityException Alternative addVerification. I assume that inputs are deduplicated.- Throws:
IOException
GeneralSecurityException
-
buildOCSPResponse
- Throws:
IOException
-
getSignatureHashKey
private PdfName getSignatureHashKey(String signatureName) throws NoSuchAlgorithmException, IOException - Throws:
NoSuchAlgorithmException
IOException
-
hashBytesSha1
- Throws:
NoSuchAlgorithmException
-
merge
Merges the validation with any validation already in the document or creates a new one.- Throws:
IOException
-
updateDss
- Throws:
IOException
-
deleteOldReferences
-
createDss
- Throws:
IOException
-
outputDss
private void outputDss(PdfDictionary dss, PdfDictionary vrim, PdfArray ocsps, PdfArray crls, PdfArray certs) throws IOException - Throws:
IOException
-