Package com.itextpdf.text.pdf.security
Class RootStoreVerifier
- java.lang.Object
-
- com.itextpdf.text.pdf.security.CertificateVerifier
-
- com.itextpdf.text.pdf.security.RootStoreVerifier
-
- Direct Known Subclasses:
CRLVerifier
,LtvVerifier
,OCSPVerifier
public class RootStoreVerifier extends CertificateVerifier
Verifies a certificate against aKeyStore
containing trusted anchors.
-
-
Field Summary
Fields Modifier and Type Field Description protected static Logger
LOGGER
The Logger instanceprotected KeyStore
rootStore
A key store against which certificates can be verified.-
Fields inherited from class com.itextpdf.text.pdf.security.CertificateVerifier
onlineCheckingAllowed, verifier
-
-
Constructor Summary
Constructors Constructor Description RootStoreVerifier(CertificateVerifier verifier)
Creates a RootStoreVerifier in a chain of verifiers.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
setRootStore(KeyStore keyStore)
Sets the Key Store against which a certificate can be checked.List<VerificationOK>
verify(X509Certificate signCert, X509Certificate issuerCert, Date signDate)
Verifies a single certificate against a key store (if present).-
Methods inherited from class com.itextpdf.text.pdf.security.CertificateVerifier
setOnlineCheckingAllowed
-
-
-
-
Constructor Detail
-
RootStoreVerifier
public RootStoreVerifier(CertificateVerifier verifier)
Creates a RootStoreVerifier in a chain of verifiers.- Parameters:
verifier
- the next verifier in the chain
-
-
Method Detail
-
setRootStore
public void setRootStore(KeyStore keyStore)
Sets the Key Store against which a certificate can be checked.- Parameters:
keyStore
- a root store
-
verify
public List<VerificationOK> verify(X509Certificate signCert, X509Certificate issuerCert, Date signDate) throws GeneralSecurityException, IOException
Verifies a single certificate against a key store (if present).- Overrides:
verify
in classCertificateVerifier
- Parameters:
signCert
- the certificate to verifyissuerCert
- the issuer certificatesignDate
- the date the certificate needs to be valid- Returns:
- a list of
VerificationOK
objects. The list will be empty if the certificate couldn't be verified. - Throws:
GeneralSecurityException
IOException
-
-