Package com.itextpdf.signatures

Class RootStoreVerifier

java.lang.Object

com.itextpdf.signatures.CertificateVerifier

com.itextpdf.signatures.RootStoreVerifier

Direct Known Subclasses:

CRLVerifier, LtvVerifier, OCSPVerifier

@Deprecated
public class RootStoreVerifier
extends CertificateVerifier

Deprecated.

starting from 8.0.5. CertificateChainValidator should be used instead.

Verifies a certificate against a KeyStore containing trusted anchors.

Field Summary

Fields

Modifier and Type	Field	Description
protected java.security.KeyStore	rootStore	Deprecated. A key store against which certificates can be verified.

Fields inherited from class com.itextpdf.signatures.CertificateVerifier

onlineCheckingAllowed, verifier

Constructor Summary

Constructors

Constructor	Description
RootStoreVerifier(CertificateVerifier verifier)	Deprecated. Creates a RootStoreVerifier in a chain of verifiers.

Method Summary

Modifier and Type	Method	Description
void	setRootStore(java.security.KeyStore keyStore)	Deprecated. Sets the Key Store against which a certificate can be checked.
java.util.List<VerificationOK>	verify(java.security.cert.X509Certificate signCert, java.security.cert.X509Certificate issuerCert, java.util.Date signDate)	Deprecated. Verifies a single certificate against a key store (if present).

Methods inherited from class com.itextpdf.signatures.CertificateVerifier

setOnlineCheckingAllowed

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

rootStore

protected java.security.KeyStore rootStore

Deprecated.

A key store against which certificates can be verified.

Constructor Detail

RootStoreVerifier

public RootStoreVerifier(CertificateVerifier verifier)

Deprecated.

Creates a RootStoreVerifier in a chain of verifiers.

Parameters:

verifier - the next verifier in the chain

Method Detail

setRootStore

public void setRootStore(java.security.KeyStore keyStore)

Deprecated.

Sets the Key Store against which a certificate can be checked.

Parameters:

keyStore - a root store

verify

public java.util.List<VerificationOK> verify(java.security.cert.X509Certificate signCert,
                                             java.security.cert.X509Certificate issuerCert,
                                             java.util.Date signDate)
                                      throws java.security.GeneralSecurityException

Deprecated.

Verifies a single certificate against a key store (if present).

Overrides:

verify in class CertificateVerifier

Parameters:

signCert - the certificate to verify

issuerCert - the issuer certificate

signDate - the date the certificate needs to be valid

Returns:

a list of VerificationOK objects. The list will be empty if the certificate couldn't be verified.

Throws:

java.security.GeneralSecurityException - thrown if the certificate has expired, isn't valid yet, or if an exception has been thrown in Certificate#verify.