Package com.itextpdf.signatures.validation

Class CRLValidator

  • public class CRLValidator
extends java.lang.Object
    Class that allows you to validate a certificate against a Certificate Revocation List (CRL) Response.

    • Method Detail

      • validate

        public void validate​(ValidationReport report,
                     ValidationContext context,
                     java.security.cert.X509Certificate certificate,
                     java.security.cert.X509CRL crl,
                     java.util.Date validationDate,
                     java.util.Date responseGenerationDate)
        Validates a certificate against Certificate Revocation List (CRL) Responses.
        Parameters:
        report - to store all the chain verification results
        context - the context in which to perform the validation
        certificate - the certificate to check against CRL response
        crl - the crl response to be validated
        validationDate - validation date to check for
        responseGenerationDate - trusted date at which response is generated

      • verifyRevocation

        private static void verifyRevocation​(ValidationReport report,
                                     java.security.cert.X509Certificate certificate,
                                     java.util.Date verificationDate,
                                     java.security.cert.X509CRL crl)

      • getIssuingDistributionPointExtension

        private static IIssuingDistributionPoint getIssuingDistributionPointExtension​(java.security.cert.X509CRL crl)

      • getExpiredCertsOnCRLExtensionDate

        private static java.util.Date getExpiredCertsOnCRLExtensionDate​(java.security.cert.X509CRL crl)

      • verifyCrlIntegrity

        private void verifyCrlIntegrity​(ValidationReport report,
                                ValidationContext context,
                                java.security.cert.X509Certificate certificate,
                                java.security.cert.X509CRL crl,
                                java.util.Date responseGenerationDate)

      • getRoots

        private java.util.List<java.security.cert.X509Certificate> getRoots​(java.security.cert.Certificate cert)