Package com.itextpdf.signatures.validation

Class CertificateChainValidator

  • public class CertificateChainValidator
extends java.lang.Object
    Validator class, which is expected to be used for certificates chain validation.

    • Method Detail

      • validateCertificate

        public ValidationReport validateCertificate​(ValidationContext context,
                                            java.security.cert.X509Certificate certificate,
                                            java.util.Date validationDate)
        Validate given certificate using provided validation date and required extensions.
        Parameters:
        context - the validation context in which to validate the certificate chain
        certificate - X509Certificate to be validated
        validationDate - Date against which certificate is expected to be validated. Usually signing date
        Returns:
        ValidationReport which contains detailed validation results.

      • validate

        public ValidationReport validate​(ValidationReport result,
                                 ValidationContext context,
                                 java.security.cert.X509Certificate certificate,
                                 java.util.Date validationDate)
        Validate given certificate using provided validation date and required extensions. Result is added into provided report.
        Parameters:
        result - ValidationReport which is populated with detailed validation results
        context - the context in which to perform the validation
        certificate - X509Certificate to be validated
        validationDate - Date against which certificate is expected to be validated. Usually signing date
        Returns:
        ValidationReport which contains both provided and new validation results.

      • checkIfCertIsTrusted

        private boolean checkIfCertIsTrusted​(ValidationReport result,
                                     ValidationContext context,
                                     java.security.cert.X509Certificate certificate)

      • validateValidityPeriod

        private void validateValidityPeriod​(ValidationReport result,
                                    java.security.cert.X509Certificate certificate,
                                    java.util.Date validationDate)

      • validateRequiredExtensions

        private void validateRequiredExtensions​(ValidationReport result,
                                        ValidationContext context,
                                        java.security.cert.X509Certificate certificate,
                                        int certificateChainSize)

      • validateRevocationData

        private void validateRevocationData​(ValidationReport report,
                                    ValidationContext context,
                                    java.security.cert.X509Certificate certificate,
                                    java.util.Date validationDate)

      • validateChain

        private void validateChain​(ValidationReport result,
                           ValidationContext context,
                           java.security.cert.X509Certificate certificate,
                           java.util.Date validationDate,
                           int certificateChainSize)