Class SignatureValidator
- java.lang.Object
-
- com.itextpdf.signatures.validation.SignatureValidator
-
public class SignatureValidator extends java.lang.ObjectValidator class, which is expected to be used for signatures validation.
-
-
Field Summary
Fields Modifier and Type Field Description (package private) static java.lang.StringADD_KNOWN_CERTIFICATES_FAILEDprivate static IBouncyCastleFactoryBOUNCY_CASTLE_FACTORYprivate ValidatorChainBuilderbuilder(package private) static java.lang.StringCANNOT_PARSE_CERT_FROM_DSS(package private) static java.lang.StringCANNOT_PARSE_CRL_FROM_DSS(package private) static java.lang.StringCANNOT_PARSE_OCSP_FROM_DSS(package private) static java.lang.StringCANNOT_VERIFY_SIGNATURE(package private) static java.lang.StringCANNOT_VERIFY_TIMESTAMPprivate CertificateChainValidatorcertificateChainValidatorprivate IssuingCertificateRetrievercertificateRetriever(package private) static java.lang.StringCHAIN_VALIDATION_FAILED(package private) static java.lang.StringDOCUMENT_IS_NOT_COVEREDprivate DocumentRevisionsValidatordocumentRevisionsValidatorprivate java.util.DatelastKnownPoEprivate IMetaInfometaInfoprivate PdfDocumentoriginalDocumentprivate SignatureValidationPropertiesproperties(package private) static java.lang.StringREVISIONS_RETRIEVAL_FAILED(package private) static java.lang.StringREVISIONS_VALIDATION_FAILED(package private) static java.lang.StringSIGNATURE_NOT_FOUND(package private) static java.lang.StringSIGNATURE_VERIFICATION(package private) static java.lang.StringTIMESTAMP_EXTRACTION_FAILED(package private) static java.lang.StringTIMESTAMP_VERIFICATION(package private) static java.lang.StringTIMESTAMP_VERIFICATION_FAILEDstatic java.lang.StringVALIDATING_SIGNATURE_NAME(package private) static java.lang.StringVALIDATION_PERFORMEDprivate ValidationContextvalidationContextprivate ValidationCrlClientvalidationCrlClientprivate ValidationOcspClientvalidationOcspClientprivate booleanvalidationPerformed
-
Constructor Summary
Constructors Modifier Constructor Description protectedSignatureValidator(PdfDocument originalDocument, ValidatorChainBuilder builder)Creates new instance ofSignatureValidator.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description private voidfindValidationClients()private java.util.List<java.security.cert.Certificate>getCertificatesFromDss(ValidationReport validationReport, PdfDocument document)private PdfPKCS7mathematicallyVerifySignature(ValidationReport validationReport, PdfDocument document)private voidreportResult(ValidationReport validationReport)private voidretrieveCrlResponsesFromDss(ValidationReport validationReport, ValidationContext context, PdfDocument document)private voidretrieveNotSignedRevocationInfoFromSignatureContainer(PdfPKCS7 pkcs7, ValidationContext validationContext)private voidretrieveOcspResponsesFromDss(ValidationReport validationReport, ValidationContext context, PdfDocument document)private voidretrieveSignedRevocationInfoFromSignatureContainer(PdfPKCS7 pkcs7, ValidationContext validationContext)SignatureValidatorsetEventCountingMetaInfo(IMetaInfo metaInfo)Sets theIMetaInfothat will be used during newPdfDocumentcreations.private booleanstopValidation(ValidationReport result, ValidationContext validationContext)private booleanupdateLastKnownPoE(ValidationReport tsValidationReport, ITSTInfo timeStampTokenInfo)private voidupdateValidationClients(PdfPKCS7 pkcs7, ValidationReport validationReport, ValidationContext validationContext, PdfDocument document)private ValidationReportvalidate(java.lang.String signatureName)private ValidationReportvalidateEmbeddedTimestamp(PdfPKCS7 pkcs7)(package private) ValidationReportvalidateLatestSignature(PdfDocument document)ValidationReportvalidateSignature(java.lang.String signatureName)Validate single signature in the document.ValidationReportvalidateSignatures()Validate all signatures in the document.private voidvalidateTimestampChain(ValidationReport validationReport, java.security.cert.Certificate[] knownCerts, java.security.cert.X509Certificate signingCert)
-
-
-
Field Detail
-
VALIDATING_SIGNATURE_NAME
public static final java.lang.String VALIDATING_SIGNATURE_NAME
- See Also:
- Constant Field Values
-
TIMESTAMP_VERIFICATION
static final java.lang.String TIMESTAMP_VERIFICATION
- See Also:
- Constant Field Values
-
SIGNATURE_VERIFICATION
static final java.lang.String SIGNATURE_VERIFICATION
- See Also:
- Constant Field Values
-
CANNOT_PARSE_CERT_FROM_DSS
static final java.lang.String CANNOT_PARSE_CERT_FROM_DSS
- See Also:
- Constant Field Values
-
CANNOT_PARSE_OCSP_FROM_DSS
static final java.lang.String CANNOT_PARSE_OCSP_FROM_DSS
- See Also:
- Constant Field Values
-
CANNOT_PARSE_CRL_FROM_DSS
static final java.lang.String CANNOT_PARSE_CRL_FROM_DSS
- See Also:
- Constant Field Values
-
CANNOT_VERIFY_SIGNATURE
static final java.lang.String CANNOT_VERIFY_SIGNATURE
- See Also:
- Constant Field Values
-
DOCUMENT_IS_NOT_COVERED
static final java.lang.String DOCUMENT_IS_NOT_COVERED
- See Also:
- Constant Field Values
-
CANNOT_VERIFY_TIMESTAMP
static final java.lang.String CANNOT_VERIFY_TIMESTAMP
- See Also:
- Constant Field Values
-
TIMESTAMP_VERIFICATION_FAILED
static final java.lang.String TIMESTAMP_VERIFICATION_FAILED
- See Also:
- Constant Field Values
-
REVISIONS_RETRIEVAL_FAILED
static final java.lang.String REVISIONS_RETRIEVAL_FAILED
- See Also:
- Constant Field Values
-
TIMESTAMP_EXTRACTION_FAILED
static final java.lang.String TIMESTAMP_EXTRACTION_FAILED
- See Also:
- Constant Field Values
-
CHAIN_VALIDATION_FAILED
static final java.lang.String CHAIN_VALIDATION_FAILED
- See Also:
- Constant Field Values
-
REVISIONS_VALIDATION_FAILED
static final java.lang.String REVISIONS_VALIDATION_FAILED
- See Also:
- Constant Field Values
-
ADD_KNOWN_CERTIFICATES_FAILED
static final java.lang.String ADD_KNOWN_CERTIFICATES_FAILED
- See Also:
- Constant Field Values
-
SIGNATURE_NOT_FOUND
static final java.lang.String SIGNATURE_NOT_FOUND
- See Also:
- Constant Field Values
-
VALIDATION_PERFORMED
static final java.lang.String VALIDATION_PERFORMED
- See Also:
- Constant Field Values
-
BOUNCY_CASTLE_FACTORY
private static final IBouncyCastleFactory BOUNCY_CASTLE_FACTORY
-
builder
private final ValidatorChainBuilder builder
-
validationContext
private ValidationContext validationContext
-
certificateChainValidator
private final CertificateChainValidator certificateChainValidator
-
documentRevisionsValidator
private final DocumentRevisionsValidator documentRevisionsValidator
-
certificateRetriever
private final IssuingCertificateRetriever certificateRetriever
-
properties
private final SignatureValidationProperties properties
-
lastKnownPoE
private java.util.Date lastKnownPoE
-
metaInfo
private IMetaInfo metaInfo
-
originalDocument
private final PdfDocument originalDocument
-
validationOcspClient
private ValidationOcspClient validationOcspClient
-
validationCrlClient
private ValidationCrlClient validationCrlClient
-
validationPerformed
private boolean validationPerformed
-
-
Constructor Detail
-
SignatureValidator
protected SignatureValidator(PdfDocument originalDocument, ValidatorChainBuilder builder)
Creates new instance ofSignatureValidator.- Parameters:
originalDocument-PdfDocumentinstance which will be validatedbuilder- seeValidatorChainBuilder
-
-
Method Detail
-
setEventCountingMetaInfo
public SignatureValidator setEventCountingMetaInfo(IMetaInfo metaInfo)
Sets theIMetaInfothat will be used during newPdfDocumentcreations.- Parameters:
metaInfo- meta info to set- Returns:
- the same
SignatureValidatorinstance
-
validateSignatures
public ValidationReport validateSignatures()
Validate all signatures in the document.- Returns:
ValidationReportwhich contains detailed validation results
-
validateSignature
public ValidationReport validateSignature(java.lang.String signatureName)
Validate single signature in the document.- Parameters:
signatureName- name of the signature to validate- Returns:
ValidationReportwhich contains detailed validation results.
-
validateLatestSignature
ValidationReport validateLatestSignature(PdfDocument document)
-
reportResult
private void reportResult(ValidationReport validationReport)
-
validate
private ValidationReport validate(java.lang.String signatureName)
-
findValidationClients
private void findValidationClients()
-
mathematicallyVerifySignature
private PdfPKCS7 mathematicallyVerifySignature(ValidationReport validationReport, PdfDocument document)
-
validateEmbeddedTimestamp
private ValidationReport validateEmbeddedTimestamp(PdfPKCS7 pkcs7)
-
validateTimestampChain
private void validateTimestampChain(ValidationReport validationReport, java.security.cert.Certificate[] knownCerts, java.security.cert.X509Certificate signingCert)
-
updateLastKnownPoE
private boolean updateLastKnownPoE(ValidationReport tsValidationReport, ITSTInfo timeStampTokenInfo)
-
updateValidationClients
private void updateValidationClients(PdfPKCS7 pkcs7, ValidationReport validationReport, ValidationContext validationContext, PdfDocument document)
-
retrieveSignedRevocationInfoFromSignatureContainer
private void retrieveSignedRevocationInfoFromSignatureContainer(PdfPKCS7 pkcs7, ValidationContext validationContext)
-
retrieveNotSignedRevocationInfoFromSignatureContainer
private void retrieveNotSignedRevocationInfoFromSignatureContainer(PdfPKCS7 pkcs7, ValidationContext validationContext)
-
retrieveOcspResponsesFromDss
private void retrieveOcspResponsesFromDss(ValidationReport validationReport, ValidationContext context, PdfDocument document)
-
retrieveCrlResponsesFromDss
private void retrieveCrlResponsesFromDss(ValidationReport validationReport, ValidationContext context, PdfDocument document)
-
getCertificatesFromDss
private java.util.List<java.security.cert.Certificate> getCertificatesFromDss(ValidationReport validationReport, PdfDocument document)
-
stopValidation
private boolean stopValidation(ValidationReport result, ValidationContext validationContext)
-
-