Package com.itextpdf.text.pdf.security

Class LtvVerification

  • public class LtvVerification
extends java.lang.Object
    Add verification according to PAdES-LTV (part 4)

    • Constructor Detail

      • LtvVerification

        public LtvVerification​(PdfStamper stp)
        The verification constructor. This class should only be created with PdfStamper.getLtvVerification() otherwise the information will not be added to the Pdf.
        Parameters:
        stp - the PdfStamper to apply the validation to

    • Method Detail

      • addVerification

        public boolean addVerification​(java.lang.String signatureName,
                               OcspClient ocsp,
                               CrlClient crl,
                               LtvVerification.CertificateOption certOption,
                               LtvVerification.Level level,
                               LtvVerification.CertificateInclusion certInclude)
                        throws java.io.IOException,
                               java.security.GeneralSecurityException
        Add verification for a particular signature
        Parameters:
        signatureName - the signature to validate (it may be a timestamp)
        ocsp - the interface to get the OCSP
        crl - the interface to get the CRL
        certOption -
        level - the validation options to include
        certInclude -
        Returns:
        true if a validation was generated, false otherwise
        Throws:
        java.security.GeneralSecurityException
        java.io.IOException

      • getParent

        private java.security.cert.X509Certificate getParent​(java.security.cert.X509Certificate cert,
                                                     java.security.cert.Certificate[] certs)
        Returns the issuing certificate for a child certificate.
        Parameters:
        cert - the certificate for which we search the parent
        certs - an array with certificates that contains the parent
        Returns:
        the partent certificate

      • addVerification

        public boolean addVerification​(java.lang.String signatureName,
                               java.util.Collection<byte[]> ocsps,
                               java.util.Collection<byte[]> crls,
                               java.util.Collection<byte[]> certs)
                        throws java.io.IOException,
                               java.security.GeneralSecurityException
        Alternative addVerification. I assume that inputs are deduplicated.
        Throws:
        java.io.IOException
        java.security.GeneralSecurityException

      • buildOCSPResponse

        private static byte[] buildOCSPResponse​(byte[] BasicOCSPResponse)
                                 throws java.io.IOException
        Throws:
        java.io.IOException

      • getSignatureHashKey

        private PdfName getSignatureHashKey​(java.lang.String signatureName)
                             throws java.security.NoSuchAlgorithmException,
                                    java.io.IOException
        Throws:
        java.security.NoSuchAlgorithmException
        java.io.IOException

      • hashBytesSha1

        private static byte[] hashBytesSha1​(byte[] b)
                             throws java.security.NoSuchAlgorithmException
        Throws:
        java.security.NoSuchAlgorithmException

      • merge

        public void merge()
           throws java.io.IOException
        Merges the validation with any validation already in the document or creates a new one.
        Throws:
        java.io.IOException

      • updateDss

        private void updateDss()
                throws java.io.IOException
        Throws:
        java.io.IOException

      • deleteOldReferences

        private static void deleteOldReferences​(PdfArray all,
                                        PdfArray toDelete)

      • createDss

        private void createDss()
                throws java.io.IOException
        Throws:
        java.io.IOException