Package com.itextpdf.text.pdf.security
Class LtvVerification
java.lang.Object
com.itextpdf.text.pdf.security.LtvVerification
Add verification according to PAdES-LTV (part 4)
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionstatic enumCertificate inclusion in the DSS and VRI dictionaries in the CERT and CERTS keysstatic enumOptions for how many certificates to includestatic enumWhat type of verification to includeprivate static class -
Field Summary
FieldsModifier and TypeFieldDescriptionprivate AcroFieldsprivate Loggerprivate PdfReaderprivate PdfStamperprivate booleanprivate Map<PdfName, LtvVerification.ValidationData> private PdfWriter -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionbooleanaddVerification(String signatureName, OcspClient ocsp, CrlClient crl, LtvVerification.CertificateOption certOption, LtvVerification.Level level, LtvVerification.CertificateInclusion certInclude) Add verification for a particular signaturebooleanaddVerification(String signatureName, Collection<byte[]> ocsps, Collection<byte[]> crls, Collection<byte[]> certs) Alternative addVerification.private static byte[]buildOCSPResponse(byte[] BasicOCSPResponse) private voidprivate static voiddeleteOldReferences(PdfArray all, PdfArray toDelete) private X509CertificategetParent(X509Certificate cert, Certificate[] certs) Returns the issuing certificate for a child certificate.private PdfNamegetSignatureHashKey(String signatureName) private static byte[]hashBytesSha1(byte[] b) voidmerge()Merges the validation with any validation already in the document or creates a new one.private voidoutputDss(PdfDictionary dss, PdfDictionary vrim, PdfArray ocsps, PdfArray crls, PdfArray certs) private void
-
Field Details
-
LOGGER
-
stp
-
writer
-
reader
-
acroFields
-
validated
-
used
private boolean used
-
-
Constructor Details
-
LtvVerification
The verification constructor. This class should only be created with PdfStamper.getLtvVerification() otherwise the information will not be added to the Pdf.- Parameters:
stp- the PdfStamper to apply the validation to
-
-
Method Details
-
addVerification
public boolean addVerification(String signatureName, OcspClient ocsp, CrlClient crl, LtvVerification.CertificateOption certOption, LtvVerification.Level level, LtvVerification.CertificateInclusion certInclude) throws IOException, GeneralSecurityException Add verification for a particular signature- Parameters:
signatureName- the signature to validate (it may be a timestamp)ocsp- the interface to get the OCSPcrl- the interface to get the CRLcertOption-level- the validation options to includecertInclude-- Returns:
- true if a validation was generated, false otherwise
- Throws:
GeneralSecurityExceptionIOException
-
getParent
Returns the issuing certificate for a child certificate.- Parameters:
cert- the certificate for which we search the parentcerts- an array with certificates that contains the parent- Returns:
- the partent certificate
-
addVerification
public boolean addVerification(String signatureName, Collection<byte[]> ocsps, Collection<byte[]> crls, Collection<byte[]> certs) throws IOException, GeneralSecurityException Alternative addVerification. I assume that inputs are deduplicated.- Throws:
IOExceptionGeneralSecurityException
-
buildOCSPResponse
- Throws:
IOException
-
getSignatureHashKey
private PdfName getSignatureHashKey(String signatureName) throws NoSuchAlgorithmException, IOException - Throws:
NoSuchAlgorithmExceptionIOException
-
hashBytesSha1
- Throws:
NoSuchAlgorithmException
-
merge
Merges the validation with any validation already in the document or creates a new one.- Throws:
IOException
-
updateDss
- Throws:
IOException
-
deleteOldReferences
-
createDss
- Throws:
IOException
-
outputDss
private void outputDss(PdfDictionary dss, PdfDictionary vrim, PdfArray ocsps, PdfArray crls, PdfArray certs) throws IOException - Throws:
IOException
-