Example usage for com.itextpdf.text.pdf.security CertificateVerification verifyCertificates

List of usage examples for com.itextpdf.text.pdf.security CertificateVerification verifyCertificates

  1. HOME
  2. Java
  3. com.itextpdf
  4. com.itextpdf.text.pdf.security.*
  5. CertificateVerification
  6. verifyCertificates

Introduction

In this page you can find the example usage for com.itextpdf.text.pdf.security CertificateVerification verifyCertificates.

Prototype

public static List<VerificationException> verifyCertificates(Certificate certs[], KeyStore keystore,
        Calendar calendar)

Source Link

Document

Verifies a certificate chain against a KeyStore.

Usage

From source file:org.opencps.pki.BaseVerifier.java

License:Open Source License

/**
 * (non-Javadoc)/*from   w w w  .  j av  a2 s.c  o  m*/
 * @see org.opencps.pki.Signer#validateCertificate()
 */
@Override
public Boolean validateCertificate(X509Certificate cert, KeyStore ks) {
    try {
        List<VerificationException> errors = CertificateVerification
                .verifyCertificates(new Certificate[] { cert }, ks, Calendar.getInstance());
        if (errors.size() == 0) {
            CRL crl = CertificateUtil.getCRL(cert);
            if (crl != null) {
                return !crl.isRevoked(cert);
            }
            return true;
        } else {
            return false;
        }
    } catch (Exception e) {
        throw new RuntimeException(e.getMessage(), e);
    }
}

From source file:org.opencps.pki.PdfVerifier.java

License:Open Source License

/**
 * (non-Javadoc)//ww w .  jav a  2  s  .co  m
 * @throws SignatureException 
 * @see org.opencps.pki.Verifier#verifySignature()
 */
public Boolean verifySignature(InputStream inputStream, KeyStore ks) throws SignatureException {
    Boolean verified = false;
    try {
        PdfReader reader = new PdfReader(inputStream);
        AcroFields fields = reader.getAcroFields();
        ArrayList<String> names = fields.getSignatureNames();
        for (String name : names) {
            PdfPKCS7 pkcs7 = fields.verifySignature(name);
            if (pkcs7.verify()) {
                Certificate[] certs = pkcs7.getSignCertificateChain();
                Calendar cal = pkcs7.getSignDate();
                List<VerificationException> errors = CertificateVerification.verifyCertificates(certs, ks, cal);
                if (errors.size() == 0) {
                    X509Certificate signCert = (X509Certificate) certs[0];
                    X509Certificate issuerCert = (certs.length > 1 ? (X509Certificate) certs[1] : null);
                    verified = checkSignatureRevocation(pkcs7, signCert, issuerCert, cal.getTime())
                            && checkSignatureRevocation(pkcs7, signCert, issuerCert, new Date());
                }
            }
        }
        reader.close();
    } catch (Exception e) {
        throw new SignatureException(e.getMessage(), e);
    }
    return verified;
}