public class

VerificationOptions

extends Object
java.lang.Object
   ↳ com.pdftron.pdf.VerificationOptions

Class Overview

Options pertaining to digital signature verification.

Summary

Nested Classes
enum VerificationOptions.SecurityLevel  
enum VerificationOptions.TimeMode  
Public Constructors
VerificationOptions(long impl_ptr)
VerificationOptions(VerificationOptions.SecurityLevel in_level)
Constructs a set of options for digital signature verification.
Public Methods
long __GetHandle()
void addTrustedCertificate(byte[] in_certificate_data)
Adds a certificate to the store of trusted certificates inside this options object.
void addTrustedCertificate(String in_filepath)
Adds a certificate to the store of trusted certificates inside this options object, by loading it from a file.
void addTrustedCertificates(byte[] in_P7C_binary_DER_certificates_file_data)
Bulk trust list loading API.
void destroy()
Frees the native memory of the object.
void enableDigestVerification(boolean in_on_or_off)
Sets a flag that can turn on or off the verification of the digest (cryptographic hash) component of a digital signature.
void enableModificationVerification(boolean in_on_or_off)
Sets a flag that can turn on or off the verification of the permissibility of any modifications made to the document after the signing of the digital signature being verified, in terms of the document and field permissions specified by the digital signature being verified.
void enableOnlineCRLRevocationChecking(boolean in_on_or_off)
Enables/disables online CRL revocation checking.
void enableOnlineOCSPRevocationChecking(boolean in_on_or_off)
Enables/disables online OCSP revocation checking.
void enableOnlineRevocationChecking(boolean in_on_or_off)
Enables/disables all online revocation checking modes.
void enableTrustVerification(boolean in_on_or_off)
Sets a flag that can turn on or off the verification of the trust status of a digital signature.
[Expand]
Inherited Methods
From class java.lang.Object

Public Constructors

public VerificationOptions (long impl_ptr)

public VerificationOptions (VerificationOptions.SecurityLevel in_level)

Constructs a set of options for digital signature verification.

Parameters
in_level -- the general security level to use. Sets other security settings internally.

Public Methods

public long __GetHandle ()

public void addTrustedCertificate (byte[] in_certificate_data)

Adds a certificate to the store of trusted certificates inside this options object.

Parameters
in_certificate_data -- a buffer consisting of the data of an X.509 public-key certificate encoded in binary DER (Distinguished Encoding Rules) format, or in PEM (appropriate Privacy-Enhanced Mail header+Base64 encoded DER+appropriate footer) format

public void addTrustedCertificate (String in_filepath)

Adds a certificate to the store of trusted certificates inside this options object, by loading it from a file.

Parameters
in_filepath -- a path to a file containing the data of an X.509 public-key certificate encoded in binary DER (Distinguished Encoding Rules) format, or in PEM (appropriate Privacy-Enhanced Mail header+Base64 encoded DER+appropriate footer) format

public void addTrustedCertificates (byte[] in_P7C_binary_DER_certificates_file_data)

Bulk trust list loading API. Attempts to decode the input data as binary DER and trust multiple trusted root certificates from it. Compatible with Acrobat's .P7C format, which is a variation on PKCS #7/CMS that only contains certificates (i.e. no CRLs, no signature, etc.). If a certificate cannot be decoded, this is ignored and an attempt is made to decode the next certificate.

Parameters
in_P7C_binary_DER_certificates_file_data -- the P7C-format bulk certificate data, encoded in binary DER \(Distinguished Encoding Rules\).

public void destroy ()

Frees the native memory of the object. This can be explicity called to control the deallocation of native memory and avoid situations where the garbage collector does not free the object in a timely manner.

public void enableDigestVerification (boolean in_on_or_off)

Sets a flag that can turn on or off the verification of the digest (cryptographic hash) component of a digital signature.

Parameters
in_on_or_off -- A boolean.

public void enableModificationVerification (boolean in_on_or_off)

Sets a flag that can turn on or off the verification of the permissibility of any modifications made to the document after the signing of the digital signature being verified, in terms of the document and field permissions specified by the digital signature being verified.

Parameters
in_on_or_off -- A boolean.

public void enableOnlineCRLRevocationChecking (boolean in_on_or_off)

Enables/disables online CRL revocation checking. The default setting is for it to be turned off, but this may change in future versions.

Parameters
in_on_or_off -- what setting to use

public void enableOnlineOCSPRevocationChecking (boolean in_on_or_off)

Enables/disables online OCSP revocation checking. The default setting is for it to be turned on.

Parameters
in_on_or_off -- what setting to use

public void enableOnlineRevocationChecking (boolean in_on_or_off)

Enables/disables all online revocation checking modes. The default settings are that online OCSP is turned on and online CRL is turned off, but the default CRL setting may change in future versions.

Parameters
in_on_or_off -- what setting to use.

public void enableTrustVerification (boolean in_on_or_off)

Sets a flag that can turn on or off the verification of the trust status of a digital signature.

Parameters
in_on_or_off -- A boolean.