com.qoppa.pdf

Class SignatureSettings

java.lang.Object

com.qoppa.pdf.SignatureSettings

public class SignatureSettings
extends Object

This class manages the certificates that are used to verify digital signatures.

Author:

Qoppa Software

Method Summary

Methods

Modifier and Type	Method and Description
static void	addKeyStore(KeyStore keystore) Adds any X509 certificates found in a key store to the trusted certificate list to be used when verifying digital signatures.
static void	addX509Certificate(X509Certificate certificate) Adds a X509 certificate to the trusted certificate list to be used when verifying digital signatures.
static Hashtable	getCaCerts() This method returns a hashtable of most-trusted CA certificates from the JDK keyed by the unique identifier of the X509Certificate that is returned from SignatureSettings.getUniqueIdentifier(X509Certificate)
static Hashtable	getTrustedCertificates() This method returns a hashtable of trusted certificates keyed by the unique identifier of the X509Certificate that is returned from SignatureSettings.getUniqueIdentifier(X509Certificate)
static String	getUniqueIdentifier(X509Certificate certificate) Returns a unique identifier for a certificate.
static boolean	isCaCertsEnabled() The CaCertsEnabled flag determines whether or not the certificates in cacerts from the current JRE will be added to the trusted certificate cache used to verify digital signatures.
static boolean	isOSCertsEnabled() The OSCertsEnabled flag determines whether or not the certificates in the operating system (Windows or Mac) trusted certificates will be added to the trusted certificate cache used to verify digital signatures.
static KeyStore	loadCaKeyStore() Loads the JDK CA KeyStore.
static KeyStore	loadOSKeyStore() Loads the OS KeyStore (if the OS is Windows or Mac).
static void	reloadTrustedCertificates() This method clears the trusted certificate list and reloads the trusted certificates.
static void	setCaCertsEnabled(boolean enabled) The CaCertsEnabled flag determines whether or not the certificates in cacerts from the current JRE will be added to the trusted certificate cache used to verify digital signatures.
static void	setOSCertsEnabled(boolean enabled) The OSCertsEnabled flag determines whether or not the certificates in the OS trusted certificates will be added to the trusted certificate cache used to verify digital signatures.

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

setCaCertsEnabled

public static void setCaCertsEnabled(boolean enabled)

The CaCertsEnabled flag determines whether or not the certificates in cacerts from the current JRE will be added to the trusted certificate cache used to verify digital signatures. Changing the value of this flag will cause the certificates to be reloaded.

Parameters:

enabled - New value of the flag

isCaCertsEnabled

public static boolean isCaCertsEnabled()

The CaCertsEnabled flag determines whether or not the certificates in cacerts from the current JRE will be added to the trusted certificate cache used to verify digital signatures.

setOSCertsEnabled

public static void setOSCertsEnabled(boolean enabled)

The OSCertsEnabled flag determines whether or not the certificates in the OS trusted certificates will be added to the trusted certificate cache used to verify digital signatures. Changing the value of this flag will cause the certificates to be reloaded.

Parameters:

enabled - New value of the flag

isOSCertsEnabled

public static boolean isOSCertsEnabled()

The OSCertsEnabled flag determines whether or not the certificates in the operating system (Windows or Mac) trusted certificates will be added to the trusted certificate cache used to verify digital signatures.

addX509Certificate

public static void addX509Certificate(X509Certificate certificate)

Adds a X509 certificate to the trusted certificate list to be used when verifying digital signatures. If certificates need to be removed from the trusted certificate list, reload the trusted certificates.

Parameters:

certificate - the certificate to add to the trusted certificate list

addKeyStore

public static void addKeyStore(KeyStore keystore)
                        throws KeyStoreException

Adds any X509 certificates found in a key store to the trusted certificate list to be used when verifying digital signatures. If certificates need to be removed from the trusted certificate cache, reload the trusted certificates.

Parameters:

keystore - The key store object holding the certificates that will be added to the trusted list.

Throws:

KeyStoreException

reloadTrustedCertificates

public static void reloadTrustedCertificates()

This method clears the trusted certificate list and reloads the trusted certificates.

getTrustedCertificates

public static Hashtable getTrustedCertificates()

This method returns a hashtable of trusted certificates keyed by the unique identifier of the X509Certificate that is returned from SignatureSettings.getUniqueIdentifier(X509Certificate)

Returns:

Hashtable The trusted certificate table keyed by the unique identifier of the X509Certificate

getCaCerts

public static Hashtable getCaCerts()

This method returns a hashtable of most-trusted CA certificates from the JDK keyed by the unique identifier of the X509Certificate that is returned from SignatureSettings.getUniqueIdentifier(X509Certificate)

Returns:

Hashtable The most-trusted CA certificate table keyed by the unique identifier of the X509Certificate

loadCaKeyStore

public static KeyStore loadCaKeyStore()

Loads the JDK CA KeyStore.

Returns:

the JDK CA KeyStore.

loadOSKeyStore

public static KeyStore loadOSKeyStore()

Loads the OS KeyStore (if the OS is Windows or Mac).

Returns:

the Windows KeyStore or null if the OS is not Windows or Mac.

getUniqueIdentifier

public static String getUniqueIdentifier(X509Certificate certificate)

Returns a unique identifier for a certificate.

Parameters:

certificate -

Returns:

unique identifier for a certificate