is PdfPKCS7.loadCacertsKeyStore() deprecated

1.3k views Asked by At

Is the PdfPKCS7.loadCacertsKeyStore() deprecated in the last iText version 5.5.6?

It seems yes, so my question is how to verify the authenticity of the certificate and the certificate chain without using load then apply PdfPKCS7.verifyCertificates like we did before?

Any new sample code?

Best regards

Jamil

1

There are 1 answers

0
mkl On

You ask whether PdfPKCS7.loadCacertsKeyStore() is deprecated in the last iText version 5.5.6. Actually that method has been removed already three years ago in version 5.3.0; back then the whole iText signature API had been overhauled.

For a documentation on the current iText signature API read the white paper Digital Signatures for PDF Documents.

This white paper also contains many code samples, e.g. in section 5.3 Validating the certificates of a signature you can find Code sample 5.5: Verifying certificates:

Certificate[] certs = pkcs7.getSignCertificateChain();
Calendar cal = pkcs7.getSignDate();

List<VerificationException> errors =
    CertificateVerification.verifyCertificates(certs, ks, cal);

if (errors.size() == 0)
    System.out.println("Certificates verified against the KeyStore");
else
    System.out.println(errors);