Support LOTL trusted store during validation

DEVSIX-9241

Author: Eugene Bochilo

sharpenConfiguration.xml

@@ -466,9 +466,9 @@
             </fileset>
             <!-- sign -->
             <fileset reason="XML validation is different in .NET">
-                <file path="com/itextpdf/signatures/validation/XmlValidationUtils.java" />
-                <file path="com/itextpdf/signatures/validation/CertificateSelector.java" />
-                <file path="com/itextpdf/signatures/validation/xml/XmlSaxProcessor.java" />
+                <file path="com/itextpdf/signatures/validation/lotl/XmlValidationUtils.java" />
+                <file path="com/itextpdf/signatures/validation/lotl/CertificateSelector.java" />
+                <file path="com/itextpdf/signatures/validation/lotl/xml/XmlSaxProcessor.java" />
             </fileset>
             <file path="com/itextpdf/signatures/ProviderDigest.java"/>
             <fileset reason="ProviderDigest class exists only on Java.">
@@ -542,7 +542,7 @@
                 <file path="com/itextpdf/signatures/testutils/report/xml/XmlReportTestTool.java"/>
             </fileset>
             <fileset reason="LocalDateTime and DateTime have different constructors and parsing">
-                <file path="com/itextpdf/signatures/validation/ServiceStatusInfo.java"/>
+                <file path="com/itextpdf/signatures/validation/lotl/ServiceStatusInfo.java"/>
             </fileset>
             <!-- jsoup -->
             <file path="com/itextpdf/styledxmlparser/jsoup/PortUtil.java" />

sign/src/main/java/com/itextpdf/signatures/validation/CertificateChainValidator.java

@@ -29,6 +29,7 @@ This file is part of the iText (R) project.
 import com.itextpdf.signatures.validation.context.ValidatorContext;
 import com.itextpdf.signatures.validation.extensions.CertificateExtension;
 import com.itextpdf.signatures.validation.extensions.DynamicCertificateExtension;
+import com.itextpdf.signatures.validation.lotl.LOTLTrustedStore;
 import com.itextpdf.signatures.validation.report.CertificateReportItem;
 import com.itextpdf.signatures.validation.report.ValidationReport;
 import com.itextpdf.signatures.validation.report.ReportItem.ReportItemStatus;
@@ -48,7 +49,6 @@ This file is part of the iText (R) project.
  * Validator class, which is expected to be used for certificates chain validation.
  */
 public class CertificateChainValidator {
-
     private final SignatureValidationProperties properties;
     private final IssuingCertificateRetriever certificateRetriever;
     private final RevocationDataValidator revocationDataValidator;
@@ -151,8 +151,13 @@ private ValidationReport validate(ValidationReport result, ValidationContext con
 
     private boolean checkIfCertIsTrusted(ValidationReport result, ValidationContext context,
             X509Certificate certificate, Date validationDate) {
-        return certificateRetriever.getTrustedCertificatesStore().checkIfCertIsTrusted(result, context, certificate)
-                || lotlTrustedStore.checkIfCertIsTrusted(result, context, certificate, validationDate);
+        if (certificateRetriever.getTrustedCertificatesStore().checkIfCertIsTrusted(result, context, certificate)) {
+            return true;
+        }
+        if (lotlTrustedStore == null) {
+            return false;
+        }
+        return lotlTrustedStore.checkIfCertIsTrusted(result, context, certificate, validationDate);
     }
 
     private boolean stopValidation(ValidationReport result, ValidationContext context) {