public boolean validate(byte[] signature, byte[] content, String algorithmURI, CriteriaSet trustBasisCriteria,
Credential candidateCredential) throws SecurityException {
checkParamsRaw(signature, content, algorithmURI, trustBasisCriteria);
CriteriaSet criteriaSet = new CriteriaSet();
criteriaSet.addAll(trustBasisCriteria);
if (!criteriaSet.contains(UsageCriteria.class)) {
criteriaSet.add(new UsageCriteria(UsageType.SIGNING));
}
String jcaAlgorithm = SecurityHelper.getKeyAlgorithmFromURI(algorithmURI);
if (!DatatypeHelper.isEmpty(jcaAlgorithm)) {
criteriaSet.add(new KeyAlgorithmCriteria(jcaAlgorithm), true);
}
Iterable<Credential> trustedCredentials = getCredentialResolver().resolve(criteriaSet);
// First try the optional supplied candidate credential