本文整理汇总了Java中java.security.cert.CertificateExpiredException类的典型用法代码示例。如果您正苦于以下问题:Java CertificateExpiredException类的具体用法?Java CertificateExpiredException怎么用?Java CertificateExpiredException使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
CertificateExpiredException类属于java.security.cert包,在下文中一共展示了CertificateExpiredException类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: getCertificateValidityString
import java.security.cert.CertificateExpiredException; //导入依赖的package包/类
public static String getCertificateValidityString(X509Certificate cert, Resources res) {
try {
cert.checkValidity();
} catch (CertificateExpiredException ce) {
return "EXPIRED: ";
} catch (CertificateNotYetValidException cny) {
return "NOT YET VALID: ";
}
Date certNotAfter = cert.getNotAfter();
Date now = new Date();
long timeLeft = certNotAfter.getTime() - now.getTime(); // Time left in ms
// More than 72h left, display days
// More than 3 months display months
if (timeLeft > 90l * 24 * 3600 * 1000) {
long months = getMonthsDifference(now, certNotAfter);
return res.getString(R.string.months_left, months);
} else if (timeLeft > 72 * 3600 * 1000) {
long days = timeLeft / (24 * 3600 * 1000);
return res.getString(R.string.days_left, days);
} else {
long hours = timeLeft / (3600 * 1000);
return res.getString(R.string.hours_left, hours);
}
}
示例2: verify
import java.security.cert.CertificateExpiredException; //导入依赖的package包/类
/**
* verify that the given certificate successfully handles and confirms
* the signature associated with this signer and, if a signingTime
* attribute is available, that the certificate was valid at the time the
* signature was generated.
* @deprecated use verify(ContentVerifierProvider)
*/
public boolean verify(
X509Certificate cert,
Provider sigProvider)
throws NoSuchAlgorithmException,
CertificateExpiredException, CertificateNotYetValidException,
CMSException
{
Time signingTime = getSigningTime();
if (signingTime != null)
{
cert.checkValidity(signingTime.getDate());
}
return doVerify(cert.getPublicKey(), sigProvider);
}
示例3: valid
import java.security.cert.CertificateExpiredException; //导入依赖的package包/类
/**
* Verify that that the passed time is within the validity period.
*
* @exception CertificateExpiredException if the certificate has expired
* with respect to the <code>Date</code> supplied.
* @exception CertificateNotYetValidException if the certificate is not
* yet valid with respect to the <code>Date</code> supplied.
*
*/
public void valid(Date now)
throws CertificateNotYetValidException, CertificateExpiredException {
/*
* we use the internal Dates rather than the passed in Date
* because someone could override the Date methods after()
* and before() to do something entirely different.
*/
if (notBefore.after(now)) {
throw new CertificateNotYetValidException("NotBefore: " +
notBefore.toString());
}
if (notAfter.before(now)) {
throw new CertificateExpiredException("NotAfter: " +
notAfter.toString());
}
}
示例4: valid
import java.security.cert.CertificateExpiredException; //导入依赖的package包/类
/**
* Verify that that the passed time is within the validity period.
*
* @exception CertificateExpiredException if the certificate has expired
* with respect to the <code>Date</code> supplied.
* @exception CertificateNotYetValidException if the certificate is not
* yet valid with respect to the <code>Date</code> supplied.
*
*/
public void valid(Date now)
throws CertificateNotYetValidException, CertificateExpiredException {
Objects.requireNonNull(now);
/*
* we use the internal Dates rather than the passed in Date
* because someone could override the Date methods after()
* and before() to do something entirely different.
*/
if (notBefore != null && notBefore.after(now)) {
throw new CertificateNotYetValidException("NotBefore: " +
notBefore.toString());
}
if (notAfter != null && notAfter.before(now)) {
throw new CertificateExpiredException("NotAfter: " +
notAfter.toString());
}
}
示例5: sign
import java.security.cert.CertificateExpiredException; //导入依赖的package包/类
@Test
public void sign() {
final DistinguishedName caName = dn("CN=CA-Test");
final RootCertificate ca = createSelfSignedCertificate(caName).build();
final CSR csr = createCsr().generateRequest(dn("CN=test"));
final X509Certificate cert = ca.signCsr(csr)
.setRandomSerialNumber()
.sign()
.getX509Certificate();
try {
cert.checkValidity();
} catch (CertificateExpiredException | CertificateNotYetValidException e) {
fail("Invalid certificate: " + e.toString());
}
assertEquals("CN=CA-Test", cert.getIssuerX500Principal().getName());
assertEquals("CN=test", cert.getSubjectX500Principal().getName());
assertEquals(csr.getPublicKey(), cert.getPublicKey());
}
示例6: test_generateSelfSignedX509CertificateV1
import java.security.cert.CertificateExpiredException; //导入依赖的package包/类
@Test
public void test_generateSelfSignedX509CertificateV1() throws NoSuchAlgorithmException, NoSuchProviderException, CertificateExpiredException, CertificateNotYetValidException, CertificateException, InvalidKeyException, SignatureException {
final DistinguishedName issuer = issuer();
final X500Principal principal = issuer.toX500Principal();
final KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(RSA.name(), BOUNCY_CASTLE);
final KeyPair keyPair = keyPairGenerator.generateKeyPair();
final SelfSignedX509V1CertRequest request = new SelfSignedX509V1CertRequest(
principal,
BigInteger.ONE,
Instant.now(),
Instant.ofEpochMilli(System.currentTimeMillis() + (10 * 1000)),
keyPair
);
log.info(String.format("request : %s", request));
final X509Certificate cert = certificateService.generateSelfSignedX509CertificateV1(request);
log.info(String.format("result.getSigAlgName() = %s, result.getVersion() = %s ", cert.getSigAlgName(), cert.getVersion()));
assertThat(cert.getVersion(), is(1));
cert.checkValidity();
assertThat(Arrays.areEqual(principal.getEncoded(), cert.getIssuerX500Principal().getEncoded()), is(true));
cert.verify(cert.getPublicKey());
}
示例7: checkCertificateValidity
import java.security.cert.CertificateExpiredException; //导入依赖的package包/类
@Override
public boolean checkCertificateValidity() {
X509Certificate sigCert = getCertSign();
X509Certificate encCert = getCertEnc();
if (null == sigCert || null == encCert) {
logger.error("Cannot obtain Certificates for validation");
// treat as invalid
return false;
}
Date now = new Date();
try {
sigCert.checkValidity(now);
encCert.checkValidity(now);
} catch (CertificateExpiredException | CertificateNotYetValidException e) {
// certificate not (yet) valid
return false;
}
return true;
}
示例8: verifySignature
import java.security.cert.CertificateExpiredException; //导入依赖的package包/类
public VerificationResultCode verifySignature(VerificationContext context) throws KSIException {
Date validAt = context.getSignature().getAggregationTime();
SignatureData signatureData = context.getCalendarAuthenticationRecord().getSignatureData();
Certificate certificate = context.getCertificate(signatureData.getCertificateId());
if (certificate instanceof X509Certificate) {
try {
((X509Certificate) certificate).checkValidity(validAt);
return VerificationResultCode.OK;
} catch (CertificateExpiredException | CertificateNotYetValidException e) {
LOGGER.info("Certificate id {} was not valid at the aggregation time {}",
Base16.encode(signatureData.getCertificateId()), validAt);
}
}
LOGGER.info("Unable to check certificate validity, id = {}", Base16.encode(signatureData.getCertificateId()));
return VerificationResultCode.FAIL;
}
示例9: isValidSigningCertificateChain
import java.security.cert.CertificateExpiredException; //导入依赖的package包/类
private boolean isValidSigningCertificateChain(X509Certificate[] signingCertificateChain) {
// Verify issuing chain
if (signingCertificateChain.length > 1) {
X500Principal expectedPrincipal = signingCertificateChain[0].getIssuerX500Principal();
for (int i = 1; i < signingCertificateChain.length; ++i) { // start at the direct issuer
X500Principal subject = signingCertificateChain[i].getSubjectX500Principal();
if (!subject.equals(expectedPrincipal)) {
LOG.error("Expecting: " + expectedPrincipal + " But found: " + subject);
return false;
}
expectedPrincipal = signingCertificateChain[i].getIssuerX500Principal();
}
}
// Check validity of the signing certificate;
try {
signingCertificateChain[0].checkValidity();
} catch (CertificateExpiredException | CertificateNotYetValidException e) {
LOG.error("Signing certificate was invalid!");
return false;
}
// All good
return true;
}
示例10: checkValidity
import java.security.cert.CertificateExpiredException; //导入依赖的package包/类
/**
* @see java.security.cert.X509Certificate#checkValidity()
* method documentation for more information.
*/
public void checkValidity() throws CertificateExpiredException,
CertificateNotYetValidException {
if (notBefore == -1) {
// retrieve and cache the value of validity period
notBefore = tbsCert.getValidity().getNotBefore().getTime();
notAfter = tbsCert.getValidity().getNotAfter().getTime();
}
long time = System.currentTimeMillis();
if (time < notBefore) {
throw new CertificateNotYetValidException();
}
if (time > notAfter) {
throw new CertificateExpiredException();
}
}
示例11: checkCertificatesValidity
import java.security.cert.CertificateExpiredException; //导入依赖的package包/类
private void checkCertificatesValidity(KeyStore keyStore) throws KeyStoreException {
if (ROOT_LOGGER.isEnabled(Logger.Level.WARN)) {
Enumeration<String> aliases = keyStore.aliases();
while (aliases.hasMoreElements()) {
String alias = aliases.nextElement();
Certificate certificate = keyStore.getCertificate(alias);
if (certificate != null && certificate instanceof X509Certificate) {
try {
((X509Certificate) certificate).checkValidity();
} catch (CertificateExpiredException | CertificateNotYetValidException e) {
ROOT_LOGGER.certificateNotValid(alias, e);
}
}
}
}
}
示例12: getKeyStoreManager
import java.security.cert.CertificateExpiredException; //导入依赖的package包/类
/**
* Gets a keystore manager for a given hostname
* Creates one/key if it does not already exist
* @param hostname
* @return
* @throws Exception
*/
public static KeyStoreManager getKeyStoreManager(String hostname) throws Exception {
File root = getKeyStoreRoot(hostname);
// create entry
KeyStoreManager keyStoreManager = new KeyStoreManager(root);
// under the hood this will generate the cert if it doesn't exist
keyStoreManager.getCertificateByHostname(hostname);
// use this since getCertificateByHostname always returns null, but hostname == alias for our purpose
X509Certificate cert = keyStoreManager.getCertificateByAlias(hostname);
try {
cert.checkValidity();
} catch (CertificateExpiredException cee) {
// if the cert is expired we should destroy it and recursively call this function
keyStoreManager = null;
FileUtils.deleteDirectory(root);
return getKeyStoreManager(hostname);
}
return keyStoreManager;
}
示例13: checkValidity
import java.security.cert.CertificateExpiredException; //导入依赖的package包/类
/**
* @see X509Certificate#checkValidity()
* method documentation for more information.
*/
public void checkValidity() throws CertificateExpiredException,
CertificateNotYetValidException {
if (notBefore == -1) {
// retrieve and cache the value of validity period
notBefore = tbsCert.getValidity().getNotBefore().getTime();
notAfter = tbsCert.getValidity().getNotAfter().getTime();
}
long time = System.currentTimeMillis();
if (time < notBefore) {
throw new CertificateNotYetValidException();
}
if (time > notAfter) {
throw new CertificateExpiredException();
}
}
示例14: checkServerTrusted
import java.security.cert.CertificateExpiredException; //导入依赖的package包/类
public void checkServerTrusted(X509Certificate[] certificates,
String authType) throws CertificateException {
try {
if ((certificates != null) && (certificates.length == 1)) {
certificates[0].checkValidity();
} else {
mStandardTrustManager
.checkServerTrusted(certificates, authType);
}
} catch (CertificateException e) {
if (e.getCause() instanceof CertPathValidatorException
|| e instanceof CertificateExpiredException) {
return;
}
throw e;
}
}
示例15: checkValidity
import java.security.cert.CertificateExpiredException; //导入依赖的package包/类
@Override
public void checkValidity() throws CertificateExpiredException,
CertificateNotYetValidException {
if (!this.valid) {
throw new CertificateExpiredException();
}
}