當前位置: 首頁>>代碼示例>>Java>>正文

Java X509Certificate.checkValidity方法代碼示例

本文整理匯總了Java中java.security.cert.X509Certificate.checkValidity方法的典型用法代碼示例。如果您正苦於以下問題:Java X509Certificate.checkValidity方法的具體用法?Java X509Certificate.checkValidity怎麽用?Java X509Certificate.checkValidity使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在java.security.cert.X509Certificate的用法示例。


在下文中一共展示了X509Certificate.checkValidity方法的15個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Java代碼示例。

示例1: validate

import java.security.cert.X509Certificate; //導入方法依賴的package包/類
/**
 * Validate the X509Certificate received.
 *
 * @param cert the cert
 * @throws GeneralSecurityException the general security exception
 */
private void validate(final X509Certificate cert) throws GeneralSecurityException {
    cert.checkValidity();
    this.revocationChecker.check(cert);

    final int pathLength = cert.getBasicConstraints();
    if (pathLength < 0) {
        if (!isCertificateAllowed(cert)) {
            throw new FailedLoginException(
                    "Certificate subject does not match pattern " + this.regExSubjectDnPattern.pattern());
        }
        if (this.checkKeyUsage && !isValidKeyUsage(cert)) {
            throw new FailedLoginException(
                    "Certificate keyUsage constraint forbids SSL client authentication.");
        }
    } else {
        // Check pathLength for CA cert
        if (pathLength == Integer.MAX_VALUE && !this.maxPathLengthAllowUnspecified) {
            throw new FailedLoginException("Unlimited certificate path length not allowed by configuration.");
        } else if (pathLength > this.maxPathLength && pathLength < Integer.MAX_VALUE) {
            throw new FailedLoginException(String.format(
                    "Certificate path length %s exceeds maximum value %s.", pathLength, this.maxPathLength));
        }
    }
}
開發者ID:hsj-xiaokang,項目名稱:springboot-shiro-cas-mybatis,代碼行數:31,代碼來源:X509CredentialsAuthenticationHandler.java

示例2: verifyCertificate

import java.security.cert.X509Certificate; //導入方法依賴的package包/類
/**
	 * 檢查證書鏈
	 * 
	 * @param rootCerts
	 *            根證書
	 * @param cert
	 *            待驗證的證書
	 * @return
	 */
	public static boolean verifyCertificate(X509Certificate cert) {
		
		if ( null == cert) {
			LogUtil.writeErrorLog("cert must Not null");
			return false;
		}
		try {
			cert.checkValidity();//驗證有效期
//			cert.verify(middleCert.getPublicKey());
			if(!verifyCertificateChain(cert)){
				return false;
			}
		} catch (Exception e) {
			LogUtil.writeErrorLog("verifyCertificate fail", e);
			return false;
		}
		
		if(SDKConfig.getConfig().isIfValidateCNName()){
			// 驗證公鑰是否屬於銀聯
			if(!UNIONPAY_CNNAME.equals(CertUtil.getIdentitiesFromCertficate(cert))) {
				LogUtil.writeErrorLog("cer owner is not CUP:" + CertUtil.getIdentitiesFromCertficate(cert));
				return false;
			}
		} else {
			// 驗證公鑰是否屬於銀聯
			if(!UNIONPAY_CNNAME.equals(CertUtil.getIdentitiesFromCertficate(cert)) 
					&& !"00040000:SIGN".equals(CertUtil.getIdentitiesFromCertficate(cert))) {
				LogUtil.writeErrorLog("cer owner is not CUP:" + CertUtil.getIdentitiesFromCertficate(cert));
				return false;
			}
		}
		return true;		
	}
開發者ID:Javen205,項目名稱:IJPay,代碼行數:43,代碼來源:CertUtil.java

示例3: verifyCertificate

import java.security.cert.X509Certificate; //導入方法依賴的package包/類
/**
	 * 檢查證書鏈
	 *
	 * @param cert
	 *            待驗證的證書
	 * @return
	 */
	public static boolean verifyCertificate(X509Certificate cert) {
		
		if ( null == cert) {
			log.error("cert must Not null");
			return false;
		}
		try {
			cert.checkValidity();//驗證有效期
//			cert.verify(middleCert.getPublicKey());
			if(!verifyCertificateChain(cert)){
				return false;
			}
		} catch (Exception e) {
			log.error("verifyCertificate fail", e);
			return false;
		}
		
		if(SDKConfig.getConfig().isIfValidateCNName()){
			// 驗證公鑰是否屬於銀聯
			if(!UNIONPAY_CNNAME.equals(CertUtil.getIdentitiesFromCertficate(cert))) {
				log.error("cer owner is not CUP:" + CertUtil.getIdentitiesFromCertficate(cert));
				return false;
			}
		} else {
			// 驗證公鑰是否屬於銀聯
			if(!UNIONPAY_CNNAME.equals(CertUtil.getIdentitiesFromCertficate(cert)) 
					&& !"00040000:SIGN".equals(CertUtil.getIdentitiesFromCertficate(cert))) {
				log.error("cer owner is not CUP:" + CertUtil.getIdentitiesFromCertficate(cert));
				return false;
			}
		}
		return true;		
	}
開發者ID:howe,項目名稱:nutz-pay,代碼行數:41,代碼來源:CertUtil.java

示例4: verify

import java.security.cert.X509Certificate; //導入方法依賴的package包/類
/**
 * verify that the given certificate successfully handles and confirms
 * the signature associated with this signer and, if a signingTime
 * attribute is available, that the certificate was valid at the time the
 * signature was generated.
 * @deprecated use verify(ContentVerifierProvider)
 */
public boolean verify(
    X509Certificate cert,
    Provider        sigProvider)
    throws NoSuchAlgorithmException,
        CertificateExpiredException, CertificateNotYetValidException,
        CMSException
{
    Time signingTime = getSigningTime();
    if (signingTime != null)
    {
        cert.checkValidity(signingTime.getDate());
    }

    return doVerify(cert.getPublicKey(), sigProvider); 
}
開發者ID:Appdome,項目名稱:ipack,代碼行數:23,代碼來源:SignerInformation.java

示例5: getCertificateValidityString

import java.security.cert.X509Certificate; //導入方法依賴的package包/類
public static String getCertificateValidityString(X509Certificate cert, Resources res) {
    try {
        cert.checkValidity();
    } catch (CertificateExpiredException ce) {
        return "EXPIRED: ";
    } catch (CertificateNotYetValidException cny) {
        return "NOT YET VALID: ";
    }
    Date certNotAfter = cert.getNotAfter();
    Date now = new Date();
    long timeLeft = certNotAfter.getTime() - now.getTime(); // Time left in ms
    // More than 72h left, display days
    // More than 3 months display months
    if (timeLeft > 90l * 24 * 3600 * 1000) {
        long months = getMonthsDifference(now, certNotAfter);
        return res.getString(R.string.months_left, months);
    } else if (timeLeft > 72 * 3600 * 1000) {
        long days = timeLeft / (24 * 3600 * 1000);
        return res.getString(R.string.days_left, days);
    } else {
        long hours = timeLeft / (3600 * 1000);
        return res.getString(R.string.hours_left, hours);
    }
}
開發者ID:akashdeepsingh9988,項目名稱:Cybernet-VPN,代碼行數:25,代碼來源:X509Utils.java

示例6: isValid

import java.security.cert.X509Certificate; //導入方法依賴的package包/類
public boolean isValid ()
{
    for ( final X509Certificate cert : this.certificates )
    {
        try
        {
            cert.checkValidity ();
            return true;
        }
        catch ( final Exception e )
        {
        }

    }
    return false;
}
開發者ID:eclipse,項目名稱:neoscada,代碼行數:17,代碼來源:X509CA.java

示例7: validate

import java.security.cert.X509Certificate; //導入方法依賴的package包/類
private void validate(final X509Certificate cert) throws GeneralSecurityException {
    cert.checkValidity();
    this.revocationChecker.check(cert);

    int pathLength = cert.getBasicConstraints();
    if (pathLength < 0) {
        if (!isCertificateAllowed(cert)) {
            throw new FailedLoginException(
                    "Certificate subject does not match pattern " + this.regExSubjectDnPattern.pattern());
        }
        if (this.checkKeyUsage && !isValidKeyUsage(cert)) {
            throw new FailedLoginException(
                    "Certificate keyUsage constraint forbids SSL client authentication.");
        }
    } else {
        // Check pathLength for CA cert
        if (pathLength == Integer.MAX_VALUE && this.maxPathLengthAllowUnspecified != true) {
            throw new FailedLoginException("Unlimited certificate path length not allowed by configuration.");
        } else if (pathLength > this.maxPathLength && pathLength < Integer.MAX_VALUE) {
            throw new FailedLoginException(String.format(
                    "Certificate path length %s exceeds maximum value %s.", pathLength, this.maxPathLength));
        }
    }
}
開發者ID:luotuo,項目名稱:cas4.0.x-server-wechat,代碼行數:25,代碼來源:X509CredentialsAuthenticationHandler.java

示例8: checkServerTrusted

import java.security.cert.X509Certificate; //導入方法依賴的package包/類
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
    try {
        this.trustManager.checkServerTrusted(chain, authType);
    } catch (CertificateException cx) {
        try {
            X509Certificate x509Certificate = chain[0];
            x509Certificate.checkValidity();
            long unixTimestamp = Instant.now().getEpochSecond();
            CertificateResolverModel resolverModel = new CertificateResolverModel(
                    x509Certificate, String.valueOf(unixTimestamp), getSha1Fingerprint(x509Certificate));
            if (this.listener != null) {
                this.listener.intercept(resolverModel);
            }
        } catch (NoSuchAlgorithmException e) {
            LOG.error("Cannot generate SHA1 fingerprint for certificate", e);
        }
        throw cx;
    }
}
開發者ID:opensecuritycontroller,項目名稱:osc-core,代碼行數:21,代碼來源:X509TrustManagerFactory.java

示例9: checkServerTrusted

import java.security.cert.X509Certificate; //導入方法依賴的package包/類
@Override
public void checkServerTrusted(X509Certificate[] x509Certificates, String authType) throws CertificateException {
    if (x509Certificates == null) {
        throw new IllegalArgumentException("Check Server x509Certificates is null");
    }

    if (x509Certificates.length < 0) {
        throw new IllegalArgumentException("Check Server x509Certificates is empty");
    }

    try {
        for (X509Certificate cert : x509Certificates) {
            // Make sure that it hasn't expired.
            cert.checkValidity();
            //和App預埋的證書做對比
            cert.verify(mCertificate.getPublicKey());
        }
    } catch (NoSuchAlgorithmException | InvalidKeyException | NoSuchProviderException | SignatureException e) {
        e.printStackTrace();
    }
}
開發者ID:guiying712,項目名稱:AndroidModulePattern,代碼行數:22,代碼來源:HttpsUtils.java

示例10: checkServerTrusted

import java.security.cert.X509Certificate; //導入方法依賴的package包/類
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
    try {
        for (X509Certificate certificate : chain) {
            certificate.checkValidity(); //檢查證書是否過期,簽名是否通過等
        }
    } catch (Exception e) {
        throw new CertificateException(e);
    }
}
開發者ID:weiwenqiang,項目名稱:GitHub,代碼行數:11,代碼來源:GApp.java

示例11: validateCertificates

import java.security.cert.X509Certificate; //導入方法依賴的package包/類
/**
 * @throws CertificateException if the certificate has expired or if the certificate is not yet valid.
 */
@Override
public void validateCertificates(X509Certificate[] serverCertificates) throws CertificateException {
    for (X509Certificate certificate : serverCertificates) {
        certificate.checkValidity();
    }
}
開發者ID:octaware,項目名稱:super-volley,代碼行數:10,代碼來源:CertificateValidityValidator.java

示例12: checkServerTrusted

import java.security.cert.X509Certificate; //導入方法依賴的package包/類
@Override
public void checkServerTrusted(X509Certificate[] certs, String arg1) throws CertificateException {
    Date today = new Date();
    for (X509Certificate certificate : certs) {
        certificate.checkValidity(today);
    }
}
開發者ID:XndroidDev,項目名稱:Xndroid,代碼行數:8,代碼來源:SHelper.java

示例13: createAcIssuerCert

import java.security.cert.X509Certificate; //導入方法依賴的package包/類
/**
 * we generate the AC issuer's certificate
 */
public static X509Certificate createAcIssuerCert(
    PublicKey       pubKey,
    PrivateKey      privKey)
    throws Exception
{
    //
    // signers name 
    //
    String  issuer = "C=AU, O=The Legion of the Bouncy Castle, OU=Bouncy Primary Certificate";

    //
    // subjects name - the same as we are self signed.
    //
    String  subject = "C=AU, O=The Legion of the Bouncy Castle, OU=Bouncy Primary Certificate";

    //
    // create the certificate - version 1
    //

    v1CertGen.setSerialNumber(BigInteger.valueOf(10));
    v1CertGen.setIssuerDN(new X509Principal(issuer));
    v1CertGen.setNotBefore(new Date(System.currentTimeMillis() - 1000L * 60 * 60 * 24 * 30));
    v1CertGen.setNotAfter(new Date(System.currentTimeMillis() + (1000L * 60 * 60 * 24 * 30)));
    v1CertGen.setSubjectDN(new X509Principal(subject));
    v1CertGen.setPublicKey(pubKey);
    v1CertGen.setSignatureAlgorithm("SHA1WithRSAEncryption");

    X509Certificate cert = v1CertGen.generate(privKey);

    cert.checkValidity(new Date());

    cert.verify(pubKey);

    return cert;
}
開發者ID:Appdome,項目名稱:ipack,代碼行數:39,代碼來源:AttrCertExample.java

示例14: checkClientTrusted

import java.security.cert.X509Certificate; //導入方法依賴的package包/類
@Override
public void checkClientTrusted(X509Certificate[] certs, String arg1) throws CertificateException {
    Date today = new Date();
    for (X509Certificate certificate : certs) {
        certificate.checkValidity(today);
    }
}
開發者ID:XndroidDev,項目名稱:Xndroid,代碼行數:8,代碼來源:SHelper.java

示例15: checkServerTrusted

import java.security.cert.X509Certificate; //導入方法依賴的package包/類
public void checkServerTrusted(X509Certificate[] certificates, String authType) throws CertificateException
{
    for (X509Certificate certificate : certificates)
    {
        certificate.checkValidity();
    }
}
開發者ID:archos-sa,項目名稱:aos-FileCoreLibrary,代碼行數:8,代碼來源:FTPSTrustManager.java


注:本文中的java.security.cert.X509Certificate.checkValidity方法示例由純淨天空整理自Github/MSDocs等開源代碼及文檔管理平台,相關代碼片段篩選自各路編程大神貢獻的開源項目,源碼版權歸原作者所有,傳播和使用請參考對應項目的License;未經允許,請勿轉載。