java.security.cert.X509Certificate.checkValidity()方法的使用及代码示例

x33g5p2x  于2022-02-02 转载在 其他  
字(8.1k)|赞(0)|评价(0)|浏览(496)

本文整理了Java中java.security.cert.X509Certificate.checkValidity()方法的一些代码示例,展示了X509Certificate.checkValidity()的具体用法。这些代码示例主要来源于Github/Stackoverflow/Maven等平台,是从一些精选项目中提取出来的代码,具有较强的参考意义,能在一定程度帮忙到你。X509Certificate.checkValidity()方法的具体详情如下:
包路径:java.security.cert.X509Certificate
类名称:X509Certificate
方法名:checkValidity

X509Certificate.checkValidity介绍

[英]Checks whether the certificate is currently valid.

The validity defined in ASN.1:

validity             Validity 
Validity ::= SEQUENCE { 
notBefore       CertificateValidityDate, 
notAfter        CertificateValidityDate } 
CertificateValidityDate ::= CHOICE { 
utcTime         UTCTime, 
generalTime     GeneralizedTime }

[中]检查证书当前是否有效。
ASN中定义的有效性。1:

validity             Validity 
Validity ::= SEQUENCE { 
notBefore       CertificateValidityDate, 
notAfter        CertificateValidityDate } 
CertificateValidityDate ::= CHOICE { 
utcTime         UTCTime, 
generalTime     GeneralizedTime }

代码示例

代码示例来源:origin: Meituan-Dianping/walle

@Override
public void checkValidity()
    throws CertificateExpiredException, CertificateNotYetValidException {
  mDelegate.checkValidity();
}

代码示例来源:origin: Meituan-Dianping/walle

@Override
public void checkValidity(Date date)
    throws CertificateExpiredException, CertificateNotYetValidException {
  mDelegate.checkValidity(date);
}

代码示例来源:origin: pentaho/pentaho-kettle

@Override
public void checkServerTrusted( X509Certificate[] certs, String param ) throws CertificateException {
 for ( X509Certificate cert : certs ) {
  cert.checkValidity(); // validate date
  // cert.verify( key ); // check by Public key
  // cert.getBasicConstraints()!=-1 // check by CA
 }
}

代码示例来源:origin: igniterealtime/Openfire

public boolean isServerTrusted(X509Certificate[] cert) {
  try {
    cert[0].checkValidity();
    return true;
  }
  catch (CertificateExpiredException e) {
    return false;
  }
  catch (CertificateNotYetValidException e) {
    return false;
  }
}

代码示例来源:origin: redisson/redisson

@Override
public void checkValidity() throws CertificateExpiredException, CertificateNotYetValidException {
  unwrap().checkValidity();
}

代码示例来源:origin: cloudfoundry/uaa

@Override
public void checkServerTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {
  if (delegate == null) {
    throw new CertificateException();
  } else {
    delegate.checkServerTrusted(x509Certificates, s);
  }
  for (X509Certificate certificate : x509Certificates) {
    certificate.checkValidity();
  }
}

代码示例来源:origin: redisson/redisson

@Override
public void checkValidity(Date date) throws CertificateExpiredException, CertificateNotYetValidException {
  unwrap().checkValidity(date);
}

代码示例来源:origin: aws/aws-sdk-java

/**
 * Check that the certificate is valid and that the principal is actually SNS.
 *
 * @param cer Certificate to validate.
 * @throws CertificateExpiredException
 * @throws CertificateNotYetValidException
 */
private void validateCertificate(X509Certificate cer) throws CertificateExpiredException, CertificateNotYetValidException {
  verifyHostname(cer);
  cer.checkValidity();
}

代码示例来源:origin: wildfly/wildfly

@Override
public void checkValidity() throws CertificateExpiredException, CertificateNotYetValidException {
  unwrap().checkValidity();
}

代码示例来源:origin: wildfly/wildfly

@Override
public void checkValidity(Date date) throws CertificateExpiredException, CertificateNotYetValidException {
  unwrap().checkValidity(date);
}

代码示例来源:origin: apache/nifi

public String getDn() throws CertificateException, SSLPeerUnverifiedException {
  final Certificate[] certs = engine.getSession().getPeerCertificates();
  if (certs == null || certs.length == 0) {
    throw new SSLPeerUnverifiedException("No certificates found");
  }
  final X509Certificate cert = CertificateUtils.convertAbstractX509Certificate(certs[0]);
  cert.checkValidity();
  return cert.getSubjectDN().getName().trim();
}

代码示例来源:origin: apache/nifi

private Set<String> getCertificateIdentities(final SSLSession sslSession) throws CertificateException, SSLPeerUnverifiedException {
    final Certificate[] certs = sslSession.getPeerCertificates();
    if (certs == null || certs.length == 0) {
      throw new SSLPeerUnverifiedException("No certificates found");
    }

    final X509Certificate cert = CertificateUtils.convertAbstractX509Certificate(certs[0]);
    cert.checkValidity();

    final Set<String> identities = CertificateUtils.getSubjectAlternativeNames(cert).stream()
      .map(CertificateUtils::extractUsername)
      .collect(Collectors.toSet());

    return identities;
  }
}

代码示例来源:origin: prestodb/presto

private static void validateCertificates(KeyStore keyStore)
    throws GeneralSecurityException
{
  for (String alias : list(keyStore.aliases())) {
    if (!keyStore.isKeyEntry(alias)) {
      continue;
    }
    Certificate certificate = keyStore.getCertificate(alias);
    if (!(certificate instanceof X509Certificate)) {
      continue;
    }
    try {
      ((X509Certificate) certificate).checkValidity();
    }
    catch (CertificateExpiredException e) {
      throw new CertificateExpiredException("KeyStore certificate is expired: " + e.getMessage());
    }
    catch (CertificateNotYetValidException e) {
      throw new CertificateNotYetValidException("KeyStore certificate is not yet valid: " + e.getMessage());
    }
  }
}

代码示例来源:origin: prestodb/presto

private static void validateCertificates(KeyStore keyStore)
    throws GeneralSecurityException
{
  for (String alias : list(keyStore.aliases())) {
    if (!keyStore.isKeyEntry(alias)) {
      continue;
    }
    Certificate certificate = keyStore.getCertificate(alias);
    if (!(certificate instanceof X509Certificate)) {
      continue;
    }
    try {
      ((X509Certificate) certificate).checkValidity();
    }
    catch (CertificateExpiredException e) {
      throw new CertificateExpiredException("KeyStore certificate is expired: " + e.getMessage());
    }
    catch (CertificateNotYetValidException e) {
      throw new CertificateNotYetValidException("KeyStore certificate is not yet valid: " + e.getMessage());
    }
  }
}

代码示例来源:origin: gocd/gocd

@Test
public void shouldCreateCertWithDnThatIsValidFromEpochToNowPlusTenYears() throws Exception {
  X509CertificateGenerator generator = new X509CertificateGenerator();
  Registration certChain = generator.createCertificateWithDn("CN=hostname");
  Date epoch = new Date(0);
  X509Certificate cert = certChain.getFirstCertificate();
  cert.checkValidity(epoch); // does not throw CertificateNotYetValidException
  cert.checkValidity(DateUtils.addYears(new Date(), 9)); // does not throw CertificateNotYetValidException
}

代码示例来源:origin: robovm/robovm

public void checkValidity() throws CertificateExpiredException,
            CertificateNotYetValidException {
  try {
    cert.checkValidity();
  } catch (java.security.cert.CertificateNotYetValidException e) {
    throw new CertificateNotYetValidException(e.getMessage());
  } catch (java.security.cert.CertificateExpiredException e) {
    throw new CertificateExpiredException(e.getMessage());
  }
}

代码示例来源:origin: robovm/robovm

public void checkValidity(Date date)
        throws CertificateExpiredException,
            CertificateNotYetValidException {
  try {
    cert.checkValidity(date);
  } catch (java.security.cert.CertificateNotYetValidException e) {
    throw new CertificateNotYetValidException(e.getMessage());
  } catch (java.security.cert.CertificateExpiredException e) {
    throw new CertificateExpiredException(e.getMessage());
  }
}

代码示例来源:origin: gocd/gocd

@Test
public void shouldCreateCertsThatIsValidFromEpochToNowPlusTenYears() throws Exception {
  X509CertificateGenerator generator = new X509CertificateGenerator();
  Registration caCert = generator.createAndStoreCACertificates(keystore);
  Date epoch = new Date(0);
  X509Certificate serverCert = caCert.getFirstCertificate();
  serverCert.checkValidity(epoch); // does not throw CertificateNotYetValidException
  serverCert.checkValidity(DateUtils.addYears(new Date(), 9)); // does not throw CertificateNotYetValidException
}

代码示例来源:origin: gocd/gocd

@Test
public void shouldCreateCertsForAgentThatIsValidFromEpochToNowPlusTenYears() throws Exception {
  X509CertificateGenerator generator = new X509CertificateGenerator();
  Registration agentCertChain = generator.createAgentCertificate(keystore, "agentHostName");
  Date epoch = new Date(0);
  X509Certificate agentCert = agentCertChain.getFirstCertificate();
  agentCert.checkValidity(epoch); // does not throw CertificateNotYetValidException
  agentCert.checkValidity(DateUtils.addYears(new Date(), 9)); // does not throw CertificateNotYetValidException
}

代码示例来源:origin: k9mail/k-9

private X509Certificate[] fetchCertificateChain(Context context, String alias)
    throws KeyChainException, InterruptedException, MessagingException {
  X509Certificate[] chain = KeyChain.getCertificateChain(context, alias);
  if (chain == null || chain.length == 0) {
    throw new MessagingException("No certificate chain found for: " + alias);
  }
  try {
    for (X509Certificate certificate : chain) {
      certificate.checkValidity();
    }
  } catch (CertificateException e) {
    throw new CertificateValidationException(e.getMessage(), Reason.Expired, alias);
  }
  return chain;
}

相关文章