/* Cert creation engine */
  private static synchronized X509Certificate createX509V3Certificate(
      PublicKey pubKey,
      PrivateKey privKey,
      int ttlMonths,
      String issuerDN,
      String subjectDN,
      long serial,
      String signAlgoritm)
      throws GeneralSecurityException {
    X509V3CertificateGenerator certGenerator = new X509V3CertificateGenerator();
    certGenerator.reset();

    certGenerator.setSerialNumber(java.math.BigInteger.valueOf(serial));
    certGenerator.setIssuerDN(new org.bouncycastle.asn1.x509.X509Name(issuerDN));
    certGenerator.setNotBefore(new java.util.Date(System.currentTimeMillis()));
    certGenerator.setNotAfter(
        new java.util.Date(System.currentTimeMillis() + ttlMonths * (1000L * 60 * 60 * 24 * 30)));
    certGenerator.setSubjectDN(new org.bouncycastle.asn1.x509.X509Name(subjectDN));
    certGenerator.setPublicKey(pubKey);
    certGenerator.setSignatureAlgorithm(signAlgoritm);

    X509Certificate cert =
        certGenerator.generateX509Certificate(privKey, "BC", new java.security.SecureRandom());
    cert.checkValidity(new java.util.Date());
    cert.verify(pubKey);

    return cert;
  }
  /*
   * Returns a String to show if the certificate is valid
   */
  private String checkValidity(X509Certificate cert) {

    try {
      cert.checkValidity();
    } catch (CertificateExpiredException e) {
      return ("\r\n" + Messages.JarVerificationResult_ExpiredCertificate); // $NON-NLS-1$
    } catch (CertificateNotYetValidException e) {
      return ("\r\n" + Messages.JarVerificationResult_CertificateNotYetValid); // $NON-NLS-1$
    }
    return ("\r\n" + Messages.JarVerificationResult_CertificateValid); // $NON-NLS-1$
  }
Esempio n. 3
0
  /**
   * Return true if the certificate is active<br>
   * <br>
   * Restituisce true se il certificato è ancora attivo
   *
   * @return true: if the certificate is active
   */
  public boolean getInUse() {
    try {
      cert.checkValidity();
      isInUse = true;
      isExpired = false;
    } catch (CertificateNotYetValidException ex) {
      isInUse = false;
    } catch (CertificateExpiredException ex) {
      isExpired = true;
    }

    return isInUse;
  }