protected static Date getValidCertDateFromValidityModel(
ExtendedPKIXParameters paramsPKIX, CertPath certPath, int index) throws AnnotatedException {
if (paramsPKIX.getValidityModel() == ExtendedPKIXParameters.CHAIN_VALIDITY_MODEL) {
// if end cert use given signing/encryption/... time
if (index <= 0) {
return CertPathValidatorUtilities.getValidDate(paramsPKIX);
// else use time when previous cert was created
} else {
if (index - 1 == 0) {
DERGeneralizedTime dateOfCertgen = null;
try {
byte[] extBytes =
((X509Certificate) certPath.getCertificates().get(index - 1))
.getExtensionValue(
ISISMTTObjectIdentifiers.id_isismtt_at_dateOfCertGen.getId());
if (extBytes != null) {
dateOfCertgen = DERGeneralizedTime.getInstance(ASN1Primitive.fromByteArray(extBytes));
}
} catch (IOException e) {
throw new AnnotatedException("Date of cert gen extension could not be read.");
} catch (IllegalArgumentException e) {
throw new AnnotatedException("Date of cert gen extension could not be read.");
}
if (dateOfCertgen != null) {
try {
return dateOfCertgen.getDate();
} catch (ParseException e) {
throw new AnnotatedException(
"Date from date of cert gen extension could not be parsed.", e);
}
}
return ((X509Certificate) certPath.getCertificates().get(index - 1)).getNotBefore();
} else {
return ((X509Certificate) certPath.getCertificates().get(index - 1)).getNotBefore();
}
}
} else {
return getValidDate(paramsPKIX);
}
}
