/*
* This file is part of rockframework.
*
* rockframework is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* rockframework is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>;.
*/
package br.net.woodstock.rockframework.security.cert.impl;
import java.io.Serializable;
import java.security.cert.Certificate;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.util.Date;
import br.net.woodstock.rockframework.core.RockFrameworkVersion;
import br.net.woodstock.rockframework.core.util.Assert;
import br.net.woodstock.rockframework.security.cert.CertificateException;
import br.net.woodstock.rockframework.security.cert.CertificateValidator;
import br.net.woodstock.rockframework.security.cert.ValidationError;
public class DateCertificateValidator implements CertificateValidator, Serializable {
private static final long serialVersionUID = RockFrameworkVersion.VERSION;
public static final String VALIDATOR_NAME = "Date Validator";
private Date date;
public DateCertificateValidator() {
super();
}
public DateCertificateValidator(final Date date) {
super();
this.date = date;
}
@Override
public ValidationError[] validate(final Certificate[] chain) {
Assert.notEmpty(chain, "chain");
try {
X509Certificate x509Certificate = (X509Certificate) chain[0];
Date current = null;
if (this.date == null) {
current = new Date();
} else {
current = this.date;
}
x509Certificate.checkValidity(current);
return new ValidationError[0];
} catch (CertificateExpiredException e) {
return new ValidationError[] { new ValidationError(DateCertificateValidator.VALIDATOR_NAME, "Certificate expired") };
} catch (CertificateNotYetValidException e) {
return new ValidationError[] { new ValidationError(DateCertificateValidator.VALIDATOR_NAME, "Certificate not yet valid") };
} catch (Exception e) {
throw new CertificateException(e);
}
}
}