diff options
-rw-r--r-- | bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureCommandImpl.java | 10 | ||||
-rw-r--r-- | smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/InfoBoxReadRequestHandler.java | 23 |
2 files changed, 23 insertions, 10 deletions
diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureCommandImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureCommandImpl.java index 5f8bebec..23812fec 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureCommandImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/CreateXMLSignatureCommandImpl.java @@ -231,16 +231,6 @@ public class CreateXMLSignatureCommandImpl extends log.info("Got signing certificate."); } - // check certificate for validity - try { - signingCertificate.checkValidity(); - log.info("signing certificate is valid"); - } catch (CertificateExpiredException e) { - log.warn("Your signing certificate has expired!"); - } catch (CertificateNotYetValidException e) { - log.warn("Your signing certificate is not yet valid!"); - } - // prepare the XMLSignature for signing log.info("Preparing XML signature."); prepareXMLSignature(commandContext); diff --git a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/InfoBoxReadRequestHandler.java b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/InfoBoxReadRequestHandler.java index 83e3694d..d67b37f3 100644 --- a/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/InfoBoxReadRequestHandler.java +++ b/smccSTAL/src/main/java/at/gv/egiz/bku/smccstal/InfoBoxReadRequestHandler.java @@ -24,6 +24,13 @@ package at.gv.egiz.bku.smccstal; +import java.io.ByteArrayInputStream; +import java.security.cert.CertificateException; +import java.security.cert.CertificateExpiredException; +import java.security.cert.CertificateFactory; +import java.security.cert.CertificateNotYetValidException; +import java.security.cert.X509Certificate; + import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -87,6 +94,22 @@ public class InfoBoxReadRequestHandler extends AbstractRequestHandler { if (resp == null) { return new ErrorResponse(6001); } + + // Check certificate validity + try { + CertificateFactory certFactory = CertificateFactory.getInstance("X509"); + X509Certificate cert = (X509Certificate) certFactory.generateCertificate(new ByteArrayInputStream(resp)); + cert.checkValidity(); + log.info("signing certificate is valid"); + } catch (CertificateExpiredException e) { + log.warn("signing certificate has expired!"); + } catch (CertificateNotYetValidException e) { + log.warn("signing certificate is not yet valid!"); + } catch (CertificateException e) { + log.error("Certificate decoding failed:", e); + } + + InfoboxReadResponse stalResp = new InfoboxReadResponse(); stalResp.setInfoboxValue(resp); return stalResp; |