mirror of
https://github.com/moparisthebest/SSLDroid
synced 2024-11-27 03:12:18 -05:00
Implement check if the client-side certificate is expired
Signed-off-by: Balint Kovacs <blint@blint.hu>
This commit is contained in:
parent
6010416325
commit
d474bb6682
@ -10,6 +10,10 @@ import java.security.KeyStoreException;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.security.UnrecoverableKeyException;
|
||||
import java.security.cert.CertificateException;
|
||||
|
||||
import java.security.cert.Certificate;
|
||||
import javax.security.cert.CertificateExpiredException;
|
||||
import javax.security.cert.X509Certificate;
|
||||
import java.util.Collections;
|
||||
import java.util.Enumeration;
|
||||
import java.util.LinkedList;
|
||||
@ -297,8 +301,14 @@ public class SSLDroidTunnelDetails extends Activity {
|
||||
if (myStore.isKeyEntry(strAlias)) {
|
||||
// try to retrieve the private key part from PKCS12 certificate
|
||||
myStore.getKey(strAlias, passw.toCharArray());
|
||||
// try to retrieve the certificate part from PKCS12 certificate
|
||||
myStore.getCertificate(strAlias);
|
||||
Certificate mycrt = myStore.getCertificate(strAlias);
|
||||
X509Certificate mycert = X509Certificate.getInstance(mycrt.getEncoded());
|
||||
try {
|
||||
mycert.checkValidity();
|
||||
} catch (CertificateExpiredException e) {
|
||||
Toast.makeText(getBaseContext(), "PKCS12 problem: "+e.getMessage(), Toast.LENGTH_LONG).show();
|
||||
return false;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user