Examples with BcRSAContentVerifierProviderBuilder - org.bouncycastle.operator.bc.BcRSAContentVerifierProviderBuilder

Example 1 with BcRSAContentVerifierProviderBuilder

use of org.bouncycastle.operator.bc.BcRSAContentVerifierProviderBuilder in project OpenAttestation by OpenAttestation.

the class X509AttributeCertificate method isValid.

/**
     * This checks the certificate's notBefore and notAfter dates against the current time.
     * This does NOT check the signature. Do that separately with isTrusted().
     * 
     * @param date to check against the certificate's validity period
     * @return true if the certificate is valid on the given date
     */
public boolean isValid(X509Certificate issuer, Date date) {
    try {
        X509AttributeCertificateHolder holder = new X509AttributeCertificateHolder(encoded);
        ContentVerifierProvider verifierProvider = new BcRSAContentVerifierProviderBuilder(new DefaultDigestAlgorithmIdentifierFinder()).build(new X509CertificateHolder(issuer.getEncoded()));
        if (!holder.isSignatureValid(verifierProvider)) {
            log.debug("Certificate signature cannot be validated with certificate: {}", issuer.getIssuerX500Principal().getName());
            return false;
        }
        return date.compareTo(notBefore) > -1 && date.compareTo(notAfter) < 1;
    } catch (Exception e) {
        log.error("Cannot initialize certificate verifier", e);
        return false;
    }
}

Also used : BcRSAContentVerifierProviderBuilder(org.bouncycastle.operator.bc.BcRSAContentVerifierProviderBuilder) X509CertificateHolder(org.bouncycastle.cert.X509CertificateHolder) X509AttributeCertificateHolder(org.bouncycastle.cert.X509AttributeCertificateHolder) DefaultDigestAlgorithmIdentifierFinder(org.bouncycastle.operator.DefaultDigestAlgorithmIdentifierFinder) IOException(java.io.IOException) ContentVerifierProvider(org.bouncycastle.operator.ContentVerifierProvider)

Aggregations

IOException (java.io.IOException)1 X509AttributeCertificateHolder (org.bouncycastle.cert.X509AttributeCertificateHolder)1 X509CertificateHolder (org.bouncycastle.cert.X509CertificateHolder)1 ContentVerifierProvider (org.bouncycastle.operator.ContentVerifierProvider)1 DefaultDigestAlgorithmIdentifierFinder (org.bouncycastle.operator.DefaultDigestAlgorithmIdentifierFinder)1 BcRSAContentVerifierProviderBuilder (org.bouncycastle.operator.bc.BcRSAContentVerifierProviderBuilder)1