svn commit: r1843740 - /pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/ShowSignature.java

Sat, 13 Oct 2018 04:22:53 -0700 

Author: tilman
Date: Sat Oct 13 11:22:15 2018
New Revision: 1843740

URL: http://svn.apache.org/viewvc?rev=1843740&view=rev
Log:
PDFBOX-3017: check whether signing time was within the certificate's validity 
period

Modified:
    
pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/ShowSignature.java

Modified: 
pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/ShowSignature.java
URL: 
http://svn.apache.org/viewvc/pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/ShowSignature.java?rev=1843740&r1=1843739&r2=1843740&view=diff
==============================================================================
--- 
pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/ShowSignature.java
 (original)
+++ 
pdfbox/trunk/examples/src/main/java/org/apache/pdfbox/examples/signature/ShowSignature.java
 Sat Oct 13 11:22:15 2018
@@ -28,7 +28,9 @@ import java.security.PublicKey;
 import java.security.SignatureException;
 import java.security.cert.Certificate;
 import java.security.cert.CertificateException;
+import java.security.cert.CertificateExpiredException;
 import java.security.cert.CertificateFactory;
+import java.security.cert.CertificateNotYetValidException;
 import java.security.cert.X509Certificate;
 import java.text.SimpleDateFormat;
 import java.util.Collection;
@@ -269,7 +271,19 @@ public final class ShowSignature
         X509CertificateHolder certificateHolder = matches.iterator().next();
         X509Certificate certFromSignedData = new 
JcaX509CertificateConverter().getCertificate(certificateHolder);
         System.out.println("certFromSignedData: " + certFromSignedData);
-        certFromSignedData.checkValidity(sig.getSignDate().getTime());
+        try
+        {
+            certFromSignedData.checkValidity(sig.getSignDate().getTime());
+            System.out.println("Certificate valid at signing time");
+        }
+        catch (CertificateExpiredException ex)
+        {
+            System.err.println("Certificate expired at signing time");
+        }
+        catch (CertificateNotYetValidException ex)
+        {
+            System.err.println("Certificate not yet valid at signing time");
+        }
 
         if (signerInformation.verify(new 
JcaSimpleSignerInfoVerifierBuilder().build(certFromSignedData)))
         {

Reply via email to