From fbf7ebd834eae1f79e951b1583619679064d8271 Mon Sep 17 00:00:00 2001 From: tomsun28 Date: Sat, 2 Apr 2022 21:22:16 +0800 Subject: [PATCH] =?UTF-8?q?feature=20=E6=A3=80=E6=B5=8B=E7=BD=91=E7=AB=99S?= =?UTF-8?q?SL=E8=AF=81=E4=B9=A6=E6=98=AF=E5=90=A6=E8=BF=87=E6=9C=9F=20(#50?= =?UTF-8?q?)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * [collector]feature 检测网站SSL证书是否过期 * [collector]fix cannot find symbol class BASE64Decoder --- .../collect/common/http/CommonHttpClient.java | 15 ++++++++++++++- .../com/usthe/collector/util/KeyPairUtil.java | 4 ++-- 2 files changed, 16 insertions(+), 3 deletions(-) diff --git a/collector/src/main/java/com/usthe/collector/collect/common/http/CommonHttpClient.java b/collector/src/main/java/com/usthe/collector/collect/common/http/CommonHttpClient.java index 1b792a1..1c77418 100644 --- a/collector/src/main/java/com/usthe/collector/collect/common/http/CommonHttpClient.java +++ b/collector/src/main/java/com/usthe/collector/collect/common/http/CommonHttpClient.java @@ -17,7 +17,9 @@ import javax.net.ssl.SSLContext; import javax.net.ssl.TrustManager; import javax.net.ssl.X509TrustManager; import java.security.cert.CertificateException; +import java.security.cert.CertificateExpiredException; import java.security.cert.X509Certificate; +import java.util.Date; import java.util.concurrent.TimeUnit; /** @@ -75,7 +77,18 @@ public class CommonHttpClient { @Override public void checkClientTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException { } @Override - public void checkServerTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException { } + public void checkServerTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException { + // 判断服务器证书有效期时间 + Date now = new Date(); + if (x509Certificates != null && x509Certificates.length > 0) { + for (X509Certificate certificate : x509Certificates) { + Date deadline = certificate.getNotAfter(); + if (deadline != null && now.after(deadline)) { + throw new CertificateExpiredException(); + } + } + } + } @Override public X509Certificate[] getAcceptedIssuers() { return null; } }; diff --git a/collector/src/main/java/com/usthe/collector/util/KeyPairUtil.java b/collector/src/main/java/com/usthe/collector/util/KeyPairUtil.java index 5cc8132..fb1163b 100644 --- a/collector/src/main/java/com/usthe/collector/util/KeyPairUtil.java +++ b/collector/src/main/java/com/usthe/collector/util/KeyPairUtil.java @@ -1,12 +1,12 @@ package com.usthe.collector.util; import lombok.extern.slf4j.Slf4j; -import sun.misc.BASE64Decoder; import java.security.KeyFactory; import java.security.KeyPair; import java.security.PublicKey; import java.security.spec.X509EncodedKeySpec; +import java.util.Base64; /** * 密钥工具类 @@ -35,7 +35,7 @@ public class KeyPairUtil { return null; } // todo fix 公钥解析 - byte[] publicKeyBytes = (new BASE64Decoder()).decodeBuffer(publicKeyStr); + byte[] publicKeyBytes = Base64.getDecoder().decode(publicKeyStr); X509EncodedKeySpec keySpec = new X509EncodedKeySpec(publicKeyBytes); PublicKey publicKey = keyFactory.generatePublic(keySpec); return new KeyPair(publicKey, null);