feature 检测网站SSL证书是否过期 (#50)

* [collector]feature 检测网站SSL证书是否过期 * [collector]fix cannot find symbol class BASE64Decoder
2022-04-02 21:22:16 +08:00
parent 327f527082
commit fbf7ebd834
2 changed files with 16 additions and 3 deletions
--- a/collector/src/main/java/com/usthe/collector/collect/common/http/CommonHttpClient.java
+++ b/collector/src/main/java/com/usthe/collector/collect/common/http/CommonHttpClient.java
@@ -17,7 +17,9 @@ import javax.net.ssl.SSLContext;
 import javax.net.ssl.TrustManager;
 import javax.net.ssl.X509TrustManager;
 import java.security.cert.CertificateException;
+import java.security.cert.CertificateExpiredException;
 import java.security.cert.X509Certificate;
+import java.util.Date;
 import java.util.concurrent.TimeUnit;

 /**
@@ -75,7 +77,18 @@ public class CommonHttpClient {
                @Override
                public void checkClientTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException { }
                @Override
-                public void checkServerTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException { }
+                public void checkServerTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {
+                    // 判断服务器证书有效期时间
+                    Date now = new Date();
+                    if (x509Certificates != null && x509Certificates.length > 0) {
+                        for (X509Certificate certificate : x509Certificates) {
+                            Date deadline = certificate.getNotAfter();
+                            if (deadline != null && now.after(deadline)) {
+                                throw new CertificateExpiredException();
+                            }
+                        }
+                    }
+                }
                @Override
                public X509Certificate[] getAcceptedIssuers() { return null; }
            };
--- a/collector/src/main/java/com/usthe/collector/util/KeyPairUtil.java
+++ b/collector/src/main/java/com/usthe/collector/util/KeyPairUtil.java
@@ -1,12 +1,12 @@
 package com.usthe.collector.util;

 import lombok.extern.slf4j.Slf4j;
-import sun.misc.BASE64Decoder;

 import java.security.KeyFactory;
 import java.security.KeyPair;
 import java.security.PublicKey;
 import java.security.spec.X509EncodedKeySpec;
+import java.util.Base64;

 /**
 * 密钥工具类
@@ -35,7 +35,7 @@ public class KeyPairUtil {
                return null;
            }
            // todo fix 公钥解析
-            byte[] publicKeyBytes = (new BASE64Decoder()).decodeBuffer(publicKeyStr);
+            byte[] publicKeyBytes = Base64.getDecoder().decode(publicKeyStr);
            X509EncodedKeySpec keySpec = new X509EncodedKeySpec(publicKeyBytes);
            PublicKey publicKey = keyFactory.generatePublic(keySpec);
            return new KeyPair(publicKey, null);