From 38ed319aeb8d999c6916bbaebaf276a88a98136e Mon Sep 17 00:00:00 2001
From: Brian Engert <lart2150@gmail.com>
Date: Mon, 29 Apr 2024 08:17:45 -0500
Subject: [PATCH] feat: log when rpc certificate is going to expire in less
 then 90 days, log error when less then 14.

---
 src/com/tivo/kmttg/rpc/TiVoRPC.java | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

diff --git a/src/com/tivo/kmttg/rpc/TiVoRPC.java b/src/com/tivo/kmttg/rpc/TiVoRPC.java
index fd1e5b81..9b544875 100644
--- a/src/com/tivo/kmttg/rpc/TiVoRPC.java
+++ b/src/com/tivo/kmttg/rpc/TiVoRPC.java
@@ -16,6 +16,12 @@
 import java.security.UnrecoverableKeyException;
 import java.security.cert.CertificateException;
 import java.security.cert.X509Certificate;
+import java.sql.Date;
+import java.text.SimpleDateFormat;
+import java.time.LocalDateTime;
+import java.time.ZoneId;
+import java.time.temporal.ChronoUnit;
+import java.time.temporal.Temporal;
 import java.util.Arrays;
 import java.util.Enumeration;
 import java.util.Random;
@@ -30,6 +36,7 @@
 
 import com.tivo.kmttg.JSON.JSONObject;
 import com.tivo.kmttg.util.GetKeyStore;
+import com.tivo.kmttg.util.log;
 
 /**
  * Establish an RPC connection route with a TiVo using the provided cdata files.
@@ -215,6 +222,21 @@ private final void createSocketFactory() {
            KeyStore keyStore = getKeyStore.getKeyStore();
            String keyPassword = getKeyStore.getKeyPassword();
 
+           Enumeration<String> aliases = keyStore.aliases();
+
+           while (aliases.hasMoreElements()) {
+              String alias = aliases.nextElement();
+              X509Certificate crt = (X509Certificate) keyStore.getCertificate(alias);
+              LocalDateTime notAfter = crt.getNotAfter().toInstant().atZone(ZoneId.systemDefault()).toLocalDateTime();
+
+              int expiresDays = (int) ChronoUnit.DAYS.between(LocalDateTime.now(), notAfter);
+              if (expiresDays < 14) {
+                 log.error("RPC Certificate expires in " + expiresDays + " days.");
+              } else if (expiresDays < 90) {
+                 log.warn("RPC Certificate expires in " + expiresDays + " days.");
+              }
+           }
+
            KeyManagerFactory fac = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            fac.init(keyStore, keyPassword.toCharArray());
            SSLContext context = SSLContext.getInstance("TLS");