Example 16 with CertInfo
use of cn.topca.tca.ra.service.CertInfo in project portal by ixinportal.
the class MobileWebSocketLogService method execute.
/**
* service:certApply 申请证书移动端需要传过来的参数
* 1.设备信息 device
* equipmentCategory String 设备型号
* appId Long 应用的名称
* operatingSystem String 操作系统
* userId Long 和用户关联的字段
* createTime date 创建时间
* updateTime date 修改时间
* deviceSerialNumber string 设备序列号 唯一标识
* 2.用户信息 即 注册信息 user
* name String 用户姓名
* phone String 手机号
* idNumber String 身份证号
* appId Long 和应用关联的字段
* email String 电子邮件
* registrationTime date 注册时间
* createTime date 创建时间
* updateTime date 修改时间
* userCode String 用户编码
*
* 最后保存 用户信息 设备信息 证书信息 // TODO: 2017/12/8
* @param content
* @return
*/
@Override
public Map<String, Object> execute(String content) {
Map<String, Object> result = new HashMap<String, Object>(3);
result.put("status", 0);
try {
JSONObject param = JSON.parseObject(content);
String appId = param.getString("appId");
ApplicationInfo applicationInfo = applicationInfoService.getApplicationInfo(appId);
MobileApplyConfigManage mobileApplyConfig = mobileApplyConfigService.selectByappId(appId);
CertUtlis certutil = new CertUtlis();
JSONObject jsonUser = param.getJSONObject("user");
// 根据证书信息项设置 rauserinfo对象 // TODO: 2017/12/26
UserInfo rauserinfo = new UserInfo();
rauserinfo.setUserName(jsonUser.getString("name"));
rauserinfo.setUserEmail(jsonUser.getString("email"));
rauserinfo.setUserAdditionalField1(applicationInfo.getName());
rauserinfo.setUserAdditionalField4(jsonUser.getString("userCode"));
Integer certValidity = 7;
if (mobileApplyConfig.getCertificatedeadline() == null || "0".equals(mobileApplyConfig.getCertificatedeadline())) {
certValidity = null;
} else if (1 == mobileApplyConfig.getCertificatedeadline()) {
certValidity = 365 * 1 + 1;
} else if (2 == mobileApplyConfig.getCertificatedeadline()) {
certValidity = 365 * 2 + 1;
} else if (3 == mobileApplyConfig.getCertificatedeadline()) {
certValidity = 365 * 3 + 1;
} else if (4 == mobileApplyConfig.getCertificatedeadline()) {
certValidity = 365 * 5 + 2;
} else if (5 == mobileApplyConfig.getCertificatedeadline()) {
certValidity = 365 * 10 + 2;
}
RaAccount ra = raAccountService.getRaAccount(mobileApplyConfig.getRaaccountId());
if (ra.getAaPassword() != null) {
ra.setAaPassword(AESencrp.decrypt(ra.getAaPassword(), dbEncKey));
}
CertInfo racertinfo = certutil.enrollCertByWS(param.getString("csr"), ra, rauserinfo, certValidity);
result.put("status", 1);
result.put("message", "制作证书成功");
} catch (Exception e) {
result.put("message", e.toString());
}
return result;
}
Also used :
CertInfo(cn.topca.tca.ra.service.CertInfo)
HashMap(java.util.HashMap)
ApplicationInfo(com.itrus.portal.db.ApplicationInfo)
UserInfo(cn.topca.tca.ra.service.UserInfo)
MobileApplyConfigManage(com.itrus.portal.db.MobileApplyConfigManage)
CertUtlis(com.itrus.portal.utils.CertUtlis)
JSONObject(com.alibaba.fastjson.JSONObject)
RaAccount(com.itrus.portal.db.RaAccount)
JSONObject(com.alibaba.fastjson.JSONObject)
Example 17 with CertInfo
use of cn.topca.tca.ra.service.CertInfo in project portal by ixinportal.
the class CertUtlis method renewAA.
/**
* 证书更新工具类
*
* @param serialnumber
* //旧的证书序列号
* @param csr
* //旧的证书的请求
* @param crt
* //旧的证书base64
* @param challenge
* //签发的RA口令,aapassword
* @param accountHash
* //RA的哈希值
* @param checkpoint
* //RA的服务密码
* @param passcode
* //passCode是一种申请证书的方式,不是以passCode方式申请,则填写""
* @param newCSR
* //新的证书请求
* @param pkcs7
* //浏览器产生的字符串
* @param raAccount
* //ra对象
* @return
* @throws javax.xml.ws.WebServiceException
* @throws RaServiceUnavailable_Exception
* @throws MalformedURLException
*/
public static CertInfo renewAA(String serialnumber, String crt, String challenge, String accountHash, String checkpoint, String passcode, String newCSR, String pkcs7, RaAccount raAccount) throws javax.xml.ws.WebServiceException, RaServiceUnavailable_Exception, MalformedURLException {
UserAPIService service = new UserAPIService(new URL(raAccount.getServiceUrl()));
UserAPIServicePortType client = service.getUserAPIServicePort();
// 新建一个空的用户信息传递过去
UserInfo raUserInfo = new UserInfo();
// 新建一个用户证书,并设置
CertInfo raCertInfo = new CertInfo();
raCertInfo.setCertSerialNumber(serialnumber);
// 签发的RA口令,先随便写一些进去
raCertInfo.setCertReqChallenge(challenge);
// raCertInfo.setCertReqBuf(csr);//旧的证书的请求
// 证书base64
raCertInfo.setCertSignBuf(crt);
String json = "{PKCSINFORMATION:'" + pkcs7 + "', certReqBuf:'" + newCSR + "'}";
return client.renewCertAA(raUserInfo, raCertInfo, accountHash, checkpoint, passcode, json);
}
Also used :
CertInfo(cn.topca.tca.ra.service.CertInfo)
UserAPIServicePortType(cn.topca.tca.ra.service.UserAPIServicePortType)
UserInfo(cn.topca.tca.ra.service.UserInfo)
UserAPIService(cn.topca.tca.ra.service.UserAPIService)
URL(java.net.URL)
Example 18 with CertInfo
use of cn.topca.tca.ra.service.CertInfo in project portal by ixinportal.
the class CertUtlis method enrollCertByWS.
public CertInfo enrollCertByWS(String csr, RaAccount raAccount, UserInfo userInfo, Integer certValidity) throws MalformedURLException, RaServiceUnavailable_Exception, TerminalServiceException {
String json = "{\"certValidity\":" + certValidity + "}";
CertInfo certInfo = null;
UserAPIService service = new UserAPIService(new URL(raAccount.getServiceUrl()));
UserAPIServicePortType client = service.getUserAPIServicePort();
// 用户信息
try {
logger.error("***判断是什么模式***" + raAccount.getCertSignType());
// 判断是什么模式
if (raAccount.getCertSignType() == null || (raAccount.getCertSignType() != null && raAccount.getCertSignType() == 1)) {
// AA模式
logger.error("*****userInfo=" + userInfo + "***csr***=" + csr + "***raAccount.getAccountHash()**=" + raAccount.getAccountHash() + "***raAccount.getAaPassword()**=" + raAccount.getAaPassword() + "**json**=" + json);
certInfo = client.enrollCertAA(userInfo, csr, raAccount.getAccountHash(), raAccount.getAaPassword(), "", json);
} else {
// passcord模式
logger.error("输出hash*****raAccount.getAccountHash()========" + raAccount.getAccountHash());
// 判断是否为passcord模式
CaPasscode passcode = new CaPasscode();
// 获取对应ra账号的passcode
RaAccountInfoExample raInfoExample = new RaAccountInfoExample();
RaAccountInfoExample.Criteria raInfoCriteria = raInfoExample.createCriteria();
raInfoCriteria.andHashValEqualTo(raAccount.getAccountHash());
raInfoExample.setOrderByClause("create_time desc");
raInfoExample.setLimit(1);
RaAccountInfo raAccountInfo = raAccountInfoService.getRaAccountInfo(raInfoExample);
// 获取对应passcode
try {
passcode = codeService.IssuedCode4Cert(raAccountInfo);
if (passcode == null) {
logger.error("******passcode为空***********");
throw new TerminalServiceException("passcode为空");
}
} catch (TerminalServiceException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
throw e1;
}
logger.error("******passcode=" + passcode.getPasscode());
certInfo = client.enrollCertAA(userInfo, csr, raAccount.getAccountHash(), raAccount.getAaPassword(), passcode.getPasscode(), json);
}
} catch (RaServiceUnavailable_Exception e) {
logger.error("userInfo:" + ToStringBuilder.reflectionToString(userInfo));
logger.error("csr:" + csr);
logger.error("raAccount:" + ToStringBuilder.reflectionToString(raAccount));
logger.error("json:" + json);
throw e;
}
return certInfo;
}
Also used :
CertInfo(cn.topca.tca.ra.service.CertInfo)
RaAccountInfo(com.itrus.portal.db.RaAccountInfo)
RaAccountInfoExample(com.itrus.portal.db.RaAccountInfoExample)
TerminalServiceException(com.itrus.portal.exception.TerminalServiceException)
RaServiceUnavailable_Exception(cn.topca.tca.ra.service.RaServiceUnavailable_Exception)
UserAPIServicePortType(cn.topca.tca.ra.service.UserAPIServicePortType)
CaPasscode(com.itrus.portal.db.CaPasscode)
UserAPIService(cn.topca.tca.ra.service.UserAPIService)
URL(java.net.URL)
Example 19 with CertInfo
use of cn.topca.tca.ra.service.CertInfo in project portal by ixinportal.
the class EnrolCertTest method apiCertToWsCert.
/**
* 将api获取证书信息转换为ws接口证书方式
*
* @return
*/
private static CertInfo apiCertToWsCert(PickupResult pickupResult) {
CertInfo certInfo = new CertInfo();
SimpleDateFormat sd = new SimpleDateFormat("yyyyMMddHHmmss");
if (pickupResult.getCertApproveDate() != null)
certInfo.setCertApproveDate(sd.format(pickupResult.getCertApproveDate()));
certInfo.setCertIssuerDn(pickupResult.getCertIssuerDN());
certInfo.setCertIssuerHashMd5(pickupResult.getCertIssuerHashMD5());
certInfo.setCertSubjectDn(pickupResult.getCertSubjectDN());
certInfo.setCertSubjectHashMd5(pickupResult.getCertSubjectHashMD5());
if (pickupResult.getCertNotBefore() != null)
certInfo.setCertNotBefore(sd.format(pickupResult.getCertNotBefore()));
if (pickupResult.getCertNotAfter() != null)
certInfo.setCertNotAfter(sd.format(pickupResult.getCertNotAfter()));
if (pickupResult.getCertReqDate() != null)
certInfo.setCertReqDate(sd.format(pickupResult.getCertReqDate()));
certInfo.setCertSerialNumber(pickupResult.getCertSerialNumber());
certInfo.setCertSignBuf(pickupResult.getCertSignBuf());
certInfo.setCertSignBufP7(pickupResult.getCertSignBufP7());
if (pickupResult.getCertSignDate() != null)
certInfo.setCertSignDate(sd.format(pickupResult.getCertSignDate()));
certInfo.setCertKmcReq2(pickupResult.getCertKmcReq2());
certInfo.setCertKmcRep1(pickupResult.getCertKmcRep1());
certInfo.setCertKmcRep2(pickupResult.getCertKmcRep2());
certInfo.setCertKmcRep3(pickupResult.getCertKmcRep3());
return certInfo;
}
Also used :
CertInfo(cn.topca.tca.ra.service.CertInfo)
SimpleDateFormat(java.text.SimpleDateFormat)
Example 20 with CertInfo
use of cn.topca.tca.ra.service.CertInfo in project portal by ixinportal.
the class EnrolCertTest method iceCert.
public static void iceCert() throws Exception {
String accountOrgUnit = "测试RA";
String accountOrganization = "天威诚信数字认证中心";
String serviceUrl = "http://topca-ra.itrus.com.cn/services/userAPI?wsdl";
// 计算ra账户hash
String accountHash = CipherUtils.md5((accountOrganization + accountOrgUnit.getBytes("GBK")).toUpperCase());
// 创建RaCertManager类
RaCertManager raCertManager = RaFactory.getRaCertManager(accountOrganization, accountOrgUnit);
raCertManager.setAccountHash(accountHash);
// 设置RA服务IP地址、端口号和协议等
raCertManager.addRaService(serviceUrl);
// 创建用户信息类
com.itrus.raapi.info.UserInfo userInfo = new com.itrus.raapi.info.UserInfo();
userInfo.setUserName("cceshi");
userInfo.setUserEmail("test@itrus.com.cn");
userInfo.setCertReqChallenge("itrusyes");
// 申请证书
CertInfo certInfo = null;
OperationResult operationResult = null;
operationResult = raCertManager.enrollCert(userInfo);
if (operationResult instanceof PickupResult) {
PickupResult pickupResult = (PickupResult) operationResult;
if (pickupResult.isSuccess()) {
certInfo = apiCertToWsCert(pickupResult);
} else {
System.out.println(operationResult.getMessage());
System.out.println(pickupResult.getMessage());
}
} else if (operationResult != null) {
System.out.println(operationResult.getMessage());
}
}
Also used :
CertInfo(cn.topca.tca.ra.service.CertInfo)
PickupResult(com.itrus.raapi.result.PickupResult)
RaCertManager(com.itrus.raapi.RaCertManager)
UserInfo(cn.topca.tca.ra.service.UserInfo)
OperationResult(com.itrus.raapi.result.OperationResult)
Aggregations
CertInfo (cn.topca.tca.ra.service.CertInfo)20
JSONObject (com.alibaba.fastjson.JSONObject)11
UserInfo (cn.topca.tca.ra.service.UserInfo)10
HashMap (java.util.HashMap)9
RaServiceUnavailable_Exception (cn.topca.tca.ra.service.RaServiceUnavailable_Exception)8
RaAccount (com.itrus.portal.db.RaAccount)8
Date (java.util.Date)8
SimpleDateFormat (java.text.SimpleDateFormat)7
RequestMapping (org.springframework.web.bind.annotation.RequestMapping)7
DigitalCert (com.itrus.portal.db.DigitalCert)6
ParseException (java.text.ParseException)6
Bill (com.itrus.portal.db.Bill)5
Product (com.itrus.portal.db.Product)5
IOException (java.io.IOException)5
ResponseBody (org.springframework.web.bind.annotation.ResponseBody)5
UserAPIService (cn.topca.tca.ra.service.UserAPIService)4
UserAPIServicePortType (cn.topca.tca.ra.service.UserAPIServicePortType)4
JSONArray (com.alibaba.fastjson.JSONArray)4
CertBuf (com.itrus.portal.db.CertBuf)4
Enterprise (com.itrus.portal.db.Enterprise)4
