Example 6 with SigningServerException
use of com.itrus.cryptorole.SigningServerException in project portal by ixinportal.
the class ApplicationInfoController method create.
// 新建处理
@RequestMapping(method = RequestMethod.POST, produces = "text/html")
public String create(@Valid ApplicationInfo applicationinfo, BindingResult bindingResult, Model uiModel, HttpServletRequest httpServletRequest) throws Exception {
if (bindingResult.hasErrors()) {
return "applicationinfo/create";
}
applicationinfo.setCreateTime(new Date());
applicationinfo.setCreator(getAdmin().getId());
applicationinfo.setAppId(UniqueIDUtils.genUUID().substring(0, 16).replaceAll("-", ""));
applicationinfo.setSecretKey(UniqueIDUtils.genUUID().replaceAll("-", ""));
applicationinfo.setCallback(applicationinfo.getCallback());
EvidenceCert cert = new EvidenceCert();
if (applicationinfo != null && applicationinfo.getCertBase64() != null) {
if (!"applicationinfo.certBase64".equals(applicationinfo.getCertBase64())) {
// applicationinfo.setCertBase64(applicationinfo.getCertBase64());
String result = null;
try {
sun.misc.BASE64Decoder decoder = new sun.misc.BASE64Decoder();
byte[] bt = decoder.decodeBuffer(applicationinfo.getCertBase64());
result = new String(bt, "utf-8");
UserCert userCert = CertUtil.getCertFromBase64(result);
String certDn = userCert.getCertDn();
result = result.replaceAll("-----BEGIN CERTIFICATE-----", "").replaceAll("-----END CERTIFICATE-----", "").replaceAll("\r", "").replaceAll("\n", "");
cert.setCertBase64(result);
cert.setStartTime(userCert.getCertStartTime());
cert.setEndTime(userCert.getCertEndTime());
cert.setCertSerialnumber(userCert.getCertSn());
cert.setIssuerdn(userCert.getIssuerDn());
cert.setSubjectdn(userCert.getCertDn());
cert.setCreateTime(new Date());
/*if(userCert.getCertBuf()!=null){
cert.setEvidenceBuf(userCert.getCertBuf().toString());
}*/
sqlSession.insert("com.itrus.portal.db.EvidenceCertMapper.insert", cert);
// applicationinfo.setCertBase64(result);
applicationinfo.setCertBase64(cert.getId().toString());
applicationinfo.setCertDn(certDn);
applicationinfo.setCertCn(EvidenceSaveServiceApi.getCertCn(certDn));
/*UserCert userCert = CertUtil.getCertFromBase64(result);
String certDn = userCert.getCertDn();
applicationinfo.setCertDn(certDn);
applicationinfo.setCertCn(EvidenceSaveServiceApi.getCertCn(certDn));*/
} catch (CertificateException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (SigningServerException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (UnsupportedEncodingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
} else {
applicationinfo.setCertBase64(null);
}
AppAuthConfig appAuthConfig = appAuthConfigService.getAppAuthConfig(new AppAuthConfigExample());
if (appAuthConfig != null) {
applicationinfo.setAppId2(AESencrp.encrypt(appAuthConfig.getAppId(), applicationinfo.getSecretKey()));
applicationinfo.setSecretKey2(AESencrp.encrypt(appAuthConfig.getSecretKey(), applicationinfo.getSecretKey()));
}
applicationinfo = applicationInfoService.insertByApplicationInfo(applicationinfo);
String oper = "应用添加";
String info = "应用名称: " + applicationinfo.getName();
LogUtil.adminlog(sqlSession, oper, info);
/*EvidenceCertificationChargingHandler cch = new EvidenceCertificationChargingHandler();
cch.setType(3);
QueueThread.buildCertificationTask(cch);
cacheCustomer.initEvidence(3);*/
return "redirect:applicationinfo/" + applicationinfo.getId();
}
Also used :
AppAuthConfig(com.itrus.portal.db.AppAuthConfig)
UnsupportedEncodingException(java.io.UnsupportedEncodingException)
CertificateException(java.security.cert.CertificateException)
IOException(java.io.IOException)
Date(java.util.Date)
EvidenceCert(com.itrus.portal.db.EvidenceCert)
AppAuthConfigExample(com.itrus.portal.db.AppAuthConfigExample)
SigningServerException(com.itrus.cryptorole.SigningServerException)
UserCert(com.itrus.portal.db.UserCert)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Example 7 with SigningServerException
use of com.itrus.cryptorole.SigningServerException in project portal by ixinportal.
the class CertUtil method verifyCertificate.
/**
* 验证证书状态
*
* @param cert
* @return 验证有效,返回true,否则抛出异常
* @throws SigningServerException
*/
private static boolean verifyCertificate(X509Certificate cert) throws SigningServerException {
boolean result = false;
// if (!cert.isOnValidPeriod())// 验证是否过期
if (// 不验证证书开始时间,即不验证证书是否已经生效
!cert.getNotAfter().after(new Date()))
throw new SigningServerException("证书已过期");
int ret = CVM.verifyCertificate(cert);
if (ret == CVM.VALID) {
result = true;
} else {
throw new SigningServerException(verifyCertMsg(ret));
}
return result;
}
Also used :
SigningServerException(com.itrus.cryptorole.SigningServerException)
Date(java.util.Date)
Example 8 with SigningServerException
use of com.itrus.cryptorole.SigningServerException in project portal by ixinportal.
the class BindCertWebController method loginCertBind.
/**
* 绑定登陆证书页面 szy 2016年8月18日 下午3:24:01
*
* @param mPhone
* 手机号
* @param password
* 对应手机号的登陆密码
* @param code
* 验证码
* @param productId
* 产品id
* @param projectId
* 项目id
* @param certBase64
* 证书信息
* @param enterprise
* 企业信息包括,唯一表标识
* enterpriseSn,企业名称enterpriseName,企业类型enterpriseNature
* ,行业orgIndustry
* @return Map<String,Object> retCode 返回状态码: -1默认错误,1验证码错误,2密码为空,3证书已经被绑定过,4
* 企业信息不完整,0绑定成功 redirectCode 跳转标识码 -1默认错误,1购买产品页面,2安全服务页面 retMsg
* 返回信息
*/
@RequestMapping("/loginCertBind")
@ResponseBody
public Map<String, Object> loginCertBind(@RequestParam(value = "mPhone", required = true) String mPhone, @RequestParam(value = "password", required = false) String password, @RequestParam(value = "code", required = true) String code, @RequestParam(value = "certBase64", required = true) String certBase64, @RequestParam(value = "keySn", required = false) String keySn, @RequestParam(value = "productId", required = true) Long productId, @RequestParam(value = "projectId", required = true) Long projectId, @ModelAttribute("enterprise") Enterprise enterprise, HttpSession session) {
Map<String, Object> retMap = new HashMap<String, Object>();
// 错误
retMap.put("retCode", -1);
// 错误
retMap.put("redirectCode", -1);
DefaultTransactionDefinition def = new DefaultTransactionDefinition();
def.setPropagationBehavior(TransactionDefinition.PROPAGATION_REQUIRED);
TransactionStatus status = transactionManager.getTransaction(def);
try {
if (null == enterprise || StringUtils.isBlank(enterprise.getEnterpriseSn()) || StringUtils.isBlank(enterprise.getEnterpriseName()) || null == enterprise.getEnterpriseNature() || null == enterprise.getOrgIndustry()) {
retMap.put("retCode", 4);
retMap.put("retMsg", "您提交的企业信息不完整");
return retMap;
}
// 验证动态码,
if (!dynamicCodeService.verifyCode(mPhone, code)) {
// 验证码不通过,状态 1
retMap.put("retCode", 1);
retMap.put("retMsg", "动态码验证失败");
return retMap;
}
// 绑定用户和证书
UserInfo userInfo = userInfoService.getUserInfoByMphone(mPhone);
enterprise = enterpriseService.addEnterPrise(enterprise);
if (null == userInfo) {
if (StringUtils.isBlank(password)) {
retMap.put("retCode", 2);
retMap.put("retMsg", "请先设置登录口令");
return retMap;
}
if (projectId != null) {
// 先自动创建用户
userInfo = userInfoService.registerUserInfo(mPhone, password, projectId);
// 记录系统日志
String info = mPhone + "注册成功";
LogUtil.syslog(sqlSession, "注册用户", info);
}
}
// 添加企业-代理人关联关系
userInfoEnterpriseServiceImpl.saveUserInfoEnterprise(userInfo.getId(), enterprise.getId());
// 获取证书
UserCert userCert = userCertService.getUserCert(certBase64);
// 判断是否已和证书绑定
if (userCertService.isBindCert(userInfo.getId(), certBase64)) {
retMap.put("retCode", 3);
retMap.put("retMsg", "该证书已绑定过用户");
return retMap;
}
// key序列号
if (StringUtils.isNotBlank(keySn))
userCert.setKeySn(keySn);
// 绑定证书与用户关系
userCert.setUserinfo(userInfo.getId());
userCert.setEnterprise(enterprise.getId());
sqlSession.update("com.itrus.portal.db.UserCertMapper.updateByPrimaryKey", userCert);
// 如果是从项目页面中链接过来,跳转到购买产品页面
// 否则 跳转到安全服务页面
Boolean webnoProduct = (Boolean) session.getAttribute("webnoProduct");
if (webnoProduct != null && webnoProduct) {
retMap.put("redirectCode", 1);
} else {
retMap.put("redirectCode", 2);
}
session.setAttribute("webuserInfo", userInfo);
session.setAttribute("webenterprise", enterprise);
session.setAttribute("webverifyCodeStatus", true);
// 返回绑定成功
retMap.put("retCode", 0);
transactionManager.commit(status);
} catch (CertificateException e) {
if (!status.isCompleted())
transactionManager.rollback(status);
retMap.put("retMsg", e.getMessage());
return retMap;
} catch (UserInfoServiceException e) {
if (!status.isCompleted())
transactionManager.rollback(status);
retMap.put("retMsg", e.getMessage());
return retMap;
} catch (SigningServerException e) {
if (!status.isCompleted())
transactionManager.rollback(status);
retMap.put("retMsg", e.getMessage());
return retMap;
} catch (Exception e) {
if (!status.isCompleted())
transactionManager.rollback(status);
retMap.put("retMsg", "服务端出现未知异常,请联系管理员");
String info = mPhone + "绑定证书失败,原因:" + e.getMessage();
LogUtil.syslog(sqlSession, "绑定证书", info);
return retMap;
} finally {
if (!status.isCompleted())
transactionManager.rollback(status);
}
return retMap;
}
Also used :
DefaultTransactionDefinition(org.springframework.transaction.support.DefaultTransactionDefinition)
HashMap(java.util.HashMap)
TransactionStatus(org.springframework.transaction.TransactionStatus)
UserInfo(com.itrus.portal.db.UserInfo)
CertificateException(java.security.cert.CertificateException)
UserInfoServiceException(com.itrus.portal.exception.UserInfoServiceException)
JsonGenerationException(org.codehaus.jackson.JsonGenerationException)
JsonMappingException(org.codehaus.jackson.map.JsonMappingException)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
SigningServerException(com.itrus.cryptorole.SigningServerException)
UserInfoServiceException(com.itrus.portal.exception.UserInfoServiceException)
SigningServerException(com.itrus.cryptorole.SigningServerException)
UserCert(com.itrus.portal.db.UserCert)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
ResponseBody(org.springframework.web.bind.annotation.ResponseBody)
Example 9 with SigningServerException
use of com.itrus.cryptorole.SigningServerException in project portal by ixinportal.
the class BindCertWebController method bindCert.
// 绑定用户和证书
@RequestMapping("/bindCert")
@ResponseBody
public Map<String, Object> bindCert(@RequestParam(value = "mPhone", required = true) String mPhone, @RequestParam(value = "code", required = true) String code, @RequestParam(value = "password", required = false) String password, @RequestParam(value = "projectId", required = true) Long projectId, @RequestParam(value = "certBase64", required = true) String certBase64, @RequestParam(value = "keySn", required = false) String keySn, HttpSession session) {
Map<String, Object> retMap = new HashMap<String, Object>();
// 0标识发送验证码失败,1标识成功
retMap.put("retCode", 0);
UserInfo webuserInfo = (UserInfo) session.getAttribute("webuserInfo");
Enterprise webenterprise = (Enterprise) session.getAttribute("webenterprise");
if (null == webuserInfo || null == webenterprise) {
// 登录状态失效,跳转到注册页面
// 2标识登录已经失效,需跳转到登录页面
retMap.put("retCode", 2);
retMap.put("retMsg", "登录已经失效");
return retMap;
}
// 验证动态码,
if (!dynamicCodeService.verifyCode(mPhone, code)) {
// 验证码不通过
retMap.put("retMsg", "动态码验证失败");
return retMap;
}
DefaultTransactionDefinition def = new DefaultTransactionDefinition();
def.setPropagationBehavior(TransactionDefinition.PROPAGATION_REQUIRED);
TransactionStatus status = transactionManager.getTransaction(def);
try {
// 绑定用户和证书
UserInfo userInfo = userInfoService.getUserInfoByMphone(mPhone);
if (null == userInfo) {
if (StringUtils.isBlank(password)) {
retMap.put("retMsg", "请先设置登录口令");
return retMap;
}
// 先自动创建用户
userInfo = userInfoService.registerUserInfo(mPhone, password, projectId);
// 记录系统日志
String info = mPhone + "注册成功";
LogUtil.syslog(sqlSession, "注册用户", info);
}
// 添加企业-代理人关联关系
userInfoEnterpriseServiceImpl.saveUserInfoEnterprise(userInfo.getId(), webenterprise.getId());
// 获取证书
UserCert userCert = userCertService.getUserCert(certBase64);
// 判断是否已和证书绑定
if (userCertService.isBindCert(userInfo.getId(), certBase64)) {
retMap.put("retMsg", "该证书已绑定过用户");
return retMap;
}
// 绑定证书与用户关系
if (StringUtils.isNotBlank(keySn))
userCert.setKeySn(keySn);
userCert.setUserinfo(userInfo.getId());
userCert.setEnterprise(webenterprise.getId());
sqlSession.update("com.itrus.portal.db.UserCertMapper.updateByPrimaryKey", userCert);
retMap.put("retCode", 1);
transactionManager.commit(status);
return retMap;
} catch (CertificateException e) {
if (!status.isCompleted())
transactionManager.rollback(status);
retMap.put("retMsg", e.getMessage());
return retMap;
} catch (UserInfoServiceException e) {
if (!status.isCompleted())
transactionManager.rollback(status);
retMap.put("retMsg", e.getMessage());
return retMap;
} catch (SigningServerException e) {
if (!status.isCompleted())
transactionManager.rollback(status);
retMap.put("retMsg", e.getMessage());
return retMap;
} catch (Exception e) {
if (!status.isCompleted())
transactionManager.rollback(status);
retMap.put("retMsg", "服务端出现未知异常,请联系管理员");
String info = mPhone + "绑定证书失败,原因:" + e.getMessage();
LogUtil.syslog(sqlSession, "绑定证书", info);
return retMap;
} finally {
if (!status.isCompleted())
transactionManager.rollback(status);
}
}
Also used :
DefaultTransactionDefinition(org.springframework.transaction.support.DefaultTransactionDefinition)
HashMap(java.util.HashMap)
TransactionStatus(org.springframework.transaction.TransactionStatus)
UserInfo(com.itrus.portal.db.UserInfo)
CertificateException(java.security.cert.CertificateException)
UserInfoServiceException(com.itrus.portal.exception.UserInfoServiceException)
JsonGenerationException(org.codehaus.jackson.JsonGenerationException)
JsonMappingException(org.codehaus.jackson.map.JsonMappingException)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
SigningServerException(com.itrus.cryptorole.SigningServerException)
UserInfoServiceException(com.itrus.portal.exception.UserInfoServiceException)
Enterprise(com.itrus.portal.db.Enterprise)
SigningServerException(com.itrus.cryptorole.SigningServerException)
UserCert(com.itrus.portal.db.UserCert)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
ResponseBody(org.springframework.web.bind.annotation.ResponseBody)
Example 10 with SigningServerException
use of com.itrus.cryptorole.SigningServerException in project portal by ixinportal.
the class BindCertWebController method getProjectByCertBase64.
/**
* 获取产品信息
*
* @param certBase64
* @return
* @throws UserInfoServiceException
*/
public Product getProjectByCertBase64(String certBase64) throws UserInfoServiceException {
UserCert userCert;
try {
userCert = userCertService.getUserCert(certBase64);
} catch (CertificateException e) {
throw new UserInfoServiceException(e.getMessage());
} catch (SigningServerException e) {
throw new UserInfoServiceException(e.getMessage());
}
Product product = null;
// 证书序列号
String CertSerialNumber = userCert.getCertSn();
if (userCert.getBill() == null) {
String accountHash = getRaInfo.getRaInfoByCertSerialNumber(CertSerialNumber);
if (StringUtils.isBlank(accountHash))
throw new UserInfoServiceException("获取AccountHash失败,请联系管理员");
// Ra
RaAccount raAccount = raAccountService.getRaByAccountHash(accountHash);
if (null == raAccount)
throw new UserInfoServiceException("获取RA信息失败,请联系管理员");
// 产品
// product = productService.getProductByRa(raAccount.getId());
product = productService.getRenewProduct(raAccount.getId(), null, null, userCert.getCertDn());
} else {
// 证书关联了订单,根据订单获得projectId和productId
Bill bill = sqlSession.selectOne("com.itrus.portal.db.BillMapper.selectByPrimaryKey", userCert.getBill());
if (null == bill) {
throw new UserInfoServiceException("获取产品信息失败,请联系管理员");
}
product = sqlSession.selectOne("com.itrus.portal.db.ProductMapper.selectByPrimaryKey", bill.getProduct());
}
if (null == product)
throw new UserInfoServiceException("获取对应产品信息失败");
userCert.setProduct(product.getId());
sqlSession.update("com.itrus.portal.db.UserCertMapper.updateByPrimaryKey", userCert);
return product;
}
Also used :
RaAccount(com.itrus.portal.db.RaAccount)
Bill(com.itrus.portal.db.Bill)
SigningServerException(com.itrus.cryptorole.SigningServerException)
Product(com.itrus.portal.db.Product)
CertificateException(java.security.cert.CertificateException)
UserInfoServiceException(com.itrus.portal.exception.UserInfoServiceException)
UserCert(com.itrus.portal.db.UserCert)
Aggregations
SigningServerException (com.itrus.cryptorole.SigningServerException)15
CertificateException (java.security.cert.CertificateException)13
IOException (java.io.IOException)10
UserInfoServiceException (com.itrus.portal.exception.UserInfoServiceException)9
RequestMapping (org.springframework.web.bind.annotation.RequestMapping)9
UserCert (com.itrus.portal.db.UserCert)7
HashMap (java.util.HashMap)6
JsonGenerationException (org.codehaus.jackson.JsonGenerationException)6
JsonMappingException (org.codehaus.jackson.map.JsonMappingException)6
ResponseBody (org.springframework.web.bind.annotation.ResponseBody)6
UnsupportedEncodingException (java.io.UnsupportedEncodingException)5
Date (java.util.Date)5
UserInfo (com.itrus.portal.db.UserInfo)4
X509Certificate (com.itrus.cert.X509Certificate)3
Enterprise (com.itrus.portal.db.Enterprise)3
EvidenceCert (com.itrus.portal.db.EvidenceCert)3
ParseException (java.text.ParseException)3
TransactionStatus (org.springframework.transaction.TransactionStatus)3
DefaultTransactionDefinition (org.springframework.transaction.support.DefaultTransactionDefinition)3
Product (com.itrus.portal.db.Product)2
