use of com.itrus.cryptorole.SigningServerException in project portal by ixinportal.
the class BindCertWebController method sendCode.
/**
* 绑定证书时发送验证码
*
* @param mPhone
* @param project
* @param certBase64
* @return
*/
@RequestMapping("/sendCode")
@ResponseBody
public Map<String, Object> sendCode(@RequestParam(value = "mPhone", required = true) String mPhone, @RequestParam(value = "project", required = true) Long project, @RequestParam(value = "certBase64", required = true) String certBase64, HttpSession session) {
Map<String, Object> retMap = new HashMap<String, Object>();
// 0标识发送验证码失败,1标识成功
retMap.put("retCode", 0);
// 是否登录
UserInfo webuserInfo = (UserInfo) session.getAttribute("webuserInfo");
Enterprise webenterprise = (Enterprise) session.getAttribute("webenterprise");
if (null == webuserInfo || null == webenterprise) {
// 登录状态失效,跳转到注册页面
// 2标识登录已经失效,需跳转到登录页面
retMap.put("retCode", 2);
retMap.put("retMsg", "登录已经失效");
return retMap;
}
try {
// 判断该证书是否已经绑定有用户
UserInfo userInfo = userInfoService.getUserInfoByMphone(mPhone);
// 0表示没有用户,1表示有用户
retMap.put("hasUserInfo", 0);
if (null != userInfo) {
// 1表示有用户
retMap.put("hasUserInfo", 1);
// 判断是否和证书绑定
if (userCertService.isBindCert(userInfo.getId(), certBase64)) {
retMap.put("retMsg", "该证书已绑定过用户");
return retMap;
}
}
// 发送验证码
// ZSBD表示短信模版类型为‘绑定证书’。
dynamicCodeService.sendCode(mPhone, project, "ZSBD");
retMap.put("retCode", 1);
} catch (UserInfoServiceException e) {
retMap.put("retMsg", e.getMessage());
return retMap;
} catch (CertificateException e) {
retMap.put("retMsg", e.getMessage());
return retMap;
} catch (SigningServerException e) {
retMap.put("retMsg", e.getMessage());
return retMap;
}
return retMap;
}
use of com.itrus.cryptorole.SigningServerException in project portal by ixinportal.
the class RealNameAuthenticationController method update.
// 修改处理
@RequestMapping(method = RequestMethod.POST, produces = "text/html")
public String update(RealNameAuthentication realName, @RequestParam(value = "status", required = false) Integer status, Model uiModel) {
if (realName.getId() == null) {
realName.setType(status);
try {
realnameauthent.addRealName(realName);
} catch (ServiceNullException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
} else {
if (realName != null && realName.getCertificate() != null) {
if (!"realName.certificate".equals(realName.getCertificate())) {
String result = null;
try {
sun.misc.BASE64Decoder decoder = new sun.misc.BASE64Decoder();
byte[] bt = decoder.decodeBuffer(realName.getCertificate());
result = new String(bt, "utf-8");
result = result.replaceAll("-----BEGIN CERTIFICATE-----", "").replaceAll("-----END CERTIFICATE-----", "").replaceAll("\r", "").replaceAll("\n", "");
// System.out.println(result);
realName.setCertificate(result);
UserCert usercert = CertUtil.getCertFromBase64(result);
;
String certDn = usercert.getCertDn();
EvidenceCert evidenceCert = new EvidenceCert();
evidenceCert.setCertBase64(result);
evidenceCert.setCertSerialnumber(usercert.getCertSn());
evidenceCert.setCreateTime(new Date());
evidenceCert.setEndTime(usercert.getCertEndTime());
if (usercert.getCertBuf() != null) {
evidenceCert.setEvidenceBuf(usercert.getCertBuf().toString());
}
evidenceCert.setIssuerdn(usercert.getIssuerDn());
evidenceCert.setStartTime(usercert.getCertStartTime());
evidenceCert.setSubjectdn(usercert.getCertDn());
sqlSession.insert("com.itrus.portal.db.EvidenceCertMapper.insertSelective", evidenceCert);
if (evidenceCert.getId() != null) {
realName.setCertificateCn(evidenceCert.getId().toString());
}
} catch (CertificateException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (SigningServerException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (UnsupportedEncodingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
} else {
realName.setCertificate(null);
}
}
try {
realnameauthent.updateRealName(realName);
} catch (ServiceNullException e) {
e.printStackTrace();
} catch (Exception e) {
e.printStackTrace();
}
}
// 通知其他机器,加载缓存
EvidenceCertificationChargingHandler cch = new EvidenceCertificationChargingHandler();
cch.setType(2);
QueueThread.buildCertificationTask(cch);
cacheCustomer.initEvidence(2);
return "redirect:/realname";
}
use of com.itrus.cryptorole.SigningServerException in project portal by ixinportal.
the class UserInfoWebController method certLogin.
/**
* 证书登陆//登录成功后跳转至选择企业页面 szy 2016年8月18日 下午1:17:57
*
* @param certBase64
* 证书信息
* @param productId
* 产品id
* @param projectId
* 项目id
* @param session
* @return Map<String,Object> retCode -1 失败, 0成功,1 没有绑定证书,2不存在用户
*/
@RequestMapping("/certLogin")
@ResponseBody
public Map<String, Object> certLogin(@RequestParam(value = "pkcs7", required = true) String pkcs7, @RequestParam(value = "productId", required = false) Long productId, @RequestParam(value = "projectId", required = false) Long projectId, HttpSession session) {
Map<String, Object> retMap = new HashMap<String, Object>();
// 默认失败
retMap.put("retCode", -1);
try {
// 验证签名
String webrandom = (String) session.getAttribute("webrandom");
// 验证签名
X509Certificate cert = X509Certificate.getInstance(SVM.verifySignature("LOGONDATA:" + webrandom, pkcs7));
// 获得证书信息
UserCert userCert = userCertService.getUserCert(cert);
Long userid = userCert.getUserinfo();
// 没有绑定用户
if (userid == null) {
retMap.put("retCode", 1);
retMap.put("retMsg", "请先绑定证书");
return retMap;
}
if (null != userCert.getIsValid() && userCert.getIsValid().equals(0)) {
retMap.put("retMsg", "该证书已过期,请使用更新后的证书登录");
return retMap;
}
UserInfoExample example = new UserInfoExample();
UserInfoExample.Criteria criteria = example.or();
criteria.andIdEqualTo(userid);
UserInfo userInfo = sqlSession.selectOne("com.itrus.portal.db.UserInfoMapper.selectByExample", example);
if (userInfo == null) {
retMap.put("retCode", 2);
retMap.put("retMsg", "不存在该用户");
return retMap;
}
// 成功
retMap.put("retCode", 0);
// 设置session
// 验证码验证通过
session.setAttribute("webverifyCodeStatus", true);
session.setAttribute("webuserInfo", userInfo);
// 携带产品信息时,将webnoProduct设置为false
if (null != projectId && null != productId) {
session.setAttribute("webproductId", productId);
session.setAttribute("webprojectId", projectId);
session.setAttribute("webnoProduct", false);
} else {
session.setAttribute("webnoProduct", true);
}
// 记录日志
UserLog userlog = new UserLog();
userlog.setProject(userInfo.getProject());
userlog.setType("证书登录");
userlog.setInfo("证书登录成功");
userlog.setHostId("未知");
userlog.setSn(null == userInfo.getUniqueId() ? null : userInfo.getUniqueId());
LogUtil.userlog(sqlSession, userlog);
} catch (CertificateException e) {
retMap.put("retMsg", e.getMessage());
return retMap;
} catch (SigningServerException e) {
retMap.put("retMsg", e.getMessage());
return retMap;
} catch (Exception e) {
retMap.put("retMsg", "服务端出现未知异常,请联系管理员");
String info = "证书登录失败,原因:" + e.getMessage();
LogUtil.syslog(sqlSession, "证书登录", info);
return retMap;
}
return retMap;
}
use of com.itrus.cryptorole.SigningServerException in project portal by ixinportal.
the class TrustService method verifyCertificate.
/**
* 验证证书状态
*
* @param cert
* @return 验证有效,返回true,否则抛出异常
* @throws SigningServerException
*/
public boolean verifyCertificate(X509Certificate cert) throws SigningServerException {
boolean result = false;
// if (!cert.isOnValidPeriod())// 验证是否过期
if (// 不验证证书开始时间,即不验证证书是否已经生效
!cert.getNotAfter().after(new Date()))
throw new SigningServerException("证书已过期");
int ret = CVM.verifyCertificate(cert);
if (ret == CVM.VALID) {
result = true;
} else {
throw new SigningServerException(verifyCertMsg(ret));
}
return result;
}
use of com.itrus.cryptorole.SigningServerException in project portal by ixinportal.
the class TrustService method verifyCert.
// 验证签名及证书有效性
public X509Certificate verifyCert(String toSign, String signedData) throws CertException {
if (StringUtils.isBlank(toSign) || StringUtils.isBlank(signedData))
throw new CertException("原文或者签名值为空");
X509Certificate cert;
try {
cert = X509Certificate.getInstance(SVM.verifySignature(toSign, signedData));
// 验证证书有效性失败,则直接抛出异常
verifyCertificate(cert);
} catch (SigningServerException e) {
throw new CertException(e.getMessage(), e);
} catch (Exception e) {
logger.error("TrustService", e);
throw new CertException("签名验证失败", e);
}
return cert;
}
Aggregations