Example 1 with RaAccount
use of com.itrus.portal.db.RaAccount in project portal by ixinportal.
the class DownLoadCertWebController method downloadPfxCert.
/**
* 用户下载pfx证书的接口
* @param id,订单id
* @param session
* @param request
* @param response
* @return
*/
@RequestMapping("/pfx/{id}")
public String downloadPfxCert(@PathVariable(value = "id") Long id, HttpSession session, HttpServletRequest request, HttpServletResponse response) {
UserInfo webuserInfo = (UserInfo) session.getAttribute("webuserInfo");
Enterprise webenterprise = (Enterprise) session.getAttribute("webenterprise");
if (null == webuserInfo || null == webenterprise) {
return null;
}
Integer uidIdx = 1;
Bill bill = billService.getBill(id);
if (null == bill) {
return null;
}
boolean billFlag = webuserInfo.getId().equals(bill.getUniqueId()) && webenterprise.getId().equals(bill.getEnterprise());
if (!billFlag) {
return null;
}
// 用户已经下载过了,再次下载
boolean downLoadFlag = bill.getBillStatus().equals(ComNames.BILL_STATUS_6) || bill.getBillStatus().equals(ComNames.BILL_STATUS_7) || bill.getBillStatus().equals(ComNames.BILL_STATUS_8);
if (downLoadFlag) {
// 根据订单号,找到订单对应的证书信息
CertBuf certBuf = sqlSession.selectOne("com.itrus.portal.db.CertBufMapper.selectPfxCertByBillId", bill.getId());
Date date = new Date();
// 获取证书第一次下载时间和当前时间比较,如果超过了十五天,则不允许下载
int day = DateUtils.daysOfTwo(date, certBuf.getCreateTime());
if (day > 16) {
return null;
}
// 从数据库中取出数据,返回给客户端.
// 重置response对象中的缓冲区,该方法可以不写,但是你要保证response缓冲区没有其他数据,否则导出可能会出现问题,建议加上
response.reset();
String filename = webenterprise.getEnterpriseName() + "功能证书.pfx";
filename = encodeFilename(filename, request);
response.setHeader("Content-disposition", "attachment;filename=" + filename);
response.setCharacterEncoding("utf-8");
// 由于导出格式是pfx的文件,设置导出文件的响应头部信息
response.setContentType("application/x-pkcs12");
OutputStream os = null;
try {
os = response.getOutputStream();
// 清理刷新缓冲区,将缓存中的数据将数据导出excel
byte[] byteCert = Base64.decode(certBuf.getPfxCert());
os.write(byteCert);
os.flush();
// 关闭os
if (os != null) {
os.close();
}
certBuf.setLastDownloadTime(new Date());
certBuf.setCertDownloadNumber(certBuf.getCertDownloadNumber() + 1);
downLoadCertService.updatePfxCert(certBuf);
// 记录日志
UserLog userlog = new UserLog();
userlog.setProject(webuserInfo.getProject());
userlog.setType("用户下载证书pfx");
userlog.setInfo(webenterprise.getEnterpriseName() + "下载证书成功");
userlog.setHostId("未知");
userlog.setSn(null == webuserInfo.getUniqueId() ? null : webuserInfo.getUniqueId());
LogUtil.userlog(sqlSession, userlog);
return null;
} catch (IOException e) {
UserLog userlog = new UserLog();
userlog.setProject(bill.getProject());
userlog.setType("用户下载证书pfx");
userlog.setInfo(webenterprise.getEnterpriseName() + "失败,错误信息:" + e.getMessage());
userlog.setHostId("未知");
userlog.setSn(null == webuserInfo.getUniqueId() ? null : webuserInfo.getUniqueId());
LogUtil.userlog(sqlSession, userlog);
}
} else {
// 用户未下载过,第一次下载
if (bill.getBillStatus().equals(ComNames.BILL_STATUS_13)) {
// 查询项目产品
Product product = productService.getProduct(bill.getProduct());
// 企业
Enterprise enterprise = enterpriseService.getEnterpriseById(bill.getEnterprise());
// 获取产品、RA配置
RaAccount ra = raAccountService.getRaAccount(product.getRa());
// 证书配置
DigitalCert digitalcert = digitalCertService.getDigitalCert(product.getCert());
// 下载证书
String autoidType = "";
Integer autoidValue = 0;
String pfxCert = "";
// 用户ID,用来最终匹配公钥证书和密钥对
String userid = bill.getBillId() + (Math.random() * 1000 + 9000);
// TODO 20170410pfx私钥证书保护密码:需要根据产品配置的密码或获取
String certPass = product.getPassword();
// 产生CSR证书请求
String certReqBuf = "";
// 算法
String algorithm = digitalCertService.getAlgorithm(digitalcert);
// 下载证书
CertInfo racertinfo = null;
try {
certReqBuf = GenUtil.GenP10(userid, "", algorithm);
racertinfo = downLoadCertService.downLoadCert(product, ra, bill, digitalcert, uidIdx, certReqBuf, autoidType, autoidValue);
// pfxCert = GenUtil.GenPFX(userid, certPass,
// racertinfo.getCertSignBuf(), false);
// pfxCert = GenUtil2.GenPFX(userid, certPass, racertinfo.getCertSignBuf(), pfxCert, false, enterprise.getEnterpriseName());
pfxCert = GenUtil.GenPFX(userid, certPass, racertinfo.getCertSignBuf(), false, enterprise.getEnterpriseName());
// 保存证书
downLoadCertService.savePfxCertInfo(racertinfo, bill, ra.getId(), uidIdx, "", autoidType, autoidValue, pfxCert);
// 从数据库中取出数据,返回给客户端.
// 重置response对象中的缓冲区,该方法可以不写,但是你要保证response缓冲区没有其他数据,否则导出可能会出现问题,建议加上
response.reset();
String filename = webenterprise.getEnterpriseName() + "通讯证书.pfx";
filename = encodeFilename(filename, request);
response.setHeader("Content-disposition", "attachment;filename=" + filename);
response.setCharacterEncoding("utf-8");
// 由于导出格式是pfx的文件,设置导出文件的响应头部信息
response.setContentType("application/x-pkcs12");
OutputStream os = null;
os = response.getOutputStream();
// 清理刷新缓冲区,将缓存中的数据将数据导出excel
byte[] byteCert = Base64.decode(pfxCert);
os.write(byteCert);
os.flush();
// 关闭os
if (os != null) {
os.close();
}
// 记录日志
UserLog userlog = new UserLog();
userlog.setProject(bill.getProject());
userlog.setType("用户下载证书pfx");
userlog.setInfo(webenterprise.getEnterpriseName() + "下载证书成功,企业名称:" + webenterprise.getEnterpriseName());
userlog.setHostId("未知");
userlog.setSn(null == webuserInfo.getUniqueId() ? null : webuserInfo.getUniqueId());
LogUtil.userlog(sqlSession, userlog);
return null;
} catch (Exception e) {
// 记录日志
UserLog userlog = new UserLog();
userlog.setProject(bill.getProject());
userlog.setType("用户下载证书pfx");
userlog.setInfo(webenterprise.getEnterpriseName() + "失败,错误信息:" + e.getMessage());
userlog.setHostId("未知");
userlog.setSn(null == webuserInfo.getUniqueId() ? null : webuserInfo.getUniqueId());
LogUtil.userlog(sqlSession, userlog);
}
}
}
return null;
}
Also used :
CertInfo(cn.topca.tca.ra.service.CertInfo)
OutputStream(java.io.OutputStream)
Product(com.itrus.portal.db.Product)
UserInfo(com.itrus.portal.db.UserInfo)
UserLog(com.itrus.portal.db.UserLog)
IOException(java.io.IOException)
Date(java.util.Date)
GenP10Exception(com.itrus.Exception.GenP10Exception)
IOException(java.io.IOException)
DigitalCert(com.itrus.portal.db.DigitalCert)
RaAccount(com.itrus.portal.db.RaAccount)
Enterprise(com.itrus.portal.db.Enterprise)
Bill(com.itrus.portal.db.Bill)
CertBuf(com.itrus.portal.db.CertBuf)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Example 2 with RaAccount
use of com.itrus.portal.db.RaAccount in project portal by ixinportal.
the class MakeCertController method downloadPfxCert.
/**
* 后台管理员下载pfx证书的接口
*
* @param id,订单id
* @param request
* @param response
* @return
*/
@RequestMapping("/pfx/{id}")
public String downloadPfxCert(@PathVariable(value = "id") Long id, HttpServletRequest request, HttpServletResponse response) {
Bill bill = billService.getBill(id);
if (null == bill) {
return null;
}
Integer uidIdx = 1;
UserInfo webuserInfo = userInfoService.getUserInfoByBillId(id);
Enterprise webenterprise = enterpriseService.getEnterpriseByBillId(id);
boolean billFlag = webuserInfo.getId().equals(bill.getUniqueId()) && webenterprise.getId().equals(bill.getEnterprise());
if (!billFlag) {
return null;
}
// 用户已经下载过了,再次下载
boolean downLoadFlag = bill.getBillStatus().equals(ComNames.BILL_STATUS_6) || bill.getBillStatus().equals(ComNames.BILL_STATUS_7) || bill.getBillStatus().equals(ComNames.BILL_STATUS_8);
if (downLoadFlag) {
// 根据订单号,找到订单对应的证书信息
CertBuf certBuf = sqlSession.selectOne("com.itrus.portal.db.CertBufMapper.selectPfxCertByBillId", bill.getId());
Date date = new Date();
// 获取证书第一次下载时间和当前时间比较,如果超过了十五天,则不允许下载
int day = DateUtils.daysOfTwo(date, certBuf.getCreateTime());
if (day > 16) {
return null;
}
// 从数据库中取出数据,返回给客户端.
// 重置response对象中的缓冲区,该方法可以不写,但是你要保证response缓冲区没有其他数据,否则导出可能会出现问题,建议加上
response.reset();
String filename = webenterprise.getEnterpriseName() + "功能证书.pfx";
filename = encodeFilename(filename, request);
response.setHeader("Content-disposition", "attachment;filename=" + filename);
response.setCharacterEncoding("utf-8");
// 由于导出格式是pfx的文件,设置导出文件的响应头部信息
response.setContentType("application/x-pkcs12");
OutputStream os = null;
try {
os = response.getOutputStream();
// 清理刷新缓冲区,将缓存中的数据将数据导出excel
byte[] byteCert = Base64.decode(certBuf.getPfxCert());
os.write(byteCert);
os.flush();
// 关闭os
if (os != null) {
os.close();
}
certBuf.setLastDownloadTime(new Date());
certBuf.setCertDownloadNumber(certBuf.getCertDownloadNumber() + 1);
downLoadCertService.updatePfxCert(certBuf);
// 记录日志
LogUtil.adminlog(sqlSession, "下载pfx证书", "企业名称:" + webenterprise.getEnterpriseName());
return null;
} catch (IOException e) {
// TODO Auto-generated catch block
LogUtil.adminlog(sqlSession, "下载pfx证书", "下载失败,错误信息:" + e.getMessage());
}
} else {
// 用户未下载过,第一次下载
if (bill.getBillStatus().equals(ComNames.BILL_STATUS_13)) {
// 查询项目产品
Product product = productService.getProduct(bill.getProduct());
// 企业
Enterprise enterprise = enterpriseService.getEnterpriseById(bill.getEnterprise());
// 获取产品、RA配置
RaAccount ra = raAccountService.getRaAccount(product.getRa());
// 证书配置
DigitalCert digitalcert = digitalCertService.getDigitalCert(product.getCert());
// 下载证书
String autoidType = "";
Integer autoidValue = 0;
String pfxCert = "";
// 用户ID,用来最终匹配公钥证书和密钥对,一个用户id,只能使用一次,所以考虑使用订单号来作为用户id,避免一个用户只能下载一个证书.
String userid = bill.getBillId() + (Math.random() * 1000 + 9000);
// TODO
String certPass = product.getPassword();
// 20170410pfx私钥证书保护密码:需要根据产品配置的密码或获取
// 产生CSR证书请求
String certReqBuf = "";
// 算法
String algorithm = digitalCertService.getAlgorithm(digitalcert);
// 下载证书
CertInfo racertinfo = null;
try {
certReqBuf = GenUtil.GenP10(userid, "", algorithm);
racertinfo = downLoadCertService.downLoadCert(product, ra, bill, digitalcert, uidIdx, certReqBuf, autoidType, autoidValue);
pfxCert = GenUtil.GenPFX(userid, certPass, racertinfo.getCertSignBuf(), false, enterprise.getEnterpriseName());
// 保存证书
downLoadCertService.savePfxCertInfo(racertinfo, bill, ra.getId(), uidIdx, "", autoidType, autoidValue, pfxCert);
// 从数据库中取出数据,返回给客户端.
// 重置response对象中的缓冲区,该方法可以不写,但是你要保证response缓冲区没有其他数据,否则导出可能会出现问题,建议加上
response.reset();
String filename = webenterprise.getEnterpriseName() + "通讯证书.pfx";
filename = encodeFilename(filename, request);
response.setHeader("Content-disposition", "attachment;filename=" + filename);
response.setCharacterEncoding("utf-8");
// 由于导出格式是pfx的文件,设置导出文件的响应头部信息
response.setContentType("application/x-pkcs12");
OutputStream os = null;
os = response.getOutputStream();
// 清理刷新缓冲区,将缓存中的数据将数据导出excel
byte[] byteCert = Base64.decode(pfxCert);
os.write(byteCert);
os.flush();
// 关闭os
if (os != null) {
os.close();
}
// 记录日志
LogUtil.adminlog(sqlSession, "下载pfx证书", "下载成功,企业名称:" + webenterprise.getEnterpriseName());
return null;
} catch (Exception e) {
// TODO: handle exception
LogUtil.adminlog(sqlSession, "下载pfx证书", "下载失败,错误信息:" + e.getMessage());
}
}
}
return null;
}
Also used :
CertInfo(cn.topca.tca.ra.service.CertInfo)
OutputStream(java.io.OutputStream)
Product(com.itrus.portal.db.Product)
UserInfo(com.itrus.portal.db.UserInfo)
IOException(java.io.IOException)
Date(java.util.Date)
EncDecException(com.itrus.portal.exception.EncDecException)
IOException(java.io.IOException)
RaServiceUnavailable_Exception(cn.topca.tca.ra.service.RaServiceUnavailable_Exception)
BigInteger(java.math.BigInteger)
DigitalCert(com.itrus.portal.db.DigitalCert)
RaAccount(com.itrus.portal.db.RaAccount)
Bill(com.itrus.portal.db.Bill)
Enterprise(com.itrus.portal.db.Enterprise)
CertBuf(com.itrus.portal.db.CertBuf)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Example 3 with RaAccount
use of com.itrus.portal.db.RaAccount in project portal by ixinportal.
the class RenewUserServiceImpl method applyCert.
/**
* 申请指定产品下的证书
*
* @param product
* @return
* @throws Exception
* @throws EncDecException
*/
public CertInfo applyCert(String csr, Product product, String oldCertDn, Integer certValidity) throws EncDecException, Exception {
// 解析项目产品中,certinfo配置信息
JSONArray certinfo = JSONArray.parseArray(product.getCertinfo());
// 解析订单中uid信息{"ADDTIONAL_FIELD1_1":"","ADDTIONAL_FIELD3_1":"","ADDTIONAL_FIELD4_1":"G2016071301","inputName":"inputValue"}
// JSONObject uid = JSONObject.parseObject(bill.getUid());
// 获取产品、RA配置
RaAccount ra = sqlSession.selectOne("com.itrus.portal.db.RaAccountMapper.selectByPrimaryKey", product.getRa());
com.itrus.portal.utils.CertUtlis certutil = new com.itrus.portal.utils.CertUtlis();
// 证书配置
DigitalCert digitalcert = sqlSession.selectOne("com.itrus.portal.db.DigitalCertMapper.selectByPrimaryKey", product.getCert());
// 组织RA参数
cn.topca.tca.ra.service.UserInfo rauserinfo = new cn.topca.tca.ra.service.UserInfo();
UIDInfoUtils uidutils = new UIDInfoUtils();
uidutils.initService(businessService, orgCodeService, taxCertService, identityCardService, userInfoService, enterpriseService);
logger.error("********************************************certValidity=" + certValidity);
// 设置userInfo信息
for (int i = 0; i < certinfo.size(); i++) {
JSONObject obj = certinfo.getJSONObject(i);
String raParaName = obj.getString("raParaName");
if (raParaName == null)
continue;
String certName = obj.getString("certName");
String constValue = obj.getString("constValue");
String val = null;
if (constValue != null) {
val = constValue;
} else if (certName != null) {
val = uidutils.getCertSubjectInfo(certName, obj.getString("certNamePrefix"), oldCertDn);
}
certutil.setUserInfoVal(rauserinfo, raParaName, val);
}
logger.error("--------------------------------------certValidity=" + certValidity);
if (null == certValidity) {
certValidity = 5;
if ("0".compareTo(digitalcert.getCertDeadline()) == 0) {
certValidity = 365 * 1 + 1;
} else if ("1".compareTo(digitalcert.getCertDeadline()) == 0) {
certValidity = 365 * 2 + 1;
} else if ("2".compareTo(digitalcert.getCertDeadline()) == 0) {
certValidity = 365 * 3 + 1;
} else if ("3".compareTo(digitalcert.getCertDeadline()) == 0) {
certValidity = 365 * 5 + 2;
} else if ("4".compareTo(digitalcert.getCertDeadline()) == 0) {
certValidity = 365 * 10 + 2;
}
}
// 调用RA
CertInfo racertinfo = null;
if (ra.getAaPassword() != null)
ra.setAaPassword(AESencrp.decrypt(ra.getAaPassword(), dbEncKey));
racertinfo = certutil.enrollCertByWS(csr, ra, rauserinfo, certValidity);
return racertinfo;
}
Also used :
CertInfo(cn.topca.tca.ra.service.CertInfo)
JSONArray(com.alibaba.fastjson.JSONArray)
UIDInfoUtils(com.itrus.portal.utils.UIDInfoUtils)
DigitalCert(com.itrus.portal.db.DigitalCert)
JSONObject(com.alibaba.fastjson.JSONObject)
RaAccount(com.itrus.portal.db.RaAccount)
Example 4 with RaAccount
use of com.itrus.portal.db.RaAccount in project portal by ixinportal.
the class MobileCertificateService method revokeCert.
public MobileCertificate revokeCert(Long mobileCerId) throws MalformedURLException, RaServiceUnavailable_Exception, RaServiceUnavailable {
Integer statu = 1;
MobileCertificate certificate = sqlSession.selectOne("com.itrus.portal.db.MobileCertificateMapper.selectByPrimaryKey", mobileCerId);
Long applyConfigId = certificate.getApplyConfigId();
MobileApplyConfigManage applyConfigManage = sqlSession.selectOne("com.itrus.portal.db.MobileApplyConfigManageMapper.selectByPrimaryKey", applyConfigId);
RaAccount account = sqlSession.selectOne("com.itrus.portal.db.RaAccountMapper.selectByPrimaryKey", applyConfigManage.getRaaccountId());
if (certificate.getLoseefficacyTime().before(new Date()) || statu == certificate.getCertificateStatus()) {
// 不需要吊销
} else if (ComNames.RA_PROTOCOL_API.equals(account.getRaProtocol())) {
revokeCertByApi(account, certificate);
} else if (ComNames.RA_PROTOCOL_WS.equals(account.getRaProtocol())) {
revokeCertByWs(account, certificate);
}
certificate.setCertificateStatus(1);
sqlSession.update("com.itrus.portal.db.MobileCertificateMapper.updateByPrimaryKeySelective", certificate);
return certificate;
}
Also used :
MobileCertificate(com.itrus.portal.db.MobileCertificate)
RaAccount(com.itrus.portal.db.RaAccount)
Date(java.util.Date)
MobileApplyConfigManage(com.itrus.portal.db.MobileApplyConfigManage)
Example 5 with RaAccount
use of com.itrus.portal.db.RaAccount in project portal by ixinportal.
the class MobileApplyConfigController method updateForm.
// 返回修改页面
@RequestMapping(value = "/{id}", params = "form", produces = "text/html")
public String updateForm(@PathVariable("id") Long id, Model uiModel) {
Map<String, Object> param = new HashMap<String, Object>();
param.put("id", id);
List<Map<String, Object>> applyConfigManages = mobileApplyConfigService.selectMobileApplyConfigManageListByMap(param);
uiModel.addAttribute("applyConfigManage", applyConfigManages.get(0));
// 得到所有应用
List<ApplicationInfo> applicationInfos = applicationInfoService.selectByExample(new ApplicationInfoExample());
uiModel.addAttribute("applicationInfos", applicationInfos);
// 得到所有RA 服务信息
List<RaAccount> accounts = raAccountService.getRaAccounts();
uiModel.addAttribute("accounts", accounts);
return "applyconfig/update";
}
Also used :
ApplicationInfoExample(com.itrus.portal.db.ApplicationInfoExample)
HashMap(java.util.HashMap)
RaAccount(com.itrus.portal.db.RaAccount)
ApplicationInfo(com.itrus.portal.db.ApplicationInfo)
HashMap(java.util.HashMap)
Map(java.util.Map)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Aggregations
RaAccount (com.itrus.portal.db.RaAccount)19
RequestMapping (org.springframework.web.bind.annotation.RequestMapping)12
CertInfo (cn.topca.tca.ra.service.CertInfo)8
JSONObject (com.alibaba.fastjson.JSONObject)6
Bill (com.itrus.portal.db.Bill)6
DigitalCert (com.itrus.portal.db.DigitalCert)6
Product (com.itrus.portal.db.Product)6
IOException (java.io.IOException)5
Date (java.util.Date)5
HashMap (java.util.HashMap)5
ApplicationInfo (com.itrus.portal.db.ApplicationInfo)4
CertBuf (com.itrus.portal.db.CertBuf)4
Enterprise (com.itrus.portal.db.Enterprise)4
UserCert (com.itrus.portal.db.UserCert)4
UserInfo (com.itrus.portal.db.UserInfo)4
ApplicationInfoExample (com.itrus.portal.db.ApplicationInfoExample)3
MobileApplyConfigManage (com.itrus.portal.db.MobileApplyConfigManage)3
CertUtlis (com.itrus.portal.utils.CertUtlis)3
ResponseBody (org.springframework.web.bind.annotation.ResponseBody)3
RaServiceUnavailable_Exception (cn.topca.tca.ra.service.RaServiceUnavailable_Exception)2
