Example 6 with UserInfo
use of cn.topca.tca.ra.service.UserInfo in project portal by ixinportal.
the class MobileCertRenewService method execute.
/**
* service:certApply 申请证书移动端需要传过来的参数
* 1.设备信息 device
* equipmentCategory String 设备型号
* appId Long 应用的名称
* operatingSystem String 操作系统
* userId Long 和用户关联的字段
* createTime date 创建时间
* updateTime date 修改时间
* deviceSerialNumber string 设备序列号 唯一标识
* 2.用户信息 即 注册信息 user
* name String 用户姓名
* phone String 手机号
* idNumber String 身份证号
* appId Long 和应用关联的字段
* email String 电子邮件
* registrationTime date 注册时间
* createTime date 创建时间
* updateTime date 修改时间
* userCode String 用户编码
*
* 最后保存 用户信息 设备信息 证书信息 // TODO: 2017/12/8
* @param content
* @return
*/
@Override
public Map<String, Object> execute(String content) {
Map<String, Object> result = new HashMap<String, Object>(5);
// webSocket日志记录
// MobileWebSocketLogService webSocketLogService=new MobileWebSocketLogService();
// webSocketLogService.execute(content);
result.put(" status", 0);
try {
JSONObject param = JSON.parseObject(content);
// 通过appId获取 应用配置 // TODO: 2017/12/8
String appId = param.getString("appId");
String Alias = param.getString("alias");
// String p=param.getString("p2");
// System.out.println(p);
System.out.println(Alias);
MobileApplyConfigManage mobileApplyConfig = mobileApplyConfigService.selectByappId(appId);
ApplicationInfo applicationInfo = applicationInfoService.getApplicationInfo(appId);
// 获取旧证书
String deviceSerialNumber = param.get("oldCertSn").toString();
System.out.println(deviceSerialNumber);
MobileCertificateExample certificateExample = new MobileCertificateExample();
MobileCertificateExample.Criteria criteria = certificateExample.createCriteria();
criteria.andSequenceNumberEqualTo(deviceSerialNumber);
MobileCertificate certificateOld = certificateService.selectByExample(certificateExample);
// 获取有效期
int valDay = certificateOld == null ? 0 : getCertValidityDays(certificateOld.getLoseefficacyTime());
if (valDay > 0) {
MobileUserExample muExample = new MobileUserExample();
MobileUserExample.Criteria criteria1 = muExample.createCriteria();
MobileUser mobileUser = null;
MobileEquipment equipment = null;
if (param.getString("userId") != null) {
criteria1.andUserIdEqualTo(param.getString("userId"));
mobileUser = sqlSession.selectOne("com.itrus.portal.db.MobileUserMapper.selectByExample", muExample);
equipment = mobileEquipmentService.selectByUser(mobileUser.getId());
}
CertUtlis certutil = new CertUtlis();
// 根据证书信息项设置 rauserinfo对象 // TODO: 2017/12/8
UserInfo rauserinfo = new UserInfo();
rauserinfo.setUserName(mobileUser.getName());
rauserinfo.setUserEmail(mobileUser.getEmail());
rauserinfo.setUserAdditionalField1(applicationInfo.getName());
rauserinfo.setUserAdditionalField4(mobileUser.getUid());
// JSONObject jsondevice = param.getJSONObject("device");
// JSONObject jsonuser = param.getJSONObject("user");
/* MobileUser mobileUser=new MobileUser();
mobileUser.setName(jsonuser.getString("name"));
mobileUser.setPhone(jsonuser.getString("phone"));
mobileUser.setIdNumber(jsonuser.getString("idNumber"));
mobileUser.setAppId(applicationInfo.getId());
mobileUser.setUid(jsonuser.getString("userCode"));
mobileUser.setCreateTime(new Date());
mobileUser.setEmail(jsonuser.getString("email"));
mobileUser.setRegistrationTime(new Date());
sqlSession.insert("com.itrus.portal.db.MobileUserMapper.insertSelective",mobileUser);
String user_id=UniqueIDUtils.genMobileUserUID(mobileUser);*/
System.out.println("user_id :" + mobileUser.getUserId());
// mobileUser.setUserId(user_id);
// mobileUser.setUid(mobileUser.getId().toString());
// mobileLogmanagementLogService.update(mobileUser);
/* MobileEquipment equipment=new MobileEquipment();
equipment.setAppId(param.getString("appId"));
equipment.setCreateTime(new Date());
equipment.setDeviceSerialNumber(jsondevice.getString("deviceSerialNumber"));
equipment.setEquipmentType(jsondevice.getString("equipmentCategory"));
equipment.setUpdateTime(jsondevice.getDate("updateTime"));
equipment.setUserId(mobileUser.getId());
equipment.setOperatingSystem(jsondevice.getString("operatingSystem"));
mobileEquipmentService.insert(equipment);*/
// 根据证书信息项设置 证书有效期 // TODO: 2017/12/8
Integer certValidity = 7;
if (mobileApplyConfig.getCertificatedeadline() == null || "0".equals(mobileApplyConfig.getCertificatedeadline())) {
certValidity = 0;
} else if (1 == mobileApplyConfig.getCertificatedeadline()) {
certValidity = 365 * 1 + 1;
} else if (2 == mobileApplyConfig.getCertificatedeadline()) {
certValidity = 365 * 2 + 1;
} else if (3 == mobileApplyConfig.getCertificatedeadline()) {
certValidity = 365 * 3 + 1;
} else if (4 == mobileApplyConfig.getCertificatedeadline()) {
certValidity = 365 * 5 + 2;
} else if (5 == mobileApplyConfig.getCertificatedeadline()) {
certValidity = 365 * 10 + 2;
}
RaAccount ra = raAccountService.getRaAccount(mobileApplyConfig.getRaaccountId());
// ra.setAccountHash(accountHash);
if (ra.getAaPassword() != null) {
ra.setAaPassword(AESencrp.decrypt(ra.getAaPassword(), dbEncKey));
}
CertInfo racertinfo = certutil.enrollCertByWS(param.getString("csr"), ra, rauserinfo, valDay + certValidity);
Map<String, Object> data = new HashMap<String, Object>(8);
data.put("certSignBuf", racertinfo.getCertSignBuf());
data.put("certChain", racertinfo.getCertSignBufP7());
data.put("certDn", racertinfo.getCertSubjectDn());
data.put("certSn", racertinfo.getCertSerialNumber());
data.put("issuerDn", racertinfo.getCertIssuerDn());
SimpleDateFormat sdf = new SimpleDateFormat("yyyyMMddhhmmss");
data.put("startTime", sdf.parse(racertinfo.getCertNotBefore()));
data.put("endTime", sdf.parse(racertinfo.getCertNotAfter()));
data.put("certKmcRep1", racertinfo.getCertKmcRep1());
data.put("certKmcRep2", racertinfo.getCertKmcRep2());
result.put("data", data);
result.put("status", 1);
result.put("message", "制作证书成功");
MobileCertificate certificate = new MobileCertificate();
certificate.setAppId(appId);
certificate.setApplyConfigId(mobileApplyConfig.getId());
certificate.setUserId(mobileUser.getId());
certificate.setCertificateStatus(0);
certificate.setCreateTime(new Date());
// certificate.setEquipmentId(equipment.getId());
certificate.setEquipmentNumber(equipment.getDeviceSerialNumber());
certificate.setIssueTime((Date) data.get("startTime"));
certificate.setLoseefficacyTime((Date) data.get("endTime"));
certificate.setCertificateCn(EvidenceSaveServiceApi.getCertCn(data.get("certDn").toString()));
certificate.setLockStatus(0);
certificate.setSequenceNumber(data.get("certSn").toString());
certificate.setSubject(data.get("certDn").toString());
certificate.setCertSignBuf(data.get("certSignBuf").toString());
System.out.println(Alias);
certificate.setAlias(Alias);
// System.out.println("certSignBuf: " + data.get("certSignBuf").toString());
System.out.println("certSignBuf: " + data.get("certSignBuf").toString());
certificateService.insert(certificate);
// 更新设备信息
if (null != equipment) {
equipment.setCertificate(certificate.getId());
mobileEquipmentService.update(equipment);
}
// 业务记录日志
// System.out.println("certSignBuf: " + data.get("certSignBuf").toString());
MobileLogmanagementLog log = new MobileLogmanagementLog();
ApplicationInfo info = applicationInfoService.getApplicationInfo(appId);
result.put("infoName", info.getName());
result.put("userId", mobileUser.getUserId());
log.setAppName(info.getName());
log.setContenu("更新成功");
log.setCreateTime(new Date());
log.setServiceType("更新");
log.setUserName(mobileUser.getUserId());
mobileLogmanagementLogService.insertMobileLogmanagementLog(log);
} else {
result.put("message", "有效期小于1天");
}
} catch (Exception e) {
e.printStackTrace();
result.put("message", e.toString());
MobileLogmanagementLog log = new MobileLogmanagementLog();
// ApplicationInfo info=applicationInfoService.getApplicationInfo(appId);
log.setAppName(result.get("infoName").toString());
log.setContenu("更新失败");
log.setCreateTime(new Date());
log.setServiceType("更新");
log.setUserName(result.get("userId").toString());
mobileLogmanagementLogService.insertMobileLogmanagementLog(log);
// String oper = "RA调用失败";
// String info = "错误原因:" + e.toString();
// com.itrus.portal.evidence.utils.LogUtil.evidencelog(sqlSession, oper, info);
}
return result;
}
Also used :
CertInfo(cn.topca.tca.ra.service.CertInfo)
HashMap(java.util.HashMap)
UserInfo(cn.topca.tca.ra.service.UserInfo)
Date(java.util.Date)
ParseException(java.text.ParseException)
TerminalServiceException(com.itrus.portal.exception.TerminalServiceException)
RaServiceUnavailable_Exception(cn.topca.tca.ra.service.RaServiceUnavailable_Exception)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
InvalidKeyException(java.security.InvalidKeyException)
JSONObject(com.alibaba.fastjson.JSONObject)
JSONObject(com.alibaba.fastjson.JSONObject)
SimpleDateFormat(java.text.SimpleDateFormat)
Example 7 with UserInfo
use of cn.topca.tca.ra.service.UserInfo in project portal by ixinportal.
the class CertService method make.
/**
* 制证
*
* @param authHmac hmac签名值,采用HmacSHA1算法
* @param csr 证书请求CSR
* @param billId 订单号
* @param uid 用户id
* @param userId Msign的userID
* @return status:message 1:制作证书成功 0:提交的参数信息不完整
* data:{userId:Msign的userID,buf:证书buf,bufP7:证书bufP7,certDn:证书DN,certSn:证书SN,issuerDn:颁发者DN,
* startTime:证书有效期开始日期,endTime:证书有效期结束日期}
*/
@RequestMapping(value = "/make")
@ResponseBody
public Map<String, Object> make(@RequestHeader("authHmac") String authHmac, @RequestParam("csr") String csr, @RequestParam("billId") String billId, @RequestParam(value = "uid", required = false) String uid, @RequestParam(value = "userId", required = false) String userId, @RequestParam(value = "delayDays", required = false) Integer delayDays) {
Map<String, Object> result = new HashMap<String, Object>(4);
// 验证参数是否完整
if (StringUtils.isBlank(authHmac) || StringUtils.isBlank(csr) || StringUtils.isBlank(billId)) {
result.put("status", 0);
result.put("message", "提交的参数信息不完整");
return result;
}
LogUtil.syslog(sqlSession, "调用接口", "调用制证接口");
// 查询订单
BillExample be = new BillExample();
BillExample.Criteria bc = be.createCriteria();
bc.andBillIdEqualTo(billId);
// bc.andMcstatusNotEqualTo(1);
Bill bill = sqlSession.selectOne("com.itrus.portal.db.BillMapper.selectByExample", be);
// log.error(bill.getMcstatus()+"--------------输出日志---------------"+bill);
if (null == bill) {
// log.error(bill.getMcstatus()+"---------------------------------------------"+bill);
// System.out.println(bill.getMcstatus()+"=******************************="+bill);
result.put("status", -1);
result.put("message", "该订单不存在");
return result;
}
if (bill.getIsenterprisecert() != null && !bill.getIsenterprisecert()) {
result.put("status", -6);
result.put("message", "未提交自动制证订单");
return result;
}
// 查询项目产品
Product product = sqlSession.selectOne("com.itrus.portal.db.ProductMapper.selectByPrimaryKey", bill.getProduct());
SignatureConfig sc = sqlSession.selectOne("com.itrus.portal.db.SignatureConfigMapper.selectByPrimaryKey", product.getSignature());
// 验证hmac有效性
/*try {
String macVal = hmacSha1(sc.getAddressKey().getBytes(),(csr+billId+uid+userId).getBytes("utf-8"));
//Base64.encode(HMACSHA1.getHmacSHA1(csr+billId+uid+userId, sc.getAddressKey()), false);
if (!authHmac.equals(macVal)) {
result.put("status", -2);
result.put("message", "服务密钥错误");
return result;
}
} catch (Exception e) {
result.put("status", -3);
result.put("message", "Hmac验证错误");
e.printStackTrace();
return result;
}*/
// 证书配置
DigitalCert digitalcert = sqlSession.selectOne("com.itrus.portal.db.DigitalCertMapper.selectByPrimaryKey", product.getCert());
JSONArray certinfo = null;
if ("3".equals(digitalcert.getInitBuy())) {
// 解析项目产品中,certinfo配置信息
certinfo = JSONArray.parseArray(product.getCertinfos());
} else {
// 解析项目产品中,certinfo配置信息
certinfo = JSONArray.parseArray(product.getCertinfo());
}
// 解析订单中uid信息
JSONObject uiddata = JSONObject.parseObject(bill.getUid());
// 获取产品、RA配置
RaAccount ra = sqlSession.selectOne("com.itrus.portal.db.RaAccountMapper.selectByPrimaryKey", product.getRa());
CertUtlis certutil = new CertUtlis();
// 组织RA参数
UserInfo rauserinfo = new UserInfo();
UIDInfoUtils uidutils = new UIDInfoUtils();
uidutils.initService(businessService, orgCodeService, taxCertService, identityCardService, userInfoService, enterpriseService);
String autoidType = "";
Integer autoidValue = 0;
for (int i = 0; i < certinfo.size(); i++) {
JSONObject obj = certinfo.getJSONObject(i);
String raParaName = obj.getString("raParaName");
if (raParaName == null)
continue;
String autoid = obj.getString("autoid");
String constValue = obj.getString("constValue");
String refName = obj.getString("refName");
String val = null;
if (constValue != null) {
val = constValue;
} else if (refName != null) {
if (refName.indexOf("?") == -1)
val = uidutils.getUidInfo(bill.getId(), refName);
else {
val = "";
String[] arr = refName.split("\\?", 2);
if (arr.length == 2) {
String condition = arr[0].trim();
String[] refarr = arr[1].split(":", 2);
if (refarr.length == 2) {
boolean bret = uidutils.checkCondition(bill.getId(), condition);
if (bret)
val = uidutils.getUidInfo(bill.getId(), refarr[0].trim());
else
val = uidutils.getUidInfo(bill.getId(), refarr[1].trim());
}
}
}
} else if (autoid != null) {
String autoidPrev = obj.getString("autoidPrev");
autoidType = obj.getString("autoidType");
// + "_" + uidIdx.toString());
String uidval = uiddata.getString(obj.getString("inputName"));
val = uidval;
if (org.apache.commons.lang.StringUtils.isNotBlank(uidval) && uidval.indexOf(autoidPrev) == 0) {
String autoidPrevDate = obj.getString("autoidPrevDate");
try {
if (autoidPrevDate == null || autoidPrevDate.length() == 0)
autoidValue = Integer.parseInt(uidval.substring(autoidPrev.length()));
else
autoidValue = Integer.parseInt(uidval.substring(autoidPrev.length() + autoidPrevDate.length()));
} catch (Exception e) {
e.printStackTrace();
autoidValue = 0;
}
}
} else {
// + "_" + uidIdx.toString());
val = uiddata.getString(obj.getString("inputName"));
}
certutil.setUserInfoVal(rauserinfo, raParaName, val);
}
// 证书有效期
// {"0":"1年","1":"2年","2":"3年","3":"5年","4":"10年"})
Integer certValidity = 7;
if ("0".compareTo(digitalcert.getCertDeadline()) == 0) {
certValidity = 365 * 1 + 1;
} else if ("1".compareTo(digitalcert.getCertDeadline()) == 0) {
certValidity = 365 * 2 + 1;
} else if ("2".compareTo(digitalcert.getCertDeadline()) == 0) {
certValidity = 365 * 3 + 1;
} else if ("3".compareTo(digitalcert.getCertDeadline()) == 0) {
certValidity = 365 * 5 + 2;
} else if ("4".compareTo(digitalcert.getCertDeadline()) == 0) {
certValidity = 365 * 10 + 2;
}
if (null != delayDays) {
certValidity += delayDays;
}
// 判断是否为passcord模式
// CaPasscode passcode = new CaPasscode();
// if (ra.getCertSignType() == 2) {
// // 获取对应ra账号的passcode
// RaAccountInfoExample raInfoExample = new RaAccountInfoExample();
// RaAccountInfoExample.Criteria raInfoCriteria = raInfoExample.createCriteria();
// raInfoCriteria.andHashValEqualTo(ra.getAccountHash());
// raInfoExample.setOrderByClause("create_time desc");
// raInfoExample.setLimit(1);
// RaAccountInfo raAccountInfo = sqlSession.selectOne("com.itrus.ukey.db.RaAccountInfoMapper.selectByExample",
// raInfoExample);
// if (raAccountInfo == null) {
// LogUtil.syslog(sqlSession, "制作证书", "不存在指定RA帐号");
//
// }
// // 获取对应passcode
// try {
// passcode = codeService.IssuedCode4Cert(raAccountInfo);
// if (passcode == null) {
// LogUtil.syslog(sqlSession, "制作证书", "没有有效授权码,请联系管理员");
// }
// } catch (TerminalServiceException e1) {
// // TODO Auto-generated catch block
// e1.printStackTrace();
// }
// }
// 调用RA
CertInfo racertinfo = null;
try {
if (ra.getAaPassword() != null)
log.error("********************************************************");
ra.setAaPassword(AESencrp.decrypt(ra.getAaPassword(), dbEncKey));
racertinfo = certutil.enrollCertByWS(csr, ra, rauserinfo, certValidity);
log.error("-----------------------------------------------------");
} catch (RaServiceUnavailable_Exception e) {
e.printStackTrace();
result.put("status", -4);
result.put("message", e.getMessage());
// 记录日志
log.error("*************12323232323232323232323232323232323");
String oper = "制作证书失败";
String info = "企业名称: " + uidutils.getUidInfo(bill.getId(), "enterprise.enterpriseName") + ",异常信息: " + e.toString();
LogUtil.adminlog(sqlSession, oper, info);
return result;
} catch (Exception e) {
e.printStackTrace();
result.put("status", -5);
result.put("message", e.getMessage());
// 记录日志
log.error("********7sdfsdgfdgdfghfhfgjhghjfghgsdfsdgdhfhdfd*************");
String oper = "制作证书失败";
String info = "企业名称: " + uidutils.getUidInfo(bill.getId(), "enterprise.enterpriseName") + ",异常信息: " + e.toString();
LogUtil.adminlog(sqlSession, oper, info);
return result;
}
// 解析数字证书信息
// 存储数字证书信息
CertBuf certbuf = new CertBuf();
certbuf.setCreateTime(new Date());
certbuf.setCertBuf(racertinfo.getCertSignBuf());
sqlSession.insert("com.itrus.portal.db.CertBufMapper.insert", certbuf);
UserCert usercert = new UserCert();
usercert.setBill(bill.getId());
usercert.setRaAccount(ra.getId());
usercert.setCertBuf(certbuf.getId());
// usercert.setUidIdx(uidIdx);
usercert.setCertDn(racertinfo.getCertSubjectDn());
usercert.setCertSn(racertinfo.getCertSerialNumber());
usercert.setIssuerDn(racertinfo.getCertIssuerDn());
usercert.setCertStatus("1");
usercert.setCertUid("certUid");
usercert.setCertSource(ComNames.CERT_SOURCE_2);
usercert.setProduct(product.getId());
// usercert.setKeySn(keySn);
try {
SimpleDateFormat sdf = new SimpleDateFormat("yyyyMMddhhmmss");
usercert.setCertStartTime(sdf.parse(racertinfo.getCertNotBefore()));
usercert.setCertEndTime(sdf.parse(racertinfo.getCertNotAfter()));
} catch (ParseException e) {
e.printStackTrace();
}
usercert.setSha1Fingerprint("setSha1Fingerprint");
// autoid 数据
if (!autoidType.equals("")) {
usercert.setAutoidType(autoidType);
usercert.setAutoidValue(autoidValue);
}
usercert.setEnterprise(bill.getEnterprise());
try {
sqlSession.insert("com.itrus.portal.db.UserCertMapper.insert", usercert);
sqlSession.flushStatements();
} catch (Exception e) {
e.printStackTrace();
}
// 查询userCert中,该bill的记录数目,如果数据 大于等于 bill 里面的购买数量,则修改该bill为制证完成
List<Map> usercertall = sqlSession.selectList("com.itrus.portal.db.UserCertMapper.selectByPrimaryBillKey", bill.getId());
if (bill.getIsenterprisecert() != null && bill.getIsenterprisecert()) {
// 判断是否需要友互通自动制证
if (bill.getIscertinfo() != null && bill.getIscertinfo() == 3) {
// 判断是否已管理员制证
bill.setBillStatus(6);
if (null == bill.getDelivery()) {
bill.setBillStatus(8);
} else {
LogUtil.syslog(sqlSession, "制作证书", "错误:bill.getDelivery()" + bill.getDelivery());
}
sqlSession.update("com.itrus.portal.db.BillMapper.updateByPrimaryKey", bill);
sqlSession.flushStatements();
}
// 友互通自动制证已制证
bill.setIscertinfo(1);
sqlSession.update("com.itrus.portal.db.BillMapper.updateByPrimaryKey", bill);
sqlSession.flushStatements();
} else {
// bill.setIscertinfo(2);//友互通自动制证未制证
if (usercertall.size() >= bill.getProductNum()) {
bill.setBillStatus(6);
if (null == bill.getDelivery()) {
bill.setBillStatus(8);
} else {
LogUtil.syslog(sqlSession, "制作证书", "错误:bill.getDelivery()" + bill.getDelivery());
}
sqlSession.update("com.itrus.portal.db.BillMapper.updateByPrimaryKey", bill);
sqlSession.flushStatements();
} else {
LogUtil.syslog(sqlSession, "制作证书", "错误:usercertall.size()" + usercertall.size() + "bill.getProductNum()" + bill.getProductNum());
}
}
// 记录日志
String oper = "制作证书";
String info = "数字证书: " + racertinfo.getCertSerialNumber() + ", " + racertinfo.getCertSubjectDn();
LogUtil.syslog(sqlSession, oper, info);
result.put("status", 1);
result.put("message", "制作证书成功");
Map<String, Object> data = new HashMap<String, Object>(8);
data.put("userId", userId);
data.put("buf", racertinfo.getCertSignBuf());
data.put("bufP7", racertinfo.getCertSignBufP7());
data.put("certDn", racertinfo.getCertSubjectDn());
data.put("certSn", racertinfo.getCertSerialNumber());
data.put("issuerDn", racertinfo.getCertIssuerDn());
data.put("startTime", usercert.getCertStartTime());
data.put("endTime", usercert.getCertEndTime());
result.put("data", data);
return result;
}
Also used :
CertInfo(cn.topca.tca.ra.service.CertInfo)
RaServiceUnavailable_Exception(cn.topca.tca.ra.service.RaServiceUnavailable_Exception)
HashMap(java.util.HashMap)
UserInfo(cn.topca.tca.ra.service.UserInfo)
JSONArray(com.alibaba.fastjson.JSONArray)
ParseException(java.text.ParseException)
RaServiceUnavailable_Exception(cn.topca.tca.ra.service.RaServiceUnavailable_Exception)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
InvalidKeyException(java.security.InvalidKeyException)
Date(java.util.Date)
JSONObject(com.alibaba.fastjson.JSONObject)
JSONObject(com.alibaba.fastjson.JSONObject)
ParseException(java.text.ParseException)
SimpleDateFormat(java.text.SimpleDateFormat)
HashMap(java.util.HashMap)
Map(java.util.Map)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
ResponseBody(org.springframework.web.bind.annotation.ResponseBody)
Example 8 with UserInfo
use of cn.topca.tca.ra.service.UserInfo in project portal by ixinportal.
the class CertificateController method update.
/**
* 修改处理
*
* @param configuration
* @param photoCodeImg
* @param type
* 新建类型 3是新建签章 2是新建证书1修改
* @param uiModel
* @return
*/
@RequestMapping(method = RequestMethod.POST, value = "/{type}", produces = "text/html")
public String update(@Valid EvidenceCertificate configuration, @RequestParam(value = "photoCodeImg", required = false) String photoCodeImg, @PathVariable("type") int type, Model uiModel) {
if (type == 1) {
// System.out.println("新建签章" + configuration.getSignatureType());
// 获取证书信息
EvidenceCertificate econfiguration = certificateService.selectById(configuration.getId());
EvidenceSecretKey secretkey = new EvidenceSecretKey();
try {
if (StringUtils.isNotEmpty(photoCodeImg)) {
// 获取密钥信息
secretkey = sqlSession.selectOne("com.itrus.portal.db.EvidenceSecretKeyMapper.selectByPrimaryKey", econfiguration.getEvidenceSecretKey());
File imgDir = filePathUtils.getEnterpriseFile(secretkey.getAlias());
File frontImg = filePathUtils.saveImg(imgDir, null, photoCodeImg, IMG_DEFAULT_TYPE, IMG_NAME_VERIFY);
if (frontImg != null && frontImg.isFile()) {
configuration.setPhotoCodeImg(frontImg.getName());
configuration.setPhotoCodeImgHash(HMACSHA1.genSha1HashOfFile(frontImg));
}
}
if (configuration.getId() == null) {
certificateService.insert(configuration);
} else {
String s = String.valueOf(econfiguration.getEvidenceSecretKey());
Long keyid = Long.valueOf(s);
EvidenceSecretKey secret = secrtkey.selectById(keyid);
boolean is = certificateService.setSeal(secret.getAlias(), photoCodeImg);
if (is) {
certificateService.update(configuration);
}
}
} catch (Exception e) {
e.printStackTrace();
String oper = "修改签章失败";
String info = "错误原因:" + e.toString();
LogUtil.evidencelog(sqlSession, null, oper, info);
error = "修改签章失败";
return "redirect:/certificate/" + configuration.getId() + "/" + 3;
}
if (econfiguration.getIsCertificate() == null || econfiguration.getIsCertificate() != 1) {
JSONObject ret_data = null;
ret_data = JSONObject.parseObject(configuration.getSubject());
String cn = ret_data.getString("userName");
String ou = ret_data.getString("userOrgunit");
// String emali = ret_data.getString("EMAILADDRESS");
String O = ret_data.getString("userOrganization");
String dn = "CN=" + cn + "OU=" + ou + "O=" + O;
String csr = certificateService.genCsr(secretkey.getAlias(), configuration.getArithmetic(), dn);
if (csr != null) {
RaAccount ra = sqlSession.selectOne("com.itrus.portal.db.RaAccountMapper.selectByPrimaryKey", configuration.getRaAccount());
CertUtlis certutil = new CertUtlis();
// UserInfo rauserinfo = new UserInfo();
// Weibo类在下边定义
UserInfo rauserinfo = JSON.parseObject(configuration.getSubject(), UserInfo.class);
// System.out.println(rauserinfo.getUserAdditionalField1()+rauserinfo.getUserName());
// UserInfo = (UserInfo)JSONObject.toBean(ret_data,UserInfo.class);//将建json对象转换为Person对象
// System.out.println(configuration.getSubject());
/* rauserinfo.setUserName(cn);
rauserinfo.setUserEmail(emali);
rauserinfo.setUserAdditionalField1(ou);
rauserinfo.setUserOrganization(O); */
// 证书有效期
Integer certValidity = 7;
if ("0".equals(configuration.getPeriod())) {
certValidity = null;
} else if (1 == configuration.getPeriod()) {
certValidity = 365 * 1 + 1;
} else if (3 == configuration.getPeriod()) {
certValidity = 365 * 3 + 1;
} else if (5 == configuration.getPeriod()) {
certValidity = 365 * 5 + 2;
} else if (10 == configuration.getPeriod()) {
certValidity = 365 * 10 + 2;
}
// 调用RA
CertInfo racertinfo = null;
try {
if (ra.getAaPassword() != null) {
ra.setAaPassword(AESencrp.decrypt(ra.getAaPassword(), dbEncKey));
}
racertinfo = certutil.enrollCertByWS(csr, ra, rauserinfo, certValidity);
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
String oper = "RA调用失败";
String info = "错误原因:" + e.toString();
LogUtil.evidencelog(sqlSession, null, oper, info);
error = "RA调用失败";
return "redirect:/certificate/" + configuration.getId() + "/" + 3;
}
if (racertinfo != null) {
SimpleDateFormat sdf = new SimpleDateFormat("yyyyMMddhhmmss");
EvidenceCert cert = new EvidenceCert();
cert.setCertBase64(racertinfo.getCertSignBuf());
cert.setCreateTime(new Date());
cert.setCertSerialnumber(racertinfo.getCertSerialNumber());
cert.setIssuerdn(racertinfo.getCertIssuerDn());
cert.setSubjectdn(racertinfo.getCertSubjectDn());
try {
configuration.setStartTime(sdf.parse(racertinfo.getCertNotBefore()));
configuration.setEndTime(sdf.parse(racertinfo.getCertNotAfter()));
cert.setStartTime(sdf.parse(racertinfo.getCertNotBefore()));
cert.setEndTime(sdf.parse(racertinfo.getCertNotAfter()));
} catch (ParseException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
cert.setCreateTime(new Date());
sqlSession.insert("com.itrus.portal.db.EvidenceCertMapper.insert", cert);
configuration.setCert(cert.getId().toString());
configuration.setCertp7(racertinfo.getCertSignBufP7());
configuration.setCertSerialnumber(racertinfo.getCertSerialNumber());
boolean is = certificateService.setCertitifate(secretkey.getAlias(), racertinfo.getCertSignBuf(), racertinfo.getCertSignBufP7());
if (is) {
if ("0".equals(configuration.getArithmetic())) {
configuration.setArithmetic(null);
}
if (StringUtils.isNotEmpty(configuration.getSubject())) {
configuration.setSubject(configuration.getSubject());
}
String s = String.valueOf(secretkey.getId());
int keyid = Integer.parseInt(s);
configuration.setEvidenceSecretKey(keyid);
configuration.setCreateTime(new Date());
configuration.setCreator(getAdmin().getName());
certificateService.update(configuration);
configuration.setSignatureType(2);
String oper = "证书产生成功";
String info = "证书名称:" + configuration.getCertificateName();
LogUtil.evidencelog(sqlSession, null, oper, info);
}
}
} else {
error = "csr产生失败";
return "redirect:/certificate/" + configuration.getId() + "/" + 3;
}
}
} else if (type == 3) {
EvidenceCertificate econfiguration = certificateService.selectById(configuration.getId());
EvidenceSecretKey secretkey = new EvidenceSecretKey();
try {
if (StringUtils.isNotEmpty(photoCodeImg)) {
// 获取密钥信息
secretkey = sqlSession.selectOne("com.itrus.portal.db.EvidenceSecretKeyMapper.selectByPrimaryKey", econfiguration.getEvidenceSecretKey());
File imgDir = filePathUtils.getEnterpriseFile(secretkey.getAlias());
File frontImg = filePathUtils.saveImg(imgDir, null, photoCodeImg, IMG_DEFAULT_TYPE, IMG_NAME_VERIFY);
if (frontImg != null && frontImg.isFile()) {
configuration.setPhotoCodeImg(frontImg.getName());
configuration.setPhotoCodeImgHash(HMACSHA1.genSha1HashOfFile(frontImg));
}
}
if (configuration.getId() == null) {
certificateService.insert(configuration);
} else {
String s = String.valueOf(econfiguration.getEvidenceSecretKey());
Long keyid = Long.valueOf(s);
EvidenceSecretKey secret = secrtkey.selectById(keyid);
boolean is = certificateService.setSeal(secret.getAlias(), photoCodeImg);
if (is) {
certificateService.update(configuration);
}
}
} catch (Exception e) {
e.printStackTrace();
String oper = "新建签章失败";
String info = "错误原因:" + e.toString();
LogUtil.evidencelog(sqlSession, null, oper, info);
error = "新建签章失败";
return "redirect:/certificate/" + configuration.getId() + "/" + 2;
}
} else {
// System.out.println("新建证书");
EvidenceSecretKey secret = new EvidenceSecretKey();
// List<EvidenceSecretKey> list = secrtkey.selecttype(configuration.getKeyType());
// log.error("list="+list.size());
// if(econfiguration.getIsCertificate()!=null && econfiguration.getIsCertificate()==1){
/*if (list != null && list.size() != 0) {
for (EvidenceSecretKey e : list) {
EvidenceCertificate certificate = certificateService.selectone(e.getId());
if (certificate == null) {
secret.setAlias(e.getAlias());
secret.setId(e.getId());
break;
}
}
if (StringUtils.isEmpty(secret.getAlias())) {
List<EvidenceSecretKey> secter = secrtkey.certufucateInterface(getAdmin().getName());
//List<EvidenceSecretKey> lists = secrtkey.selecttype(configuration.getKeyType());
if (secter != null) {
for (EvidenceSecretKey e : secter) {
EvidenceCertificate certificate = certificateService.selectone(e.getId());
if (certificate == null) {
secret.setAlias(e.getAlias());
secret.setId(e.getId());
break;
}
}
}
}
} else */
{
/*EvidenceSecretKey*/
secret = secrtkey.certufucateInterface(getAdmin().getName(), configuration.getKeyType());
// List<EvidenceSecretKey> lists = secrtkey.selecttype(configuration.getKeyType());
/*if (secter != null) {
for (EvidenceSecretKey e : secter) {
EvidenceCertificate certificate = certificateService.selectone(e.getId());
if (certificate == null) {
secret.setAlias(e.getAlias());
secret.setId(e.getId());
break;
}
}
}*/
}
/* }else{
secret = sqlSession.selectOne(
"com.itrus.portal.db.EvidenceSecretKeyMapper.selectByPrimaryKey",
econfiguration.getEvidenceSecretKey());
}*/
JSONObject ret_data = null;
ret_data = JSONObject.parseObject(configuration.getSubject());
String cn = ret_data.getString("userName");
String ou = ret_data.getString("userOrgunit");
// String emali = ret_data.getString("EMAILADDRESS");
String O = ret_data.getString("userOrganization");
String dn = "CN=" + cn + "OU=" + ou + "O=" + O;
log.error("Alias=" + secret.getAlias() + ",Arithmetic=" + configuration.getArithmetic());
String csr = certificateService.genCsr(secret.getAlias(), configuration.getArithmetic(), dn);
log.error("csr=" + csr);
if (csr != null) {
RaAccount ra = sqlSession.selectOne("com.itrus.portal.db.RaAccountMapper.selectByPrimaryKey", configuration.getRaAccount());
CertUtlis certutil = new CertUtlis();
// UserInfo rauserinfo = new UserInfo();
// System.out.println(configuration.getSubject());
// Weibo类在下边定义
UserInfo rauserinfo = JSON.parseObject(configuration.getSubject(), UserInfo.class);
// System.out.println(rauserinfo.getUserAdditionalField1()+rauserinfo.getUserName());
/*rauserinfo.setUserName(cn);
rauserinfo.setUserEmail(emali);
rauserinfo.setUserAdditionalField1(ou);
rauserinfo.setUserOrganization(O);*/
// 证书有效期
Integer certValidity = 7;
if ("0".equals(configuration.getPeriod())) {
certValidity = null;
} else if (1 == configuration.getPeriod()) {
certValidity = 365 * 1 + 1;
} else if (3 == configuration.getPeriod()) {
certValidity = 365 * 3 + 1;
} else if (5 == configuration.getPeriod()) {
certValidity = 365 * 5 + 2;
} else if (10 == configuration.getPeriod()) {
certValidity = 365 * 10 + 2;
}
// 调用RA
CertInfo racertinfo = null;
try {
if (ra.getAaPassword() != null) {
ra.setAaPassword(AESencrp.decrypt(ra.getAaPassword(), dbEncKey));
}
racertinfo = certutil.enrollCertByWS(csr, ra, rauserinfo, certValidity);
log.error("racertinfo=" + racertinfo);
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
String oper = "RA调用失败";
String info = "错误原因:" + e.toString();
LogUtil.evidencelog(sqlSession, null, oper, info);
uiModel.addAttribute("error", "RA调用失败");
return "certificate/create";
}
if (racertinfo != null) {
SimpleDateFormat sdf = new SimpleDateFormat("yyyyMMddhhmmss");
EvidenceCert cert = new EvidenceCert();
cert.setCertBase64(racertinfo.getCertSignBuf());
cert.setCreateTime(new Date());
cert.setCertSerialnumber(racertinfo.getCertSerialNumber());
cert.setIssuerdn(racertinfo.getCertIssuerDn());
cert.setSubjectdn(racertinfo.getCertSubjectDn());
cert.setCreateTime(new Date());
try {
configuration.setStartTime(sdf.parse(racertinfo.getCertNotBefore()));
configuration.setEndTime(sdf.parse(racertinfo.getCertNotAfter()));
cert.setStartTime(sdf.parse(racertinfo.getCertNotBefore()));
cert.setEndTime(sdf.parse(racertinfo.getCertNotAfter()));
} catch (ParseException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
sqlSession.insert("com.itrus.portal.db.EvidenceCertMapper.insert", cert);
configuration.setCert(cert.getId().toString());
// configuration.setCert(racertinfo.getCertSignBuf());
configuration.setCertp7(racertinfo.getCertSignBufP7());
configuration.setCertSerialnumber(racertinfo.getCertSerialNumber());
/*try {
configuration.setStartTime(sdf.parse(racertinfo.getCertNotBefore()));
configuration.setEndTime(sdf.parse(racertinfo.getCertNotAfter()));
} catch (ParseException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}*/
boolean is = certificateService.setCertitifate(secret.getAlias(), racertinfo.getCertSignBuf(), racertinfo.getCertSignBufP7());
if (is) {
if ("0".equals(configuration.getArithmetic())) {
configuration.setArithmetic(null);
}
if (StringUtils.isNotEmpty(configuration.getSubject())) {
configuration.setSubject(configuration.getSubject());
}
String s = String.valueOf(secret.getId());
int keyid = Integer.parseInt(s);
configuration.setEvidenceSecretKey(keyid);
configuration.setCreateTime(new Date());
configuration.setCreator(getAdmin().getName());
certificateService.insert(configuration);
String oper = "证书产生成功";
String info = "证书名称:" + configuration.getCertificateName();
LogUtil.evidencelog(sqlSession, null, oper, info);
EvidenceCertificateExample certE = new EvidenceCertificateExample();
EvidenceCertificateExample.Criteria tificate = certE.createCriteria();
tificate.andEvidenceSecretKeyEqualTo(keyid);
configuration = sqlSession.selectOne("com.itrus.portal.db.EvidenceCertificateMapper.selectByExample", certE);
}
}
} else {
uiModel.addAttribute("error", "csr产生失败");
return "certificate/create";
}
}
return "redirect:/certificate/" + configuration.getId() + "/" + 1;
// return "redirect:/certificate/show/"+configuration.getId()+"/"+1;
// return "redirect:/certificate";
}
Also used :
CertInfo(cn.topca.tca.ra.service.CertInfo)
UserInfo(cn.topca.tca.ra.service.UserInfo)
EvidenceSecretKey(com.itrus.portal.db.EvidenceSecretKey)
ParseException(java.text.ParseException)
IOException(java.io.IOException)
Date(java.util.Date)
CertUtlis(com.itrus.portal.utils.CertUtlis)
EvidenceCert(com.itrus.portal.db.EvidenceCert)
JSONObject(com.alibaba.fastjson.JSONObject)
RaAccount(com.itrus.portal.db.RaAccount)
EvidenceCertificateExample(com.itrus.portal.db.EvidenceCertificateExample)
EvidenceCertificate(com.itrus.portal.db.EvidenceCertificate)
ParseException(java.text.ParseException)
File(java.io.File)
SimpleDateFormat(java.text.SimpleDateFormat)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Example 9 with UserInfo
use of cn.topca.tca.ra.service.UserInfo in project portal by ixinportal.
the class MobileWebSocketLogService method execute.
/**
* service:certApply 申请证书移动端需要传过来的参数
* 1.设备信息 device
* equipmentCategory String 设备型号
* appId Long 应用的名称
* operatingSystem String 操作系统
* userId Long 和用户关联的字段
* createTime date 创建时间
* updateTime date 修改时间
* deviceSerialNumber string 设备序列号 唯一标识
* 2.用户信息 即 注册信息 user
* name String 用户姓名
* phone String 手机号
* idNumber String 身份证号
* appId Long 和应用关联的字段
* email String 电子邮件
* registrationTime date 注册时间
* createTime date 创建时间
* updateTime date 修改时间
* userCode String 用户编码
*
* 最后保存 用户信息 设备信息 证书信息 // TODO: 2017/12/8
* @param content
* @return
*/
@Override
public Map<String, Object> execute(String content) {
Map<String, Object> result = new HashMap<String, Object>(3);
result.put("status", 0);
try {
JSONObject param = JSON.parseObject(content);
String appId = param.getString("appId");
ApplicationInfo applicationInfo = applicationInfoService.getApplicationInfo(appId);
MobileApplyConfigManage mobileApplyConfig = mobileApplyConfigService.selectByappId(appId);
CertUtlis certutil = new CertUtlis();
JSONObject jsonUser = param.getJSONObject("user");
// 根据证书信息项设置 rauserinfo对象 // TODO: 2017/12/26
UserInfo rauserinfo = new UserInfo();
rauserinfo.setUserName(jsonUser.getString("name"));
rauserinfo.setUserEmail(jsonUser.getString("email"));
rauserinfo.setUserAdditionalField1(applicationInfo.getName());
rauserinfo.setUserAdditionalField4(jsonUser.getString("userCode"));
Integer certValidity = 7;
if (mobileApplyConfig.getCertificatedeadline() == null || "0".equals(mobileApplyConfig.getCertificatedeadline())) {
certValidity = null;
} else if (1 == mobileApplyConfig.getCertificatedeadline()) {
certValidity = 365 * 1 + 1;
} else if (2 == mobileApplyConfig.getCertificatedeadline()) {
certValidity = 365 * 2 + 1;
} else if (3 == mobileApplyConfig.getCertificatedeadline()) {
certValidity = 365 * 3 + 1;
} else if (4 == mobileApplyConfig.getCertificatedeadline()) {
certValidity = 365 * 5 + 2;
} else if (5 == mobileApplyConfig.getCertificatedeadline()) {
certValidity = 365 * 10 + 2;
}
RaAccount ra = raAccountService.getRaAccount(mobileApplyConfig.getRaaccountId());
if (ra.getAaPassword() != null) {
ra.setAaPassword(AESencrp.decrypt(ra.getAaPassword(), dbEncKey));
}
CertInfo racertinfo = certutil.enrollCertByWS(param.getString("csr"), ra, rauserinfo, certValidity);
result.put("status", 1);
result.put("message", "制作证书成功");
} catch (Exception e) {
result.put("message", e.toString());
}
return result;
}
Also used :
CertInfo(cn.topca.tca.ra.service.CertInfo)
HashMap(java.util.HashMap)
ApplicationInfo(com.itrus.portal.db.ApplicationInfo)
UserInfo(cn.topca.tca.ra.service.UserInfo)
MobileApplyConfigManage(com.itrus.portal.db.MobileApplyConfigManage)
CertUtlis(com.itrus.portal.utils.CertUtlis)
JSONObject(com.alibaba.fastjson.JSONObject)
RaAccount(com.itrus.portal.db.RaAccount)
JSONObject(com.alibaba.fastjson.JSONObject)
Example 10 with UserInfo
use of cn.topca.tca.ra.service.UserInfo in project portal by ixinportal.
the class CertUtlis method renewAA.
/**
* 证书更新工具类
*
* @param serialnumber
* //旧的证书序列号
* @param csr
* //旧的证书的请求
* @param crt
* //旧的证书base64
* @param challenge
* //签发的RA口令,aapassword
* @param accountHash
* //RA的哈希值
* @param checkpoint
* //RA的服务密码
* @param passcode
* //passCode是一种申请证书的方式,不是以passCode方式申请,则填写""
* @param newCSR
* //新的证书请求
* @param pkcs7
* //浏览器产生的字符串
* @param raAccount
* //ra对象
* @return
* @throws javax.xml.ws.WebServiceException
* @throws RaServiceUnavailable_Exception
* @throws MalformedURLException
*/
public static CertInfo renewAA(String serialnumber, String crt, String challenge, String accountHash, String checkpoint, String passcode, String newCSR, String pkcs7, RaAccount raAccount) throws javax.xml.ws.WebServiceException, RaServiceUnavailable_Exception, MalformedURLException {
UserAPIService service = new UserAPIService(new URL(raAccount.getServiceUrl()));
UserAPIServicePortType client = service.getUserAPIServicePort();
// 新建一个空的用户信息传递过去
UserInfo raUserInfo = new UserInfo();
// 新建一个用户证书,并设置
CertInfo raCertInfo = new CertInfo();
raCertInfo.setCertSerialNumber(serialnumber);
// 签发的RA口令,先随便写一些进去
raCertInfo.setCertReqChallenge(challenge);
// raCertInfo.setCertReqBuf(csr);//旧的证书的请求
// 证书base64
raCertInfo.setCertSignBuf(crt);
String json = "{PKCSINFORMATION:'" + pkcs7 + "', certReqBuf:'" + newCSR + "'}";
return client.renewCertAA(raUserInfo, raCertInfo, accountHash, checkpoint, passcode, json);
}
Also used :
CertInfo(cn.topca.tca.ra.service.CertInfo)
UserAPIServicePortType(cn.topca.tca.ra.service.UserAPIServicePortType)
UserInfo(cn.topca.tca.ra.service.UserInfo)
UserAPIService(cn.topca.tca.ra.service.UserAPIService)
URL(java.net.URL)
Aggregations
UserInfo (cn.topca.tca.ra.service.UserInfo)11
CertInfo (cn.topca.tca.ra.service.CertInfo)10
JSONObject (com.alibaba.fastjson.JSONObject)6
ParseException (java.text.ParseException)5
SimpleDateFormat (java.text.SimpleDateFormat)5
HashMap (java.util.HashMap)5
RaServiceUnavailable_Exception (cn.topca.tca.ra.service.RaServiceUnavailable_Exception)4
InvalidKeyException (java.security.InvalidKeyException)4
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)4
Date (java.util.Date)4
UserAPIService (cn.topca.tca.ra.service.UserAPIService)3
UserAPIServicePortType (cn.topca.tca.ra.service.UserAPIServicePortType)3
CertUtlis (com.itrus.portal.utils.CertUtlis)3
URL (java.net.URL)3
RequestMapping (org.springframework.web.bind.annotation.RequestMapping)3
RaAccount (com.itrus.portal.db.RaAccount)2
TerminalServiceException (com.itrus.portal.exception.TerminalServiceException)2
ResponseBody (org.springframework.web.bind.annotation.ResponseBody)2
JSONArray (com.alibaba.fastjson.JSONArray)1
ApplicationInfo (com.itrus.portal.db.ApplicationInfo)1
