Search in sources :

Example 1 with UserCertInfo

use of com.bsnbase.sdk.util.common.UserCertInfo in project PCNGateway-Java-SDK by BSNDA.

the class R1Algorithm method getUserCertInfo.

/**
 * Get certificate CSR
 *
 * @param DN
 * @return
 */
@Override
public UserCertInfo getUserCertInfo(String DN) throws Exception {
    Security.addProvider(new BouncyCastleProvider());
    int algSize = 256;
    String sigAlg = "SHA256withECDSA";
    KeyPairGenerator kpg = KeyPairGenerator.getInstance("ECDSA");
    kpg.initialize(algSize, new SecureRandom());
    KeyPair kp = kpg.generateKeyPair();
    PrivateKey privateKey = kp.getPrivate();
    Signature signature = Signature.getInstance(sigAlg);
    signature.initSign(privateKey);
    X500Name x500Name = new X500Name(DN);
    SubjectPublicKeyInfo subjectPublicKeyInfo = SubjectPublicKeyInfo.getInstance(kp.getPublic().getEncoded());
    PKCS10CertificationRequestBuilder builder = new PKCS10CertificationRequestBuilder(x500Name, subjectPublicKeyInfo);
    JcaContentSignerBuilder jcaContentSignerBuilder = new JcaContentSignerBuilder(sigAlg);
    Provider BC = new BouncyCastleProvider();
    jcaContentSignerBuilder.setProvider(BC);
    ContentSigner contentSigner = jcaContentSignerBuilder.build(kp.getPrivate());
    PKCS10CertificationRequest csr = builder.build(contentSigner);
    byte[] der = csr.getEncoded();
    String strPEMCSR = "-----BEGIN CERTIFICATE REQUEST-----\n";
    strPEMCSR += new String(org.bouncycastle.util.encoders.Base64.encode(der));
    strPEMCSR += "\n-----END CERTIFICATE REQUEST-----\n";
    UserCertInfo user = new UserCertInfo();
    user.setCSRPem(strPEMCSR);
    user.setKey(privateKey);
    return user;
}
Also used : PKCS10CertificationRequest(org.bouncycastle.pkcs.PKCS10CertificationRequest) UserCertInfo(com.bsnbase.sdk.util.common.UserCertInfo) JcaContentSignerBuilder(org.bouncycastle.operator.jcajce.JcaContentSignerBuilder) ContentSigner(org.bouncycastle.operator.ContentSigner) PKCS10CertificationRequestBuilder(org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder) X500Name(org.bouncycastle.asn1.x500.X500Name) SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo) BouncyCastleProvider(org.bouncycastle.jce.provider.BouncyCastleProvider) BouncyCastleProvider(org.bouncycastle.jce.provider.BouncyCastleProvider)

Example 2 with UserCertInfo

use of com.bsnbase.sdk.util.common.UserCertInfo in project PCNGateway-Java-SDK by BSNDA.

the class UserService method userEnroll.

/**
 * User certificate registration in Public Key Upload Mode
 * When a user participated in the application in the public key upload mode needs to register a sub-user, after completing the user registration interface, he/she can call this interface to upload a public key certificate application file and obtain a sub-user certificate issued by the city node.
 * An exception will be returned when this interface is called in key trust mode.
 */
public static ResKeyEscrowEnroll userEnroll(@NotNull ReqKeyEscrowEnroll kes) throws IOException {
    String api = Config.config.getApi() + PathUtil.FABRIC_USER_ENROLL;
    UserCertInfo certInfo = StoreUtils.generateCSR(kes.getName(), Config.config.getAppCode());
    kes.setCsrPem(certInfo.getCSRPem());
    BaseReqModel<ReqKeyEscrowEnroll> req = new BaseReqModel<ReqKeyEscrowEnroll>();
    req.setReqHeader(Config.config.getUserCode(), Config.config.getAppCode());
    req.setBody(kes);
    HttpService<ReqKeyEscrowEnroll, ResKeyEscrowEnroll> httpService = new HttpService<ReqKeyEscrowEnroll, ResKeyEscrowEnroll>();
    BaseResModel<ResKeyEscrowEnroll> res = httpService.post(req, api, ResKeyEscrowEnroll.class);
    ResKeyEscrowEnroll body = res.getBody();
    // Save the private key
    Config.config.getKeyStore().storeUserPrivateKey(kes.getName(), Config.config.getAppCode(), certInfo.getKey());
    // Save the registered certificate
    Config.config.getKeyStore().storeUserCert(kes.getName(), Config.config.getAppCode(), body.getCert());
    return body;
}
Also used : UserCertInfo(com.bsnbase.sdk.util.common.UserCertInfo) BaseReqModel(com.bsnbase.sdk.entity.base.BaseReqModel) HttpService(com.bsnbase.sdk.util.common.HttpService) ReqKeyEscrowEnroll(com.bsnbase.sdk.entity.req.fabric.ReqKeyEscrowEnroll) ResKeyEscrowEnroll(com.bsnbase.sdk.entity.resp.fabric.ResKeyEscrowEnroll)

Example 3 with UserCertInfo

use of com.bsnbase.sdk.util.common.UserCertInfo in project PCNGateway-Java-SDK by BSNDA.

the class SM2Algorithm method getUserCertInfo.

/**
 * Get certificate CSR
 *
 * @param DN
 * @return
 */
@Override
public UserCertInfo getUserCertInfo(String DN) throws Exception {
    Sm2Util.createKeyPair();
    KeyPair kp = Sm2Util.keyPair;
    PrivateKey privateKey = kp.getPrivate();
    PKCS10CertificationRequestBuilder builder = new PKCS10CertificationRequestBuilder(new X500Name(DN), SubjectPublicKeyInfo.getInstance(kp.getPublic().getEncoded()));
    JcaContentSignerBuilder jcaContentSignerBuilder = new JcaContentSignerBuilder("SM3withSM2");
    Provider BC = new BouncyCastleProvider();
    jcaContentSignerBuilder.setProvider(BC);
    ContentSigner contentSigner = jcaContentSignerBuilder.build(kp.getPrivate());
    PKCS10CertificationRequest csr = builder.build(contentSigner);
    byte[] der = csr.getEncoded();
    String strPEMCSR = "-----BEGIN CERTIFICATE REQUEST-----\n";
    strPEMCSR += new String(Base64.encode(der));
    strPEMCSR += "\n-----END CERTIFICATE REQUEST-----\n";
    UserCertInfo user = new UserCertInfo();
    user.setCSRPem(strPEMCSR);
    user.setKey(privateKey);
    return user;
}
Also used : PKCS10CertificationRequest(org.bouncycastle.pkcs.PKCS10CertificationRequest) UserCertInfo(com.bsnbase.sdk.util.common.UserCertInfo) KeyPair(java.security.KeyPair) PrivateKey(java.security.PrivateKey) JcaContentSignerBuilder(org.bouncycastle.operator.jcajce.JcaContentSignerBuilder) ContentSigner(org.bouncycastle.operator.ContentSigner) PKCS10CertificationRequestBuilder(org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder) X500Name(org.bouncycastle.asn1.x500.X500Name) BouncyCastleProvider(org.bouncycastle.jce.provider.BouncyCastleProvider) Provider(java.security.Provider) BouncyCastleProvider(org.bouncycastle.jce.provider.BouncyCastleProvider)

Aggregations

UserCertInfo (com.bsnbase.sdk.util.common.UserCertInfo)3 X500Name (org.bouncycastle.asn1.x500.X500Name)2 BouncyCastleProvider (org.bouncycastle.jce.provider.BouncyCastleProvider)2 ContentSigner (org.bouncycastle.operator.ContentSigner)2 JcaContentSignerBuilder (org.bouncycastle.operator.jcajce.JcaContentSignerBuilder)2 PKCS10CertificationRequest (org.bouncycastle.pkcs.PKCS10CertificationRequest)2 PKCS10CertificationRequestBuilder (org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder)2 BaseReqModel (com.bsnbase.sdk.entity.base.BaseReqModel)1 ReqKeyEscrowEnroll (com.bsnbase.sdk.entity.req.fabric.ReqKeyEscrowEnroll)1 ResKeyEscrowEnroll (com.bsnbase.sdk.entity.resp.fabric.ResKeyEscrowEnroll)1 HttpService (com.bsnbase.sdk.util.common.HttpService)1 KeyPair (java.security.KeyPair)1 PrivateKey (java.security.PrivateKey)1 Provider (java.security.Provider)1 SubjectPublicKeyInfo (org.bouncycastle.asn1.x509.SubjectPublicKeyInfo)1