Example 51 with UserCert
use of com.itrus.portal.db.UserCert in project portal by ixinportal.
the class EvidencePdfVerifyService method savePdfVerify.
private void savePdfVerify(String data) {
JSONObject jsonPdfVerify = JSONObject.parseObject(data);
try {
if (data == null) {
throw new Exception("返回值为空");
}
if (jsonPdfVerify.getInteger("code") == 0) {
eventContent.setEventStatus(1);
} else {
eventContent.setEventStatus(0);
eventContent.setFailureReason(jsonPdfVerify.getString("message"));
}
String retVerifyTi = null;
String retVerifyBehavior = null;
String retVerifyTime = null;
if (StringUtils.isNotEmpty(data) && StringUtils.isNotEmpty(jsonPdfVerify.getString("signInfos"))) {
// 解析pdf验章返回信息
JSONArray jsonArraySignInfos = jsonPdfVerify.getJSONArray("signInfos");
List<String> listStr = new ArrayList<>();
int noId = 0;
for (int k = 0; k < jsonArraySignInfos.size(); k++) {
// 循环得到pdf验章返回数据
JSONObject json = jsonArraySignInfos.getJSONObject(k);
// 对应可信身份
EvidenceTrustedIdentity trustedIdentity1 = null;
// 判断验章是否包含证书
if (StringUtils.isNotEmpty(json.getString("signerCert"))) {
// 解析签名者证书base64编码
UserCert userCert1 = CertUtil.getCertFromBase64(json.getString("signerCert"));
EvidenceCertUser certUser = certUserService.getCertBySn(userCert1.getCertSn());
if (certUser == null) {
certUser = new EvidenceCertUser();
certUser.setCertBase64(json.getString("signerCert"));
certUser.setCertSerialnumber(userCert1.getCertSn());
certUser.setSubjectdn(userCert1.getCertDn());
certUser.setIssuerdn(userCert1.getIssuerDn());
certUser.setIssuer(EvidenceSaveServiceApi.getCertCn(userCert1.getIssuerDn()));
if (userCert1.getCertBuf() != null) {
certUser.setEvidenceBuf(userCert1.getCertBuf().toString());
}
certUser.setStartTime(userCert1.getCertStartTime());
certUser.setEndTime(userCert1.getCertEndTime());
certUser.setCreateTime(new Date());
certUser.setIdCode(UniqueIDUtils.getUID());
queueThread.putObjectQueue(certUser);
}
boolean blt = true;
// 循环已经存在的证书序列号 判断证书序列号是否存在
for (String strCertSn : listStr) {
if (userCert1 != null && strCertSn.equals(userCert1.getCertSn())) {
blt = false;
}
}
// 循环可信身份list缓存 判断证书序列号是否相同
if (!tiCacheList.isEmpty() && tiCacheList != null) {
for (EvidenceTrustedIdentity identity : tiCacheList) {
if (identity.getCertSerialnumber().equals(userCert1.getCertSn())) {
trustedIdentity1 = identity;
}
}
}
if (trustedIdentity1 == null) {
noId--;
}
if (blt) {
// 事件对象定义
EvidenceTrustedIdentity trustedIdentity = new EvidenceTrustedIdentity();
trustedIdentity.setBasicInformation(eventContent.getEvidenceSn());
trustedIdentity.setEventContent(eventContent.getIdCode());
if (trustedIdentity1 != null) {
trustedIdentity.setMainInformation(trustedIdentity1.getMainInformation());
// 整合证书信息存储到对应可信身份表
trustedIdentity1.setCertBase64(certUser.getIdCode());
queueThread.putObjectQueue(trustedIdentity1);
} else {
trustedIdentity.setMainInformation(noId + "");
}
trustedIdentity.setCertBase64(certUser.getIdCode());
trustedIdentity.setCreateTime(new Date());
trustedIdentity.setIdentiType("1");
if (userCert1.getCertBuf() != null) {
trustedIdentity.setEvidenceBuf(userCert1.getCertBuf().toString());
}
trustedIdentity.setStartTime(userCert1.getCertStartTime());
trustedIdentity.setEndTime(userCert1.getCertEndTime());
// 事件对象核验结果
trustedIdentity.setCheckTime(new Date());
if (json.getIntValue("vcResult") == 0) {
trustedIdentity.setCheckStatus("1");
trustedIdentity.setCheckSuccessTime(new Date());
} else {
if (StringUtils.isEmpty(retVerifyTi))
retVerifyTi = "事件对象核验失败";
trustedIdentity.setCheckStatus("0");
if (json.getIntValue("vcResult") == 30006)
trustedIdentity.setUnreason("未找到对应的受信任CA证书");
else if (json.getIntValue("vcResult") == 30007)
trustedIdentity.setUnreason("证书已吊销");
else if (json.getIntValue("vcResult") == 30008)
trustedIdentity.setUnreason("证书不在有效期内");
else if (json.getIntValue("vcResult") == 30009)
trustedIdentity.setUnreason("无效的证书签名");
else if (json.getIntValue("vcResult") == 300010)
trustedIdentity.setUnreason("其他证书验证错误");
else
trustedIdentity.setUnreason("非正常其他证书验证错误");
}
trustedIdentity.setVewestCheckTime(new Date());
queueThread.putObjectQueue(trustedIdentity);
}
listStr.add(userCert1.getCertSn());
} else {
retVerifyTi = "事件对象核验失败";
}
// 事件行为定义
EvidenceEventBehavior eventBehavior = new EvidenceEventBehavior();
// 判断时间戳是否存在
if (StringUtils.isNotEmpty(json.getString("timeStamp")) && !json.getString("timeStamp").equals("{}")) {
// 验证时间戳
EvidenceEventTime eventTime = new EvidenceEventTime();
if (trustedIdentity1 != null) {
eventTime.setMainInformation(trustedIdentity1.getMainInformation());
} else {
eventTime.setMainInformation(noId + "");
}
eventTime.setIdentiType("1");
eventTime.setEventContent(eventContent.getIdCode());
eventTime.setCertificate(json.getJSONObject("timeStamp").getString("signature"));
eventTime.setHashAlgorithm(json.getJSONObject("timeStamp").getString("hashAlg"));
eventTime.setHashvalue(json.getJSONObject("timeStamp").getString("hashData"));
eventTime.setCertBase64(json.getJSONObject("timeStamp").getString("tsCert"));
if (StringUtils.isNotEmpty(json.getJSONObject("timeStamp").getString("time"))) {
eventTime.setSignatureTime(json.getJSONObject("timeStamp").getDate("time"));
} else {
eventTime.setSignatureTime(json.getDate("stampTime"));
}
eventTime.setCreateTime(new Date());
// 解析时间戳证书 Base64
if (json.getJSONObject("timeStamp").getString("tsCert") != null) {
UserCert userCert = CertUtil.getCertFromBase64(json.getJSONObject("timeStamp").getString("tsCert"));
eventTime.setCertificateDn(userCert.getCertDn());
eventTime.setIssuerdn(userCert.getIssuerDn());
}
// 时间核验结果
eventTime.setCheckTime(new Date());
if (json.getIntValue("vtsResult") == 0) {
eventTime.setCheckStatus("1");
eventTime.setCheckSuccessTime(new Date());
} else {
if (StringUtils.isEmpty(retVerifyTime)) {
retVerifyTime = "事件时间核验失败";
}
eventTime.setCheckStatus("0");
if (json.getIntValue("vtsResult") == 60002) {
eventTime.setUnreason("验证时戳失败");
} else {
eventTime.setUnreason("其他验证时戳错误");
}
}
eventTime.setVewestCheckTime(new Date());
// eventTime.setCheckContent("签名原文完整、真实、是否被篡改");
queueThread.putObjectQueue(eventTime);
} else {
eventBehavior.setVerificationTime(json.getDate("stampTime"));
}
// 判断事件行为是否返回为空
if (StringUtils.isNotEmpty(json.getString("signature"))) {
eventBehavior.setHashAlgorithm(json.getString("hashAlg"));
eventBehavior.setSignaturevalue(json.getString("signature"));
eventBehavior.setHashBackSigning(json.getString("msgDigest"));
eventBehavior.setEventContent(eventContent.getIdCode());
eventBehavior.setIdentiType("1");
if (trustedIdentity1 != null) {
eventBehavior.setMainInformation(trustedIdentity1.getMainInformation());
} else {
eventBehavior.setMainInformation(noId + "");
}
// 事件行为核验结果
eventBehavior.setCheckTime(new Date());
if (json.getIntValue("vdsResult") == 0) {
eventBehavior.setCheckStatus("1");
eventBehavior.setCheckSuccessTime(new Date());
} else {
if (StringUtils.isEmpty(retVerifyBehavior)) {
retVerifyBehavior = "事件行为核验失败";
}
eventBehavior.setCheckStatus("0");
if (json.getIntValue("vdsResult") == 40002) {
eventBehavior.setUnreason("验证签名失败");
} else {
eventBehavior.setUnreason("其他验证签名错误");
}
}
eventBehavior.setVewestCheckTime(new Date());
queueThread.putObjectQueue(eventBehavior);
} else {
retVerifyBehavior = "事件行为核验失败";
}
}
if (jsonArraySignInfos.size() == 0) {
// eventContent.setEventStatus(0);
// if(StringUtils.isNotEmpty(eventContent.getFailureReason())) {
// eventContent.setFailureReason(eventContent.getFailureReason() + ",pdf签章失败:返回集合为空。");
// } else {
// eventContent.setFailureReason("pdf签章失败:返回集合为空。");
// }
// result.put("status", 0);
// result.put("message", "pdf签章失败:返回集合为空。");
// return result;
}
if (StringUtils.isNotEmpty(retVerifyTi)) {
if (StringUtils.isNotEmpty(eventContent.getFailureReason()))
eventContent.setFailureReason(eventContent.getFailureReason() + "," + retVerifyTi);
else
eventContent.setFailureReason(retVerifyTi);
}
if (StringUtils.isNotEmpty(retVerifyBehavior)) {
if (StringUtils.isNotEmpty(eventContent.getFailureReason()))
eventContent.setFailureReason(retVerifyBehavior);
else
eventContent.setFailureReason(eventContent.getFailureReason() + "," + retVerifyBehavior);
}
if (StringUtils.isNotEmpty(retVerifyTime)) {
if (StringUtils.isNotEmpty(eventContent.getFailureReason()))
eventContent.setFailureReason(retVerifyTime);
else
eventContent.setFailureReason(eventContent.getFailureReason() + "," + retVerifyTime);
}
}
queueThread.putObjectQueue(eventContent);
} catch (Exception e) {
e.printStackTrace();
String ret = null;
if (jsonPdfVerify != null) {
ret = jsonPdfVerify.getString("message");
}
LogUtil.evidencelog(sqlSession, eventContent.getEvidenceSn(), "存证接口_天威签名", "PDF验章失败,证据编号:" + eventContent.getEvidenceSn() + ", 请求参数:" + (StringUtils.isEmpty(pdfContent) ? "空值" : "有值").toString() + ", 请求地址:" + url + ", 返回结果:" + ret + ", 失败原因" + e);
}
}
Also used :
JSONArray(com.alibaba.fastjson.JSONArray)
ArrayList(java.util.ArrayList)
IOException(java.io.IOException)
Date(java.util.Date)
EvidenceEventBehavior(com.itrus.portal.db.EvidenceEventBehavior)
JSONObject(com.alibaba.fastjson.JSONObject)
EvidenceCertUser(com.itrus.portal.db.EvidenceCertUser)
EvidenceTrustedIdentity(com.itrus.portal.db.EvidenceTrustedIdentity)
EvidenceEventTime(com.itrus.portal.db.EvidenceEventTime)
UserCert(com.itrus.portal.db.UserCert)
Example 52 with UserCert
use of com.itrus.portal.db.UserCert in project portal by ixinportal.
the class DownLoadCertServiceImpl method saveCertInfo.
/**
* 保存证书信息并更新订单
*
* @param racertinfo
* @param bill
* @param raId
* @param uidIdx
* @param keySn
* @param autoidType
* @param autoidValue
* @throws ParseException
*/
public void saveCertInfo(CertInfo racertinfo, Bill bill, Long raId, Integer uidIdx, String keySn, String autoidType, Integer autoidValue) throws ParseException {
CertBuf certbuf = new CertBuf();
certbuf.setCreateTime(new Date());
certbuf.setCertBuf(racertinfo.getCertSignBuf());
certbuf.setCertKmcRep1(racertinfo.getCertKmcRep1());
certbuf.setCertKmcRep2(racertinfo.getCertKmcRep2());
certbuf.setCertsignBuf(racertinfo.getCertSignBuf());
certbuf.setEncUserCert(racertinfo.getCertSignBufKmc());
sqlSession.insert("com.itrus.portal.db.CertBufMapper.insert", certbuf);
UserCert usercert = new UserCert();
usercert.setBill(bill.getId());
usercert.setRaAccount(raId);
usercert.setCertBuf(certbuf.getId());
usercert.setUidIdx(uidIdx);
usercert.setCertDn(racertinfo.getCertSubjectDn());
usercert.setCertSn(racertinfo.getCertSerialNumber());
usercert.setIssuerDn(racertinfo.getCertIssuerDn());
usercert.setCertStatus("1");
usercert.setCertUid("certUid");
if (StringUtils.isNotBlank(keySn))
// 设置证书keySn
usercert.setKeySn(keySn);
SimpleDateFormat sdf = new SimpleDateFormat("yyyyMMddhhmmss");
usercert.setCertStartTime(sdf.parse(racertinfo.getCertNotBefore()));
usercert.setCertEndTime(sdf.parse(racertinfo.getCertNotAfter()));
usercert.setSha1Fingerprint("setSha1Fingerprint");
// autoid 数据
if (!autoidType.equals("")) {
usercert.setAutoidType(autoidType);
usercert.setAutoidValue(autoidValue);
}
usercert.setEnterprise(bill.getEnterprise());
sqlSession.insert("com.itrus.portal.db.UserCertMapper.insert", usercert);
// 将设置订单状态
bill.setBillStatus(ComNames.BILL_STATUS_8);
if (null != bill.getInvoice() || null != bill.geteInvoice()) {
bill.setBillStatus(ComNames.BILL_STATUS_6);
}
sqlSession.update("com.itrus.portal.db.BillMapper.updateByPrimaryKey", bill);
}
Also used :
CertBuf(com.itrus.portal.db.CertBuf)
SimpleDateFormat(java.text.SimpleDateFormat)
Date(java.util.Date)
UserCert(com.itrus.portal.db.UserCert)
Example 53 with UserCert
use of com.itrus.portal.db.UserCert in project portal by ixinportal.
the class UserCertService method getCert.
public synchronized UserCert getCert(X509Certificate cert) throws CertificateException, SigningServerException {
// trustService.verifyCertificate(cert); //检查证书状态
// 检查证书信息是否在数据库中
String certHexSN = CertUtilsOfUkey.getValidSerialNumber(cert.getHexSerialNumber());
String issuerDN = cert.getIssuerDNString();
UserCertExample ucExample = new UserCertExample();
UserCertExample.Criteria ucCriteria = ucExample.or();
// ucCriteria.andIssuerDnEqualTo(issuerDN);
ucCriteria.andCertSnEqualTo(certHexSN);
UserCert userCert = sqlSession.selectOne("com.itrus.portal.db.UserCertMapper.selectByExample", ucExample);
if (userCert == null) {
// 若不存在证书则添加证书信息
CertBuf certBuf = new CertBuf();
certBuf.setCreateTime(new Date());
certBuf.setCertBuf(Base64.encode(cert.getEncoded()).replaceAll("\n", ""));
// 将公钥证书存入数据库
sqlSession.insert("com.itrus.portal.db.CertBufMapper.insert", certBuf);
userCert = new UserCert();
userCert.setCertDn(cert.getSubjectDNString());
userCert.setIssuerDn(issuerDN);
userCert.setCertSn(certHexSN);
userCert.setCertStartTime(cert.getNotBefore());
userCert.setCertEndTime(cert.getNotAfter());
userCert.setCertStatus(ComNames.CERT_STATUS_1);
userCert.setSha1Fingerprint(CipherUtils.sha1(cert.getEncoded()));
userCert.setCertBuf(certBuf.getId());
// 0标识非门户申请的证书(因为非门户下载的证书才会不存在我们数据库中)
userCert.setCertSource(ComNames.CERT_SOURCE_0);
sqlSession.insert("com.itrus.portal.db.UserCertMapper.insertSelective", userCert);
}
return userCert;
}
Also used :
UserCertExample(com.itrus.portal.db.UserCertExample)
CertBuf(com.itrus.portal.db.CertBuf)
Date(java.util.Date)
UserCert(com.itrus.portal.db.UserCert)
Example 54 with UserCert
use of com.itrus.portal.db.UserCert in project portal by ixinportal.
the class SendReNewInfoTask method sendReNewInfo.
/**
* 心跳更新。启动时执行一次,之后每隔24小时执行一次
*/
@Scheduled(fixedRate = 1000 * 60 * 60 * 24)
public void sendReNewInfo() {
// 筛选出所有是待更新的,而且未发送短信的订单
BillExample billExample = new BillExample();
BillExample.Criteria criteria = billExample.or();
// 订单状态是12的时候,表示是待更新的订单
criteria.andBillStatusEqualTo(ComNames.BILL_STATUS_12);
// 订单的短信发送时间是Null的时候,表示未发送过通知短信
criteria.andRenewSendTimeIsNull();
criteria.andIsDeleteEqualTo(false);
// billExample.setLimit(100);
List<Bill> bills = sqlSession.selectList("com.itrus.portal.db.BillMapper.selectByExample", billExample);
if (null == bills || bills.size() < 1) {
return;
}
String billSn = "";
String mPhone = "";
try {
// 向每个订单发送短信通知
for (int i = 0; i < bills.size(); i++) {
billSn = bills.get(i).getBillId();
UserInfo userInfo = sqlSession.selectOne("com.itrus.portal.db.UserInfoMapper.selectByPrimaryKey", bills.get(i).getUniqueId());
mPhone = userInfo.getmPhone();
UserCertExample userCertExample = new UserCertExample();
UserCertExample.Criteria ucriteria = userCertExample.or();
ucriteria.andIdEqualTo(bills.get(i).getOldUserCert());
UserCert userCert = sqlSession.selectOne("com.itrus.portal.db.UserCertMapper.selectByExample", userCertExample);
Enterprise enterprise = sqlSession.selectOne("com.itrus.portal.db.EnterpriseMapper.selectByPrimaryKey", bills.get(i).getEnterprise());
Long projectId = bills.get(i).getProject();
String keySn = "";
if (null == userCert.getKeySn()) {
keySn = "该证书未绑定key";
} else {
keySn = userCert.getKeySn();
}
String enterpriseName = enterprise.getEnterpriseName();
Date endTime = userCert.getCertEndTime();
// 获取订单对应的产品信息
Product product = sqlSession.selectOne("com.itrus.portal.db.ProductMapper.selectByPrimaryKey", bills.get(i).getProduct());
String productName = product.getName();
try {
makeCerServiceImpl.sendReNewInfo(bills.get(i), mPhone, projectId, "ZSGX", keySn, enterpriseName, endTime, productName);
} catch (UserInfoServiceException e) {
String type = "发送证书更新通知失败";
String info = "用户手机号:" + mPhone + ",订单号" + bills.get(i).getBillId() + "错误信息:" + e.getMessage();
LogUtil.syslog(sqlSession, type, info);
log.error("ERRORLOG证书更新通知 {}", info);
return;
} catch (Exception e) {
String type = "发送证书更新通知失败";
String info = "用户手机号:" + mPhone + ",订单号" + bills.get(i).getBillId() + "错误信息:" + e.getMessage();
LogUtil.syslog(sqlSession, type, info);
log.error("ERRORLOG证书更新通知 {}", info);
return;
}
}
} catch (Exception e) {
String type = "发送证书更新通知失败";
String info = "用户手机号:" + mPhone + ",订单号" + billSn + "错误信息:" + e.getMessage();
LogUtil.syslog(sqlSession, type, info);
log.error("ERRORLOG证书更新通知 {}", info);
return;
}
}
Also used :
UserCertExample(com.itrus.portal.db.UserCertExample)
Product(com.itrus.portal.db.Product)
UserInfo(com.itrus.portal.db.UserInfo)
Date(java.util.Date)
UserInfoServiceException(com.itrus.portal.exception.UserInfoServiceException)
UserInfoServiceException(com.itrus.portal.exception.UserInfoServiceException)
BillExample(com.itrus.portal.db.BillExample)
Bill(com.itrus.portal.db.Bill)
Enterprise(com.itrus.portal.db.Enterprise)
UserCert(com.itrus.portal.db.UserCert)
Scheduled(org.springframework.scheduling.annotation.Scheduled)
Aggregations
UserCert (com.itrus.portal.db.UserCert)54
RequestMapping (org.springframework.web.bind.annotation.RequestMapping)39
UserInfo (com.itrus.portal.db.UserInfo)25
HashMap (java.util.HashMap)24
Bill (com.itrus.portal.db.Bill)22
IOException (java.io.IOException)21
Enterprise (com.itrus.portal.db.Enterprise)19
Product (com.itrus.portal.db.Product)19
UserInfoServiceException (com.itrus.portal.exception.UserInfoServiceException)15
Date (java.util.Date)15
ResponseBody (org.springframework.web.bind.annotation.ResponseBody)14
JSONObject (com.alibaba.fastjson.JSONObject)13
ArrayList (java.util.ArrayList)11
UserCertExample (com.itrus.portal.db.UserCertExample)10
CertBuf (com.itrus.portal.db.CertBuf)9
UnsupportedEncodingException (java.io.UnsupportedEncodingException)8
SigningServerException (com.itrus.cryptorole.SigningServerException)7
Project (com.itrus.portal.db.Project)7
UserinfoEnterprise (com.itrus.portal.db.UserinfoEnterprise)7
CertificateException (java.security.cert.CertificateException)7
