use of com.liumapp.digitalsign.test.ca.tianwei.cert.CertInfo in project spring-cloud-digital-sign by SpringForAll.
the class RaService method enrollCertAA.
/**
* AA模式申请证书或PASSCODE模式申请证书
*
* @Title: enrollCert
* @Description: TODO(申请个人用户证书)
* @param userInfo
* 证书用户信息
* @param certReqBuf
* 证书请求,使用客户端的加密服务提供者来产生PKCS10格式的证书申请请求信息
* @param passCode
* 通行码,若使用通行码模式签发证书时则需要录入得到的通行码信息,缺省为""
* @param certValidity
* 证书有效期 ,若传入0,则默认使用services.properties配置的值
* @return CertInfo 返回签发的证书信息
* @throws JSONException
*/
public JSONObject enrollCertAA(UserInfo userInfo, String certReqBuf, String passCode, Integer certValidity) throws JSONException {
CertInfo certInfo = new CertInfo();
JSONObject ret = new JSONObject();
String json = "";
// 用户名不能为空
if (StringUtils.isEmpty(userInfo.getUserName())) {
ret.put("code", "10010101");
ret.put("msg", errorCode.getErrorCode().get(10010101));
return ret;
}
// 用户邮箱不能为空
if (StringUtils.isEmpty(userInfo.getUserEmail())) {
ret.put("code", "10010102");
ret.put("msg", errorCode.getErrorCode().get(10010102));
return ret;
}
if (StringUtils.isEmpty(certReqBuf)) {
ret.put("code", "10010103");
ret.put("msg", errorCode.getErrorCode().get(10010103));
return ret;
}
// 有效期为空
if (certValidity == 0) {
certValidity = CERT_VALIDITY;
}
try {
if (CERT_ISKMC != null) {
json = "{'certKmcReq2':'" + (CERT_ISKMC.equals("false") ? "" : "kmcClientVersion=20150130") + "','certValidity':'" + certValidity + "'}";
}
UserAPIServicePortTypeProxy proxy = axisUtil.getProxyNow();
certInfo = proxy.enrollCertAA(userInfo, certReqBuf, ACCOUNT_HASH, CERT_REQ_CHALLENGE, passCode, json);
if (CERT_ENROLL_MODEL.equals("AA")) {
ret.put("code", "0");
ret.put("certInfo", certInfo);
ret.put("msg", "");
} else {
ret.put("code", "0");
ret.put("msg", "PassCode模式申请证书成功,请等待管理员批准......");
}
} catch (Exception e) {
ret.put("code", "20010101");
ret.put("msg", errorCode.getErrorCode().get(20010101) + ":" + e.getMessage());
return ret;
}
return ret;
}
use of com.liumapp.digitalsign.test.ca.tianwei.cert.CertInfo in project spring-cloud-digital-sign by SpringForAll.
the class RaService method renewCert.
/**
* 更新个人用户证书
*
* @Title: renewCert
* @Description: TODO(更新个人用户证书 )
* @param certInfo
* 旧证书对象
* @param csrSignedData
* 原证书的CSR签名信息
* @param passCode
* 通行码,在passcode更新模式下此项必填,在普通模式下此项可为空
* @param certValidity
* 证书有效期
* @return JSONObject 返回结果信息
* @throws JSONException
*/
public JSONObject renewCert(CertInfo certInfo, String csrSignedData, String passCode, Integer certValidity) throws JSONException {
JSONObject ret = new JSONObject();
if (null == certInfo.getCertReqBuf() || certInfo.getCertReqBuf().equals("")) {
ret.put("code", "30010101");
ret.put("msg", errorCode.getErrorCode().get(30010101));
return ret;
}
if (null == certInfo.getCertSignBuf() && certInfo.getCertSignBuf().equals("")) {
ret.put("code", "30010102");
ret.put("msg", errorCode.getErrorCode().get(30010102));
return ret;
}
String json = "";
try {
UserAPIServicePortTypeProxy proxy = axisUtil.getProxyNow();
if ("passCodeModel".equals(CERT_RENEW_MODEL)) {
// passcode模式
if (passCode == null || passCode.trim().length() == 0) {
ret.put("code", "10010104");
ret.put("code", errorCode.getErrorCode().get(10010104));
return ret;
}
json = "{'PKCSINFORMATION':'" + csrSignedData + "','CERT_REQ_BUF':'" + certInfo.getCertReqBuf() + "','certValidity':'" + certValidity + "'}";
CertInfo certInfoRes = proxy.renewCertAA(null, certInfo, ACCOUNT_HASH, null, passCode, json);
ret.put("certInfo", certInfoRes);
ret.put("code", "0");
ret.put("msg", "");
} else if (CERT_ENROLL_MODEL.equals("AA")) {
// AA模式
json = "{'PKCSINFORMATION':'" + csrSignedData + "','CERT_REQ_BUF':'" + certInfo.getCertReqBuf() + "','certValidity':'" + certValidity + "'}";
CertInfo certInfoRes = proxy.renewCertAA(null, certInfo, ACCOUNT_HASH, null, passCode, json);
ret.put("certInfo", certInfoRes);
ret.put("code", "0");
ret.put("msg", "");
} else {
proxy.renewCert(null, certInfo, ACCOUNT_HASH, json);
ret.put("code", "0");
ret.put("msg", "更新证书成功,请等待管理员审批");
}
} catch (Exception e) {
ret.put("code", "20010101");
ret.put("msg", errorCode.getErrorCode().get(20010101) + ":" + e.getMessage());
}
return ret;
}
use of com.liumapp.digitalsign.test.ca.tianwei.cert.CertInfo in project spring-cloud-digital-sign by SpringForAll.
the class Certificate method begin.
/**
* 直接生成pfx证书文件
* @return
*/
@RequestMapping("/")
public String begin() {
/**
* 服务端生成证书,并保存成Pfx文件格式 *
*/
String userName = "测试公司";
String userEmail = "test@szitrus.com.cn";
/**
* 扩展字段是针对证书做扩展,即在证书的属性内增加如下内容,详细请联系天威诚信技术做解答 *
*/
String userAdditionalField1 = "测试公司";
// String userAdditionalField2 = "";
// String userAdditionalField3 = "";
// String userAdditionalField4 = "";
// String userAdditionalField5 = "";
// String userAdditionalField6 = "";
// String userAdditionalField7 = "";
// String userAdditionalField8 = "";
// String userAdditionalField9 = "";
// String userAdditionalField10 = "";
UserInfo userInfo = new UserInfo();
// 证书名称
userInfo.setUserName(userName);
// 证书所有者Email
userInfo.setUserEmail(userEmail);
// 扩展字段1
userInfo.setUserAdditionalField1(userAdditionalField1);
// userInfo.setUserAdditionalField2(userAdditionalField2); // 扩展字段2
// userInfo.setUserAdditionalField3(userAdditionalField3); // 扩展字段3
// userInfo.setUserAdditionalField4(userAdditionalField4); // 扩展字段4
// userInfo.setUserAdditionalField5(userAdditionalField5); // 扩展字段5
// userInfo.setUserAdditionalField6(userAdditionalField6); // 扩展字段6
// userInfo.setUserAdditionalField7(userAdditionalField7); // 扩展字段7
// userInfo.setUserAdditionalField8(userAdditionalField8); // 扩展字段8
// userInfo.setUserAdditionalField9(userAdditionalField9); // 扩展字段9
// userInfo.setUserAdditionalField10(userAdditionalField10);// 扩展字段10
/**
* 产生CSR(证书请求 即 p10) *
*/
ServerPKCSUtil serverPKCSUtil = new ServerPKCSUtil();
String certReqBuf = serverPKCSUtil.genCsr("RSA");
/**
* 调用接口制作证书 *
*/
String passCode = "";
// 不设置证书有效期,默认读取services.properties的属性值
Integer certValidity = 0;
JSONObject jsonObject = new JSONObject();
try {
jsonObject = raService.enrollCertAA(userInfo, certReqBuf, passCode, certValidity);
CertInfo certInfo = new CertInfo();
if (jsonObject.get("certInfo") != null) {
certInfo = (CertInfo) jsonObject.get("certInfo");
System.out.println("证书base64" + certInfo.getCertSignBuf());
}
// 公钥证书
String certSignBufP7 = certInfo.getCertSignBuf();
// 证书密码
String password = "password";
System.out.println("当前申请的证书序列号是:[" + certInfo.getCertSerialNumber() + "]");
/**
* 数字证书转换为pkcs12 格式 *
*/
String pkcs12Cert = serverPKCSUtil.genP12(password, certSignBufP7);
System.out.println(pkcs12Cert);
/**
* 将pkcs12 格式证书写到pfx文件中 *
*/
String pfxPath = savePath + certInfo.getCertSerialNumber() + ".pfx";
FileOutputStream fileOutputStream = new FileOutputStream(new File(pfxPath));
fileOutputStream.write(Base64.decode(pkcs12Cert));
fileOutputStream.close();
} catch (JSONException e) {
e.printStackTrace();
} catch (FileNotFoundException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
return "success";
}
use of com.liumapp.digitalsign.test.ca.tianwei.cert.CertInfo in project spring-cloud-digital-sign by SpringForAll.
the class UserAPIServiceSoapBindingStub method pickupCert.
public CertInfo pickupCert(String certPin, String certReqChallenge, String certReqBuf, String accountHash, String json) throws java.rmi.RemoteException, RaServiceUnavailable {
if (super.cachedEndpoint == null) {
throw new org.apache.axis.NoEndPointException();
}
org.apache.axis.client.Call _call = createCall();
_call.setOperation(_operations[9]);
_call.setUseSOAPAction(true);
_call.setSOAPActionURI("");
_call.setEncodingStyle(null);
_call.setProperty(org.apache.axis.client.Call.SEND_TYPE_ATTR, Boolean.FALSE);
_call.setProperty(org.apache.axis.AxisEngine.PROP_DOMULTIREFS, Boolean.FALSE);
_call.setSOAPVersion(org.apache.axis.soap.SOAPConstants.SOAP11_CONSTANTS);
_call.setOperationName(new QName("http://service.ra.tca.topca.cn/", "pickupCert"));
setRequestHeaders(_call);
setAttachments(_call);
try {
java.lang.Object _resp = _call.invoke(new java.lang.Object[] { certPin, certReqChallenge, certReqBuf, accountHash, json });
if (_resp instanceof java.rmi.RemoteException) {
throw (java.rmi.RemoteException) _resp;
} else {
extractAttachments(_call);
try {
return (CertInfo) _resp;
} catch (java.lang.Exception _exception) {
return (CertInfo) org.apache.axis.utils.JavaUtils.convert(_resp, CertInfo.class);
}
}
} catch (org.apache.axis.AxisFault axisFaultException) {
if (axisFaultException.detail != null) {
if (axisFaultException.detail instanceof java.rmi.RemoteException) {
throw (java.rmi.RemoteException) axisFaultException.detail;
}
if (axisFaultException.detail instanceof RaServiceUnavailable) {
throw (RaServiceUnavailable) axisFaultException.detail;
}
}
throw axisFaultException;
}
}
use of com.liumapp.digitalsign.test.ca.tianwei.cert.CertInfo in project spring-cloud-digital-sign by SpringForAll.
the class UserAPIServiceSoapBindingStub method _initOperationDesc2.
private static void _initOperationDesc2() {
OperationDesc oper;
ParameterDesc param;
oper = new OperationDesc();
oper.setName("queryCertBySerialNumber");
param = new ParameterDesc(new QName("", "serialNumber"), ParameterDesc.IN, new QName("http://www.w3.org/2001/XMLSchema", "string"), String.class, false, false);
param.setOmittable(true);
oper.addParameter(param);
param = new ParameterDesc(new QName("", "accountHash"), ParameterDesc.IN, new QName("http://www.w3.org/2001/XMLSchema", "string"), String.class, false, false);
param.setOmittable(true);
oper.addParameter(param);
param = new ParameterDesc(new QName("", "json"), ParameterDesc.IN, new QName("http://www.w3.org/2001/XMLSchema", "string"), String.class, false, false);
param.setOmittable(true);
oper.addParameter(param);
oper.setReturnType(new QName("http://service.ra.tca.topca.cn/", "queryCertResult"));
oper.setReturnClass(QueryCertResult.class);
oper.setReturnQName(new QName("", "return"));
oper.setStyle(org.apache.axis.constants.Style.WRAPPED);
oper.setUse(org.apache.axis.constants.Use.LITERAL);
oper.addFault(new org.apache.axis.description.FaultDesc(new QName("http://service.ra.tca.topca.cn/", "RaServiceUnavailable"), "RaServiceUnavailable", new QName("http://service.ra.tca.topca.cn/", "RaServiceUnavailable"), true));
_operations[10] = oper;
oper = new OperationDesc();
oper.setName("synchroTemplate");
param = new ParameterDesc(new QName("", "accountHash"), ParameterDesc.IN, new QName("http://www.w3.org/2001/XMLSchema", "string"), String.class, false, false);
param.setOmittable(true);
oper.addParameter(param);
oper.setReturnType(new QName("http://service.ra.tca.topca.cn/", "accountConfigResult"));
oper.setReturnClass(AccountConfigResult.class);
oper.setReturnQName(new QName("", "return"));
oper.setStyle(org.apache.axis.constants.Style.WRAPPED);
oper.setUse(org.apache.axis.constants.Use.LITERAL);
oper.addFault(new org.apache.axis.description.FaultDesc(new QName("http://service.ra.tca.topca.cn/", "RaServiceUnavailable"), "RaServiceUnavailable", new QName("http://service.ra.tca.topca.cn/", "RaServiceUnavailable"), true));
_operations[11] = oper;
oper = new OperationDesc();
oper.setName("renewCert");
param = new ParameterDesc(new QName("", "userInfo"), ParameterDesc.IN, new QName("http://service.ra.tca.topca.cn/", "userInfo"), UserInfo.class, false, false);
param.setOmittable(true);
oper.addParameter(param);
param = new ParameterDesc(new QName("", "origin"), ParameterDesc.IN, new QName("http://service.ra.tca.topca.cn/", "certInfo"), CertInfo.class, false, false);
param.setOmittable(true);
oper.addParameter(param);
param = new ParameterDesc(new QName("", "accountHash"), ParameterDesc.IN, new QName("http://www.w3.org/2001/XMLSchema", "string"), String.class, false, false);
param.setOmittable(true);
oper.addParameter(param);
param = new ParameterDesc(new QName("", "json"), ParameterDesc.IN, new QName("http://www.w3.org/2001/XMLSchema", "string"), String.class, false, false);
param.setOmittable(true);
oper.addParameter(param);
oper.setReturnType(org.apache.axis.encoding.XMLType.AXIS_VOID);
oper.setStyle(org.apache.axis.constants.Style.WRAPPED);
oper.setUse(org.apache.axis.constants.Use.LITERAL);
oper.addFault(new org.apache.axis.description.FaultDesc(new QName("http://service.ra.tca.topca.cn/", "RaServiceUnavailable"), "RaServiceUnavailable", new QName("http://service.ra.tca.topca.cn/", "RaServiceUnavailable"), true));
_operations[12] = oper;
oper = new OperationDesc();
oper.setName("revokeCert");
param = new ParameterDesc(new QName("", "serialNumber"), ParameterDesc.IN, new QName("http://www.w3.org/2001/XMLSchema", "string"), String.class, false, false);
param.setOmittable(true);
oper.addParameter(param);
param = new ParameterDesc(new QName("", "certReqChallenge"), ParameterDesc.IN, new QName("http://www.w3.org/2001/XMLSchema", "string"), String.class, false, false);
param.setOmittable(true);
oper.addParameter(param);
param = new ParameterDesc(new QName("", "certRevokeReason"), ParameterDesc.IN, new QName("http://www.w3.org/2001/XMLSchema", "string"), String.class, false, false);
param.setOmittable(true);
oper.addParameter(param);
param = new ParameterDesc(new QName("", "accountHash"), ParameterDesc.IN, new QName("http://www.w3.org/2001/XMLSchema", "string"), String.class, false, false);
param.setOmittable(true);
oper.addParameter(param);
param = new ParameterDesc(new QName("", "json"), ParameterDesc.IN, new QName("http://www.w3.org/2001/XMLSchema", "string"), String.class, false, false);
param.setOmittable(true);
oper.addParameter(param);
oper.setReturnType(org.apache.axis.encoding.XMLType.AXIS_VOID);
oper.setStyle(org.apache.axis.constants.Style.WRAPPED);
oper.setUse(org.apache.axis.constants.Use.LITERAL);
oper.addFault(new org.apache.axis.description.FaultDesc(new QName("http://service.ra.tca.topca.cn/", "RaServiceUnavailable"), "RaServiceUnavailable", new QName("http://service.ra.tca.topca.cn/", "RaServiceUnavailable"), true));
_operations[13] = oper;
oper = new OperationDesc();
oper.setName("suspendCert");
param = new ParameterDesc(new QName("", "serialNumber"), ParameterDesc.IN, new QName("http://www.w3.org/2001/XMLSchema", "string"), String.class, false, false);
param.setOmittable(true);
oper.addParameter(param);
param = new ParameterDesc(new QName("", "accountHash"), ParameterDesc.IN, new QName("http://www.w3.org/2001/XMLSchema", "string"), String.class, false, false);
param.setOmittable(true);
oper.addParameter(param);
param = new ParameterDesc(new QName("", "json"), ParameterDesc.IN, new QName("http://www.w3.org/2001/XMLSchema", "string"), String.class, false, false);
param.setOmittable(true);
oper.addParameter(param);
oper.setReturnType(org.apache.axis.encoding.XMLType.AXIS_VOID);
oper.setStyle(org.apache.axis.constants.Style.WRAPPED);
oper.setUse(org.apache.axis.constants.Use.LITERAL);
oper.addFault(new org.apache.axis.description.FaultDesc(new QName("http://service.ra.tca.topca.cn/", "RaServiceUnavailable"), "RaServiceUnavailable", new QName("http://service.ra.tca.topca.cn/", "RaServiceUnavailable"), true));
_operations[14] = oper;
oper = new OperationDesc();
oper.setName("enrollCertAA");
param = new ParameterDesc(new QName("", "userInfo"), ParameterDesc.IN, new QName("http://service.ra.tca.topca.cn/", "userInfo"), UserInfo.class, false, false);
param.setOmittable(true);
oper.addParameter(param);
param = new ParameterDesc(new QName("", "certReqBuf"), ParameterDesc.IN, new QName("http://www.w3.org/2001/XMLSchema", "string"), String.class, false, false);
param.setOmittable(true);
oper.addParameter(param);
param = new ParameterDesc(new QName("", "accountHash"), ParameterDesc.IN, new QName("http://www.w3.org/2001/XMLSchema", "string"), String.class, false, false);
param.setOmittable(true);
oper.addParameter(param);
param = new ParameterDesc(new QName("", "aaCheckPoint"), ParameterDesc.IN, new QName("http://www.w3.org/2001/XMLSchema", "string"), String.class, false, false);
param.setOmittable(true);
oper.addParameter(param);
param = new ParameterDesc(new QName("", "passCode"), ParameterDesc.IN, new QName("http://www.w3.org/2001/XMLSchema", "string"), String.class, false, false);
param.setOmittable(true);
oper.addParameter(param);
param = new ParameterDesc(new QName("", "json"), ParameterDesc.IN, new QName("http://www.w3.org/2001/XMLSchema", "string"), String.class, false, false);
param.setOmittable(true);
oper.addParameter(param);
oper.setReturnType(new QName("http://service.ra.tca.topca.cn/", "certInfo"));
oper.setReturnClass(CertInfo.class);
oper.setReturnQName(new QName("", "return"));
oper.setStyle(org.apache.axis.constants.Style.WRAPPED);
oper.setUse(org.apache.axis.constants.Use.LITERAL);
oper.addFault(new org.apache.axis.description.FaultDesc(new QName("http://service.ra.tca.topca.cn/", "RaServiceUnavailable"), "RaServiceUnavailable", new QName("http://service.ra.tca.topca.cn/", "RaServiceUnavailable"), true));
_operations[15] = oper;
}
Aggregations