Search in sources :

Example 1 with CertInfo

use of com.liumapp.digitalsign.test.ca.tianwei.cert.CertInfo in project spring-cloud-digital-sign by SpringForAll.

the class RaService method enrollCertAA.

/**
 * AA模式申请证书或PASSCODE模式申请证书
 *
 * @Title: enrollCert
 * @Description: TODO(申请个人用户证书)
 * @param userInfo
 *            证书用户信息
 * @param certReqBuf
 *            证书请求,使用客户端的加密服务提供者来产生PKCS10格式的证书申请请求信息
 * @param passCode
 *            通行码,若使用通行码模式签发证书时则需要录入得到的通行码信息,缺省为""
 * @param certValidity
 *            证书有效期 ,若传入0,则默认使用services.properties配置的值
 * @return CertInfo 返回签发的证书信息
 * @throws JSONException
 */
public JSONObject enrollCertAA(UserInfo userInfo, String certReqBuf, String passCode, Integer certValidity) throws JSONException {
    CertInfo certInfo = new CertInfo();
    JSONObject ret = new JSONObject();
    String json = "";
    // 用户名不能为空
    if (StringUtils.isEmpty(userInfo.getUserName())) {
        ret.put("code", "10010101");
        ret.put("msg", errorCode.getErrorCode().get(10010101));
        return ret;
    }
    // 用户邮箱不能为空
    if (StringUtils.isEmpty(userInfo.getUserEmail())) {
        ret.put("code", "10010102");
        ret.put("msg", errorCode.getErrorCode().get(10010102));
        return ret;
    }
    if (StringUtils.isEmpty(certReqBuf)) {
        ret.put("code", "10010103");
        ret.put("msg", errorCode.getErrorCode().get(10010103));
        return ret;
    }
    // 有效期为空
    if (certValidity == 0) {
        certValidity = CERT_VALIDITY;
    }
    try {
        if (CERT_ISKMC != null) {
            json = "{'certKmcReq2':'" + (CERT_ISKMC.equals("false") ? "" : "kmcClientVersion=20150130") + "','certValidity':'" + certValidity + "'}";
        }
        UserAPIServicePortTypeProxy proxy = axisUtil.getProxyNow();
        certInfo = proxy.enrollCertAA(userInfo, certReqBuf, ACCOUNT_HASH, CERT_REQ_CHALLENGE, passCode, json);
        if (CERT_ENROLL_MODEL.equals("AA")) {
            ret.put("code", "0");
            ret.put("certInfo", certInfo);
            ret.put("msg", "");
        } else {
            ret.put("code", "0");
            ret.put("msg", "PassCode模式申请证书成功,请等待管理员批准......");
        }
    } catch (Exception e) {
        ret.put("code", "20010101");
        ret.put("msg", errorCode.getErrorCode().get(20010101) + ":" + e.getMessage());
        return ret;
    }
    return ret;
}
Also used : CertInfo(com.liumapp.digitalsign.test.ca.tianwei.cert.CertInfo) JSONObject(org.json.JSONObject) UserAPIServicePortTypeProxy(com.liumapp.digitalsign.test.ca.tianwei.proxy.UserAPIServicePortTypeProxy) JSONException(org.json.JSONException)

Example 2 with CertInfo

use of com.liumapp.digitalsign.test.ca.tianwei.cert.CertInfo in project spring-cloud-digital-sign by SpringForAll.

the class RaService method renewCert.

/**
 * 更新个人用户证书
 *
 * @Title: renewCert
 * @Description: TODO(更新个人用户证书 )
 * @param certInfo
 *            旧证书对象
 * @param csrSignedData
 *            原证书的CSR签名信息
 * @param passCode
 *            通行码,在passcode更新模式下此项必填,在普通模式下此项可为空
 * @param certValidity
 *            证书有效期
 * @return JSONObject 返回结果信息
 * @throws JSONException
 */
public JSONObject renewCert(CertInfo certInfo, String csrSignedData, String passCode, Integer certValidity) throws JSONException {
    JSONObject ret = new JSONObject();
    if (null == certInfo.getCertReqBuf() || certInfo.getCertReqBuf().equals("")) {
        ret.put("code", "30010101");
        ret.put("msg", errorCode.getErrorCode().get(30010101));
        return ret;
    }
    if (null == certInfo.getCertSignBuf() && certInfo.getCertSignBuf().equals("")) {
        ret.put("code", "30010102");
        ret.put("msg", errorCode.getErrorCode().get(30010102));
        return ret;
    }
    String json = "";
    try {
        UserAPIServicePortTypeProxy proxy = axisUtil.getProxyNow();
        if ("passCodeModel".equals(CERT_RENEW_MODEL)) {
            // passcode模式
            if (passCode == null || passCode.trim().length() == 0) {
                ret.put("code", "10010104");
                ret.put("code", errorCode.getErrorCode().get(10010104));
                return ret;
            }
            json = "{'PKCSINFORMATION':'" + csrSignedData + "','CERT_REQ_BUF':'" + certInfo.getCertReqBuf() + "','certValidity':'" + certValidity + "'}";
            CertInfo certInfoRes = proxy.renewCertAA(null, certInfo, ACCOUNT_HASH, null, passCode, json);
            ret.put("certInfo", certInfoRes);
            ret.put("code", "0");
            ret.put("msg", "");
        } else if (CERT_ENROLL_MODEL.equals("AA")) {
            // AA模式
            json = "{'PKCSINFORMATION':'" + csrSignedData + "','CERT_REQ_BUF':'" + certInfo.getCertReqBuf() + "','certValidity':'" + certValidity + "'}";
            CertInfo certInfoRes = proxy.renewCertAA(null, certInfo, ACCOUNT_HASH, null, passCode, json);
            ret.put("certInfo", certInfoRes);
            ret.put("code", "0");
            ret.put("msg", "");
        } else {
            proxy.renewCert(null, certInfo, ACCOUNT_HASH, json);
            ret.put("code", "0");
            ret.put("msg", "更新证书成功,请等待管理员审批");
        }
    } catch (Exception e) {
        ret.put("code", "20010101");
        ret.put("msg", errorCode.getErrorCode().get(20010101) + ":" + e.getMessage());
    }
    return ret;
}
Also used : CertInfo(com.liumapp.digitalsign.test.ca.tianwei.cert.CertInfo) JSONObject(org.json.JSONObject) UserAPIServicePortTypeProxy(com.liumapp.digitalsign.test.ca.tianwei.proxy.UserAPIServicePortTypeProxy) JSONException(org.json.JSONException)

Example 3 with CertInfo

use of com.liumapp.digitalsign.test.ca.tianwei.cert.CertInfo in project spring-cloud-digital-sign by SpringForAll.

the class Certificate method begin.

/**
 * 直接生成pfx证书文件
 * @return
 */
@RequestMapping("/")
public String begin() {
    /**
     * 服务端生成证书,并保存成Pfx文件格式 *
     */
    String userName = "测试公司";
    String userEmail = "test@szitrus.com.cn";
    /**
     * 扩展字段是针对证书做扩展,即在证书的属性内增加如下内容,详细请联系天威诚信技术做解答 *
     */
    String userAdditionalField1 = "测试公司";
    // String userAdditionalField2 = "";
    // String userAdditionalField3 = "";
    // String userAdditionalField4 = "";
    // String userAdditionalField5 = "";
    // String userAdditionalField6 = "";
    // String userAdditionalField7 = "";
    // String userAdditionalField8 = "";
    // String userAdditionalField9 = "";
    // String userAdditionalField10 = "";
    UserInfo userInfo = new UserInfo();
    // 证书名称
    userInfo.setUserName(userName);
    // 证书所有者Email
    userInfo.setUserEmail(userEmail);
    // 扩展字段1
    userInfo.setUserAdditionalField1(userAdditionalField1);
    // userInfo.setUserAdditionalField2(userAdditionalField2); // 扩展字段2
    // userInfo.setUserAdditionalField3(userAdditionalField3); // 扩展字段3
    // userInfo.setUserAdditionalField4(userAdditionalField4); // 扩展字段4
    // userInfo.setUserAdditionalField5(userAdditionalField5); // 扩展字段5
    // userInfo.setUserAdditionalField6(userAdditionalField6); // 扩展字段6
    // userInfo.setUserAdditionalField7(userAdditionalField7); // 扩展字段7
    // userInfo.setUserAdditionalField8(userAdditionalField8); // 扩展字段8
    // userInfo.setUserAdditionalField9(userAdditionalField9); // 扩展字段9
    // userInfo.setUserAdditionalField10(userAdditionalField10);// 扩展字段10
    /**
     * 产生CSR(证书请求 即 p10) *
     */
    ServerPKCSUtil serverPKCSUtil = new ServerPKCSUtil();
    String certReqBuf = serverPKCSUtil.genCsr("RSA");
    /**
     * 调用接口制作证书 *
     */
    String passCode = "";
    // 不设置证书有效期,默认读取services.properties的属性值
    Integer certValidity = 0;
    JSONObject jsonObject = new JSONObject();
    try {
        jsonObject = raService.enrollCertAA(userInfo, certReqBuf, passCode, certValidity);
        CertInfo certInfo = new CertInfo();
        if (jsonObject.get("certInfo") != null) {
            certInfo = (CertInfo) jsonObject.get("certInfo");
            System.out.println("证书base64" + certInfo.getCertSignBuf());
        }
        // 公钥证书
        String certSignBufP7 = certInfo.getCertSignBuf();
        // 证书密码
        String password = "password";
        System.out.println("当前申请的证书序列号是:[" + certInfo.getCertSerialNumber() + "]");
        /**
         * 数字证书转换为pkcs12 格式 *
         */
        String pkcs12Cert = serverPKCSUtil.genP12(password, certSignBufP7);
        System.out.println(pkcs12Cert);
        /**
         * 将pkcs12 格式证书写到pfx文件中 *
         */
        String pfxPath = savePath + certInfo.getCertSerialNumber() + ".pfx";
        FileOutputStream fileOutputStream = new FileOutputStream(new File(pfxPath));
        fileOutputStream.write(Base64.decode(pkcs12Cert));
        fileOutputStream.close();
    } catch (JSONException e) {
        e.printStackTrace();
    } catch (FileNotFoundException e) {
        e.printStackTrace();
    } catch (IOException e) {
        e.printStackTrace();
    }
    return "success";
}
Also used : CertInfo(com.liumapp.digitalsign.test.ca.tianwei.cert.CertInfo) ServerPKCSUtil(com.liumapp.digitalsign.test.ca.tianwei.utils.ServerPKCSUtil) JSONObject(org.json.JSONObject) FileOutputStream(java.io.FileOutputStream) FileNotFoundException(java.io.FileNotFoundException) JSONException(org.json.JSONException) UserInfo(com.liumapp.digitalsign.test.ca.tianwei.user.UserInfo) IOException(java.io.IOException) File(java.io.File) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 4 with CertInfo

use of com.liumapp.digitalsign.test.ca.tianwei.cert.CertInfo in project spring-cloud-digital-sign by SpringForAll.

the class UserAPIServiceSoapBindingStub method pickupCert.

public CertInfo pickupCert(String certPin, String certReqChallenge, String certReqBuf, String accountHash, String json) throws java.rmi.RemoteException, RaServiceUnavailable {
    if (super.cachedEndpoint == null) {
        throw new org.apache.axis.NoEndPointException();
    }
    org.apache.axis.client.Call _call = createCall();
    _call.setOperation(_operations[9]);
    _call.setUseSOAPAction(true);
    _call.setSOAPActionURI("");
    _call.setEncodingStyle(null);
    _call.setProperty(org.apache.axis.client.Call.SEND_TYPE_ATTR, Boolean.FALSE);
    _call.setProperty(org.apache.axis.AxisEngine.PROP_DOMULTIREFS, Boolean.FALSE);
    _call.setSOAPVersion(org.apache.axis.soap.SOAPConstants.SOAP11_CONSTANTS);
    _call.setOperationName(new QName("http://service.ra.tca.topca.cn/", "pickupCert"));
    setRequestHeaders(_call);
    setAttachments(_call);
    try {
        java.lang.Object _resp = _call.invoke(new java.lang.Object[] { certPin, certReqChallenge, certReqBuf, accountHash, json });
        if (_resp instanceof java.rmi.RemoteException) {
            throw (java.rmi.RemoteException) _resp;
        } else {
            extractAttachments(_call);
            try {
                return (CertInfo) _resp;
            } catch (java.lang.Exception _exception) {
                return (CertInfo) org.apache.axis.utils.JavaUtils.convert(_resp, CertInfo.class);
            }
        }
    } catch (org.apache.axis.AxisFault axisFaultException) {
        if (axisFaultException.detail != null) {
            if (axisFaultException.detail instanceof java.rmi.RemoteException) {
                throw (java.rmi.RemoteException) axisFaultException.detail;
            }
            if (axisFaultException.detail instanceof RaServiceUnavailable) {
                throw (RaServiceUnavailable) axisFaultException.detail;
            }
        }
        throw axisFaultException;
    }
}
Also used : CertInfo(com.liumapp.digitalsign.test.ca.tianwei.cert.CertInfo) QName(javax.xml.namespace.QName) RaServiceUnavailable(com.liumapp.digitalsign.test.ca.tianwei.error.RaServiceUnavailable)

Example 5 with CertInfo

use of com.liumapp.digitalsign.test.ca.tianwei.cert.CertInfo in project spring-cloud-digital-sign by SpringForAll.

the class UserAPIServiceSoapBindingStub method _initOperationDesc2.

private static void _initOperationDesc2() {
    OperationDesc oper;
    ParameterDesc param;
    oper = new OperationDesc();
    oper.setName("queryCertBySerialNumber");
    param = new ParameterDesc(new QName("", "serialNumber"), ParameterDesc.IN, new QName("http://www.w3.org/2001/XMLSchema", "string"), String.class, false, false);
    param.setOmittable(true);
    oper.addParameter(param);
    param = new ParameterDesc(new QName("", "accountHash"), ParameterDesc.IN, new QName("http://www.w3.org/2001/XMLSchema", "string"), String.class, false, false);
    param.setOmittable(true);
    oper.addParameter(param);
    param = new ParameterDesc(new QName("", "json"), ParameterDesc.IN, new QName("http://www.w3.org/2001/XMLSchema", "string"), String.class, false, false);
    param.setOmittable(true);
    oper.addParameter(param);
    oper.setReturnType(new QName("http://service.ra.tca.topca.cn/", "queryCertResult"));
    oper.setReturnClass(QueryCertResult.class);
    oper.setReturnQName(new QName("", "return"));
    oper.setStyle(org.apache.axis.constants.Style.WRAPPED);
    oper.setUse(org.apache.axis.constants.Use.LITERAL);
    oper.addFault(new org.apache.axis.description.FaultDesc(new QName("http://service.ra.tca.topca.cn/", "RaServiceUnavailable"), "RaServiceUnavailable", new QName("http://service.ra.tca.topca.cn/", "RaServiceUnavailable"), true));
    _operations[10] = oper;
    oper = new OperationDesc();
    oper.setName("synchroTemplate");
    param = new ParameterDesc(new QName("", "accountHash"), ParameterDesc.IN, new QName("http://www.w3.org/2001/XMLSchema", "string"), String.class, false, false);
    param.setOmittable(true);
    oper.addParameter(param);
    oper.setReturnType(new QName("http://service.ra.tca.topca.cn/", "accountConfigResult"));
    oper.setReturnClass(AccountConfigResult.class);
    oper.setReturnQName(new QName("", "return"));
    oper.setStyle(org.apache.axis.constants.Style.WRAPPED);
    oper.setUse(org.apache.axis.constants.Use.LITERAL);
    oper.addFault(new org.apache.axis.description.FaultDesc(new QName("http://service.ra.tca.topca.cn/", "RaServiceUnavailable"), "RaServiceUnavailable", new QName("http://service.ra.tca.topca.cn/", "RaServiceUnavailable"), true));
    _operations[11] = oper;
    oper = new OperationDesc();
    oper.setName("renewCert");
    param = new ParameterDesc(new QName("", "userInfo"), ParameterDesc.IN, new QName("http://service.ra.tca.topca.cn/", "userInfo"), UserInfo.class, false, false);
    param.setOmittable(true);
    oper.addParameter(param);
    param = new ParameterDesc(new QName("", "origin"), ParameterDesc.IN, new QName("http://service.ra.tca.topca.cn/", "certInfo"), CertInfo.class, false, false);
    param.setOmittable(true);
    oper.addParameter(param);
    param = new ParameterDesc(new QName("", "accountHash"), ParameterDesc.IN, new QName("http://www.w3.org/2001/XMLSchema", "string"), String.class, false, false);
    param.setOmittable(true);
    oper.addParameter(param);
    param = new ParameterDesc(new QName("", "json"), ParameterDesc.IN, new QName("http://www.w3.org/2001/XMLSchema", "string"), String.class, false, false);
    param.setOmittable(true);
    oper.addParameter(param);
    oper.setReturnType(org.apache.axis.encoding.XMLType.AXIS_VOID);
    oper.setStyle(org.apache.axis.constants.Style.WRAPPED);
    oper.setUse(org.apache.axis.constants.Use.LITERAL);
    oper.addFault(new org.apache.axis.description.FaultDesc(new QName("http://service.ra.tca.topca.cn/", "RaServiceUnavailable"), "RaServiceUnavailable", new QName("http://service.ra.tca.topca.cn/", "RaServiceUnavailable"), true));
    _operations[12] = oper;
    oper = new OperationDesc();
    oper.setName("revokeCert");
    param = new ParameterDesc(new QName("", "serialNumber"), ParameterDesc.IN, new QName("http://www.w3.org/2001/XMLSchema", "string"), String.class, false, false);
    param.setOmittable(true);
    oper.addParameter(param);
    param = new ParameterDesc(new QName("", "certReqChallenge"), ParameterDesc.IN, new QName("http://www.w3.org/2001/XMLSchema", "string"), String.class, false, false);
    param.setOmittable(true);
    oper.addParameter(param);
    param = new ParameterDesc(new QName("", "certRevokeReason"), ParameterDesc.IN, new QName("http://www.w3.org/2001/XMLSchema", "string"), String.class, false, false);
    param.setOmittable(true);
    oper.addParameter(param);
    param = new ParameterDesc(new QName("", "accountHash"), ParameterDesc.IN, new QName("http://www.w3.org/2001/XMLSchema", "string"), String.class, false, false);
    param.setOmittable(true);
    oper.addParameter(param);
    param = new ParameterDesc(new QName("", "json"), ParameterDesc.IN, new QName("http://www.w3.org/2001/XMLSchema", "string"), String.class, false, false);
    param.setOmittable(true);
    oper.addParameter(param);
    oper.setReturnType(org.apache.axis.encoding.XMLType.AXIS_VOID);
    oper.setStyle(org.apache.axis.constants.Style.WRAPPED);
    oper.setUse(org.apache.axis.constants.Use.LITERAL);
    oper.addFault(new org.apache.axis.description.FaultDesc(new QName("http://service.ra.tca.topca.cn/", "RaServiceUnavailable"), "RaServiceUnavailable", new QName("http://service.ra.tca.topca.cn/", "RaServiceUnavailable"), true));
    _operations[13] = oper;
    oper = new OperationDesc();
    oper.setName("suspendCert");
    param = new ParameterDesc(new QName("", "serialNumber"), ParameterDesc.IN, new QName("http://www.w3.org/2001/XMLSchema", "string"), String.class, false, false);
    param.setOmittable(true);
    oper.addParameter(param);
    param = new ParameterDesc(new QName("", "accountHash"), ParameterDesc.IN, new QName("http://www.w3.org/2001/XMLSchema", "string"), String.class, false, false);
    param.setOmittable(true);
    oper.addParameter(param);
    param = new ParameterDesc(new QName("", "json"), ParameterDesc.IN, new QName("http://www.w3.org/2001/XMLSchema", "string"), String.class, false, false);
    param.setOmittable(true);
    oper.addParameter(param);
    oper.setReturnType(org.apache.axis.encoding.XMLType.AXIS_VOID);
    oper.setStyle(org.apache.axis.constants.Style.WRAPPED);
    oper.setUse(org.apache.axis.constants.Use.LITERAL);
    oper.addFault(new org.apache.axis.description.FaultDesc(new QName("http://service.ra.tca.topca.cn/", "RaServiceUnavailable"), "RaServiceUnavailable", new QName("http://service.ra.tca.topca.cn/", "RaServiceUnavailable"), true));
    _operations[14] = oper;
    oper = new OperationDesc();
    oper.setName("enrollCertAA");
    param = new ParameterDesc(new QName("", "userInfo"), ParameterDesc.IN, new QName("http://service.ra.tca.topca.cn/", "userInfo"), UserInfo.class, false, false);
    param.setOmittable(true);
    oper.addParameter(param);
    param = new ParameterDesc(new QName("", "certReqBuf"), ParameterDesc.IN, new QName("http://www.w3.org/2001/XMLSchema", "string"), String.class, false, false);
    param.setOmittable(true);
    oper.addParameter(param);
    param = new ParameterDesc(new QName("", "accountHash"), ParameterDesc.IN, new QName("http://www.w3.org/2001/XMLSchema", "string"), String.class, false, false);
    param.setOmittable(true);
    oper.addParameter(param);
    param = new ParameterDesc(new QName("", "aaCheckPoint"), ParameterDesc.IN, new QName("http://www.w3.org/2001/XMLSchema", "string"), String.class, false, false);
    param.setOmittable(true);
    oper.addParameter(param);
    param = new ParameterDesc(new QName("", "passCode"), ParameterDesc.IN, new QName("http://www.w3.org/2001/XMLSchema", "string"), String.class, false, false);
    param.setOmittable(true);
    oper.addParameter(param);
    param = new ParameterDesc(new QName("", "json"), ParameterDesc.IN, new QName("http://www.w3.org/2001/XMLSchema", "string"), String.class, false, false);
    param.setOmittable(true);
    oper.addParameter(param);
    oper.setReturnType(new QName("http://service.ra.tca.topca.cn/", "certInfo"));
    oper.setReturnClass(CertInfo.class);
    oper.setReturnQName(new QName("", "return"));
    oper.setStyle(org.apache.axis.constants.Style.WRAPPED);
    oper.setUse(org.apache.axis.constants.Use.LITERAL);
    oper.addFault(new org.apache.axis.description.FaultDesc(new QName("http://service.ra.tca.topca.cn/", "RaServiceUnavailable"), "RaServiceUnavailable", new QName("http://service.ra.tca.topca.cn/", "RaServiceUnavailable"), true));
    _operations[15] = oper;
}
Also used : ParameterDesc(org.apache.axis.description.ParameterDesc) CertInfo(com.liumapp.digitalsign.test.ca.tianwei.cert.CertInfo) QName(javax.xml.namespace.QName) OperationDesc(org.apache.axis.description.OperationDesc)

Aggregations

CertInfo (com.liumapp.digitalsign.test.ca.tianwei.cert.CertInfo)10 QName (javax.xml.namespace.QName)5 JSONException (org.json.JSONException)5 JSONObject (org.json.JSONObject)5 RaServiceUnavailable (com.liumapp.digitalsign.test.ca.tianwei.error.RaServiceUnavailable)3 UserAPIServicePortTypeProxy (com.liumapp.digitalsign.test.ca.tianwei.proxy.UserAPIServicePortTypeProxy)3 UserInfo (com.liumapp.digitalsign.test.ca.tianwei.user.UserInfo)2 OperationDesc (org.apache.axis.description.OperationDesc)2 ParameterDesc (org.apache.axis.description.ParameterDesc)2 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)2 CertApiException (cn.topca.api.cert.CertApiException)1 ServerPKCSUtil (com.liumapp.digitalsign.test.ca.tianwei.utils.ServerPKCSUtil)1 File (java.io.File)1 FileNotFoundException (java.io.FileNotFoundException)1 FileOutputStream (java.io.FileOutputStream)1 IOException (java.io.IOException)1