Search in sources :

Example 1 with UserInfo

use of com.liumapp.digitalsign.test.ca.tianwei.user.UserInfo in project spring-cloud-digital-sign by SpringForAll.

the class Certificate method begin.

/**
 * 直接生成pfx证书文件
 * @return
 */
@RequestMapping("/")
public String begin() {
    /**
     * 服务端生成证书,并保存成Pfx文件格式 *
     */
    String userName = "测试公司";
    String userEmail = "test@szitrus.com.cn";
    /**
     * 扩展字段是针对证书做扩展,即在证书的属性内增加如下内容,详细请联系天威诚信技术做解答 *
     */
    String userAdditionalField1 = "测试公司";
    // String userAdditionalField2 = "";
    // String userAdditionalField3 = "";
    // String userAdditionalField4 = "";
    // String userAdditionalField5 = "";
    // String userAdditionalField6 = "";
    // String userAdditionalField7 = "";
    // String userAdditionalField8 = "";
    // String userAdditionalField9 = "";
    // String userAdditionalField10 = "";
    UserInfo userInfo = new UserInfo();
    // 证书名称
    userInfo.setUserName(userName);
    // 证书所有者Email
    userInfo.setUserEmail(userEmail);
    // 扩展字段1
    userInfo.setUserAdditionalField1(userAdditionalField1);
    // userInfo.setUserAdditionalField2(userAdditionalField2); // 扩展字段2
    // userInfo.setUserAdditionalField3(userAdditionalField3); // 扩展字段3
    // userInfo.setUserAdditionalField4(userAdditionalField4); // 扩展字段4
    // userInfo.setUserAdditionalField5(userAdditionalField5); // 扩展字段5
    // userInfo.setUserAdditionalField6(userAdditionalField6); // 扩展字段6
    // userInfo.setUserAdditionalField7(userAdditionalField7); // 扩展字段7
    // userInfo.setUserAdditionalField8(userAdditionalField8); // 扩展字段8
    // userInfo.setUserAdditionalField9(userAdditionalField9); // 扩展字段9
    // userInfo.setUserAdditionalField10(userAdditionalField10);// 扩展字段10
    /**
     * 产生CSR(证书请求 即 p10) *
     */
    ServerPKCSUtil serverPKCSUtil = new ServerPKCSUtil();
    String certReqBuf = serverPKCSUtil.genCsr("RSA");
    /**
     * 调用接口制作证书 *
     */
    String passCode = "";
    // 不设置证书有效期,默认读取services.properties的属性值
    Integer certValidity = 0;
    JSONObject jsonObject = new JSONObject();
    try {
        jsonObject = raService.enrollCertAA(userInfo, certReqBuf, passCode, certValidity);
        CertInfo certInfo = new CertInfo();
        if (jsonObject.get("certInfo") != null) {
            certInfo = (CertInfo) jsonObject.get("certInfo");
            System.out.println("证书base64" + certInfo.getCertSignBuf());
        }
        // 公钥证书
        String certSignBufP7 = certInfo.getCertSignBuf();
        // 证书密码
        String password = "password";
        System.out.println("当前申请的证书序列号是:[" + certInfo.getCertSerialNumber() + "]");
        /**
         * 数字证书转换为pkcs12 格式 *
         */
        String pkcs12Cert = serverPKCSUtil.genP12(password, certSignBufP7);
        System.out.println(pkcs12Cert);
        /**
         * 将pkcs12 格式证书写到pfx文件中 *
         */
        String pfxPath = savePath + certInfo.getCertSerialNumber() + ".pfx";
        FileOutputStream fileOutputStream = new FileOutputStream(new File(pfxPath));
        fileOutputStream.write(Base64.decode(pkcs12Cert));
        fileOutputStream.close();
    } catch (JSONException e) {
        e.printStackTrace();
    } catch (FileNotFoundException e) {
        e.printStackTrace();
    } catch (IOException e) {
        e.printStackTrace();
    }
    return "success";
}
Also used : CertInfo(com.liumapp.digitalsign.test.ca.tianwei.cert.CertInfo) ServerPKCSUtil(com.liumapp.digitalsign.test.ca.tianwei.utils.ServerPKCSUtil) JSONObject(org.json.JSONObject) FileOutputStream(java.io.FileOutputStream) FileNotFoundException(java.io.FileNotFoundException) JSONException(org.json.JSONException) UserInfo(com.liumapp.digitalsign.test.ca.tianwei.user.UserInfo) IOException(java.io.IOException) File(java.io.File) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 2 with UserInfo

use of com.liumapp.digitalsign.test.ca.tianwei.user.UserInfo in project spring-cloud-digital-sign by SpringForAll.

the class Certificate method installIntoJKS.

@RequestMapping("/jks")
public String installIntoJKS() {
    /**
     * 服务端生成证书,并保存成Pfx文件格式 *
     */
    String userName = "test_ca_002";
    String userEmail = "test@szitrus.com.cn";
    /**
     * 扩展字段是针对证书做扩展,即在证书的属性内增加如下内容,详细请联系天威诚信技术做解答 *
     */
    // String userAdditionalField1 = "";
    // String userAdditionalField2 = "";
    // String userAdditionalField3 = "";
    // String userAdditionalField4 = "";
    // String userAdditionalField5 = "";
    // String userAdditionalField6 = "";
    // String userAdditionalField7 = "";
    // String userAdditionalField8 = "";
    // String userAdditionalField9 = "";
    // String userAdditionalField10 = "";
    UserInfo userInfo = new UserInfo();
    // 证书名称
    userInfo.setUserName(userName);
    // 证书所有者Email
    userInfo.setUserEmail(userEmail);
    // userInfo.setUserAdditionalField1(userAdditionalField1); // 扩展字段1
    // userInfo.setUserAdditionalField2(userAdditionalField2); // 扩展字段2
    // userInfo.setUserAdditionalField3(userAdditionalField3); // 扩展字段3
    // userInfo.setUserAdditionalField4(userAdditionalField4); // 扩展字段4
    // userInfo.setUserAdditionalField5(userAdditionalField5); // 扩展字段5
    // userInfo.setUserAdditionalField6(userAdditionalField6); // 扩展字段6
    // userInfo.setUserAdditionalField7(userAdditionalField7); // 扩展字段7
    // userInfo.setUserAdditionalField8(userAdditionalField8); // 扩展字段8
    // userInfo.setUserAdditionalField9(userAdditionalField9); // 扩展字段9
    // userInfo.setUserAdditionalField10(userAdditionalField10); // 扩展字段10
    /**
     * 调用接口制作证书 *
     */
    String passCode = "";
    // 不设置证书有效期,默认读取services.properties的属性值
    Integer certValidity = 0;
    JSONObject jsonObject = new JSONObject();
    try {
        licenseUtil.registry();
        /**
         * 产生CSR(证书请求 即 p10) *
         */
        String certReqBuf = "";
        String csrType = "RSA1024";
        // keystore的alias名称
        String keystore = "demo.ks";
        if (csrType.equalsIgnoreCase("RSA1024")) {
            certReqBuf = CertStore.byName(keystore).genCsr(TCA.RSA1024).toBase64();
        } else if (csrType.equalsIgnoreCase("RSA2048")) {
            certReqBuf = CertStore.byName(keystore).genCsr(TCA.RSA2048).toBase64();
        } else {
            certReqBuf = CertStore.byName(keystore).genCsr(TCA.SM2).toBase64();
        }
        jsonObject = raService.enrollCertAA(userInfo, certReqBuf, passCode, certValidity);
        CertInfo certInfo = new CertInfo();
        if (jsonObject.get("certInfo") != null) {
            certInfo = (CertInfo) jsonObject.get("certInfo");
        }
        // 安装证书
        CertStore.installCert(certInfo.getCertSignBuf());
        // KeyStoreUtils.getPublicKeyAlias()
        System.out.println("当前申请的证书序列号是:[" + certInfo.getCertSerialNumber() + "]");
        System.out.println("当前存入JKS的证书别名为:[" + certInfo.getCertSerialnumberKmc() + "]");
    } catch (JSONException e) {
        e.printStackTrace();
    } catch (CertApiException e) {
        e.printStackTrace();
    }
    return "success";
}
Also used : CertInfo(com.liumapp.digitalsign.test.ca.tianwei.cert.CertInfo) CertApiException(cn.topca.api.cert.CertApiException) JSONObject(org.json.JSONObject) JSONException(org.json.JSONException) UserInfo(com.liumapp.digitalsign.test.ca.tianwei.user.UserInfo) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Aggregations

CertInfo (com.liumapp.digitalsign.test.ca.tianwei.cert.CertInfo)2 UserInfo (com.liumapp.digitalsign.test.ca.tianwei.user.UserInfo)2 JSONException (org.json.JSONException)2 JSONObject (org.json.JSONObject)2 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)2 CertApiException (cn.topca.api.cert.CertApiException)1 ServerPKCSUtil (com.liumapp.digitalsign.test.ca.tianwei.utils.ServerPKCSUtil)1 File (java.io.File)1 FileNotFoundException (java.io.FileNotFoundException)1 FileOutputStream (java.io.FileOutputStream)1 IOException (java.io.IOException)1