* To change this license header, choose License Headers in Project Properties.
* To change this template file, choose Tools | Templates
* and open the template in the editor.
*/
package job.tot.sp.abb;
import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.util.Date;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.util.HashMap;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import org.apache.http.HttpEntity;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.conn.ssl.SSLContexts;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.util.EntityUtils;
import javax.net.ssl.X509TrustManager;
import java.text.DateFormat;
import java.text.SimpleDateFormat;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.text.DateFormat;
import java.text.SimpleDateFormat;
import java.util.Arrays;
import java.util.Calendar;
import java.util.Map;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import job.tot.bean.DataField;
import job.tot.dao.DaoFactory;
import job.tot.util.AES;
import job.tot.util.CsrUtil;
import job.tot.util.FileUtil;
import job.tot.util.HttpUtil;
import job.tot.util.StringUtils;
import net.sf.json.JSONObject;
import org.apache.commons.codec.binary.Base64;
import sun.misc.BASE64Encoder;
public class RsaUtil {
/**
* 创建一个客户端rsa证书,并将证书内容(公钥、私钥进行base64编码)存入本地数据库
*/
public static DataField createRsa(String mobile) {
DataField df=null;
try {
KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
kpg.initialize(2048);
KeyPair kp = kpg.generateKeyPair();
PublicKey publickey=kp.getPublic();
PrivateKey privatekey=kp.getPrivate();
byte[] privateBT = privatekey.getEncoded();
String privateStr=Base64.encodeBase64String(privateBT);
byte[] publicBT = publickey.getEncoded();
String publicStr=Base64.encodeBase64String(publicBT);
boolean exits=DaoFactory.getClientCertDao().exits(mobile);
if(exits){
DaoFactory.getClientCertDao().mod(mobile, publicStr, privateStr);
}else{
DaoFactory.getClientCertDao().add(mobile, publicStr, privateStr);
}
df=DaoFactory.getClientCertDao().get(mobile);
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
return df;
}
/**
*获取证书中的公钥
*/
public static PublicKey getPublicKey(String s) {
PublicKey ret=null;
try{
byte[] data = Base64.decodeBase64((s.getBytes()));
X509EncodedKeySpec spec = new X509EncodedKeySpec(data);
KeyFactory fact = KeyFactory.getInstance("RSA");
ret= fact.generatePublic(spec);
}catch(Exception e){
e.printStackTrace();
}
return ret;
}
/**
*获取rsa证书中的私钥
*/
public static PrivateKey getPrivateKey(String s) {
PrivateKey ret=null;
try{
byte[] clear = Base64.decodeBase64(s.getBytes());
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(clear);
KeyFactory fact = KeyFactory.getInstance("RSA");
ret= fact.generatePrivate(keySpec);
Arrays.fill(clear, (byte) 0);
}catch(Exception e){
e.printStackTrace();
}
return ret;
}
/**
*根据文件流获取X509Certificate
*/
public static X509Certificate loadCertificate(InputStream inputStream) {
try {
CertificateFactory cf = CertificateFactory.getInstance("X.509");
X509Certificate cert = (X509Certificate) cf.generateCertificate(inputStream);
cert.checkValidity();
return cert;
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
/**
*根据证书文件(.cer)获取Certificate
*/
public static Certificate getCa(String certFile) {
Certificate ca = null;
try {
File file = new FilecertFile);
CertificateFactory cf = CertificateFactory.getInstance("X.509");
InputStream in = new FileInputStream(file);
ca = cf.generateCertificate(in);
if (in != null) {
in.close();
}
} catch (Exception e5) {
e5.printStackTrace();
}
return ca;
}
}