package com.citi.test; import java.io.File; import java.io.FileInputStream; import java.io.IOException; import java.security.KeyStore; import java.security.PrivateKey; import java.security.Signature; import java.security.cert.CertificateFactory; import java.security.cert.X509Certificate; import java.text.SimpleDateFormat; import java.util.HashMap; import org.bouncycastle.cms.CMSEnvelopedData; import org.bouncycastle.cms.CMSEnvelopedDataGenerator; import org.bouncycastle.cms.CMSException; import org.bouncycastle.cms.CMSProcessable; import org.bouncycastle.cms.CMSProcessableByteArray; import org.bouncycastle.cms.CMSSignedData; import org.bouncycastle.cms.CMSSignedDataGenerator; import sun.misc.BASE64Decoder; import sun.misc.BASE64Encoder; public class Crypto { private File keystoreFile; private String keyStoreType; private char[] password; private String alias; private static final Crypto instance = new Crypto(); public static Crypto getInstance() { return instance; } public Crypto(){ if(readPath("C:\\ibm\\WebSphere\\profiles\\GBGCB\\installedApps\\APACCNSHZJW1373Node01Cell\\GBGCB.ear\\GBGCB.war\\WEB-INF\\etc").endsWith("/")){ keystoreFile=new File(readPath("C:\\ibm\\WebSphere\\profiles\\GBGCB\\installedApps\\APACCNSHZJW1373Node01Cell\\GBGCB.ear\\GBGCB.war\\WEB-INF\\etc")+readPath("keystore.jks")); }else{ keystoreFile=new File(readPath("C:\\ibm\\WebSphere\\profiles\\GBGCB\\installedApps\\APACCNSHZJW1373Node01Cell\\GBGCB.ear\\GBGCB.war\\WEB-INF\\etc")+"/"+readPath("keystore.jks")); } keyStoreType=readPath("JKS"); BASE64Decoder decoder = new BASE64Decoder(); String passwordStr =""; try { passwordStr=new String(decoder.decodeBuffer("Q2l0aWJhbmswMQ==")); } catch (IOException e) { } password=passwordStr.toCharArray(); alias=readPath("outkey"); } public static String getSignature(byte []data){ X509Certificate senderPubCert =null; PrivateKey senderPriKey =null; String certpath =null; try{ BASE64Encoder m_EncoderBase64 = new BASE64Encoder(); java.security.Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider()); if ((data == null) || (data.length == 0)) { return null; } certpath = new Crypto().readPath("C:\\ibm\\WebSphere\\profiles\\GBGCB\\installedApps\\APACCNSHZJW1373Node01Cell\\GBGCB.ear\\GBGCB.war\\WEB-INF\\etc"); // Get Vendor Public Cert /***** Get Sender Certificate ****/ Crypto export=new Crypto(); HashMap strMap = export.export(); if(strMap != null){ senderPriKey = (PrivateKey) strMap.get("0"); senderPubCert= (X509Certificate) strMap.get("1"); } byte[] signedData = null; if (senderPriKey != null && senderPubCert != null) { Signature rsa = Signature.getInstance("SHA1withRSA", "BC"); rsa.initSign(senderPriKey); rsa.update(data); signedData = rsa.sign(); } else { // signedData = encryptedData; return null; } // perform Base64 encoding String sBase64Encoded = m_EncoderBase64.encode(signedData); sBase64Encoded = sBase64Encoded.replaceAll("\\r", "").replaceAll("\\n", ""); return sBase64Encoded; } catch (CMSException cmsex) { cmsex.printStackTrace(); } catch (Exception ex) { ex.printStackTrace(); } return null; } public static String encryptAndSignData(byte[] data) { String sGeneratorType = "RC2_CBC"; X509Certificate senderPubCert =null; PrivateKey senderPriKey =null; String certpath =null; String vendorcertificate=null; try{ boolean init = false; String CRYPTO_PROVIDER_NAME ="BC"; BASE64Encoder m_EncoderBase64 = new BASE64Encoder(); // Check if we got not-null parameters if (!init){ java.security.Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider()); init = true; } if ((data == null) || (data.length == 0)) { return null; } certpath = new Crypto().readPath("C:\\ibm\\WebSphere\\profiles\\GBGCB\\installedApps\\APACCNSHZJW1373Node01Cell\\GBGCB.ear\\GBGCB.war\\WEB-INF\\etc"); vendorcertificate = new Crypto().readPath("vendorcertificate"); vendorcertificate = "LPSSO.cer"; // Get Vendor Public Cert FileInputStream fi=null; if(certpath.endsWith("/")){ fi = new FileInputStream(certpath+vendorcertificate); }else{ fi = new FileInputStream(certpath+"/"+vendorcertificate); } CertificateFactory certFact = CertificateFactory.getInstance("X.509", "BC"); X509Certificate recipientPubCert= (X509Certificate)certFact.generateCertificate(fi); if (recipientPubCert == null) { return null; } /***** Get Sender Certificate ****/ Crypto export=new Crypto(); HashMap strMap = export.export(); if(strMap != null){ senderPriKey = (PrivateKey) strMap.get("0"); senderPubCert= (X509Certificate) strMap.get("1"); } //***** End of Get Sender Certificate ****//* CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator(); // add the recipient's public key edGen.addKeyTransRecipient(recipientPubCert); // generate the enveloped-data object CMSProcessable procData = new CMSProcessableByteArray(data); sGeneratorType = CMSEnvelopedDataGenerator.RC2_CBC; CMSEnvelopedData envelopedData = edGen.generate(procData, sGeneratorType, CRYPTO_PROVIDER_NAME); byte[] encryptedData = envelopedData.getEncoded(); // sign the enveloped data byte[] signedData = null; if (senderPriKey != null && senderPubCert != null) { CMSSignedDataGenerator signer = new CMSSignedDataGenerator(); signer.addSigner(senderPriKey, senderPubCert, CMSSignedDataGenerator.DIGEST_SHA1); CMSSignedData cmsSignedData = signer.generate(new CMSProcessableByteArray(encryptedData), true, CRYPTO_PROVIDER_NAME); } else { // signedData = encryptedData; return null; } // perform Base64 encoding String sBase64Encoded = m_EncoderBase64.encode(signedData); sBase64Encoded = sBase64Encoded.replaceAll("\r\n", ""); return sBase64Encoded; } catch (CMSException cmsex) { cmsex.printStackTrace(); } catch (Exception ex) { ex.printStackTrace(); } return null; } public HashMap export() throws Exception{ HashMap strmap = new HashMap(); KeyStore keystore=KeyStore.getInstance(keyStoreType); keystore.load(new FileInputStream(keystoreFile),password); PrivateKey senderPK = (PrivateKey)keystore.getKey(alias,password); X509Certificate certificate =(X509Certificate) keystore.getCertificate(alias); strmap.put("0",senderPK); strmap.put("1",certificate); return strmap; } public String readPath(String pathname){ java.util.Properties properties = new java.util.Properties(); String certpath = null; try { certpath = pathname; }catch (Exception ex) { ex.printStackTrace(); } return certpath; } public static void main(String[] args){ System.out.println("test"); String GRBNumber="004195137"; String PageID="HomePage"; String Initial_Request_timestamp=String.valueOf(System.currentTimeMillis()); String ICHANNEL_ID="Default"; String postData = "GRBNumber="+GRBNumber+"&PageID="+PageID+"&Initial_Request_timestamp="+Initial_Request_timestamp+"&ICHANNEL_ID="+ICHANNEL_ID; System.out.println(postData); String value = Crypto.getSignature(postData.getBytes()); System.out.println(value); } }
sso 加密
猜你喜欢
转载自zzzzzz5530041.iteye.com/blog/1181582
今日推荐
周排行