資源簡介
提到PKCS,首先想到的是RSA的證書格式(類似,PKCS8,P12等),最近在和一家俄羅斯支付對接時,對方說加密成PKCS#7格式,當時就懵了,以為對方說錯了,在這塊卡了好幾天,通過查資料,終于找到方法了。確實是PKCS#7加密,看來還是自己懂得太少。現在把方法分享出來,希望對遇到類似問題的朋友有所幫助
代碼片段和文件信息
/*
?*?Copyright?(c)?2017?All?Rights?Reserved
?*/
/*
?*?修訂記錄:
?*?2017/8/24?09:34?創建
?*?
?*/
package?com.fmbank.gw.octopus.util.cryptography.svssign;
import?java.io.BufferedInputStream;
import?java.io.ByteArrayInputStream;
import?java.io.FileInputStream;
import?java.io.IOException;
import?java.security.DigestInputStream;
import?java.security.MessageDigest;
import?java.security.NoSuchAlgorithmException;
import?java.security.cert.CertificateFactory;
import?java.security.cert.X509Certificate;
import?org.slf4j.Logger;
import?org.slf4j.LoggerFactory;
import?sun.misc.base64Decoder;
import?sun.misc.base64Encoder;
import?sun.security.pkcs.PKCS7;
/**
?*?簽名驗簽基礎類
?*
?*?@filename?Svsbase.java
?*
?*?@version?1.0
?*
?*?@author?ruofei?
?*
?*?@since?2017/8/24
?*/
public?class?Svsbase?{
private?static?final?Logger?logger?=?LoggerFactory.getLogger(Svsbase.class);
/**
?*?簽名算法,默認RSA,可通過setCryptAlg()方法設置
?*/
private?String?cryptAlg?=?“RSA“;
/**
?*?摘要算法,默認SHA1,可通過setDigestAlg()方法設置
?*/
private?String?digestAlg?=?“SHA1“;
protected?X509Certificate?signCert;
protected?X509CertChecker?certChecker;
public?Svsbase()?{
}
/**
?*?初始化證書
?*?@param?fileName?證書路徑
?*?@throws?Exception
?*/
public?void?initSignCertFile(String?fileName)?throws?Exception?{
this.signCert?=?null;
FileInputStream?fin?=?null;
BufferedInputStream?bin?=?null;
try{
fin=?new?FileInputStream(fileName);
bin?=?new?BufferedInputStream(fin);
CertificateFactory?cf?=?CertificateFactory.getInstance(“X.509“);
if(bin.available()?>?0)?{
this.signCert?=?(X509Certificate)cf.generateCertificate(bin);
}
}finally{
try{
if(bin!=null){
bin.close();
}
}catch(Exception?ex){
logger.info(““ex);
}
try{
if(fin!=null){
fin.close();
}
}catch(Exception?ex){
logger.info(““ex);
}
}
}
public?void?initSignCert(String?szB64Cert)?throws?Exception?{
ByteArrayInputStream?bin?=?new?ByteArrayInputStream(base64Decode(szB64Cert));
CertificateFactory?cf?=?CertificateFactory.getInstance(“X.509“);
if(bin.available()?>?0)?{
this.signCert?=?(X509Certificate)cf.generateCertificate(bin);
}
}
public?void?initSignCert(X509Certificate?cert)?{
this.signCert?=?cert;
}
public?X509Certificate?getSignCert()?{
return?this.signCert;
}
public?String?getEncodedSignCert()?throws?Exception?{
return?base64Encode(this.signCert.getEncoded());
}
public?void?setCertChecker(X509CertChecker?checker)?{
this.certChecker?=?checker;
}
public?X509CertChecker?getCertChecker()?{
return?this.certChecker;
}
public?int?checkSignCert()?{
return?X509CertChecker.checkCertValidity(this.signCert);
}
public?int?checkSignCert(X509Certificate?issuerCert)?{
if(issuerCert?==?null)?{
return?-1;
}?else?{
int?nret?=?X509CertChecker.checkCertValidity(this.signCert);
return?nret?!=?0?nret:?X509CertCheck ?屬性????????????大小?????日期????時間???名稱
-----------?---------??----------?-----??----
?????文件???????10752??2018-12-26?15:32??RSA的PKCS#7加解密驗簽\OpenSSL生成加密證書.doc
?????文件????????5800??2018-07-20?15:55??RSA的PKCS#7加解密驗簽\Svsba
?????文件????????6382??2018-07-20?15:55??RSA的PKCS#7加解密驗簽\SvsSign.java
?????文件?????????626??2018-09-13?16:50??RSA的PKCS#7加解密驗簽\SvsSignExample.java
?????文件????????9647??2018-07-20?15:55??RSA的PKCS#7加解密驗簽\SvsVerify.java
?????文件????????5640??2018-07-20?15:55??RSA的PKCS#7加解密驗簽\X509CertChecker.java
?????文件?????????140??2018-12-26?15:32??RSA的PKCS#7加解密驗簽\read?me.txt
?????目錄???????????0??2018-12-26?15:32??RSA的PKCS#7加解密驗簽\
評論
共有 條評論
川公網安備 51152502000135號