首页
网站首页
公司简介
资讯中心
推荐内容
返回顶部
想问一下p7Sign这个方法实现的算法通用名字叫啥,请问EasyExcel如何获取sheetname
发布时间:2019-12-28 20:33
浏览次数:
packageboc.payment.common.security;importjava.io.ByteArrayInputStream;importjava.io.ByteArrayOutputStream;importjava.io.FileInputStream;importjava.io.FileNotFoundException;importjava.io.IOException;importjava.io.InputStream;importjava.lang.reflect.Array;importjava.lang.reflect.Constructor;importjava.lang.reflect.Field;importjava.lang.reflect.Method;importjava.math.BigInteger;importjava.security.GeneralSecurityException;importjava.security.InvalidKeyException;importjava.security.KeyStore;importjava.security.NoSuchAlgorithmException;importjava.security.NoSuchProviderException;importjava.security.PrivateKey;importjava.security.Signature;importjava.security.SignatureException;importjava.security.cert.Certificate;importjava.security.cert.CertificateException;importjava.security.cert.CertificateFactory;importjava.security.cert.X509Certificate;importjava.util.Enumeration;importsun.misc.BASE64Decoder;importsun.misc.BASE64Encoder;importsun.security.pkcs.ContentInfo;importsun.security.pkcs.PKCS7;importsun.security.pkcs.PKCS9Attributes;importsun.security.pkcs.SignerInfo;/***JVM提供商:SUN和IBM,*支持PKCS1/PKCS7签名和验签*签名算法仅支持:SHA1withRSA**/publicclassPKCSTool{/**签名*/privatestaticfinalintSIGNER=1;/**验证*/privatestaticfinalintVERIFIER=2;/**用途*/privateintmode=0;/**摘要算法*/privateStringdigestAlgorithm="SHA1";/**签名算法*/privateStringsigningAlgorithm="SHA1withRSA";/**签名证书链*/privateCertificate[]certificates=null;/**签名私钥*/privatePrivateKeyprivateKey=null;/**根证书*/privateCertificaterootCertificate=null;/**JVM提供商*/privatestaticcharjvm=0;privatestaticClassalgorithmId=null;privatestaticClassderValue=null;privatestaticClassobjectIdentifier=null;privatestaticClassx500Name=null;privatestaticbooleandebug=false;/***私有构造方法*/privatePKCSTool(intmode){this.mode=mode;}privatestaticvoidinit(){if(jvm!=0)return;Stringvendor=System.getProperty("java.vm.vendor");if(vendor==null)vendor="";StringvendorUC=vendor.toUpperCase();try{if(vendorUC.indexOf("IBM")=0){jvm='I';algorithmId=Class.forName("com.ibm.security.x509.AlgorithmId");derValue=Class.forName("com.ibm.security.util.DerValue");objectIdentifier=Class.forName("com.ibm.security.util.ObjectIdentifier");x500Name=Class.forName("com.ibm.security.x509.X500Name");}elseif(vendorUC.indexOf("ORACLECORPORATION")=0){jvm='S';algorithmId=Class.forName("sun.security.x509.AlgorithmId");derValue=Class.forName("sun.security.util.DerValue");objectIdentifier=Class.forName("sun.security.util.ObjectIdentifier");x500Name=Class.forName("sun.security.x509.X500Name");}else{jvm='S';algorithmId=Class.forName("sun.security.x509.AlgorithmId");derValue=Class.forName("sun.security.util.DerValue");objectIdentifier=Class.forName("sun.security.util.ObjectIdentifier");x500Name=Class.forName("sun.security.x509.X500Name");}}catch(ClassNotFoundExceptione){e.printStackTrace();System.out.println("NotsupportJRE:"+vendor);thrownewRuntimeException(e);}}/***匹配私钥用法**@paramkeyUsage*@paramusage*@return*/privatestaticbooleanmatchUsage(boolean[]keyUsage,intusage){if(usage==0||keyUsage==null)returntrue;for(inti=0;iMath.min(keyUsage.length,32);i++){if((usage(1i))!=0!keyUsage[i])returnfalse;}returntrue;}/***取得签名工具加载证书库,取得签名证书链和私钥**@paramkeyStorePath*证书库路径*@paramkeyStorePassword*证书库口令*@paramkeyPassword*签名私钥口令,与证书库口令相同*@parampkcsType*签名方法,P1签名时:null;P7签名时:PKCS7*@throwsGeneralSecurityException*@throwsIOException*/publicstaticPKCSToolgetSigner(StringkeyStorePath,StringkeyStorePassword,StringkeyPassword,StringpkcsType)throwsGeneralSecurityException,IOException{init();//加载证书库KeyStorekeyStore=null;FileInputStreamfis=null;try{if(keyStorePath.toLowerCase().endsWith(".pfx")){keyStore=KeyStore.getInstance("PKCS12");}fis=newFileInputStream(keyStorePath);keyStore.load(fis,keyStorePassword.toCharArray());}catch(FileNotFoundExceptione){e.printStackTrace();}finally{if(fis!=null)fis.close();}//在证书库中找到签名私钥,并验证合法性Enumerationaliases=keyStore.aliases();StringkeyAlias=null;if(aliases!=null){while(aliases.hasMoreElements()){keyAlias=(String)aliases.nextElement();Certificate[]certs=keyStore.getCertificateChain(keyAlias);if(certs==null||certs.length==0)continue;X509Certificatecert=(X509Certificate)certs[0];if(matchUsage(cert.getKeyUsage(),1)){try{cert.checkValidity();}catch(CertificateExceptione){continue;}break;}}}//没有找到可用签名私钥if(keyAlias==null)thrownewGeneralSecurityException("Nonecertificateforsigninthiskeystore");PKCSTooltool=newPKCSTool(SIGNER);PrivateKeyprivateKey=(PrivateKey)keyStore.getKey(keyAlias,keyPassword.toCharArray());//没有私钥抛异常if(privateKey==null){thrownewGeneralSecurityException(keyAlias+"couldnotbeaccessed");}tool.privateKey=privateKey;if("PKCS7".equals(pkcsType)){X509Certificate[]certificates=null;if(keyStore.isKeyEntry(keyAlias)){//检查证书链Certificate[]certs=keyStore.getCertificateChain(keyAlias);for(inti=0;icerts.length;i++){if(!(certs[i]instanceofX509Certificate))thrownewGeneralSecurityException("Certificate["+i+"]inchain'"+keyAlias+"'isnotaX509Certificate.");}//转换证书链certificates=newX509Certificate[certs.length];for(inti=0;icerts.length;i++)certificates[i]=(X509Certificate)certs[i];}elseif(keyStore.isCertificateEntry(keyAlias)){//只有单张证书Certificatecert=keyStore.getCertificate(keyAlias);if(certinstanceofX509Certificate){certificates=newX509Certificate[]{(X509Certificate)cert};}}else{thrownewGeneralSecurityException(keyAlias+"isunknowntothiskeystore");}tool.certificates=certificates;}returntool;}/***P1签名**@paramdata签名原文对应的byte数组,签名原文请使用UTF-8字符集*@returnsignature签名结果,签名结果为Base64编码*@throwsGeneralSecurityException*@throwsIOException*@throwsIllegalArgumentException*/publicStringp1Sign(byte[]data)throwsException{if(mode!=SIGNER)thrownewIllegalStateException("callaPKCS1Toolinstancenotforsignature.");Signaturesigner=Signature.getInstance(signingAlgorithm);signer.initSign(privateKey);signer.update(data,0,data.length);byte[]signedAttributes=signer.sign();return(newBASE64Encoder()).encode(signedAttributes);}/***P7签名**@paramdata签名原文对应的byte数组,签名原文请使用UTF-8字符集*@returnsignature签名结果,签名结果为Base64编码*@throwsGeneralSecurityException*@throwsIOException*@throwsIllegalArgumentException*/publicStringp7Sign(byte[]data)throwsException{if(mode!=SIGNER)thrownewIllegalStateException("callaPKCS7Toolinstancenotforsignature.");Signaturesigner=Signature.getInstance(signingAlgorithm);signer.initSign(privateKey);signer.update(data,0,data.length);byte[]signedAttributes=signer.sign();ContentInfocontentInfo=null;Fielddata_oidField=ContentInfo.class.getField("DATA_OID");Objectdata_oid=data_oidField.get(null);ConstructorcontentInfoConstructor=ContentInfo.class.getConstructor(newClass[]{data_oid.getClass(),derValue});contentInfo=(ContentInfo)contentInfoConstructor.newInstance(newObject[]{data_oid,null});//根证书//由于当证书存在证书链的情况下会出现多证书,优先使用第一个//X509Certificatex509=(X509Certificate)certificates[certificates.length-1];X509Certificatex509=(X509Certificate)certificates[0];java.math.BigIntegerserial=x509.getSerialNumber();//X500NameConstructorx500NameConstructor=x500Name.getConstructor(newClass[]{String.class});Objectx500NameObject=x500NameConstructor.newInstance(newObject[]{x509.getIssuerDN().getName()});//AlgorithmIdMethodalgorithmIdGet=algorithmId.getMethod("get",newClass[]{String.class});ObjectdigestAlgorithmId=algorithmIdGet.invoke(null,newObject[]{digestAlgorithm});FieldalgorithmIdfield=algorithmId.getField("RSAEncryption_oid");ObjectrsaOid=algorithmIdfield.get(null);ConstructoralgorithmConstructor=algorithmId.getConstructor(newClass[]{objectIdentifier});ObjectalgorithmRsaOid=algorithmConstructor.newInstance(newObject[]{rsaOid});//SignerInfoConstructorsignerInfoConstructor=SignerInfo.class.getConstructor(newClass[]{x500Name,BigInteger.class,algorithmId,PKCS9Attributes.class,algorithmId,byte[].class,PKCS9Attributes.class});//签名信息SignerInfosi=(SignerInfo)signerInfoConstructor.newInstance(newObject[]{x500NameObject,//X500Name,//issuerName,serial,//x509.getSerialNumber(),BigIntegerserial,digestAlgorithmId,//AlgorithmId,digestAlgorithmId,null,//PKCS9Attributes,authenticatedAttributes,algorithmRsaOid,//AlgorithmId,//digestEncryptionAlgorithmId,signedAttributes,//byte[]encryptedDigest,null//PKCS9AttributesunauthenticatedAttributes)});SignerInfo[]signerInfos={si};//构造PKCS7数据ObjectdigestAlgorithmIds=Array.newInstance(algorithmId,1);Array.set(digestAlgorithmIds

图片 1

本人31岁,之前一直做表面处理电镀行业,有七年的电镀经验。去年年底结婚后一直想转行。转行原因是由于工作性质,接触太多的重金属、微波辐射和氰化物。还有个原因也是对自己能力的认可吧,觉得所有工作都能做好,所以想在三十岁时再给自己一次选择的机会。4月份来北京达内学校java,十月份学完。学完后我的惨痛求职经历开始了,由于性格原因,不想包装简历,想以转行人员进入java这个圈子,但是现实真的很残酷。根本没有任何面试机会。不想否定以前的工作经历,因为觉得那个我的一笔财富。所以我现在还在坚持本心。总是想既然选择了那就坚持下去。再难也要转行成功。发帖子不是为了抱怨而是想写写东西证明自己曾经在这个行业的边缘努力过。

图片 2

友情链接: 网站地图
Copyright © 2015-2019 http://www.nflfreepicks.net. 新葡萄京娱乐场网址有限公司 版权所有