📄 ca.java
字号:
package data;
import java.security.*;
import java.security.spec.*;
import java.security.interfaces.*;
import java.security.cert.*;
import java.io.*;
import data.MyWindowListener;
import java.sql.*;
import data.Connect;
import data.Base64;
import java.awt.*;
import javax.swing.*;
import java.awt.event.*;
import sun.security.x509.*;
import sun.security.pkcs.*;
//验证管理员的签名
//该CA模块接受申请用户的BASE64编码的用户信息,解码形成明文信息,用SHA-1计算摘要
//提取管理员的密钥对(公钥),对签名进行验证,如果摘要一致,则生成证书文件
public class CA extends JFrame implements ActionListener
{ //interface
private TextArea myinfo;
private JButton ok;
private JButton cancel;
PKCS10 plaintext;
String cryptotext;
String msg;
Base64 DE=new Base64();
byte[] digestMD,signMD;
RSAPublicKey adminpbkey;
X509CertInfo my_info;
java.security.cert.Certificate tmp,tmp_cert;
CertificateFactory cfa;
X509CertImpl user_cert;
String s_pbk;
byte[] b_pbk;
public CA()
{
//生成界面
super("生成用户证书的界面");
Container c=getContentPane();
c.setLayout(new FlowLayout());
myinfo=new TextArea(10,70);
c.add(new JLabel("请粘贴您的CertReq.txt里面的文本信息!只包含密文信息,不含第一行和最后一行标题"));
c.add(myinfo);
ok=new JButton("确认");
c.add(ok);
cancel=new JButton("重置");
c.add(cancel);
setSize(572,280);
setVisible(true);
ok.addActionListener(this);
cancel.addActionListener(this);
}
public void actionPerformed(ActionEvent s)
{
if(s.getSource()==ok)
{
//检验先前条件
if((new File("CertReq.txt")).exists()==false)
{
msg="文件CertReq.txt不存在,请先生成申请文件!";
JOptionPane.showMessageDialog(null,msg);
System.out.println(msg);
setVisible(false);
return;
}
if((new File("Signature.dat")).exists()==false)
{
msg="文件Signature.dat不存在,请管理员生成数字签名文件!";
JOptionPane.showMessageDialog(null,msg);
System.out.println(msg);
setVisible(false);
return;
}
//读入文本域内容,将密文读到cryptotext串里
cryptotext=myinfo.getText();
System.out.println("cryptotext:\n"+cryptotext);
//对cryptotext串进行BASE64Decoder解码,PKCS10的实例存入plaintext里面
//bpt=myinfo=tmp.getEncoded();
byte[] bpt =DE.decode(cryptotext.getBytes());
try{
plaintext=new PKCS10(bpt);
System.out.println(plaintext.toString());
/* FileOutputStream fo=new FileOutputStream("tmp.dat");
ObjectOutputStream bo=new ObjectOutputStream(fo);
bo.writeObject(plaintext);
*/
}catch(Exception pk){
System.out.println("Error!");
}
//用SHA-1计算plaintext的数字摘要信息
try{
MessageDigest MD=MessageDigest.getInstance("SHA-1");
MD.update(bpt);//add digested info
digestMD=MD.digest();
}
catch(NoSuchAlgorithmException e)
{
System.out.println("NoSuchAlgorithmException!");
return;
}
//取出管理员公钥
String query;
try{
Connect conn=new Connect();
Statement stmt=conn.con.createStatement();
query="select * from AdminData where AdminID=1";
ResultSet rs=stmt.executeQuery(query);
int result=0;
while(rs.next())
{
result++;
try{
s_pbk=rs.getString(3);
byte[] b_pbk =DE.decode(s_pbk.getBytes());
FileOutputStream f_pbk = new FileOutputStream("temp_pbk.dat");
f_pbk.write(b_pbk);
f_pbk.close();
System.out.println(b_pbk.toString());
}catch(IOException i){
msg="临时文件创建错误!";
JOptionPane.showMessageDialog(null,msg);
System.out.println(msg);
}
}
if(result==0)/*****测试临时文件读入,跳过数据库,==->!=******/
{
msg="管理员还没有密钥对进行签名,请管理员先生成自己密钥对!";
JOptionPane.showMessageDialog(null,msg);
System.out.println(msg);
AdminGenKey one=new AdminGenKey();
one.setBounds(400,360,240,130);
}
else
{
//将读出的管理员公钥字符串转换成RSAPublicKey结构
try{
ObjectInputStream o_pbkey=
new ObjectInputStream(new FileInputStream("temp_pbk.dat"));
try{
adminpbkey=(RSAPublicKey)o_pbkey.readObject();
o_pbkey.close();
System.out.println("adminpbkey:\n"+adminpbkey+"\n");
}catch(ClassNotFoundException cnfe){
System.out.println("ClassNotFoundException!");
}
//删除临时文件
try {
File file1 = new File("temp_pbk.dat");
if(file1.exists())
{
file1.delete();
msg="文件存在,已删除!";
JOptionPane.showMessageDialog(null,msg);
System.out.println(msg);
}
else
{ msg= "文件不存在!";
JOptionPane.showMessageDialog(null,msg);
System.out.println(msg);
}
}catch(Exception g){
msg="删除临时文件错误!";
JOptionPane.showMessageDialog(null,msg);
System.out.println(msg);
}
}
catch(IOException o){
msg="临时文件读取错误!";
JOptionPane.showMessageDialog(null,msg);
System.out.println(msg);
}
stmt.close();
conn.con.close();
//用管理员公钥解码签名Signature.dat
try{
ObjectInputStream b=
new ObjectInputStream(new FileInputStream("Signature.dat"));
signMD=(byte[])b.readObject();
b.close();
System.out.println(signMD+"OK\n");
}catch(Exception o){
msg="临时文件Signature.dat读取错误!";
JOptionPane.showMessageDialog(null,msg);
System.out.println(msg);
}
//对比计算的摘要和管理员签名解码结果,不一致则报错(signature verification)
try{
Signature sig=Signature.getInstance("MD5WithRSA");
sig.initVerify(adminpbkey);
sig.update(digestMD);
if(sig.verify(signMD))
{
//如果一致,则根据用户信息和CA公钥生成用户的数字证书
msg="管理员的签名验证成功!!";
JOptionPane.showMessageDialog(null,msg);
System.out.println(msg);
this.setVisible(false);
SignCert one=new SignCert();
msg="用户证书签发完成!!";
JOptionPane.showMessageDialog(null,msg);
}
else {
msg="管理员的签名验证失败!!!";
JOptionPane.showMessageDialog(null,msg);
System.out.println(msg);
setVisible(false);
return;
}
}
catch(Exception e){
msg="生成证书过程产生错误!!!";
JOptionPane.showMessageDialog(null,msg);
System.out.println(msg);
setVisible(false);
return;
}
}
}catch(Exception y){
System.out.println("取管理员公钥错误!");
}
}
if(s.getSource()==cancel)
{
myinfo.setText("");
}
}
public static void main(String args[]) throws Exception
{
CA one=new CA();
one.addWindowListener(new MyWindowListener());
one.setBounds(226,263,572,280);
}
}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -