signcertframe.java~6~

applet java 的编程程序

            CertificateValidity cv = new CertificateValidity(beginDate, endDate);

            cinfo_second.set(X509CertInfo.VALIDITY, cv);

//设置新证书的序列号

            CertificateSerialNumber csn = new CertificateSerialNumber(sn);

            cinfo_second.set(X509CertInfo.SERIAL_NUMBER, csn);

//设置新证书的签发者

            cinfo_second.set(X509CertInfo.ISSUER + "." +
                             CertificateIssuerName.DN_NAME,

                             issuer);

//新的签发者是CA的证书中读出来的

//设置新证书的算法，指定CA签名该证书所使用的算法为md5WithRSA

            AlgorithmId algorithm =

                new AlgorithmId(AlgorithmId.md5WithRSAEncryption_oid);

            cinfo_second.set(CertificateAlgorithmId.NAME + "." +

                             CertificateAlgorithmId.ALGORITHM, algorithm);

//创建新的签名后的证书

            X509CertImpl newcert = new X509CertImpl(cinfo_second);

//签名,使用CA证书的私钥进行签名，签名使用的算法为MD5WithRSA

            newcert.sign(privateKey, "MD5WithRSA"); //这样便得到了经过CA签名后的证书

//把新证书存入证书库

//把新生成的证书存入一个新的证书库，也可以存入原证书库，

//存入新证书库，则新证书库中不仅包含原证书库中的所有条目，

//而且新增加了一个这次产生的条目。注意，这时，新产生的签名后的证书只

//包括公钥和主体信息及签名信息，不包括私钥信息。这里给出两种方式。

///////////////////////////////////////////////////////////////////////////

//方式一：存入新密钥库

///////////////////////////////////////////////////////////////////////////

            /*
                        ks.setCertificateEntry(afteraliasName,newcert);

                        FileOutputStream out = new FileOutputStream(newLib);

//存入新库signedLib，并设置新库的库访问密码

                        ks.store(out,newLibPass);

                        out.close();

             */

///////////////////////////////////////////////////////////////////////////

//end 方式一

///////////////////////////////////////////////////////////////////////////

//也可以采用另外一种方式，存入原证书库中

//存入原库中，即在原证书库中增加一条证书，这个证书是原证书经过签名后的证书

//这个新证书含有私钥和私钥密码

///////////////////////////////////////////////////////////////////////////

//方式二，存入原密钥库

///////////////////////////////////////////////////////////////////////////

//先在原库中读出被签证书的私钥

            PrivateKey prk = (PrivateKey) ks.getKey(aliasName, namePass);

            java.security.cert.Certificate[] cchain = {newcert};

//存入原来的库,第二个参数为原证书的私钥，第三个参数为新证书的私钥密码，第三个参数为新证书

            ks.setKeyEntry(afteraliasName, prk, afterNewPass, cchain); //用新密钥替代原来的没有签名的证书的密码

            FileOutputStream out2 = new FileOutputStream(name);

            ks.store(out2, storepass); //存入原来的库中，第二个参数为该库的访问密码

///////////////////////////////////////////////////////////////////////////

//end 方式二

///////////////////////////////////////////////////////////////////////////


        } catch (SignatureException ex) {
            isError = true;
            ex.printStackTrace();
        } catch (NoSuchProviderException ex) {
            isError = true;
            ex.printStackTrace();
        } catch (InvalidKeyException ex) {
            isError = true;
            ex.printStackTrace();
        } catch (UnrecoverableKeyException ex) {
            isError = true;
            ex.printStackTrace();
        } catch (CertificateException ex) {
            isError = true;
            ex.printStackTrace();
        } catch (NoSuchAlgorithmException ex) {
            isError = true;
            ex.printStackTrace();
        } catch (IOException ex) {
            isError = true;
            ex.printStackTrace();
        } catch (KeyStoreException ex) {
            isError = true;
            ex.printStackTrace();
        }
        if (isError) {
            JOptionPane.showMessageDialog(this, "失败");
        } else {
            JOptionPane.showMessageDialog(this, "成功");
        }
    }

    private void jbInit() throws Exception {
        this.getContentPane().setLayout(xYLayout1); jLabel1.setText("CA证书所在库密码");
        nameFld.setText(""); jLabel2.setText("CA证书密码"); jLabel3.setText(
            "CA证书别名"); jLabel4.setText("证书库名"); jLabel5.setText("被签证书别名");
        jLabel8.setText("有效期(年)"); jLabel9.setText("签发序列号");
        xYLayout1.setWidth(400); xYLayout1.setHeight(366); jLabel10.setText(
            "证书被签后的别名"); jButton1.setText("签名"); jButton1.addActionListener(new
            SignCert_jButton1_actionAdapter(this)); jLabel6.setText("被签证书私钥密码");
            jLabel7.setText("被签后证书的私钥密码"); afterNewPassFld.setToolTipText("");
            afterNewPassFld.setText(""); jLabel11.setText("int型"); jLabel12.setText(
            "int型"); this.
            getContentPane().add(jButton1, new XYConstraints(111, 323, 207, -1)); this.
            getContentPane().add(jLabel6, new XYConstraints(13, 175, -1, -1)); this.
            getContentPane().add(jLabel10, new XYConstraints(14, 204, -1, -1)); this.
            getContentPane().add(jLabel1, new XYConstraints(14, 46, -1, -1)); this.
            getContentPane().add(jLabel3, new XYConstraints(45, 75, -1, -1)); this.
            getContentPane().add(jLabel2, new XYConstraints(44, 109, -1, -1)); this.
            getContentPane().add(jLabel4, new XYConstraints(59, 15, -1, -1)); this.
            getContentPane().add(jLabel5, new XYConstraints(37, 145, -1, -1)); this.
            getContentPane().add(jLabel8, new XYConstraints(54, 259, -1, -1)); this.
            getContentPane().add(jLabel9, new XYConstraints(49, 287, -1, -1)); this.
            getContentPane().add(jLabel7, new XYConstraints(2, 230, -1, -1)); this.
            getContentPane().add(cakeypassFld,
                                 new XYConstraints(118, 107, 210, -1)); this.
            getContentPane().add(aliasNameFld,
                                 new XYConstraints(117, 142, 210, -1)); this.
            getContentPane().add(nFld,
                                 new XYConstraints(116, 255, 212, -1)); this.
            getContentPane().add(snFld,
                                 new XYConstraints(117, 283, 210, -1)); this.
            getContentPane().add(nameFld, new XYConstraints(118, 13, 210, -1)); this.
            getContentPane().add(storepassFld,
                                 new XYConstraints(117, 44, 210, -1)); this.
            getContentPane().add(aliasFld, new XYConstraints(117, 72, 210, -1)); this.
            getContentPane().add(afteraliasNameFld,
                                 new XYConstraints(116, 199, 213, -1)); this.
            getContentPane().add(afterNewPassFld,
                                 new XYConstraints(116, 225, 212, -1)); this.
            getContentPane().add(namePassFld,
                                 new XYConstraints(117, 171, 212, -1)); this.
            getContentPane().add(jLabel12, new XYConstraints(332, 287, -1, -1)); this.
            getContentPane().add(jLabel11, new XYConstraints(332, 257, -1, -1)); }

    public void jButton1_actionPerformed(ActionEvent e) {
       fillSetting();
       sign();
    }
    public static void main(String[] args) {
       SignCertFrame frm = new SignCertFrame();
       frm.setSize(600,450);
       frm.show();
    }
}

class SignCert_jButton1_actionAdapter implements ActionListener {
    private SignCertFrame adaptee;
    SignCert_jButton1_actionAdapter(SignCertFrame adaptee) {
        this.adaptee = adaptee; }

    public void actionPerformed(ActionEvent e) {
        adaptee.jButton1_actionPerformed(e); }}