大宝CA版本的国密算法DoubleCA-JCE实现，1.1.2版本，Android5.0可用，含应用示例代码

共40个文件

dcks：9个

cer：7个

pem：7个

DoubleCA

大宝CA

国密算法

5星 · 超过95%的资源需积分: 32 167 浏览量 2020-01-27 23:02:45 上传评论 2 收藏 4.19MB ZIP 举报

资源推荐

资源详情

资源评论

收起资源包目录

pkcs-doubleca-sample.2020.01.27.zip （40个子文件）

pkcs-doubleca-sample

src

com

doubleca

sample

pki

pkcs

SM2Keystore.java 14KB

Test.java 11KB

TestRSAKeystore.java 6KB

RSAKeystore.java 9KB

bin

resources

CLIENT - 副本.dcks 7KB

CLIENT.dcks 8KB

test01.dcks 4KB

tomcat_gmssl_test.p7b 2KB

sm2subca.cer 590B

test01.p7b 2KB

cfcaca1.cer 936B

lh_ca.pem 619B

tomcat_gmssl_haitai.dcks 2KB

tomcat_gmssl_test.dcks 4KB

CS.cert.pem 765B

tomcat_gmssl.dcks 2KB

CA.cert.pem 847B

sm2rootca.cer 808B

ca2.cer 1KB

CE.key.pem 241B

CS.key.pem 241B

lh_server.dcks 1KB

CE.cert.pem 765B

rootca2.cer 737B

lh_server.key 167B

dncomponents.properties 597B

gmssl.p7b 2KB

cfcaroot.cer 1002B

sm2Keypair20.dcks 12KB

lh_server.pem 554B

test2.dcks 4KB

rootca.cer 664B

.classpath 638B

.settings

org.eclipse.jdt.core.prefs 598B

.project 396B

lib

doubleca-jce-1.1.2-SNAPSHOT.jar 1.25MB

commons-lang-2.6.jar 278KB

doubleca-jce-1.1.1-SNAPSHOT.jar 1.25MB

bcprov-jdk16-1.46.jar 1.79MB

doubleca-pkcs-0.0.1-SNAPSHOT.jar 53KB

/** * */ package com.doubleca.sample.pki.pkcs; import java.io.BufferedInputStream; import java.io.ByteArrayOutputStream; import java.io.File; import java.io.FileInputStream; import java.io.FileNotFoundException; import java.io.FileOutputStream; import java.io.IOException; import java.io.InputStream; import java.io.OutputStream; import java.math.BigInteger; import java.security.KeyFactory; import java.security.KeyPair; import java.security.KeyStore; import java.security.KeyStoreException; import java.security.NoSuchAlgorithmException; import java.security.NoSuchProviderException; import java.security.PrivateKey; import java.security.PublicKey; import java.security.Security; import java.security.UnrecoverableKeyException; import java.security.cert.Certificate; import java.security.cert.CertificateEncodingException; import java.security.cert.CertificateException; import java.security.cert.CertificateFactory; import java.security.cert.X509Certificate; import java.security.spec.PKCS8EncodedKeySpec; import java.util.Enumeration; import com.doubleca.pki.crypto.DCToken; import com.doubleca.pki.crypto.params.KeyPairParams; import com.doubleca.pki.pkcs.SM2PKCS10; import com.doubleca.pki.pkcs.SM2PKCS7; import com.doubleca.pki.util.DnComponents; import com.doubleca.pki.x509.cert.SM2X509Cert; import com.sun.org.apache.xerces.internal.impl.dv.util.Base64; import doubleca.security.provider.DoubleCA; public final class SM2Keystore { static { Security.addProvider(new DoubleCA()); } private final static String CERT_DEFAULT_SUBJECTDN = "CN=SelfCert, E=contact@doubleca.com, O=www.DoubleCA.com, ST=BEIJING, C=CN"; private final static String DEFAULT_ALIAS = "c=cn,st=beijing,o=www.doubleca.com,e=contact@doubleca.com,cn=selfcert"; private final static String SIGN_ALG = "SM3WithSM2"; private final static int CERT_DEFAULT_VALIDITY = 365; private final static String KEYSTORE_TYPE = "DCKS"; private KeyStore keyStore = null; public SM2Keystore() throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException { keyStore = KeyStore.getInstance(KEYSTORE_TYPE); keyStore.load(null, null); } public void load(InputStream stream, char[] password) throws NoSuchAlgorithmException, CertificateException, IOException { keyStore.load(stream, password); } public void store(OutputStream stream, char[] password) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException { keyStore.store(stream, password); } public String createPKCS10(String subjectDN, char[] priKeyPassword) throws Exception { return createPKCS10(subjectDN, priKeyPassword, null); } public String createPKCS10(String subjectDN, char[] priKeyPassword, String alias) throws Exception { return createPKCS10(subjectDN, priKeyPassword, alias, null); } public String createPKCS10(String subjectDN, char[] priKeyPassword, String alias, String csrFilepath) throws Exception { DCToken token = new DCToken(); KeyPair keyPair = null; if (subjectDN == null || subjectDN.length() <= 0) { subjectDN = CERT_DEFAULT_SUBJECTDN; } keyPair = token.generatorKeyPair(KeyPairParams.getInstance(KeyPairParams.SM2_KEY, 256)); SM2PKCS10 sm2PKCS10 = new SM2PKCS10(token, SIGN_ALG, subjectDN, null, keyPair); X509Certificate[] chain = new X509Certificate[1]; chain[0] = token.signSelfCertificate(subjectDN, CERT_DEFAULT_VALIDITY, SIGN_ALG, keyPair); if (alias == null || alias.length() <= 0) { alias = DnComponents.stringToBCDNString(chain[0].getSubjectDN().getName()); } keyStore.setKeyEntry(alias, keyPair.getPrivate(), priKeyPassword, chain); if (csrFilepath != null && csrFilepath.length() > 0) { FileOutputStream fos = new FileOutputStream(csrFilepath); fos.write(sm2PKCS10.getPKCS10Base64(true).getBytes("UTF-8")); fos.close(); } return sm2PKCS10.getPKCS10Base64(true); } public String createPKCS10(KeyPair keyPair, String subjectDN, char[] priKeyPassword, String alias, String csrFilepath) throws Exception { DCToken token = new DCToken(); if (subjectDN == null || subjectDN.length() <= 0) { subjectDN = CERT_DEFAULT_SUBJECTDN; } // keyPair = token.generatorKeyPair(KeyPairParams.getInstance(KeyPairParams.SM2_KEY, 256)); SM2PKCS10 sm2PKCS10 = new SM2PKCS10(token, SIGN_ALG, subjectDN, null, keyPair); X509Certificate[] chain = new X509Certificate[1]; chain[0] = token.signSelfCertificate(subjectDN, CERT_DEFAULT_VALIDITY, SIGN_ALG, keyPair); if (alias == null || alias.length() <= 0) { alias = DnComponents.stringToBCDNString(chain[0].getSubjectDN().getName()); } keyStore.setKeyEntry(alias, keyPair.getPrivate(), priKeyPassword, chain); if (csrFilepath != null && csrFilepath.length() > 0) { FileOutputStream fos = new FileOutputStream(csrFilepath); fos.write(sm2PKCS10.getPKCS10Base64(true).getBytes("UTF-8")); fos.close(); } return sm2PKCS10.getPKCS10Base64(true); } public Certificate getCertificate(String alias) throws KeyStoreException { return this.keyStore.getCertificate(alias); } public Certificate[] getCertificateChain(String alias) throws KeyStoreException { return this.keyStore.getCertificateChain(alias); } public void installCertificate(final byte[] pkcs7Data, char[] priKeyPassword) throws KeyStoreException, NoSuchAlgorithmException, Exception { SM2PKCS7 p7b = new SM2PKCS7(pkcs7Data); SM2X509Cert[] chain = p7b.getCerts(); X509Certificate temp[] = new X509Certificate[chain.length]; for (int i = 0; i < chain.length; i++) { temp[i] = chain[i].getX509Certificate(); } this.installCertificate(temp, priKeyPassword); } public void installCertificate(final String cerFilepath) throws FileNotFoundException, CertificateException, NoSuchProviderException { InputStream bis = null; Certificate cert = null; String alias = null; try { bis = new FileInputStream(new File(cerFilepath)); CertificateFactory cf = CertificateFactory.getInstance("X509", DoubleCA.PROVIDER_NAME); cert = cf.generateCertificate(bis); alias = DnComponents.stringToBCDNString(((X509Certificate)cert).getSubjectDN().getName()); } finally { try { bis.close(); } catch(Exception ex) { } } if (alias == null) { return; } installCertificate(alias, cerFilepath); } public void installCertificate(final String alias, final String cerFilepath) throws FileNotFoundException, CertificateException, NoSuchProviderException { InputStream bis = null; Certificate cert = null; try { bis = new FileInputStream(new File(cerFilepath)); CertificateFactory cf = CertificateFactory.getInstance("X509", DoubleCA.PROVIDER_NAME); cert = cf.generateCertificate(bis); } finally { try { bis.close(); } catch(Exception ex) { } } try { keyStore.setCertificateEntry(alias, cert); } catch(Exception ex) { ex.printStackTrace(); } } public void installCertificate(final String p7bFilepath, char[] priKeyPassword) throws KeyStoreException, NoSuchAlgorithmException, Exception { BufferedInputStream bis = null; ByteArrayOutputStream bos = null; byte[] pkcs7Data = null; try { bis = new BufferedInputStream(new FileInputStream(new File(p7bFilepath))); bos = new ByteArrayOutputStream(); byte[] readDate = new byte[1024]; while (bis.read(readDate) >= 0) { bos.write(readDate); } pkcs7Data = bos.toByteArray(); } finally { if (bis != null) { try { bis.close(); } catch(Exception ex) { } } if (bos != null) { try { bos.close(); } catch(Exception ex) { } } } installCertificate(pkcs7Data, priKeyPassword); } public void ins

评论收藏

内容反馈