All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.biuqu.encryption.converter.impl.X509CertConverter Maven / Gradle / Ivy

package com.biuqu.encryption.converter.impl;

import com.biuqu.encryption.converter.CertConverter;
import com.biuqu.encryption.converter.X509CertificateBuilder;
import com.biuqu.encryption.exception.EncryptionException;
import com.biuqu.encryption.model.Cert;
import org.apache.commons.io.FileUtils;
import org.apache.commons.io.IOUtils;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openssl.jcajce.JcaMiscPEMGenerator;
import org.bouncycastle.util.encoders.Base64;
import org.bouncycastle.util.encoders.Hex;
import org.bouncycastle.util.io.pem.PemWriter;

import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileWriter;
import java.io.InputStream;
import java.security.Security;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;

/**
 * X509Certificate证书转换实现类
 *
 * @author BiuQu
 * @date 2023/01/02 10:34
 **/
public class X509CertConverter implements CertConverter
{
    @Override
    public X509Certificate genCertificate(X509CertificateBuilder certBuilder)
    {
        return certBuilder.build();
    }

    @Override
    public Cert toCert(String data)
    {
        if (null == data)
        {
            return null;
        }

        String newData = data.replaceAll(INVALID_CHAR_REGEX, SPACE);
        byte[] bytes = Base64.decode(newData);
        return toCert(new ByteArrayInputStream(bytes));
    }

    @Override
    public Cert toCert(InputStream in)
    {
        X509Certificate certificate = toCertificate(in);
        if (null != certificate)
        {
            Cert cert = new Cert();
            cert.setVersion(certificate.getVersion() + SPACE);
            cert.setAlgorithm(certificate.getSigAlgOID());
            cert.setIssuer(certificate.getIssuerDN().toString());
            cert.setSubject(certificate.getSubjectDN().toString());
            cert.setBeginTime(certificate.getNotBefore().getTime());
            cert.setEndTime(certificate.getNotAfter().getTime());
            cert.setSignature(new String(Hex.encode(certificate.getSignature())));
            cert.setSerialNumber(Hex.toHexString(certificate.getSerialNumber().toByteArray()));
            try
            {
                cert.setKey(certificate.getEncoded());
            }
            catch (Exception e)
            {
                throw new EncryptionException("parse cert error.", e);
            }
            return cert;
        }
        return null;
    }

    @Override
    public X509Certificate toCertificate(InputStream in)
    {
        try
        {
            CertificateFactory cf = CertificateFactory.getInstance(CERT_ALG, BouncyCastleProvider.PROVIDER_NAME);
            return (X509Certificate)cf.generateCertificate(in);
        }
        catch (Exception e)
        {
            throw new EncryptionException("parse cert error.", e);
        }
        finally
        {
            IOUtils.closeQuietly(in);
        }
    }

    @Override
    public void toCertificate(X509Certificate certificate, String path)
    {
        PemWriter writer = null;
        try
        {
            File parentDir = FileUtils.createParentDirectories(new File(path));
            if (!parentDir.exists())
            {
                throw new EncryptionException("No pem dir error.");
            }
            writer = new PemWriter(new FileWriter(path));
            writer.writeObject(new JcaMiscPEMGenerator(certificate));
        }
        catch (Exception e)
        {
            throw new EncryptionException("parse cert error.", e);
        }
        finally
        {
            IOUtils.closeQuietly(writer);
        }
    }

    static
    {
        //引入BouncyCastle算法支持
        Security.addProvider(new BouncyCastleProvider());
    }

    /**
     * 不能包含的特殊字符
     */
    private static final String INVALID_CHAR_REGEX = "\\s*|\t|r|\n|\r";

    /**
     * 空格
     */
    private static final String SPACE = "";

    /**
     * 证书协议
     */
    private static final String CERT_ALG = "X.509";
}




© 2015 - 2025 Weber Informatics LLC | Privacy Policy