JAVA调用U盾进行客户认证实例

2024年1月3日发(作者：)

cipherSuite = (String) request .getAttribute("_suite"); n("cipherSuite=====" + cipherSuite);// tentType("text/plain");// FileInputStream fis = new FileInputStream("d:// ");PrintWriter out = ter();if (cipherSuite != null) { X509Certificate[] certs = (X509Certificate[]) request

.getAttribute("t.X509Certificate"); /* ibm http server us followings */ // X509Certificate[] certs = (X509Certificate[]) request // .getAttribute("_certificates");

if (certs != null) { if ( > 0) { X509Certificate t = certs[0]; pk = licKey(); }} else { if ("https".equals(eme())) { n("This was an HTTPS request, " + "but no client certificate is available"); } else { n("This was not an HTTPS request, " + "so no client certificate is available"); }}}return pk;} catch (Exception e) { throw new ServletException(e);} }

交易密码:

SecurityReceiveServlet代码

public class SecurityReceive extends HttpServlet { private static final long serialVersionUID = 1L;

/** * @see HttpServlet#HttpServlet() */

public SecurityReceive() { super(); // TODO Auto-generated constructor stub }

/** * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse * response) */ private byte[] sign(String password) throws Exception {

try { byte[] privKeyCode = SecurityHelper .loadOpenSSLKey("d:/ca/pkcs8_");

KeyFactory keyFactory = tance("RSA"); EncodedKeySpec privateKeySpec = new PKCS8EncodedKeySpec(privKeyCode); RSAPrivateKey privateKey = (RSAPrivateKey) keyFactory .generatePrivate(privateKeySpec); Signature dsa = tance("MD5WithRSA"); gn(privateKey); (es()); byte[] sig = (); return sig; } catch (Exception e) { throw new Exception(e); } }

private PublicKey getPubKeyFromIE(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { n("...security " + eme()); String issue, after, before, subject;

String serialno, signalg; int version; String cipherSuite = ""; PublicKey pk = null; try { cipherSuite = (String) request .getAttribute("_suite"); n("cipherSuite=====" + cipherSuite);

// tentType("text/plain"); // FileInputStream fis = new FileInputStream("d:// "); PrintWriter out = ter(); if (cipherSuite != null) { X509Certificate[] certs = (X509Certificate[]) request .getAttribute("t.X509Certificate"); /* ibm http server us followings */ // X509Certificate[] certs = (X509Certificate[]) request // .getAttribute("_certificates");

if (certs != null) { if ( > 0) { X509Certificate t = certs[0]; pk = licKey(); } } else { if ("https".equals(eme())) { n("This was an HTTPS request, " + "but no client certificate is

available"); } else { n("This was not an HTTPS request, " + "so no client certificate is

available"); }

} } return pk; } catch (Exception e) { throw new ServletException(e); } }

private boolean verifySignature(byte[] dcByPriv, String password, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { boolean verified = false; try { if (dcByPriv == null) { return false; } byte[] data = es("UTF8"); Signature sig = tance("MD5WithRSA"); rify(getPubKeyFromIE(request, response)); (data); try { verified = (dcByPriv); } catch (SignatureException se) { tackTrace(); verified = false; } return verified; } catch (Exception e) { throw new ServletException(e); } }

protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

boolean answer = false; String password = ""; String dcByPrivBase64 = ""; byte[] dcByPriv = null; password = (String) ameter("inputPwd"); dcByPrivBase64 = (String) ameter("dc_code"); try { dcByPriv = (es()); } catch (Exception e) { tackTrace(); dcByPriv = null; } answer = verifySignature(dcByPriv, password, request, response); n("answer=====" + answer); }

/** * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse * response) */ protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { doGet(request, response); }

}

我们的appletAuthClient的代码/* * To change this template, choose Tools | Templates

* and open the template in the editor. */

/* * * * Created on 2011-9-6, 13:08:02 */package ;

import RY3jni.*;

import .*;import tory;import ure;import vateKey;import dKeySpec;import 8EncodedKeySpec;import .*;import 64;

/** * */public class AuthClient extends t {

/** Initializes the applet AuthClient */ @Override public void init() { /* Set the Nimbus look and feel */ // /* * If Nimbus (introduced in Java SE 6) is not available, stay with the

* default look and feel. For details see * /tutorial/uiswing/lookandfeel/ */ try { for (dFeelInfo info : ger .getInstalledLookAndFeels()) { if ("Nimbus".equals(e())) { ger. setLookAndFeel(ssName()); break; } } } catch (ClassNotFoundException ex) { ger(e()).log( , null, ex); } catch (InstantiationException ex) { ger(e()).log( , null, ex); } catch (IllegalAccessException ex) { ger(e()).log( , null, ex); } catch (ortedLookAndFeelException ex) { ger(e()).log( , null, ex); } //

/* Create and display the applet */ try { AndWait(new Runnable() {

public void run() { initComponents();

} }); } catch (Exception ex) { tackTrace(); } }

/** * This method is called from within the init() method to initialize the * form. WARNING: Do NOT modify this code. The content of this method is * always regenerated by the Form Editor. */ @SuppressWarnings("unchecked") // private void initComponents() {

inputPassword = new ordField();

getContentPane().setLayout( new out(getContentPane(), _AXIS));

t("jPasswordField1"); getContentPane().add(inputPassword); }//

private IRY3 getROCK3Handler() throws Exception { IRY3 ry = new CRY3(); RY3Def flag = new RY3Def(); // String chPid = ""; String chPin = ""; String chSeed = "123456"; //

int[] Count = new int[4]; int[] RemainCount = new int[4]; int[] FreeSize = new int[1]; // char[] charPid = new char[16]; // 8 char[] charPin = new char[30]; // 24 char[] charSeed = new char[16]; // 6 char[] charHardID = new char[32]; // 16 // byte[] randbuf = new byte[16]; byte[] tmpbuf = new byte[2048]; String voucher = "aaaaaa"; charPid = new char[] { 'F', 'E', 'C', '2', 'B', 'F', 'E', '1' }; // chPin = "4567812345678"; charPin = Array(); try { 3_Find(charPid, Count); if (Count[0] != 0) { 3_Open(1); } else { return null; } return ry; } catch (Exception e) { throw new Exception(e); }

}

private RSAPrivateKey getPrivateKeyFromRC3() throws Exception { IRY3 ry = null; RSAPrivateKey privateKey = null; byte[] privKeyCode = new byte[1024];

try { ry = getROCK3Handler(); 3_Read(0, privKeyCode, 1024); KeyFactory keyFactory = tance("RSA"); EncodedKeySpec privateKeySpec = new PKCS8EncodedKeySpec(privKeyCode); privateKey = (RSAPrivateKey) keyFactory .generatePrivate(privateKeySpec); return privateKey; } catch (Exception e) { throw new Exception(e); } }

public String getUserInputPwd() { return new String(sword()); }

public String getSignature() { RSAPrivateKey privateKey = null; try { privateKey = getPrivateKeyFromRC3(); Signature dsa = tance("MD5WithRSA"); gn(privateKey); String pwd = new String(sword()); (es()); byte[] sig = (); n("success"); return new String((sig)); } catch (Exception e) { n("error: " + e); tackTrace(); return "-1"; } }

// Variables declaration - do not modify private ordField inputPassword; // End of variables declaration}