时间戳服务

2021-04-01 11:15:46 +08:00
parent fcf172458e
commit 453ae76e15
6 changed files with 368 additions and 1 deletions
--- a/lib/jit-vstk-jdk15-2.0.50-20150603.060911-1.jar
+++ b/lib/jit-vstk-jdk15-2.0.50-20150603.060911-1.jar
--- a/pom.xml
+++ b/pom.xml
@ -66,7 +66,13 @@
            <artifactId>poi-ooxml-schemas</artifactId>
            <version>4.1.2</version>
        </dependency>
-		
+        <dependency>
+            <groupId>jit.vstk</groupId>
+            <artifactId>jit-vstk</artifactId>
+            <version>2.0.50</version>
+            <scope>system</scope>
+            <systemPath>${basedir}/lib/jit-vstk-jdk15-2.0.50-20150603.060911-1.jar</systemPath>
+        </dependency>
        <dependency>
            <groupId>org.apache.velocity</groupId>
            <artifactId>velocity-tools</artifactId>
--- a/src/main/java/com/chinaunicom/mall/ebtp/extend/timeService/TimeServiceConstant.java
+++ b/src/main/java/com/chinaunicom/mall/ebtp/extend/timeService/TimeServiceConstant.java
@ -0,0 +1,156 @@
+package com.chinaunicom.mall.ebtp.extend.timeService;
+
+import cn.com.jit.assp.css.client.util.HelperUtil;
+import com.chinaunicom.mall.ebtp.extend.timeService.tsa.TtsAgent;
+import lombok.extern.slf4j.Slf4j;
+import cn.com.jit.tsa.client.*;
+import org.apache.commons.codec.binary.Base64;
+import org.springframework.core.io.ClassPathResource;
+
+import java.io.InputStream;
+import java.text.SimpleDateFormat;
+import java.util.Properties;
+
+@Slf4j
+public class TimeServiceConstant {
+
+    public static TSAClient client;
+
+    public  TimeServiceConstant(){
+        try{
+            Properties prop = new Properties();
+            ClassPathResource classPathResource = new ClassPathResource("cssconfig.properties");
+            InputStream inputStream =classPathResource.getInputStream();
+            prop.load(inputStream);
+            inputStream.close();
+
+            // 获得TSAClient工厂实例
+            TSAClientFactory factory = TSAClientFactory.newInstance(prop);
+            // 获得TSAClient
+            client = (TSAClient) factory.getTSAClient();
+        }catch (Exception e){
+            log.error("读取配置文件或连接时间戳服务器异常", e);
+        }
+    }
+    /**
+     * 申请时间戳
+     * @param data 待申请时间戳的原文
+     * @return 时间戳加密原文
+     */
+    public String signTimeStamp(String data){
+        try{
+            //第三步：申请时间戳,向时间戳服务器发起申请时间戳请求，返回时间戳结果
+            TSASignedResult result = client.signTimeStamp("SHA1", data.getBytes("UTF-8"));
+            //第四步：获取时间戳数据,tsaData为时间戳数据,验证时间戳时使用，如果不是实时验证，需要将时间戳数据保存在应用服务器
+            byte[] tsaData = result.getSignedData();
+            System.out.println("tsaData -->"+tsaData);
+            String timestamp = Base64.encodeBase64String(tsaData);
+            return timestamp;
+        }catch (Exception e){
+            log.error("申请时间戳异常", e);
+        }
+        return null;
+    }
+    /**
+     * 解析时间戳
+     * @param timestamp 时间戳加密原文
+     * @return 时间戳对象
+     */
+    public TSAVerifyResult verifyTimeStamp(String timestamp){
+        try{
+            TSAVerifyResult verifyResult = client.verifyTimeStamp(Base64.decodeBase64(timestamp));
+            return verifyResult;
+        }catch (Exception e){
+            log.error("解析时间戳", e);
+        }
+        return null;
+    }
+
+    /**
+     * 获取时间戳
+     * @param data 待申请时间戳的原文
+     * @return 时间戳对象
+     */
+    public TtsAgent.TtsParseResult getServiceTimeObj(String data){
+        try{
+            String timestamp = this.signTimeStamp(data);
+            TSAVerifyResult verifyResult = this.verifyTimeStamp(timestamp);
+            String time = new SimpleDateFormat("yyyyMMddHHmmss").format(verifyResult.getSignedTime());
+            TtsAgent.TtsParseResult ttsParseResult = new TtsAgent.TtsParseResult(time, HelperUtil.bytesToHexString(verifyResult.getData()),
+                    verifyResult.getSignerSubject());
+            return ttsParseResult;
+        }catch (Exception e){
+            log.error("获取时间戳异常", e);
+        }
+        return null;
+    }
+
+    /**
+     * 直接获取获取时间戳 时间
+     * @param data 待申请时间戳的原文
+     * @return 时间
+     */
+    public String getServiceTime(String data){
+        try{
+            String timestamp = this.signTimeStamp(data);
+            TSAVerifyResult verifyResult = this.verifyTimeStamp(timestamp);
+            String time = new SimpleDateFormat("yyyyMMddHHmmss").format(verifyResult.getSignedTime());
+
+            return time;
+        }catch (Exception e){
+            log.error("获取时间戳异常", e);
+        }
+        return null;
+    }
+
+    /**
+     *
+     * @param
+     * @return
+     */
+    public void getTSAClientTest() throws Exception{
+        Properties prop = new Properties();
+        ClassPathResource classPathResource = new ClassPathResource("cssconfig.properties");
+        InputStream inputStream =classPathResource.getInputStream();
+        //String path = ClassUtils.getDefaultClassLoader().getResource("").getPath();
+        //InputStream is = new FileInputStream("/resources/cssconfig.properties");
+        prop.load(inputStream);
+        inputStream.close();
+
+        try {
+            // 获得TSAClient工厂实例
+            TSAClientFactory factory = TSAClientFactory.newInstance(prop);
+            // 获得TSAClient
+            TSAClient client = (TSAClient) factory.getTSAClient();
+
+            // 待申请时间戳的原文
+            String source = "abcdefghijklmn";
+
+            //第三步：申请时间戳,向时间戳服务器发起申请时间戳请求，返回时间戳结果
+            TSASignedResult result = client.signTimeStamp("SHA1", source.getBytes("UTF-8"));
+
+            //第四步：获取时间戳数据,tsaData为时间戳数据,验证时间戳时使用，如果不是实时验证，需要将时间戳数据保存在应用服务器
+            byte[] tsaData = result.getSignedData();
+            System.out.println("tsaData -->"+tsaData);
+            String timestamp = Base64.encodeBase64String(tsaData);
+            System.out.println("timestamp -->"+timestamp);
+
+            TSAVerifyResult verifyResult = client.verifyTimeStamp(Base64.decodeBase64(timestamp));
+            System.out.println("verifyResult 1--> {}"+ verifyResult);
+            System.out.println("verifyResult 2--> {}"+ Base64.encodeBase64String(verifyResult.getData()));
+            System.out.println("verifyResult 3--> {}"+ verifyResult.getSignedTime());
+            System.out.println("verifyResult 4--> {}"+ verifyResult.getSignerSubject());
+            System.out.println("verifyResult 5--> {}"+ verifyResult.getSignerCertSerialNumber());
+            String time = new SimpleDateFormat("yyyyMMddHHmmss").format(verifyResult.getSignedTime());
+            System.out.println("verifyResult 5--> {}"+ time);
+            TtsAgent.TtsParseResult ttsParseResult = new TtsAgent.TtsParseResult(time, HelperUtil.bytesToHexString(verifyResult.getData()),
+                    verifyResult.getSignerSubject());
+            System.out.println("timestamp -> {}"+ ttsParseResult.getTimestamp());
+            System.out.println("cert -> {}"+ttsParseResult.getCert());
+            System.out.println("hash -> {}"+ttsParseResult.getHash());
+
+        } catch (TSAException ex) {
+            System.out.println("时间戳申请失败, 失败原因: " + ex.getMessage());
+        }
+    }
+}
--- a/src/main/java/com/chinaunicom/mall/ebtp/extend/timeService/controller/TiemServiceController.java
+++ b/src/main/java/com/chinaunicom/mall/ebtp/extend/timeService/controller/TiemServiceController.java
@ -0,0 +1,63 @@
+package com.chinaunicom.mall.ebtp.extend.timeService.controller;
+
+import cn.com.jit.tsa.client.TSAVerifyResult;
+import com.chinaunicom.mall.ebtp.common.base.entity.BaseResponse;
+import com.chinaunicom.mall.ebtp.extend.templatewarehouse.entity.BizBidTemplateWarehouse;
+import com.chinaunicom.mall.ebtp.extend.timeService.TimeServiceConstant;
+import com.chinaunicom.mall.ebtp.extend.timeService.tsa.TtsAgent;
+import io.swagger.annotations.Api;
+import io.swagger.annotations.ApiParam;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.RestController;
+
+
+@RestController
+@Api(tags = "")
+@RequestMapping("/v1/timeService")
+public class TiemServiceController {
+
+    /**
+     * 申请时间戳
+     * @param data 待申请时间戳的原文
+     * @return 时间戳加密原文
+     */
+    @GetMapping(value = "/signTimeStamp")
+    public BaseResponse<String> signTimeStamp(@ApiParam(value = "待申请时间戳的原文", required = true) @RequestParam(name = "data") String data) {
+        TimeServiceConstant constant = new TimeServiceConstant();
+        return BaseResponse.success(constant.signTimeStamp(data));
+    }
+
+    /**
+     * 解析时间戳
+     * @param timestamp 时间戳加密原文
+     * @return 时间戳对象
+     */
+    @GetMapping(value = "/verifyTimeStamp")
+    public BaseResponse<TSAVerifyResult> verifyTimeStamp(@ApiParam(value = "时间戳加密原文", required = true) @RequestParam(name = "timestamp") String timestamp) {
+        TimeServiceConstant constant = new TimeServiceConstant();
+        return BaseResponse.success(constant.verifyTimeStamp(timestamp));
+    }
+
+    /**
+     * 获取时间戳
+     * @param data 待申请时间戳的原文
+     * @return 时间戳对象
+     */
+    @GetMapping(value = "/getServiceTimeObj")
+    public BaseResponse<TtsAgent.TtsParseResult> getServiceTimeObj(@ApiParam(value = "待申请时间戳的原文", required = true) @RequestParam(name = "data") String data) {
+        TimeServiceConstant constant = new TimeServiceConstant();
+        return BaseResponse.success(constant.getServiceTimeObj(data));
+    }
+    /**
+     * 获取时间戳
+     * @param data 待申请时间戳的原文
+     * @return 时间戳对象
+     */
+    @GetMapping(value = "/getServiceTime")
+    public BaseResponse<String> getServiceTime(@ApiParam(value = "待申请时间戳的原文", required = true) @RequestParam(name = "data") String data) {
+        TimeServiceConstant constant = new TimeServiceConstant();
+        return BaseResponse.success(constant.getServiceTime(data));
+    }
+}
--- a/src/main/java/com/chinaunicom/mall/ebtp/extend/timeService/tsa/TtsAgent.java
+++ b/src/main/java/com/chinaunicom/mall/ebtp/extend/timeService/tsa/TtsAgent.java
@ -0,0 +1,101 @@
+package com.chinaunicom.mall.ebtp.extend.timeService.tsa;
+
+/**
+ * CA 时间戳服务接口
+ * 
+ * @工程： EPS(4.0)
+ * 
+ * @模块：
+ * 
+ * @作者： 李志慧
+ * 
+ * @创建日期： 2016年3月17日
+ * 
+ * @修改记录（修改时间、作者、原因）：
+ */
+public interface TtsAgent {
+
+	/**
+	 * 创建hash 的时间戳
+	 * 
+	 * @作者： 李志慧 @创建日期： 2016年3月17日
+	 * 
+	 * @参数: hash 数据hash值
+	 * @返回值: String
+	 * 
+	 * @修改记录（修改时间、作者、原因）：
+	 */
+	String createTimestamp(String hash);
+
+	/**
+	 * 时间戳验证
+	 * 
+	 * @作者： 李志慧 @创建日期： 2016年3月17日
+	 * 
+	 * @参数: timestamp 时间戳
+	 * @返回值: boolean
+	 * 
+	 * @修改记录（修改时间、作者、原因）：
+	 */
+	boolean verifyTimestamp(String timestamp);
+
+	/**
+	 * 解析时间戳
+	 * 
+	 * @作者： 李志慧 @创建日期： 2016年3月17日
+	 * 
+	 * @参数: timestamp 时间戳
+	 * @返回值: TtsParseResult
+	 * 
+	 * @修改记录（修改时间、作者、原因）：
+	 */
+	TtsParseResult parseTimestamp(String timestamp);
+
+	/**
+	 * 时间戳解析结果
+	 * 
+	 * @作者： 李志慧
+	 * 
+	 */
+	public class TtsParseResult {
+		// 时间
+		private String timestamp;
+
+		// hash 值
+		private String hash;
+
+		// 签名证书
+		private String cert;
+
+		public TtsParseResult(String timestamp, String hash, String cert) {
+			super();
+			this.timestamp = timestamp;
+			this.hash = hash;
+			this.cert = cert;
+		}
+
+		public String getTimestamp() {
+			return timestamp;
+		}
+
+		public void setTimestamp(String timestamp) {
+			this.timestamp = timestamp;
+		}
+
+		public String getHash() {
+			return hash;
+		}
+
+		public void setHash(String hash) {
+			this.hash = hash;
+		}
+
+		public String getCert() {
+			return cert;
+		}
+
+		public void setCert(String cert) {
+			this.cert = cert;
+		}
+	}
+}
--- a/src/main/resources/cssconfig.properties
+++ b/src/main/resources/cssconfig.properties
@ -0,0 +1,41 @@
+#ServerURL=http://192.168.9.110:8000/signxmlhandler
+ServerURL=http://10.249.247.133:8000/signserver/service/xml
+#ServerURL=http://192.168.9.110:8000/signserver/service/xml
+DigestAlg=SHA1
+#Encrypt Algorithm: des3/scb2
+EncAlg=des3
+CertBaseInfo = version;issuerdn;subjectdn;serialnumber;notbefore;notafter
+TSACertBaseInfo = issuerdn;subjectdn;serialnumber;signedTime;signedTSA;signedTimeByMS
+CertExtendInfo =
+AppID=
+CertAlias =
+BaseInfo =digestalg;digestdata;plaindata;dscert
+SendMsgFormat=0
+HashActionPosition=0
+PrintLog=false
+#console/file/log4j  ####log4j not implement
+logTarget=console
+logFilePath=/temp/jit.dss.vstk.log
+#rfc3161/rfc2630
+TSAType=rfc3161
+#dsCert/issuerDNAndSN
+p1VerifyCertId=dsCert
+Compatible=true
+dss.client.class=cn.com.jit.assp.client.DSSClientHttpUrlConnectionImpl
+#dss.client.class=cn.com.jit.assp.client.DSSClientHttpClientImpl
+#default/encAfterDec/secretEnvelop(use this mode after using VCTK do envelop)   secretEnvelop:develop->RSAdecrypt->RSAencrypt->envelop
+envelopType=default
+#default unit KB and default size is 0,0 is not block;
+packageSize=0
+
+#default:10000   unit: ms
+timeout=10000
+connectTimeOut=10000
+# default : system unicode
+FileSystemCharSet=UTF-8
+vstkVersion=20
+EncryptMode=ecb
+#package size every time, unit is byte
+send_size=1048576
+#bigger than this will take big data modle, unit is byte
+bigdata_limit=20971520