java source code of ImportCertTest

WeBASE-Node-Manager-master
- src
  - main
    - resources
      - application.yml
      - log
        log4j2.xml
        log4j2-dev.xml
      - templates
        AlertEmailForTest.html
        AlertEmailTemplate.html
      - Arial
        ARIALNI.TTF
        ARIALNBI.TTF
        ARIALNB.TTF
        ariblk.ttf
        ARIALN.TTF
      - mapper
        TransHashMapper.xml
        TableMapper.xml
        FrontGroupMapMapper.xml
        MethodMapper.xml
        AlertLogMapper.xml
        GroupMapper.xml
        MailServerConfig.xml
        ContractMapper.xml
        BlockMapper.xml
        UserTransMonitorMapper.xml
        NodeMapper.xml
        FrontMapper.xml
        CertMapper.xml
        AlertRuleMapper.xml
        UserMapper.xml
        TransDailyMapper.xml
        AccountMapper.xml
        AbiMapper.xml
        TokenMapper.xml
        RoleMapper.xml
    - java
      - com
        webank
        webase
        node
        mgr
        group
        GroupController.java
        GroupMapper.java
        entity
        ReqBatchStartGroup.java
        RspOperateResult.java
        RspGroupStatus.java
        StatisticalGroupTransInfo.java
        TbGroup.java
        ReqOperateGroup.java
        ReqGroupStatus.java
        ReqGenerateGroup.java
        GroupGeneral.java
        GroupService.java
        security
        JsonLogoutSuccessHandler.java
        JsonAuthenticationEntryPoint.java
        JsonAccessDeniedHandler.java
        customizeAuth
        TokenAuthenticationToken.java
        TokenAuthenticationProvider.java
        LoginSuccessHandler.java
        LoginFailHandler.java
        AccountDetailsService.java
        front
        entity
        NodeHeartBeat.java
        TotalTransCountInfo.java
        FrontInfo.java
        TbFront.java
        FrontParam.java
        TransactionParam.java
        FrontMapper.java
        FrontController.java
        FrontService.java
        transaction
        entity
        TransListParam.java
        TbTransHash.java
        TransactionInfo.java
        TransHashController.java
        TransHashService.java
        TransHashMapper.java
        precompiled
        entity
        CnsParam.java
        ConsensusHandle.java
        CrudHandle.java
        PrecompiledController.java
        sysconf
        PrecompiledSysConfigController.java
        SysConfigParam.java
        PrecompiledSysConfigService.java
        permission
        PermissionState.java
        PermissionManageController.java
        PermissionManageService.java
        PermissionParam.java
        PrecompiledService.java
        user
        UserService.java
        UserController.java
        entity
        TbUser.java
        ReqImportPem.java
        UpdateUserInputParam.java
        BindUserInputParam.java
        ReqImportPrivateKey.java
        KeyPair.java
        UserParam.java
        NewUserInputParam.java
        UserMapper.java
        abi
        entity
        AbiInfo.java
        ReqAbiListParam.java
        ReqImportAbi.java
        AbiMapper.java
        AbiController.java
        AbiService.java
        frontinterface
        FrontInterfaceService.java
        entity
        GenerateGroupInfo.java
        FrontUrlInfo.java
        PeerOfConsensusStatus.java
        PostAbiInfo.java
        GroupHandleResult.java
        FailInfo.java
        PeerOfSyncStatus.java
        SyncStatus.java
        FrontRestTools.java
        cert
        CertMapper.java
        entity
        CertParam.java
        TbCert.java
        CertHandle.java
        CertService.java
        CertController.java
        base
        code
        RetCode.java
        ConstantCode.java
        entity
        BasePageResponse.java
        BaseResponse.java
        BaseQueryParam.java
        properties
        ExecutorProperties.java
        ConstantProperties.java
        SchedulerProperties.java
        enums
        AccountStatus.java
        TransUnusualType.java
        ContractStatus.java
        TokenType.java
        GroupStatus.java
        TableName.java
        AlertLevelType.java
        MonitorUserType.java
        SqlSortType.java
        TransType.java
        DataStatus.java
        AlertRuleType.java
        UserType.java
        GroupType.java
        ContractType.java
        RoleType.java
        EnableStatus.java
        HasPk.java
        OperateStatus.java
        config
        ThreadPoolConfig.java
        SecurityConfig.java
        BeanConfig.java
        EncryptTypeConfig.java
        exception
        ExceptionsHandler.java
        NodeMgrException.java
        ParamException.java
        tools
        HttpRequestTools.java
        JsonTools.java
        TokenImgGenerator.java
        CertTools.java
        pagetools
        Map2PagedList.java
        entity
        MapHandle.java
        PageData.java
        List2Page.java
        SM3PasswordEncoder.java
        Web3Tools.java
        AlertRuleTools.java
        PemUtils.java
        NodeMgrTools.java
        filter
        FrontFilter.java
        AbstractAuthenticationFilter.java
        UriFormatFilter.java
        TokenAuthenticationFilter.java
        ValidateCodeFilter.java
        controller
        BaseController.java
        ErrorController.java
        scheduler
        StatisticsTransdailyTask.java
        PullBlockTransTask.java
        DeleteInfoTask.java
        TransMonitorTask.java
        ResetGroupListTask.java
        table
        TableMapper.java
        TableService.java
        node
        NodeParam.java
        NodeController.java
        entity
        PeerInfo.java
        NodeService.java
        Node.java
        NodeInfo.java
        TbNode.java
        NodeMapper.java
        contract
        ContractMapper.java
        entity
        QueryContractParam.java
        Contract.java
        TransactionInputParam.java
        DeployInputParam.java
        ContractParam.java
        QueryByBinParam.java
        TbContract.java
        RspSystemProxy.java
        ReqAddAddress.java
        ContractController.java
        ContractService.java
        alert
        mail
        MailService.java
        MailController.java
        server
        config
        MailServerConfigMapper.java
        entity
        ReqMailServerConfigParam.java
        TbMailServerConfig.java
        MailServerConfigController.java
        MailServerConfigService.java
        task
        AuditMonitorTask.java
        CertMonitorTask.java
        NodeStatusMonitorTask.java
        log
        entity
        ReqLogParam.java
        ReqLogListParam.java
        AlertLog.java
        AlertLogService.java
        AlertLogController.java
        AlertLogMapper.java
        rule
        AlertRuleMapper.java
        entity
        ReqAlertRuleParam.java
        TbAlertRule.java
        AlertRuleService.java
        AlertRuleController.java
        transdaily
        TbTransDaily.java
        SeventDaysTrans.java
        TbTransDailyMapper.java
        TransDailyService.java
        event
        EventController.java
        entity
        ContractEventInfo.java
        NewBlockEventInfo.java
        EventService.java
        monitor
        MonitorService.java
        entity
        UserMonitorResult.java
        ContractMonitorResult.java
        MonitorTrans.java
        UnusualContractInfo.java
        MonitorMapper.java
        MonitorController.java
        TbMonitor.java
        UnusualUserInfo.java
        PageTransInfo.java
        MonitorTransactionService.java
        ChainTransInfo.java
        block
        entity
        BlockListParam.java
        TbBlock.java
        MinMaxBlock.java
        BlockInfo.java
        BlockMapper.java
        BlockController.java
        BlockService.java
        frontgroupmap
        entity
        FrontGroup.java
        TbFrontGroupMap.java
        MapListParam.java
        FrontGroupMapService.java
        FrontGroupMapCache.java
        FrontGroupMapMapper.java
        token
        TbToken.java
        TokenMapper.java
        TokenService.java
        account
        entity
        TbAccountInfo.java
        LoginInfo.java
        PasswordInfo.java
        AccountInfo.java
        ImageToken.java
        AccountListParam.java
        AccountMapper.java
        AccountController.java
        AccountService.java
        chain
        ChainService.java
        ChainController.java
        role
        RoleMapper.java
        RoleListParam.java
        RoleController.java
        RoleService.java
        TbRole.java
        Application.java
        gm
        EncryptTypeController.java
        method
        MethodService.java
        entity
        TbMethod.java
        Method.java
        NewMethodInputParam.java
        MethodMapper.java
        MethodController.java
        performance
        PerformanceService.java
        PerformanceController.java
  - test
    - java
      - node
        mgr
        test
        group
        GroupControllerTest.java
        GroupServiceTest.java
        frontInterface
        FrontServiceTest.java
        front
        FrontControllerTest.java
        transaction
        TransHashServiceTest.java
        TransHashControllerTest.java
        user
        UserControllerTest.java
        abi
        AbiServiceTest.java
        AbiControllerTest.java
        cert
        BCCertTest.java
        ImportCertTest.java
        PullFrontCertTest.java
        LoadGmCertTest.java
        TestBase.java
        scheduler
        SchedulerServiceTest.java
        node
        NodeControllerTest.java
        contract
        ContractControllerTest.java
        ContractServiceTest.java
        alert
        mail
        AlertContentTest.java
        SendMailTest.java
        task
        AlertMailTaskTest.java
        SevenDaysTest.java
        ParseToolTest.java
        event
        EventControllerTest.java
        monitor
        MonitorControllerTest.java
        block
        BlockControllerTest.java
        frontgroupmap
        FrontGroupMapServiceTest.java
        token
        TokenTest.java
        gm
        MethodIdGmTest.java
        PublicKeyGmTest.java
        SM3PwdEncoderTest.java
        TestBase.java
        method
        MethodControllerTest.java
- Changelog.md
- release_note.txt
- script
  - webase-ddl.sql
  - webase-sql.list
  - webase-dml.sql
  - webase.sh
  - gm
    - webase-sql-gm.list
    - webase-gm.sh
    - webase-dml-gm.sql
- gradle
  - wrapper
    - gradle-wrapper.properties
    - gradle-wrapper.jar
- interfaces.md
- stop.sh
- gradlew.bat
- LICENSE
- gradlew
- build.gradle
- README.md
- start.sh
- status.sh
- install_FAQ.md
- .gitignore
- sider.yml

/**
 * Copyright 2014-2020 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package node.mgr.test.cert;

import java.io.*;
import java.security.*;
import java.security.cert.*;
import java.util.*;

import com.webank.webase.node.mgr.base.tools.NodeMgrTools;
import org.fisco.bcos.web3j.crypto.ECKeyPair;
import org.fisco.bcos.web3j.crypto.Keys;
import org.fisco.bcos.web3j.utils.Numeric;
import org.junit.Test;
import org.springframework.core.io.ClassPathResource;
import org.springframework.util.Assert;
import sun.security.ec.ECPublicKeyImpl;

import static com.webank.webase.node.mgr.base.tools.CertTools.byteToHex;

/**
 * test load non-guomi cert and guomi cert
 * using java.security.cert.CertificateFactory getInstance("X.509");
 * 2019/12
 * replace java.security.cert.CertificateFactory
 * with org.bouncycastle.jcajce.provider.asymmetric.x509.CertificateFactory
 */
public class ImportCertTest {
    private final static String head = "-----BEGIN CERTIFICATE-----\n" ;
    private final static String tail = "-----END CERTIFICATE-----\n" ;


    @Test
    public void testPubAddress() throws IOException, CertificateException, IllegalAccessException, InstantiationException {
        /**
         * @param: nodeCert
         * 只有节点证书才是ECC椭圆曲线，获取pub的方法和区块链的一致
         * 其余的agency chain 的crt都是rsa方法，使用大素数方法计算，不一样
         */
        // need crt file
        InputStream node = new ClassPathResource("node.crt").getInputStream();
        CertificateFactory cf = CertificateFactory.getInstance("X.509");
        X509Certificate nodeCert = (X509Certificate) cf.generateCertificate(node);
        // rsa算法的公钥和ecc的不一样
        ECPublicKeyImpl pub = (ECPublicKeyImpl) nodeCert.getPublicKey();
        byte[] pubBytes = pub.getEncodedPublicValue();
        String publicKey = Numeric.toHexStringNoPrefix(pubBytes);
        String address = Keys.getAddress(publicKey);
        byte[] addByteArray = Keys.getAddress(pubBytes);
        System.out.println("byte[] : pub ");
        System.out.println(pubBytes);
        System.out.println("====================================");
        System.out.println(publicKey); // 04e5e7efc9e8d5bed699313d5a0cd5b024b3c11811d50473b987b9429c2f6379742c88249a7a8ea64ab0e6f2b69fb8bb280454f28471e38621bea8f38be45bc42d
        System.out.println("byte[] to pub to address ");
        System.out.println(address); // f7b2c352e9a872d37a427601c162671202416dbc
        System.out.println("包含开头的04");
        System.out.println(byteToHex(addByteArray));
    }

    /**
     * address到底需不需要传入pub的开头的两位04
     * 答案： 不需要，公钥是128位的
     */
    @Test
    public void testAddress() throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, NoSuchProviderException {
        ECKeyPair key = Keys.createEcKeyPair();
        // 用byte[]穿进去获取公钥，就会可能多出一位0
        byte[] pubBytes = key.getPublicKey().toByteArray();
        System.out.println("=============原生的==============");
        System.out.println(key.getPublicKey()); //64bytes BigInteger
        System.out.println(Keys.getAddress(key.getPublicKey()));

        System.out.println("===========通过转成hex后获取地址============");
        System.out.println(Numeric.toHexStringNoPrefix(key.getPublicKey())); //Hex后显示
        System.out.println(Keys.getAddress(Numeric.toHexStringNoPrefix(key.getPublicKey())));

        System.out.println("===========通过byte[]============");
        System.out.println(Numeric.toHexStringNoPrefix(pubBytes)); // BigInteget=> byte[] => hex 多一位
        System.out.println(Keys.getAddress(Numeric.toHexStringNoPrefix(pubBytes)));
        System.out.println("===============");
//        System.out.println(Keys.getAddress(pubBytes));
    }

    @Test
    public void testImport() throws IOException, CertificateException, NoSuchAlgorithmException, InvalidKeyException, SignatureException, NoSuchProviderException {
        // read from file is
        InputStream pem = new ClassPathResource("node.crt").getInputStream();
        CertificateFactory cf = CertificateFactory.getInstance("X.509");
        // agency's crt
        List<X509Certificate> certs = (List<X509Certificate>) cf.generateCertificates(pem);


        for(X509Certificate c: certs) {
            System.out.println(c.getSubjectDN());
        }
        X509Certificate nodeCert = certs.get(0);
//        X509Certificate agencyCert = certs.get(1);
//        X509Certificate caCert = certs.get(2);
//        //只能验证上一级
//        agencyCert.verify(caCert.getPublicKey());
//        nodeCert.verify(agencyCert.getPublicKey());

        /**
         *  根据subjectDN 获取证书类型，证书名字
         */

    }

    @Test
    public void getSingleCrtContent() throws IOException {
        // read from file is
        InputStream pem = new ClassPathResource("node.crt").getInputStream();
        String certContent = getString(pem);
        List<String> list = new ArrayList<>();
        String[] nodeCrtStrArray = certContent.split(head);
        for(int i = 0; i < nodeCrtStrArray.length; i++) {
            String[] nodeCrtStrArray2 = nodeCrtStrArray[i].split(tail);
            for(int j = 0; j < nodeCrtStrArray2.length; j++) {
                String ca = nodeCrtStrArray2[j];
                if(ca.length() != 0) {
                    list.add(formatStr(ca));
                }
            }
        }
        for(String s: list) {
            System.out.println(s);
            System.out.println();
        }
    }
    public static String formatStr(String string) {
        return string.substring(0, string.length() - 1);
    }
    public static String getString(InputStream inputStream) throws IOException {
        byte[] bytes = new byte[0];
        bytes = new byte[inputStream.available()];
        inputStream.read(bytes);
        String str = new String(bytes);
        return str;
    }

    public String getFingerPrint(X509Certificate cert)throws Exception {
        // 指纹
        /**
         * Microsoft's presentation of certificates is a bit misleading
         * because it presents the fingerprint as if it was contained in the certificate
         * but actually Microsoft has to calculate the fingerprint, too.
         * This is especially misleading because a certificate actually has many fingerprints,
         * and Microsoft only displays the fingerprint it seems to use internally, i.e. the SHA-1 fingerprint.
         */
        String finger = NodeMgrTools.getCertFingerPrint(cert.getEncoded());
        System.out.println("指纹");
        System.out.println(finger);
        return finger;
    }

    public static boolean isExpired2(X509Certificate cert) {
        try {
            cert.checkValidity();
            return false;
        } catch (CertificateExpiredException e) {
            System.out.println("Certificate Expired");
            return true;
        } catch (CertificateNotYetValidException e) {
            System.out.println("Certificate Not Yet Valid");
            return true;
        } catch (Exception e) {
            System.out.println("Error checking Certificate Validity.  See admin.");
            return true;
        }
    }

    /**
     * import guomi node cert list
     * @throws CertificateEncodingException
     */
    @Test
    public void testLoadCertList() throws CertificateException, IOException {
        // need gmnode.crt file
        InputStream nodes = new ClassPathResource("sdk_node.crt").getInputStream();
        org.bouncycastle.jcajce.provider.asymmetric.x509.CertificateFactory factory =
                new org.bouncycastle.jcajce.provider.asymmetric.x509.CertificateFactory();
        List<X509Certificate> certs = (List<X509Certificate>) factory.engineGenerateCertificates(nodes);
        Assert.notNull(certs,"certs null");
        certs.stream().forEach(c -> {
            System.out.println(c.getSubjectDN());
            try {
                System.out.println(NodeMgrTools.getCertFingerPrint(c.getEncoded()));
            } catch (CertificateEncodingException e) {
                e.printStackTrace();
            }
        });
    }
}