From 7af2547027c698c9fa50ed6316fa2f5c144d8e1f Mon Sep 17 00:00:00 2001 From: yihzhou <468340218@qq.com> Date: Tue, 24 Dec 2024 15:47:47 +0800 Subject: [PATCH] =?UTF-8?q?=E8=AF=81=E4=B9=A6=E7=B1=BB=E6=8E=A5=E5=8F=A3?= =?UTF-8?q?=E6=9A=82=E5=AD=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../java/com/sunyard/chsm/utils/CertUtil.java | 74 +++++++++ .../com/sunyard/chsm/utils/DateFormat.java | 8 + .../com/sunyard/chsm/utils/SydCmsUtil.java | 140 ++++++++++++++++++ .../com/sunyard/chsm/param/CertCheckResp.java | 33 +++++ .../sunyard/chsm/param/CertExinfoResp.java | 37 +++++ .../com/sunyard/chsm/param/CertInfoResp.java | 55 +++++++ chsm-web-server/pom.xml | 6 + .../chsm/controller/CertController.java | 93 ++++++++++++ .../com/sunyard/chsm/service/CertService.java | 62 ++++++++ .../src/test/java/api/TestCert.java | 73 +++++++++ 10 files changed, 581 insertions(+) create mode 100644 chsm-common/src/main/java/com/sunyard/chsm/utils/CertUtil.java create mode 100644 chsm-common/src/main/java/com/sunyard/chsm/utils/SydCmsUtil.java create mode 100644 chsm-params/src/main/java/com/sunyard/chsm/param/CertCheckResp.java create mode 100644 chsm-params/src/main/java/com/sunyard/chsm/param/CertExinfoResp.java create mode 100644 chsm-params/src/main/java/com/sunyard/chsm/param/CertInfoResp.java create mode 100644 chsm-web-server/src/main/java/com/sunyard/chsm/controller/CertController.java create mode 100644 chsm-web-server/src/main/java/com/sunyard/chsm/service/CertService.java create mode 100644 chsm-web-server/src/test/java/api/TestCert.java diff --git a/chsm-common/src/main/java/com/sunyard/chsm/utils/CertUtil.java b/chsm-common/src/main/java/com/sunyard/chsm/utils/CertUtil.java new file mode 100644 index 0000000..dd1d12e --- /dev/null +++ b/chsm-common/src/main/java/com/sunyard/chsm/utils/CertUtil.java @@ -0,0 +1,74 @@ +package com.sunyard.chsm.utils; + +import org.bouncycastle.asn1.ASN1Integer; +import org.bouncycastle.asn1.ASN1Sequence; +import org.bouncycastle.jce.provider.BouncyCastleProvider; + +import java.io.ByteArrayInputStream; +import java.security.NoSuchProviderException; +import java.security.Security; +import java.security.cert.CertificateException; +import java.security.cert.CertificateFactory; +import java.security.cert.X509Certificate; + +import static com.sunyard.chsm.utils.SydCmsUtil.readContentInfo; + + +/** + * @author zyh + * @since 2024/12/19 + */ +public class CertUtil { + static { + Security.addProvider(new BouncyCastleProvider()); + } + + public static X509Certificate convertToX509Cert(String certificateString) { + String pemCert; + if(certificateString.contains("-----BEGIN CERTIFICATE-----")){ + pemCert =certificateString; + }else { + String cert_begin = "-----BEGIN CERTIFICATE-----\n"; + String end_cert = "\n-----END CERTIFICATE-----"; + pemCert = cert_begin + certificateString + end_cert; + } + try { + CertificateFactory CF = CertificateFactory.getInstance("X.509", "BC"); // 从证书工厂中获取X.509的单例类 + return (X509Certificate) CF.generateCertificate(new ByteArrayInputStream(pemCert.getBytes())); // 将文件流的证书转化为证书类 + } catch (CertificateException | NoSuchProviderException e) { + throw new RuntimeException(e); + } + } + + + + public static String getSn(String cert) { + try { + + if(cert.contains("-----BEGIN CERTIFICATE-----")){ + String[] lines = cert.split("\n"); + // 构建新的证书字符串,去掉第一行和最后一行 + StringBuilder cleanedCertificate = new StringBuilder(); + for (int i = 1; i < lines.length - 1; i++) { + cleanedCertificate.append(lines[i]); + } + cert = cleanedCertificate.toString(); + } + //从证书中获取sn + Object pkContent = readContentInfo(CodecUtils.decodeBase64(cert)); + + //逐级从结构体中获取需要的sn + ASN1Sequence pkSeq = ASN1Sequence.getInstance(pkContent); + ASN1Sequence pkSeq0 = (ASN1Sequence) pkSeq.getObjectAt(0).toASN1Primitive(); + ASN1Integer sn = (ASN1Integer) pkSeq0.getObjectAt(1).toASN1Primitive(); + String serNum = CodecUtils.encodeHex(sn.getEncoded()); + + //去掉长度 + return serNum.substring(4); + + } catch (Exception e) { + throw new RuntimeException(e); + } + } + +} diff --git a/chsm-common/src/main/java/com/sunyard/chsm/utils/DateFormat.java b/chsm-common/src/main/java/com/sunyard/chsm/utils/DateFormat.java index 73111de..f10d388 100644 --- a/chsm-common/src/main/java/com/sunyard/chsm/utils/DateFormat.java +++ b/chsm-common/src/main/java/com/sunyard/chsm/utils/DateFormat.java @@ -1,6 +1,8 @@ package com.sunyard.chsm.utils; +import java.text.SimpleDateFormat; import java.time.format.DateTimeFormatter; +import java.util.Date; /** * @author liulu @@ -18,4 +20,10 @@ public abstract class DateFormat { public static final DateTimeFormatter DATE = DateTimeFormatter.ofPattern(YYYY_MM_DD); public static final DateTimeFormatter DATE_TIME = DateTimeFormatter.ofPattern(YYYY_MM_DD_HH_MM_SS); + + public static String formDate(Date date) { + SimpleDateFormat sdf = new SimpleDateFormat("yyyyMMdd"); + return sdf.format(date); + } + } diff --git a/chsm-common/src/main/java/com/sunyard/chsm/utils/SydCmsUtil.java b/chsm-common/src/main/java/com/sunyard/chsm/utils/SydCmsUtil.java new file mode 100644 index 0000000..4338fe0 --- /dev/null +++ b/chsm-common/src/main/java/com/sunyard/chsm/utils/SydCmsUtil.java @@ -0,0 +1,140 @@ +package com.sunyard.chsm.utils; + +import org.bouncycastle.asn1.*; +import org.bouncycastle.asn1.cms.ContentInfo; +import org.bouncycastle.asn1.cms.EncryptedContentInfo; +import org.bouncycastle.asn1.cms.OriginatorInfo; +import org.bouncycastle.asn1.x509.AlgorithmIdentifier; +import org.bouncycastle.cms.CMSException; + +import java.io.IOException; +import java.util.HashMap; +import java.util.Map; + + +public class SydCmsUtil { + + public static Object readContentInfo( + byte[] input) { + ASN1InputStream is = new ASN1InputStream(input); + Object v = null; + try { + v = is.readObject(); + } catch (IOException e) { + e.printStackTrace(); + } + return v; + } + + + public static Map getEncryptedContentInfo(ASN1Encodable obj){ + Mapmap = new HashMap(); + ASN1Sequence seq = ASN1Sequence.getInstance(obj ); + if (seq.size() < 2) + { + throw new IllegalArgumentException("Truncated Sequence Found"); + } + + ASN1ObjectIdentifier contentType = (ASN1ObjectIdentifier)seq.getObjectAt(0); + map.put( "contentType", contentType ); + + AlgorithmIdentifier contentEncryptionAlgorithm = AlgorithmIdentifier.getInstance( + seq.getObjectAt(1)); + + map.put( "contentEncryptionAlgorithm", contentEncryptionAlgorithm ); + + if (seq.size() > 2) + { + ASN1OctetString encryptedContent = ASN1OctetString.getInstance( + (ASN1TaggedObject)seq.getObjectAt(2), false); + map.put( "encryptedContent", encryptedContent ); + } + return map; + } + + public static Map getOriginatorInfo(ASN1TaggedObject obj, + boolean explicit){ + Mapmap = new HashMap(); + ASN1Sequence seq = ASN1Sequence.getInstance(obj, explicit); + switch (seq.size()) + { + case 0: // empty + break; + case 1: + ASN1TaggedObject o = (ASN1TaggedObject)seq.getObjectAt(0); + switch (o.getTagNo()) + { + case 0 : + ASN1Set certs = ASN1Set.getInstance(o, false); + map.put("certs", certs); + break; + case 1 : + ASN1Set crls = ASN1Set.getInstance(o, false); + map.put("crls", crls); + break; + default: + throw new IllegalArgumentException("Bad tag in OriginatorInfo: " + o.getTagNo()); + } + break; + case 2: + ASN1Set certs = ASN1Set.getInstance((ASN1TaggedObject)seq.getObjectAt(0), false); + map.put("certs", certs); + ASN1Set crls = ASN1Set.getInstance((ASN1TaggedObject)seq.getObjectAt(1), false); + map.put("crls", crls); + break; + default: + throw new IllegalArgumentException("OriginatorInfo too big"); + } + + return map; + } + +// public static ContentInfo getContentInfo( byte[] input ) { +// Object content = readContentInfo( input ); +// ASN1Sequence seq = ASN1Sequence.getInstance( content ); +// return new ContentInfo(seq); +// +// } + + public static Map readCmsInfo( byte[] input ) throws CMSException { + Mapmap = new HashMap(); + + Object content = readContentInfo( input ); + ASN1Sequence seq = ASN1Sequence.getInstance( content ); + ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier) seq.getObjectAt(0); + map.put("oid", oid); + + seq = ASN1Sequence.getInstance((ASN1TaggedObject) seq.getObjectAt(1), true); + + int index = 0; + + ASN1Integer version = (ASN1Integer)seq.getObjectAt(index++); + map.put( "version", version ); + + Object tmp = seq.getObjectAt(index++); + + if (tmp instanceof ASN1TaggedObject) + { + OriginatorInfo originatorInfo = OriginatorInfo.getInstance((ASN1TaggedObject)tmp, false); +// MaporiginatorInfo = getOriginatorInfo((ASN1TaggedObject)tmp, false); + map.put( "originatorInfo", originatorInfo ); + tmp = seq.getObjectAt(index++); + } + + ASN1Set recipientInfos = ASN1Set.getInstance(tmp); + map.put( "recipientInfos", recipientInfos ); + + EncryptedContentInfo encryptedContentInfo = EncryptedContentInfo.getInstance( seq.getObjectAt(index++) ); +// Map encryptedContentInfo = getEncryptedContentInfo(seq.getObjectAt(index++)); + map.put( "encryptedContentInfo", encryptedContentInfo ); + + if(seq.size() > index) + { + ASN1Set unprotectedAttrs = ASN1Set.getInstance((ASN1TaggedObject)seq.getObjectAt(index), false); + map.put( "unprotectedAttrs", unprotectedAttrs ); + } + + return map; + } + +} diff --git a/chsm-params/src/main/java/com/sunyard/chsm/param/CertCheckResp.java b/chsm-params/src/main/java/com/sunyard/chsm/param/CertCheckResp.java new file mode 100644 index 0000000..004d4a5 --- /dev/null +++ b/chsm-params/src/main/java/com/sunyard/chsm/param/CertCheckResp.java @@ -0,0 +1,33 @@ +package com.sunyard.chsm.param; + +import lombok.Data; + +/** + * @author zyh + * @since 2024/12/20 + */ +@Data +public class CertCheckResp { + + /* + 证书有效期 +*/ + private String NotBefore; + + /* + 证书过期时间 + */ + private String NotAfter; + + /* + 证书签名 + * / + */ + private String Signature; + + + /* + CRL + */ + private String CRL; +} diff --git a/chsm-params/src/main/java/com/sunyard/chsm/param/CertExinfoResp.java b/chsm-params/src/main/java/com/sunyard/chsm/param/CertExinfoResp.java new file mode 100644 index 0000000..47c25d1 --- /dev/null +++ b/chsm-params/src/main/java/com/sunyard/chsm/param/CertExinfoResp.java @@ -0,0 +1,37 @@ +package com.sunyard.chsm.param; + +import lombok.Data; + +/** + * @author zyh + * @since 2024/12/19 + */ + +@Data +public class CertExinfoResp { + +// /* +// 密钥用法 +// */ +// private String SubjectDN; + + /* + 签名算法OID + */ + private String SigAlgOID; + + /* + 证书签名 + */ + private String Signature; + +// /* +// 证书约束 +// */ +// private String SubjectType; + + + + + +} diff --git a/chsm-params/src/main/java/com/sunyard/chsm/param/CertInfoResp.java b/chsm-params/src/main/java/com/sunyard/chsm/param/CertInfoResp.java new file mode 100644 index 0000000..ae5e2d4 --- /dev/null +++ b/chsm-params/src/main/java/com/sunyard/chsm/param/CertInfoResp.java @@ -0,0 +1,55 @@ +package com.sunyard.chsm.param; + +import lombok.Data; + +/** + * @author zyh + * @since 2024/12/19 + */ + +@Data +public class CertInfoResp { + + /* + 证书主题 + */ + private String SubjectDN; + + /* + 证书颁发者 + */ + private String IssuerDN; + + /* + 证书序列号 + */ + private String SerialNumber; + + /* + 证书有效期 + */ + private String NotBefore; + + /* + 证书过期时间 + */ + private String NotAfter; + + /* + 证书签名算法 + */ + private String SigAlgName; + + /* + 证书公钥 hex格式 + */ + private String PublicKey; + + /* + 证书版本 + */ + private int Version; + + + +} diff --git a/chsm-web-server/pom.xml b/chsm-web-server/pom.xml index 69c9382..cb2620c 100644 --- a/chsm-web-server/pom.xml +++ b/chsm-web-server/pom.xml @@ -25,6 +25,12 @@ ${project.version} + + com.sunyard.chsm + chsm-web-manage + ${project.version} + + com.dm DmJdbcDriver diff --git a/chsm-web-server/src/main/java/com/sunyard/chsm/controller/CertController.java b/chsm-web-server/src/main/java/com/sunyard/chsm/controller/CertController.java new file mode 100644 index 0000000..65e24a4 --- /dev/null +++ b/chsm-web-server/src/main/java/com/sunyard/chsm/controller/CertController.java @@ -0,0 +1,93 @@ +package com.sunyard.chsm.controller; + + +import com.sunyard.chsm.constant.AuditLogConst; +import com.sunyard.chsm.model.R; +import com.sunyard.chsm.model.dto.CertDTO; +import com.sunyard.chsm.param.*; +import com.sunyard.chsm.service.AppCertService; +import com.sunyard.chsm.service.CertService; +import com.sunyard.ssp.common.annotation.AuditControllerLog; +import org.springframework.web.bind.annotation.*; +import javax.annotation.Resource; +import javax.validation.Valid; + + +/** + * 证书管理类接口 + * + */ +@RestController +@RequestMapping("/cert") +public class CertController { + + + @Resource + private AppCertService appCertService; + + @Resource + private CertService certService; + + + /** + * 获取证书信息 + * + * @param certString 证书内容 + */ + @GetMapping ("/info") + public R getCertInfo(@RequestParam String certString) { + CertInfoResp certInfo = certService.getCertInfo(certString); + return R.data(certInfo); + } + + /** + * 获取证书拓展信息 + * + * @param certString 证书内容 + */ + @GetMapping ("/exinfo") + public R getCertExinfo(@RequestParam String certString) { + CertExinfoResp certExinfo = certService.getCertExinfo(certString); + return R.data(certExinfo); + } + + + /** + * 验证证书 + * + * @param certString 证书内容 + */ + @GetMapping ("/check") + public R certCheck(@RequestParam String certString) { + Boolean res = certService.checkCert(certString); + return R.data(res); + } + + + + + /** + * 导入证书 + * + * @param importCert 证书 + */ + @GetMapping ("/import") + public R importCert(@Valid @RequestBody CertDTO.ImportCert importCert) { + appCertService.importCert(importCert); + return R.ok(); + } + + /** + * 删除证书 + * + * @param id id + * @return void + */ + @DeleteMapping + @AuditControllerLog(description = "删除证书", operateType = AuditLogConst.DELETE) + public R delete(Long id) { + appCertService.delete(id); + return R.ok(); + } + +} diff --git a/chsm-web-server/src/main/java/com/sunyard/chsm/service/CertService.java b/chsm-web-server/src/main/java/com/sunyard/chsm/service/CertService.java new file mode 100644 index 0000000..ac724af --- /dev/null +++ b/chsm-web-server/src/main/java/com/sunyard/chsm/service/CertService.java @@ -0,0 +1,62 @@ +package com.sunyard.chsm.service; + +import com.sunyard.chsm.param.CertCheckResp; +import com.sunyard.chsm.param.CertExinfoResp; +import com.sunyard.chsm.param.CertInfoResp; +import com.sunyard.chsm.utils.CertUtil; +import com.sunyard.chsm.utils.CodecUtils; +import com.sunyard.chsm.utils.DateFormat; +import lombok.RequiredArgsConstructor; +import org.springframework.stereotype.Service; + +import java.security.cert.X509Certificate; +import java.text.SimpleDateFormat; +import java.util.Date; + +@Service +@RequiredArgsConstructor +public class CertService { + public CertInfoResp getCertInfo(String certString){ + X509Certificate x509Certificate = CertUtil.convertToX509Cert(certString); + CertInfoResp certInfo = new CertInfoResp(); + certInfo.setIssuerDN(x509Certificate.getIssuerDN().toString()); + certInfo.setSubjectDN(x509Certificate.getSubjectDN().toString()); + certInfo.setSerialNumber(CertUtil.getSn(certString)); + certInfo.setSigAlgName(x509Certificate.getSigAlgName()); + certInfo.setVersion(x509Certificate.getVersion()); + certInfo.setNotAfter(DateFormat.formDate(x509Certificate.getNotAfter())); + certInfo.setNotBefore(DateFormat.formDate(x509Certificate.getNotBefore())); + certInfo.setPublicKey(CodecUtils.encodeHex(x509Certificate.getPublicKey().getEncoded())); + return certInfo; + } + + + public CertExinfoResp getCertExinfo(String certString){ + X509Certificate x509Certificate = CertUtil.convertToX509Cert(certString); + CertExinfoResp certExinfo = new CertExinfoResp(); + certExinfo.setSigAlgOID(x509Certificate.getSigAlgOID()); + certExinfo.setSignature(CodecUtils.encodeBase64(x509Certificate.getSignature())); + return certExinfo; + } + + + + public Boolean checkCert(String certString){ + X509Certificate x509Certificate = CertUtil.convertToX509Cert(certString); + CertCheckResp certCheck = new CertCheckResp(); + certCheck.setNotAfter(DateFormat.formDate(x509Certificate.getNotAfter())); + certCheck.setNotBefore(DateFormat.formDate(x509Certificate.getNotBefore())); + certCheck.setSignature(CodecUtils.encodeBase64(x509Certificate.getSignature())); + + SimpleDateFormat sdf = new SimpleDateFormat("yyyyMMdd"); + Date dt = new Date(); + String nowTime = sdf.format(dt); + boolean after = Integer.parseInt(nowTime) < Integer.parseInt(certCheck.getNotAfter()); + boolean before = Integer.parseInt(nowTime) > Integer.parseInt(certCheck.getNotBefore()); + return after && before; + } + + + + +} diff --git a/chsm-web-server/src/test/java/api/TestCert.java b/chsm-web-server/src/test/java/api/TestCert.java new file mode 100644 index 0000000..9bb952d --- /dev/null +++ b/chsm-web-server/src/test/java/api/TestCert.java @@ -0,0 +1,73 @@ +package api; + +/** + * @author zyh + * @since 2024/12/19 + */ + +import com.sunyard.chsm.utils.CertUtil; + +import org.bouncycastle.asn1.x509.Extensions; +import org.bouncycastle.asn1.x509.KeyUsage; +import org.bouncycastle.cert.X509CertificateHolder; +import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder; +import org.junit.jupiter.api.Test; + +import java.security.cert.CertificateEncodingException; +import java.security.cert.CertificateParsingException; +import java.security.cert.X509Certificate; +import java.text.SimpleDateFormat; +import java.util.ArrayList; +import java.util.Date; +import java.util.List; + +public class TestCert { + + + @Test + public void test1() throws CertificateParsingException, CertificateEncodingException { + String cert = "-----BEGIN CERTIFICATE-----\n" + + "MIIE+DCCA+CgAwIBAgIQXQbkqDIONNM6NOW9uz38tDANBgkqhkiG9w0BAQsFADAz\n" + + "MQswCQYDVQQGEwJDTjERMA8GA1UECgwIVW5pVHJ1c3QxETAPBgNVBAMMCFNIRUNB\n" + + "IEcyMB4XDTIwMTAxMzA3NTgxM1oXDTIzMTAxMzE1NTk1OVowgdQxOTA3BgNVBAMM\n" + + "MOa1i+ivleW5v+WPkemTtuihjOiCoeS7veaciemZkOWFrOWPuOS4iua1t+WIhuih\n" + + "jDEzMDEGA1UECwwq5bm/5Y+R6ZO26KGM6IKh5Lu95pyJ6ZmQ5YWs5Y+45LiK5rW3\n" + + "5YiG6KGMMTMwMQYDVQQKDCrlub/lj5Hpk7booYzogqHku73mnInpmZDlhazlj7jk\n" + + "uIrmtbfliIbooYwxDzANBgNVBAcMBuS4iua1tzEPMA0GA1UECAwG5LiK5rW3MQsw\n" + + "CQYDVQQGEwJDTjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALRgbK63\n" + + "ZyrEmDkxgiwBZXjFp5KQAsqMKBGzORKDQ88I+hW6nKLMglbWTyfd26pPWoSy3TFs\n" + + "JN1HrBHkyfcKoYQ8KKN4bnH7hRrXV2LBBIPZdM6Tq3IHnTLg9KszCi1+Do/A7HQz\n" + + "yr9Rz0RyUkm7KnCt7dfGQKMfPGBGdabMY3HUs/kwGwVQG9KqyEu+wUGXP6nuty8A\n" + + "uI9u2OcUjPpfHcrH3gXwsFeiUUBt0/gEQX1UcTLaUYMcW67p5DQxi/pA3BGtbWvj\n" + + "yiAzIRyYcQgJpg0Ve0bI8nGqbdb1JDR3Spz1B90YOIIQ89oKfOLlkS3TUlJaTY2Q\n" + + "guQ8CrY4zMYsfI0CAwEAAaOCAWQwggFgMB8GA1UdIwQYMBaAFFaI3uMYQ4K3cqQm\n" + + "60SpYtCHxKwmMB0GA1UdDgQWBBRaOJdZxE5Q26SKcgRiQWdqkb8xlzAOBgNVHQ8B\n" + + "Af8EBAMCBsAwFAYDVR0lBA0wCwYJKoZIhvcvAQEFMCIGA1UdIAQbMBkwCgYIKoEc\n" + + "hu86AQMwCwYJKoEchu86AQIEMAwGA1UdEwEB/wQCMAAwfQYIKwYBBQUHAQEEcTBv\n" + + "MDgGCCsGAQUFBzABhixodHRwOi8vb2NzcDMuc2hlY2EuY29tL29jc3Avc2hlY2Ev\n" + + "c2hlY2Eub2NzcDAzBggrBgEFBQcwAoYnaHR0cDovL2xkYXAyLnNoZWNhLmNvbS9y\n" + + "b290L3NoZWNhZzIuZGVyMEcGA1UdHwRAMD4wPKA6oDiGNmh0dHA6Ly9sZGFwMi5z\n" + + "aGVjYS5jb20vQ0EyMDAxMS9SQTEyMDUwMTAwL0NSTDYzOTMyLmNybDANBgkqhkiG\n" + + "9w0BAQsFAAOCAQEAszG0ZWsZIylM3sPUKh1et2PIZtJ5jU4P4s8AwZAZEwuUpfay\n" + + "C6gJvfSqY4i6XQ+w2RVGKZFfq0oq23Sxv+jzzhuvL0bOyOzaVzS0pZwhBZ0ggfd7\n" + + "DY8irQ6CbKKp/ngE0vDILi00N/BujfFRQlg5Whr5i81wSBqXwry+EcVUa5t06ns/\n" + + "x545wQBnHNGrMtAaACFtjQiXdBfI02sEEd8uzdgMQn6FLxXuHFHbUF4VAue1TL5f\n" + + "UPNsAHFkqrdDDP5Ou7Dk2dE/5bti53wH1qQMbtTsdVp91Z9hzVAlw+WR3Ton7G1W\n" + + "S01olvhEUw9Bj7GhohZjFpzwcwwo7AQxA2aGFA==\n" + + "-----END CERTIFICATE-----\n"; + + X509Certificate x509Certificate = CertUtil.convertToX509Cert(cert); + + + + + SimpleDateFormat sdf = new SimpleDateFormat("yyyyMMdd"); + Date dt = new Date(); + String startTime = sdf.format(dt); + System.out.println(startTime); + + + + + } +} \ No newline at end of file