From b229e6abdf909e134300ca6dc06107309c0dbab4 Mon Sep 17 00:00:00 2001 From: liulu Date: Tue, 10 Dec 2024 11:41:29 +0800 Subject: [PATCH] add task --- .../com/sunyard/chsm/service/TmkService.java | 42 +++++++++++++++++-- .../com/sunyard/chsm/task/DeviceTask.java | 40 +++++++++--------- 2 files changed, 57 insertions(+), 25 deletions(-) diff --git a/chsm-common/src/main/java/com/sunyard/chsm/service/TmkService.java b/chsm-common/src/main/java/com/sunyard/chsm/service/TmkService.java index 1473d35..4e3c3f6 100644 --- a/chsm-common/src/main/java/com/sunyard/chsm/service/TmkService.java +++ b/chsm-common/src/main/java/com/sunyard/chsm/service/TmkService.java @@ -20,6 +20,7 @@ import lombok.extern.slf4j.Slf4j; import org.bouncycastle.jce.provider.BouncyCastleProvider; import org.springframework.stereotype.Component; import org.springframework.util.Assert; +import org.springframework.util.ObjectUtils; import org.springframework.util.StringUtils; import java.time.LocalDateTime; @@ -62,7 +63,7 @@ public class TmkService { sdfApi.closeSession(hs); sdfApi.closeDevice(hd); - if (enableSoftDevice()) { + if (Objects.equals(device.getManufacturerModel(), BouncyCastleProvider.PROVIDER_NAME)) { updateSoftDeviceEncTmk(cipher.getC1C3C2Bytes()); } else { Device up = new Device(); @@ -170,9 +171,40 @@ public class TmkService { return res; } + + public void checkSoftDeviceTmk() { + if (!isTmkInit() || !enableSoftDevice()) { + return; + } + byte[] softTmk = getSoftDeviceEncTmk(); + if (Objects.nonNull(softTmk)) { + return; + } + log.warn("enabled soft device but no tmk in soft"); + Device device = getOneByStatus(DeviceTmkStatus.finished); + if (device == null || Objects.equals(device.getManufacturerModel(), BouncyCastleProvider.PROVIDER_NAME)) { + log.warn("data error, no tmk found in system"); + return; + } + SdfApiAdapter softAdapter = SdfApiAdapterFactory.newInstance(BouncyCastleProvider.PROVIDER_NAME, "", 0); + EccPubKey pubKey = softAdapter.exportEncPublicKeyECC("", 1); + + SdfApiAdapter tmkAdapter = SdfApiAdapterFactory.newInstance(device.getManufacturerModel(), device.getServiceIp(), device.getServicePort()); + String tmkHd = tmkAdapter.openDevice(); + String tmkHs = tmkAdapter.openSession(tmkHd); + tmkAdapter.getPrivateKeyAccessRight(tmkHs, device.getEncKeyIdx(), device.getAccessCredentials().getBytes()); + EccCipher cipher = tmkAdapter.exchangeDigitEnvelopeBaseOnECC(tmkHs, device.getEncKeyIdx(), pubKey, EccCipher.fromHex(device.getEncTmk())); + + updateSoftDeviceEncTmk(cipher.getC1C3C2Bytes()); + } + private Device getOneByStatus(DeviceTmkStatus status) { + Device device = spDeviceMapper.selectOneByStatus(status); + if (Objects.nonNull(device)) { + return device; + } if (enableSoftDevice()) { - Device device = new Device(); + device = new Device(); device.setManufacturerModel(BouncyCastleProvider.PROVIDER_NAME); device.setEncKeyIdx(1); device.setServiceIp("127.0.0.1"); @@ -184,7 +216,7 @@ public class TmkService { return device; } - return spDeviceMapper.selectOneByStatus(status); + return null; } private boolean isTmkInit() { @@ -217,7 +249,9 @@ public class TmkService { boolean enabled = enableSoftDevice(); Assert.isTrue(enabled, "未启用软设备"); ParamConf conf = paramConfMapper.selectByKey(ParamConfKeyConstant.SOFT_ENC_TMK); - Assert.notNull(conf, "数据异常, 未找到软设备主密钥记录"); + if (conf == null || ObjectUtils.isEmpty(conf.getValue())) { + return null; + } return CodecUtils.decodeBase64(conf.getValue()); } diff --git a/chsm-web-manage/src/main/java/com/sunyard/chsm/task/DeviceTask.java b/chsm-web-manage/src/main/java/com/sunyard/chsm/task/DeviceTask.java index b8d0f0e..3f6fd32 100644 --- a/chsm-web-manage/src/main/java/com/sunyard/chsm/task/DeviceTask.java +++ b/chsm-web-manage/src/main/java/com/sunyard/chsm/task/DeviceTask.java @@ -20,7 +20,6 @@ import java.time.Duration; import java.time.LocalDateTime; import java.util.List; import java.util.Objects; -import java.util.concurrent.Executors; /** * @author liulu @@ -51,27 +50,25 @@ public class DeviceTask implements InitializingBean { if (CollectionUtils.isEmpty(records)) { break; } - Executors.newSingleThreadExecutor().execute(() -> { - for (Device record : records) { - DeviceCheckRes checkRes = tmkService.checkDevice(record); - Device up = new Device(); - up.setId(record.getId()); - up.setConnected(checkRes.getStatus() != DeviceTmkStatus.device_error); - LocalDateTime now = LocalDateTime.now(); - if (up.getConnected()) { - up.setLastConnectedTime(now); - } - up.setLastCheckTime(now); - - up.setTmkStatus(checkRes.getStatus().name()); - up.setDeviceSerial(checkRes.getDeviceSerial()); - if (!Objects.equals(checkRes.getPubKey(), record.getPubKey())) { - up.setPubKey(checkRes.getPubKey()); - } - up.setEncTmk(checkRes.getEncTmk()); - spDeviceMapper.updateById(up); + for (Device record : records) { + DeviceCheckRes checkRes = tmkService.checkDevice(record); + Device up = new Device(); + up.setId(record.getId()); + up.setConnected(checkRes.getStatus() != DeviceTmkStatus.device_error); + LocalDateTime now = LocalDateTime.now(); + if (up.getConnected()) { + up.setLastConnectedTime(now); } - }); + up.setLastCheckTime(now); + + up.setTmkStatus(checkRes.getStatus().name()); + up.setDeviceSerial(checkRes.getDeviceSerial()); + if (!Objects.equals(checkRes.getPubKey(), record.getPubKey())) { + up.setPubKey(checkRes.getPubKey()); + } + up.setEncTmk(checkRes.getEncTmk()); + spDeviceMapper.updateById(up); + } } } @@ -79,6 +76,7 @@ public class DeviceTask implements InitializingBean { public void afterPropertiesSet() throws Exception { if (Platform.isLinux() || Platform.isWindows()) { threadPoolTaskScheduler.scheduleWithFixedDelay(this::checkDeviceStatus, Duration.ofMinutes(5L)); + threadPoolTaskScheduler.scheduleWithFixedDelay(tmkService::checkSoftDeviceTmk, Duration.ofMinutes(5L)); } else { log.warn("操作系统: {} 不支持启动检查设备状态定时任务", System.getProperty("os.name")); }