密钥管理接口

chsm-common/src/main/java/com/sunyard/chsm/enums/Padding.java

@@ -8,14 +8,15 @@ import java.util.Objects;
 
 /**
  * 数据的填充模式
+ *
  * @author Cheney
  */
 @Getter
 @AllArgsConstructor
 public enum Padding {
     NOPadding("NoPadding", "NoPadding"),
-    PCKS5Padding( "PKCS5Padding", "PKCS5Padding"),
-    PCKS7Padding( "PKCS7Padding", "PKCS7Padding"),
+    PCKS5Padding("PKCS5Padding", "PKCS5Padding"),
+    PCKS7Padding("PKCS7Padding", "PKCS7Padding"),
     ;
 
     private final String code;

chsm-common/src/main/java/com/sunyard/chsm/service/KeyInfoService.java

@@ -14,6 +14,8 @@ public interface KeyInfoService {
 
     Page<KeyInfoDTO.KeyView> selectPageList(KeyInfoDTO.Query query);
 
+    KeyInfoDTO.KeyView selectById(Long id);
+
     Long save(KeyInfoDTO.KeySave save);
 
     void update(KeyInfoDTO.KeyUpdate update);

chsm-common/src/main/java/com/sunyard/chsm/service/impl/KeyInfoServiceImpl.java

@@ -158,6 +158,35 @@ public class KeyInfoServiceImpl implements KeyInfoService {
         return new Page<KeyInfoDTO.KeyView>(page.getCurrent(), page.getSize(), page.getTotal()).setRecords(viewList);
     }
 
+    @Override
+    public KeyInfoDTO.KeyView selectById(Long id) {
+        KeyInfo keyInfo = keyInfoMapper.selectById(id);
+        Assert.notNull(keyInfo, "密钥ID不存在");
+        LocalDateTime now = LocalDateTime.now();
+        KeyInfoDTO.KeyView view = new KeyInfoDTO.KeyView();
+        BeanUtils.copyProperties(keyInfo, view);
+        Optional.of(keyInfo.getKeyType()).map(KeyCategory::of).map(KeyCategory::getDesc).ifPresent(view::setKeyTypeText);
+        Map<String, String> usageMap = KeyUsage.getUsage(keyInfo.getKeyUsage())
+                .stream()
+                .collect(Collectors.toMap(KeyUsage::getCode, KeyUsage::getDesc));
+        view.setKeyUsages(new ArrayList<>(usageMap.keySet()));
+        view.setKeyUsageText(String.join(",", usageMap.values()));
+        KeyStatus keyStatus = KeyStatus.of(keyInfo.getStatus());
+        if (KeyStatus.ENABLED == keyStatus) {
+            if (now.isBefore(keyInfo.getEffectiveTime())) {
+                view.setStatus(KeyStatus.WAIT_ENABLED.getCode());
+                view.setStatusText(KeyStatus.WAIT_ENABLED.getDesc());
+            } else if (now.isAfter(keyInfo.getExpiredTime())) {
+                view.setStatus(KeyStatus.EXPIRED.getCode());
+                view.setStatusText(KeyStatus.EXPIRED.getDesc());
+            }
+        }
+        if (ObjectUtils.isEmpty(view.getStatusText())) {
+            view.setStatusText(keyStatus.getDesc());
+        }
+        return view;
+    }
+
     @Override
     public Long save(KeyInfoDTO.KeySave save) {
 
@@ -218,7 +247,7 @@ public class KeyInfoServiceImpl implements KeyInfoService {
 
         List<KeyInfo> keyInfos = keyInfoMapper.selectBatchIds(ids);
         if (CollectionUtils.isEmpty(keyInfos)) {
-            log.warn("enableKey no exist key with ids: {}", ids.stream().map(String::valueOf).collect(Collectors.joining(",")));
+            log.warn("updateKey no exist key with ids: {}", ids.stream().map(String::valueOf).collect(Collectors.joining(",")));
             return;
         }
         List<String> unNormalCodes = keyInfos.stream()

chsm-params/src/main/java/com/sunyard/chsm/param/KeyCreateReq.java

@@ -0,0 +1,26 @@
+package com.sunyard.chsm.param;
+
+import lombok.Data;
+
+import javax.validation.constraints.Max;
+import javax.validation.constraints.NotNull;
+
+/**
+ * @author liulu
+ * @since 2024/12/17
+ */
+@Data
+public class KeyCreateReq {
+
+    /**
+     * 密钥模版编码
+     */
+    @NotNull(message = "密钥模版不能为空")
+    private String keyTemplateCode;
+    /**
+     * 生成数量
+     */
+    @NotNull(message = "生成数量不能为空")
+    @Max(value = 100, message = "一次最多生成100个密钥")
+    private Integer genNumber;
+}

chsm-params/src/main/java/com/sunyard/chsm/param/KeyInfoQuery.java

@@ -0,0 +1,30 @@
+package com.sunyard.chsm.param;
+
+import lombok.Data;
+
+/**
+ * @author liulu
+ * @since 2024/12/17
+ */
+@Data
+public class KeyInfoQuery {
+
+    /**
+     * 当前页
+     */
+    private int pageNumber = 1;
+    /**
+     * 每页大小
+     */
+    private int pageSize = 10;
+    /**
+     * 密钥状态
+     */
+    private String status;
+    /**
+     * 密钥类型: sym_key 对称密钥, asym_key 非对称密钥
+     */
+    private String keyType;
+
+
+}

chsm-params/src/main/java/com/sunyard/chsm/param/KeyInfoResp.java

@@ -0,0 +1,56 @@
+package com.sunyard.chsm.param;
+
+import lombok.Data;
+
+import java.time.LocalDateTime;
+import java.util.List;
+
+/**
+ * @author liulu
+ * @since 2024/12/17
+ */
+@Data
+public class KeyInfoResp {
+
+    /**
+     * 密钥ID
+     */
+    private String KeyId;
+    /**
+     * 密钥算法
+     */
+    private String keyAlg;
+    /**
+     * 密钥类型
+     */
+    private String keyType;
+    private String keyTypeText;
+    /**
+     * 密钥用途
+     */
+    private List<String> keyUsages;
+    private String keyUsageText;
+    /**
+     * 校验算法
+     */
+    private String checkAlg;
+    /**
+     * 校验值
+     */
+    private String checkValue;
+    /**
+     * 密钥状态
+     */
+    private String status;
+    private String statusText;
+    /**
+     * 生效时间
+     */
+    private LocalDateTime effectiveTime;
+    /**
+     * 过期时间
+     */
+    private LocalDateTime expiredTime;
+    private LocalDateTime createTime;
+
+}

chsm-params/src/main/java/com/sunyard/chsm/param/KeyManageReq.java

@@ -0,0 +1,22 @@
+package com.sunyard.chsm.param;
+
+import lombok.Data;
+
+import javax.validation.constraints.NotNull;
+import javax.validation.constraints.Size;
+import java.util.List;
+
+/**
+ * @author liulu
+ * @since 2024/12/17
+ */
+@Data
+public class KeyManageReq {
+
+    /**
+     * 密钥id列表
+     */
+    @Size(min = 1, max = 100, message = "密钥id列表长度在1-100之间")
+    @NotNull(message = "密钥id列表不能为空")
+    private List<Long> ids;
+}

chsm-params/src/main/java/com/sunyard/chsm/param/KeyUpdateReq.java

@@ -0,0 +1,28 @@
+package com.sunyard.chsm.param;
+
+import lombok.Data;
+
+import javax.validation.constraints.NotNull;
+import javax.validation.constraints.Size;
+import java.time.LocalDate;
+import java.util.List;
+
+/**
+ * @author liulu
+ * @since 2024/12/17
+ */
+@Data
+public class KeyUpdateReq {
+
+    /**
+     * 密钥id列表
+     */
+    @Size(min = 1, max = 100, message = "密钥id列表长度在1-100之间")
+    @NotNull(message = "密钥id列表不能为空")
+    private List<Long> ids;
+
+    /**
+     * 新密钥生效时间 yyyy-MM-dd
+     */
+    private LocalDate effectiveTime;
+}

chsm-web-manage/src/main/java/com/sunyard/config/WebConfig.java

@@ -1,7 +1,6 @@
 package com.sunyard.config;
 
 import com.fasterxml.jackson.annotation.JsonInclude;
-import com.fasterxml.jackson.databind.ser.std.ToStringSerializer;
 import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;
 import com.fasterxml.jackson.datatype.jsr310.deser.LocalDateDeserializer;
 import com.fasterxml.jackson.datatype.jsr310.deser.LocalDateTimeDeserializer;
@@ -62,7 +61,6 @@ public class WebConfig {
             javaTimeModule.addDeserializer(LocalDate.class, new LocalDateDeserializer(DateFormat.DATE));
             javaTimeModule.addDeserializer(LocalDateTime.class, new LocalDateTimeDeserializer(DateFormat.DATE_TIME));
             builder.modules(javaTimeModule);
-            builder.serializerByType(Long.class, ToStringSerializer.instance);
             builder.serializationInclusion(JsonInclude.Include.NON_NULL);
             builder.failOnUnknownProperties(false);
         };

chsm-web-server/pom.xml

@@ -19,21 +19,6 @@
 
 
     <dependencies>
-
-        <!-- JUnit 5 API （仅单元测试使用）-->
-        <dependency>
-            <groupId>org.junit.jupiter</groupId>
-            <artifactId>junit-jupiter-api</artifactId>
-            <version>5.8.0</version>
-            <scope>test</scope>
-        </dependency>
-        <!-- Spring Boot Test （仅单元测试使用） -->
-        <dependency>
-            <groupId>org.springframework.boot</groupId>
-            <artifactId>spring-boot-starter-test</artifactId>
-            <scope>test</scope>
-        </dependency>
-
         <dependency>
             <groupId>com.sunyard.chsm</groupId>
             <artifactId>chsm-common</artifactId>
@@ -54,6 +39,13 @@
             <groupId>io.jsonwebtoken</groupId>
             <artifactId>jjwt</artifactId>
         </dependency>
+
+        <!-- Spring Boot Test （仅单元测试使用） -->
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-test</artifactId>
+            <scope>test</scope>
+        </dependency>
     </dependencies>
 
     <build>

chsm-web-server/src/main/java/com/sunyard/chsm/auth/UserContext.java

@@ -17,5 +17,9 @@ public class UserContext {
         return (AppUser) requestAttributes.getAttribute(ATTRIBUTE_APP_USER, RequestAttributes.SCOPE_REQUEST);
     }
 
+    public static Long getCurrentAppId() {
+        return getCurrentUser().getAppId();
+    }
+
 
 }

chsm-web-server/src/main/java/com/sunyard/chsm/controller/KeyManageController.java

@@ -1,17 +1,23 @@
 package com.sunyard.chsm.controller;
 
+import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import com.sunyard.chsm.auth.AuthCode;
 import com.sunyard.chsm.constant.AuthCodeConst;
 import com.sunyard.chsm.model.R;
-import com.sunyard.chsm.model.dto.KeyInfoDTO;
-import com.sunyard.chsm.service.KeyInfoService;
-import org.springframework.validation.annotation.Validated;
+import com.sunyard.chsm.param.KeyCreateReq;
+import com.sunyard.chsm.param.KeyInfoQuery;
+import com.sunyard.chsm.param.KeyInfoResp;
+import com.sunyard.chsm.param.KeyManageReq;
+import com.sunyard.chsm.param.KeyUpdateReq;
+import com.sunyard.chsm.service.KeyManageService;
+import org.springframework.util.Assert;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
 import javax.annotation.Resource;
+import javax.validation.Valid;
 
 /**
  * 密钥管理类接口
@@ -20,22 +26,106 @@ import javax.annotation.Resource;
  * @since 2024/12/6
  */
 @RestController
-@RequestMapping("/key/manage")
+@RequestMapping("/key")
 public class KeyManageController {
 
     @Resource
-    private KeyInfoService keyInfoService;
+    private KeyManageService keyManageService;
+
+    /**
+     * 查询密钥列表
+     *
+     * @param query 查询条件
+     * @return 分页列表
+     */
+    @PostMapping("/pageList")
+    public R<Page<KeyInfoResp>> queryPageList(@RequestBody KeyInfoQuery query) {
+        Page<KeyInfoResp> page = keyManageService.queryPageList(query);
+        return R.data(page);
+    }
+
+    /**
+     * 查询密钥详情
+     *
+     * @param id 查询条件
+     * @return 分页列表
+     */
+    @PostMapping("/info")
+    public R<KeyInfoResp> queryInfo(Long id) {
+        Assert.notNull(id, "密钥id不能为空");
+        KeyInfoResp resp = keyManageService.queryInfo(id);
+        return R.data(resp);
+    }
+
+    /**
+     * 创建密钥
+     *
+     * @return id
+     */
+    @PostMapping("/gen")
+    public R<Long> save(@Valid @RequestBody KeyCreateReq req) {
+        Long id = keyManageService.create(req);
+        return R.data(id);
+    }
+
+    /**
+     * 更新密钥
+     *
+     * @param req 参数
+     * @return id
+     */
+    @PostMapping("/update")
+    public R<Void> update(@Valid @RequestBody KeyUpdateReq req) {
+        keyManageService.update(req);
+        return R.ok();
+    }
 
     /**
      * 启用密钥
      *
-     * @param param 密钥id
+     * @param req 密钥ids
      * @return id
      */
     @PostMapping("/enable")
     @AuthCode(AuthCodeConst.key_enable)
-    public R<Void> enableKey(@Validated @RequestBody KeyInfoDTO.IDs param) {
-        keyInfoService.enableKey(param.getIds());
+    public R<Void> enableKey(@Valid @RequestBody KeyManageReq req) {
+        keyManageService.enableKey(req.getIds());
+        return R.ok();
+    }
+
+    /**
+     * 停用密钥
+     *
+     * @param req 密钥id
+     * @return id
+     */
+    @PostMapping("/disable")
+    public R<Void> disableKey(@Valid @RequestBody KeyManageReq req) {
+        keyManageService.disableKey(req.getIds());
+        return R.ok();
+    }
+
+    /**
+     * 归档密钥
+     *
+     * @param req 密钥id
+     * @return id
+     */
+    @PostMapping("/archive")
+    public R<Void> archiveKey(@Valid @RequestBody KeyManageReq req) {
+        keyManageService.archiveKey(req.getIds());
+        return R.ok();
+    }
+
+    /**
+     * 销毁密钥
+     *
+     * @param req 密钥id
+     * @return id
+     */
+    @PostMapping("/destroy")
+    public R<Void> destroyKey(@Valid @RequestBody KeyManageReq req) {
+        keyManageService.destroyKey(req.getIds());
         return R.ok();
     }
 

chsm-web-server/src/main/java/com/sunyard/chsm/service/KeyManageService.java

@@ -1,8 +1,121 @@
 package com.sunyard.chsm.service;
 
+import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
+import com.sunyard.chsm.auth.AppUser;
+import com.sunyard.chsm.auth.UserContext;
+import com.sunyard.chsm.mapper.KeyInfoMapper;
+import com.sunyard.chsm.model.dto.KeyInfoDTO;
+import com.sunyard.chsm.model.entity.KeyInfo;
+import com.sunyard.chsm.param.KeyCreateReq;
+import com.sunyard.chsm.param.KeyInfoQuery;
+import com.sunyard.chsm.param.KeyInfoResp;
+import com.sunyard.chsm.param.KeyUpdateReq;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.BeanUtils;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+import org.springframework.util.Assert;
+import org.springframework.util.CollectionUtils;
+import org.springframework.util.ObjectUtils;
+
+import javax.annotation.Resource;
+import java.util.Collections;
+import java.util.List;
+import java.util.Objects;
+import java.util.stream.Collectors;
+
 /**
  * @author liulu
  * @since 2024/12/16
  */
-public interface KeyManageService {
+@Slf4j
+@Service
+@Transactional
+public class KeyManageService {
+
+    @Resource
+    private KeyInfoMapper keyInfoMapper;
+    @Resource
+    private KeyInfoService keyInfoService;
+
+    public Page<KeyInfoResp> queryPageList(KeyInfoQuery query) {
+        KeyInfoDTO.Query nq = new KeyInfoDTO.Query();
+        BeanUtils.copyProperties(query, nq);
+        nq.setAppId(UserContext.getCurrentAppId());
+        Page<KeyInfoDTO.KeyView> page = keyInfoService.selectPageList(nq);
+        List<KeyInfoDTO.KeyView> records = page.getRecords();
+        if (CollectionUtils.isEmpty(records)) {
+            return new Page<>(page.getCurrent(), page.getSize(), page.getTotal());
+        }
+        List<KeyInfoResp> viewList = records.stream()
+                .map(it -> {
+                    KeyInfoResp resp = new KeyInfoResp();
+                    BeanUtils.copyProperties(it, resp);
+                    resp.setKeyId(it.getCode());
+                    return resp;
+                })
+                .collect(Collectors.toList());
+
+        return new Page<KeyInfoResp>(page.getCurrent(), page.getSize(), page.getTotal()).setRecords(viewList);
+    }
+
+    public KeyInfoResp queryInfo(Long id) {
+        checkIds(Collections.singletonList(id));
+        KeyInfoDTO.KeyView view = keyInfoService.selectById(id);
+        KeyInfoResp resp = new KeyInfoResp();
+        BeanUtils.copyProperties(view, resp);
+        resp.setKeyId(view.getCode());
+        return resp;
+    }
+
+    public Long create(KeyCreateReq req) {
+        KeyInfoDTO.KeySave save = new KeyInfoDTO.KeySave();
+        save.setApplicationId(UserContext.getCurrentAppId());
+        save.setKeyTemplateCode(req.getKeyTemplateCode());
+        save.setGenNumber(req.getGenNumber());
+        return keyInfoService.save(save);
+    }
+
+
+    public void update(KeyUpdateReq req) {
+        Assert.notNull(req.getEffectiveTime(), "新密钥生效时间不能为空");
+        checkIds(req.getIds());
+        KeyInfoDTO.KeyUpdate update = new KeyInfoDTO.KeyUpdate();
+        update.setIds(req.getIds());
+        update.setEffectiveTime(req.getEffectiveTime());
+        keyInfoService.update(update);
+    }
+
+    public void enableKey(List<Long> ids) {
+        checkIds(ids);
+        keyInfoService.enableKey(ids);
+    }
+
+    public void disableKey(List<Long> ids) {
+        checkIds(ids);
+        keyInfoService.disableKey(ids);
+    }
+
+    public void archiveKey(List<Long> ids) {
+        checkIds(ids);
+        keyInfoService.archiveKey(ids);
+    }
+
+    public void destroyKey(List<Long> ids) {
+        checkIds(ids);
+        keyInfoService.destroyKey(ids);
+    }
+
+
+    private void checkIds(List<Long> ids) {
+        AppUser appUser = UserContext.getCurrentUser();
+        List<KeyInfo> keyInfos = keyInfoMapper.selectBatchIds(ids);
+        Assert.notEmpty(keyInfos, "密钥ID不正确");
+        String msg = keyInfos.stream()
+                .filter(it -> !Objects.equals(it.getApplicationId(), appUser.getAppId()))
+                .map(KeyInfo::getCode)
+                .collect(Collectors.joining(", "));
+        Assert.isTrue(ObjectUtils.isEmpty(msg), "密钥ID:" + msg + "不属于当前应用, 无权操作");
+    }
+
 }

chsm-web-server/src/main/java/com/sunyard/chsm/service/impl/KeyManageServiceImpl.java

@@ -1,16 +0,0 @@
-package com.sunyard.chsm.service.impl;
-
-import com.sunyard.chsm.service.KeyManageService;
-import lombok.extern.slf4j.Slf4j;
-import org.springframework.stereotype.Service;
-import org.springframework.transaction.annotation.Transactional;
-
-/**
- * @author liulu
- * @since 2024/12/16
- */
-@Slf4j
-@Service
-@Transactional
-public class KeyManageServiceImpl implements KeyManageService {
-}

chsm-web-server/src/test/java/sdf/SdfApiAdapterTest.java

@@ -1,4 +1,4 @@
-package com.sunyard.chsm.sdf;
+package sdf;
 
 import com.sunyard.chsm.enums.ManufacturerModelEnum;
 import com.sunyard.chsm.sdf.adapter.SdfApiAdapter;

pom.xml

@@ -37,9 +37,11 @@
             <artifactId>lombok</artifactId>
             <scope>provided</scope>
         </dependency>
+        <!-- JUnit 5 API （仅单元测试使用）-->
         <dependency>
-            <groupId>junit</groupId>
-            <artifactId>junit</artifactId>
+            <groupId>org.junit.jupiter</groupId>
+            <artifactId>junit-jupiter-api</artifactId>
+            <version>5.8.0</version>
             <scope>test</scope>
         </dependency>
     </dependencies>