Sunyard/chsm-server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

初始化主密钥

Browse Source
This commit is contained in:
liulu 2024-11-11 14:14:32 +08:00
parent 4ae46ed32d
commit c18cfda28b
5 changed files with 55 additions and 55 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
chsm-common/src/main/java/com/sunyard/chsm/sdf/BCSdfApiService.java
View File

@ -2,8 +2,7 @@ package com.sunyard.chsm.sdf;
import com.sunyard.chsm.sdf.model.EccKey;
import com.sunyard.chsm.sdf.model.EccPriKey;
import com.sunyard.chsm.sdf.model.EccPubKey;
import com.sunyard.chsm.sdf.util.LangUtils;
import com.sunyard.chsm.utils.gm.BCSM2Utils;
import com.sunyard.chsm.utils.gm.BCSM3Utils;
import lombok.SneakyThrows;
@ -43,8 +42,7 @@ public class BCSdfApiService implements SdfApiService {
byte[] x = pubKey.getQ().getXCoord().getEncoded();
byte[] y = pubKey.getQ().getYCoord().getEncoded();
byte[] d = BigIntegers.asUnsignedByteArray(32, priKey.getD());
return new EccKey(new EccPubKey(256, x, y), new EccPriKey(256, d));
return new EccKey(LangUtils.merge(x, y), d);
}

4
chsm-common/src/main/java/com/sunyard/chsm/sdf/adapter/BcSdfApiAdaptor.java
View File

@ -31,7 +31,7 @@ public class BcSdfApiAdaptor implements SdfApiAdapter {
deviceInfo = new DeviceInfo();
deviceInfo.setIssuerName("BC");
deviceInfo.setDeviceName("BC-3000");
deviceInfo.setDeviceSerial("BC00202411051037");
deviceInfo.setDeviceSerial("BC202411051037");
deviceInfo.setDeviceVersion(1);
deviceInfo.setStandardVersion(1);
deviceInfo.setAsymAlgAbility(new long[]{7493065891348563935L, 3000543215027029126L});
@ -116,7 +116,7 @@ public class BcSdfApiAdaptor implements SdfApiAdapter {
byte[] encrypt = BCSM2Utils.encrypt(parameters, pucData);
return Arrays.copyOfRange(encrypt, 1, encrypt.length);
} catch (InvalidCipherTextException e) {
throw new RuntimeException(e);
throw new IllegalArgumentException(e);
}
}

5
chsm-web-manage/src/main/java/com/sunyard/chsm/controller/TmkController.java
View File

@ -1,5 +1,6 @@
package com.sunyard.chsm.controller;
import com.sunyard.chsm.model.R;
import com.sunyard.chsm.service.DeviceService;
import lombok.extern.slf4j.Slf4j;
import org.springframework.web.bind.annotation.PostMapping;
@ -26,9 +27,9 @@ public class TmkController {
* 初始化主密钥
*/
@PostMapping("/init")
public void initTmk() {
public R<Void> initTmk() {
deviceService.initTmk();
return R.ok();
}

90
chsm-web-manage/src/main/java/com/sunyard/chsm/service/impl/DeviceServiceImpl.java
View File

@ -12,10 +12,6 @@ import com.sunyard.chsm.mapper.TmkInfoMapper;
import com.sunyard.chsm.model.entity.Device;
import com.sunyard.chsm.model.entity.TmkInfo;
import com.sunyard.chsm.sdf.adapter.BcSdfApiAdaptor;
import com.sunyard.chsm.sdf.adapter.SdfApiAdapter;
import com.sunyard.chsm.sdf.adapter.SdfApiAdapterFactory;
import com.sunyard.chsm.sdf.context.DeviceContext;
import com.sunyard.chsm.sdf.model.DeviceInfo;
import com.sunyard.chsm.service.DeviceService;
import com.sunyard.ssp.modules.sysconf.paramconf.entity.ParamConf;
import com.sunyard.ssp.modules.sysconf.paramconf.mapper.ParamConfMapper;
@ -189,10 +185,10 @@ public class DeviceServiceImpl implements DeviceService {
public void initTmk() {
ParamConf tmkInit = paramConfMapper.selectByKey("tmk_init");
Assert.isTrue(tmkInit == null || !"true".equals(tmkInit.getValue()), "主密钥已经初始化");
List<Device> conned = spDeviceMapper.selectConnedList();
// List<Device> conned = spDeviceMapper.selectConnedList();
//
LocalDateTime now = LocalDateTime.now();
if (CollectionUtils.isEmpty(conned)) {
// if (CollectionUtils.isEmpty(conned)) {
//
BcSdfApiAdaptor sdfApi = new BcSdfApiAdaptor();
byte[] sk = sdfApi.generateRandom("", 16);
@ -207,46 +203,52 @@ public class DeviceServiceImpl implements DeviceService {
info.setEncTmk(Hex.toHexString(encSk));
info.setPubKey(Hex.toHexString(publicKey));
tmkInfoMapper.insert(info);
return;
}
Device device = conned.iterator().next();
DeviceContext context = new DeviceContext();
context.setManufacturer(device.getManufacturer());
context.setManufacturerModel(device.getManufacturerModel());
context.setServiceIp(device.getServiceIp());
context.setServicePort(device.getServicePort());
SdfApiAdapter sdfApi = SdfApiAdapterFactory.newInstance(context);
String dh = sdfApi.openDevice();
String sh = sdfApi.openSession(dh);
DeviceInfo deviceInfo = sdfApi.getDeviceInfo(sh);
byte[] sk = sdfApi.generateRandom(sh, 16);
byte[] publicKey = sdfApi.exportEncPublicKeyECC(sh, 1);
byte[] encSk = sdfApi.externalEncryptECC(sh, publicKey, sk);
TmkInfo info = new TmkInfo();
info.setId(IdWorker.getId());
info.setCreateTime(now);
info.setDeviceSerial(deviceInfo.getDeviceSerial());
info.setEncTmk(Hex.toHexString(encSk));
info.setPubKey(Hex.toHexString(publicKey));
tmkInfoMapper.insert(info);
// return;
// }
// Device device = conned.iterator().next();
//
// DeviceContext context = new DeviceContext();
// context.setManufacturer(device.getManufacturer());
// context.setManufacturerModel(device.getManufacturerModel());
// context.setServiceIp(device.getServiceIp());
// context.setServicePort(device.getServicePort());
// SdfApiAdapter sdfApi = SdfApiAdapterFactory.newInstance(context);
// String dh = sdfApi.openDevice();
// String sh = sdfApi.openSession(dh);
// DeviceInfo deviceInfo = sdfApi.getDeviceInfo(sh);
//
// byte[] sk = sdfApi.generateRandom(sh, 16);
// byte[] publicKey = sdfApi.exportEncPublicKeyECC(sh, 1);
// byte[] encSk = sdfApi.externalEncryptECC(sh, publicKey, sk);
//
// TmkInfo info = new TmkInfo();
// info.setId(IdWorker.getId());
// info.setCreateTime(now);
// info.setDeviceSerial(deviceInfo.getDeviceSerial());
// info.setEncTmk(Hex.toHexString(encSk));
// info.setPubKey(Hex.toHexString(publicKey));
// tmkInfoMapper.insert(info);
//
BcSdfApiAdaptor bcApi = new BcSdfApiAdaptor();
byte[] bcPubK = bcApi.exportEncPublicKeyECC("", 1);
byte[] bcEncSk = sdfApi.exchangeDigitEnvelopeBaseOnECC(sh, 1, bcPubK, encSk);
// BcSdfApiAdaptor bcApi = new BcSdfApiAdaptor();
// byte[] bcPubK = bcApi.exportEncPublicKeyECC("", 1);
// byte[] bcEncSk = sdfApi.exchangeDigitEnvelopeBaseOnECC(sh, 1, bcPubK, encSk);
//
// TmkInfo bcinfo = new TmkInfo();
// bcinfo.setId(IdWorker.getId());
// bcinfo.setCreateTime(now);
// bcinfo.setDeviceSerial(bcApi.getDeviceInfo("").getDeviceSerial());
// bcinfo.setEncTmk(Hex.toHexString(bcEncSk));
// bcinfo.setPubKey(Hex.toHexString(bcPubK));
// tmkInfoMapper.insert(bcinfo);
// sdfApi.closeSession(sh);
// sdfApi.closeDevice(dh);
TmkInfo bcinfo = new TmkInfo();
bcinfo.setId(IdWorker.getId());
bcinfo.setCreateTime(now);
bcinfo.setDeviceSerial(bcApi.getDeviceInfo("").getDeviceSerial());
bcinfo.setEncTmk(Hex.toHexString(bcEncSk));
bcinfo.setPubKey(Hex.toHexString(bcPubK));
tmkInfoMapper.insert(bcinfo);
sdfApi.closeSession(sh);
sdfApi.closeDevice(dh);
ParamConf conf = new ParamConf();
conf.setKey("tmk_init");
conf.setValue("true");
conf.setCreatTime(LocalDateTime.now());
paramConfMapper.insert(conf);
}
private void checkName(String name) {

5
chsm-web-manage/src/main/java/com/sunyard/chsm/task/DeviceTask.java
View File

@ -9,7 +9,6 @@ import com.sunyard.chsm.sdf.adapter.SdfApiAdapter;
import com.sunyard.chsm.sdf.adapter.SdfApiAdapterFactory;
import com.sunyard.chsm.sdf.context.DeviceContext;
import com.sunyard.chsm.sdf.model.DeviceInfo;
import com.sunyard.chsm.sdf.model.EccPubKey;
import lombok.extern.slf4j.Slf4j;
import org.bouncycastle.util.encoders.Hex;
import org.springframework.beans.factory.InitializingBean;
@ -65,8 +64,8 @@ public class DeviceTask implements InitializingBean {
String sh = sdfApiAdapter.openSession(dh);
DeviceInfo info = sdfApiAdapter.getDeviceInfo(sh);
log.info("get DeviceInfo: {}", info);
EccPubKey eccPubKey = sdfApiAdapter.exportEncPublicKeyECC(sh, 2);
log.info("exportEncPublicKeyECC: {}", Hex.toHexString(eccPubKey.getPubKeyBytes()));
byte[] eccPubKey = sdfApiAdapter.exportEncPublicKeyECC(sh, 2);
log.info("exportEncPublicKeyECC: {}", Hex.toHexString(eccPubKey));
sdfApiAdapter.closeSession(sh);
sdfApiAdapter.closeDevice(dh);
connected = true;