初始化主密钥

This commit is contained in:
liulu 2024-11-11 14:14:32 +08:00
parent 4ae46ed32d
commit c18cfda28b
5 changed files with 55 additions and 55 deletions

View File

@ -2,8 +2,7 @@ package com.sunyard.chsm.sdf;
import com.sunyard.chsm.sdf.model.EccKey; import com.sunyard.chsm.sdf.model.EccKey;
import com.sunyard.chsm.sdf.model.EccPriKey; import com.sunyard.chsm.sdf.util.LangUtils;
import com.sunyard.chsm.sdf.model.EccPubKey;
import com.sunyard.chsm.utils.gm.BCSM2Utils; import com.sunyard.chsm.utils.gm.BCSM2Utils;
import com.sunyard.chsm.utils.gm.BCSM3Utils; import com.sunyard.chsm.utils.gm.BCSM3Utils;
import lombok.SneakyThrows; import lombok.SneakyThrows;
@ -43,8 +42,7 @@ public class BCSdfApiService implements SdfApiService {
byte[] x = pubKey.getQ().getXCoord().getEncoded(); byte[] x = pubKey.getQ().getXCoord().getEncoded();
byte[] y = pubKey.getQ().getYCoord().getEncoded(); byte[] y = pubKey.getQ().getYCoord().getEncoded();
byte[] d = BigIntegers.asUnsignedByteArray(32, priKey.getD()); byte[] d = BigIntegers.asUnsignedByteArray(32, priKey.getD());
return new EccKey(LangUtils.merge(x, y), d);
return new EccKey(new EccPubKey(256, x, y), new EccPriKey(256, d));
} }

View File

@ -31,7 +31,7 @@ public class BcSdfApiAdaptor implements SdfApiAdapter {
deviceInfo = new DeviceInfo(); deviceInfo = new DeviceInfo();
deviceInfo.setIssuerName("BC"); deviceInfo.setIssuerName("BC");
deviceInfo.setDeviceName("BC-3000"); deviceInfo.setDeviceName("BC-3000");
deviceInfo.setDeviceSerial("BC00202411051037"); deviceInfo.setDeviceSerial("BC202411051037");
deviceInfo.setDeviceVersion(1); deviceInfo.setDeviceVersion(1);
deviceInfo.setStandardVersion(1); deviceInfo.setStandardVersion(1);
deviceInfo.setAsymAlgAbility(new long[]{7493065891348563935L, 3000543215027029126L}); deviceInfo.setAsymAlgAbility(new long[]{7493065891348563935L, 3000543215027029126L});
@ -116,7 +116,7 @@ public class BcSdfApiAdaptor implements SdfApiAdapter {
byte[] encrypt = BCSM2Utils.encrypt(parameters, pucData); byte[] encrypt = BCSM2Utils.encrypt(parameters, pucData);
return Arrays.copyOfRange(encrypt, 1, encrypt.length); return Arrays.copyOfRange(encrypt, 1, encrypt.length);
} catch (InvalidCipherTextException e) { } catch (InvalidCipherTextException e) {
throw new RuntimeException(e); throw new IllegalArgumentException(e);
} }
} }

View File

@ -1,5 +1,6 @@
package com.sunyard.chsm.controller; package com.sunyard.chsm.controller;
import com.sunyard.chsm.model.R;
import com.sunyard.chsm.service.DeviceService; import com.sunyard.chsm.service.DeviceService;
import lombok.extern.slf4j.Slf4j; import lombok.extern.slf4j.Slf4j;
import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.PostMapping;
@ -26,9 +27,9 @@ public class TmkController {
* 初始化主密钥 * 初始化主密钥
*/ */
@PostMapping("/init") @PostMapping("/init")
public void initTmk() { public R<Void> initTmk() {
deviceService.initTmk(); deviceService.initTmk();
return R.ok();
} }

View File

@ -12,10 +12,6 @@ import com.sunyard.chsm.mapper.TmkInfoMapper;
import com.sunyard.chsm.model.entity.Device; import com.sunyard.chsm.model.entity.Device;
import com.sunyard.chsm.model.entity.TmkInfo; import com.sunyard.chsm.model.entity.TmkInfo;
import com.sunyard.chsm.sdf.adapter.BcSdfApiAdaptor; import com.sunyard.chsm.sdf.adapter.BcSdfApiAdaptor;
import com.sunyard.chsm.sdf.adapter.SdfApiAdapter;
import com.sunyard.chsm.sdf.adapter.SdfApiAdapterFactory;
import com.sunyard.chsm.sdf.context.DeviceContext;
import com.sunyard.chsm.sdf.model.DeviceInfo;
import com.sunyard.chsm.service.DeviceService; import com.sunyard.chsm.service.DeviceService;
import com.sunyard.ssp.modules.sysconf.paramconf.entity.ParamConf; import com.sunyard.ssp.modules.sysconf.paramconf.entity.ParamConf;
import com.sunyard.ssp.modules.sysconf.paramconf.mapper.ParamConfMapper; import com.sunyard.ssp.modules.sysconf.paramconf.mapper.ParamConfMapper;
@ -189,10 +185,10 @@ public class DeviceServiceImpl implements DeviceService {
public void initTmk() { public void initTmk() {
ParamConf tmkInit = paramConfMapper.selectByKey("tmk_init"); ParamConf tmkInit = paramConfMapper.selectByKey("tmk_init");
Assert.isTrue(tmkInit == null || !"true".equals(tmkInit.getValue()), "主密钥已经初始化"); Assert.isTrue(tmkInit == null || !"true".equals(tmkInit.getValue()), "主密钥已经初始化");
List<Device> conned = spDeviceMapper.selectConnedList(); // List<Device> conned = spDeviceMapper.selectConnedList();
//
LocalDateTime now = LocalDateTime.now(); LocalDateTime now = LocalDateTime.now();
if (CollectionUtils.isEmpty(conned)) { // if (CollectionUtils.isEmpty(conned)) {
// //
BcSdfApiAdaptor sdfApi = new BcSdfApiAdaptor(); BcSdfApiAdaptor sdfApi = new BcSdfApiAdaptor();
byte[] sk = sdfApi.generateRandom("", 16); byte[] sk = sdfApi.generateRandom("", 16);
@ -207,46 +203,52 @@ public class DeviceServiceImpl implements DeviceService {
info.setEncTmk(Hex.toHexString(encSk)); info.setEncTmk(Hex.toHexString(encSk));
info.setPubKey(Hex.toHexString(publicKey)); info.setPubKey(Hex.toHexString(publicKey));
tmkInfoMapper.insert(info); tmkInfoMapper.insert(info);
return; // return;
} // }
Device device = conned.iterator().next(); // Device device = conned.iterator().next();
//
DeviceContext context = new DeviceContext(); // DeviceContext context = new DeviceContext();
context.setManufacturer(device.getManufacturer()); // context.setManufacturer(device.getManufacturer());
context.setManufacturerModel(device.getManufacturerModel()); // context.setManufacturerModel(device.getManufacturerModel());
context.setServiceIp(device.getServiceIp()); // context.setServiceIp(device.getServiceIp());
context.setServicePort(device.getServicePort()); // context.setServicePort(device.getServicePort());
SdfApiAdapter sdfApi = SdfApiAdapterFactory.newInstance(context); // SdfApiAdapter sdfApi = SdfApiAdapterFactory.newInstance(context);
String dh = sdfApi.openDevice(); // String dh = sdfApi.openDevice();
String sh = sdfApi.openSession(dh); // String sh = sdfApi.openSession(dh);
DeviceInfo deviceInfo = sdfApi.getDeviceInfo(sh); // DeviceInfo deviceInfo = sdfApi.getDeviceInfo(sh);
//
byte[] sk = sdfApi.generateRandom(sh, 16); // byte[] sk = sdfApi.generateRandom(sh, 16);
byte[] publicKey = sdfApi.exportEncPublicKeyECC(sh, 1); // byte[] publicKey = sdfApi.exportEncPublicKeyECC(sh, 1);
byte[] encSk = sdfApi.externalEncryptECC(sh, publicKey, sk); // byte[] encSk = sdfApi.externalEncryptECC(sh, publicKey, sk);
//
TmkInfo info = new TmkInfo(); // TmkInfo info = new TmkInfo();
info.setId(IdWorker.getId()); // info.setId(IdWorker.getId());
info.setCreateTime(now); // info.setCreateTime(now);
info.setDeviceSerial(deviceInfo.getDeviceSerial()); // info.setDeviceSerial(deviceInfo.getDeviceSerial());
info.setEncTmk(Hex.toHexString(encSk)); // info.setEncTmk(Hex.toHexString(encSk));
info.setPubKey(Hex.toHexString(publicKey)); // info.setPubKey(Hex.toHexString(publicKey));
tmkInfoMapper.insert(info); // tmkInfoMapper.insert(info);
// //
BcSdfApiAdaptor bcApi = new BcSdfApiAdaptor(); // BcSdfApiAdaptor bcApi = new BcSdfApiAdaptor();
byte[] bcPubK = bcApi.exportEncPublicKeyECC("", 1); // byte[] bcPubK = bcApi.exportEncPublicKeyECC("", 1);
byte[] bcEncSk = sdfApi.exchangeDigitEnvelopeBaseOnECC(sh, 1, bcPubK, encSk); // byte[] bcEncSk = sdfApi.exchangeDigitEnvelopeBaseOnECC(sh, 1, bcPubK, encSk);
//
// TmkInfo bcinfo = new TmkInfo();
// bcinfo.setId(IdWorker.getId());
// bcinfo.setCreateTime(now);
// bcinfo.setDeviceSerial(bcApi.getDeviceInfo("").getDeviceSerial());
// bcinfo.setEncTmk(Hex.toHexString(bcEncSk));
// bcinfo.setPubKey(Hex.toHexString(bcPubK));
// tmkInfoMapper.insert(bcinfo);
// sdfApi.closeSession(sh);
// sdfApi.closeDevice(dh);
TmkInfo bcinfo = new TmkInfo(); ParamConf conf = new ParamConf();
bcinfo.setId(IdWorker.getId()); conf.setKey("tmk_init");
bcinfo.setCreateTime(now); conf.setValue("true");
bcinfo.setDeviceSerial(bcApi.getDeviceInfo("").getDeviceSerial()); conf.setCreatTime(LocalDateTime.now());
bcinfo.setEncTmk(Hex.toHexString(bcEncSk)); paramConfMapper.insert(conf);
bcinfo.setPubKey(Hex.toHexString(bcPubK));
tmkInfoMapper.insert(bcinfo);
sdfApi.closeSession(sh);
sdfApi.closeDevice(dh);
} }
private void checkName(String name) { private void checkName(String name) {

View File

@ -9,7 +9,6 @@ import com.sunyard.chsm.sdf.adapter.SdfApiAdapter;
import com.sunyard.chsm.sdf.adapter.SdfApiAdapterFactory; import com.sunyard.chsm.sdf.adapter.SdfApiAdapterFactory;
import com.sunyard.chsm.sdf.context.DeviceContext; import com.sunyard.chsm.sdf.context.DeviceContext;
import com.sunyard.chsm.sdf.model.DeviceInfo; import com.sunyard.chsm.sdf.model.DeviceInfo;
import com.sunyard.chsm.sdf.model.EccPubKey;
import lombok.extern.slf4j.Slf4j; import lombok.extern.slf4j.Slf4j;
import org.bouncycastle.util.encoders.Hex; import org.bouncycastle.util.encoders.Hex;
import org.springframework.beans.factory.InitializingBean; import org.springframework.beans.factory.InitializingBean;
@ -65,8 +64,8 @@ public class DeviceTask implements InitializingBean {
String sh = sdfApiAdapter.openSession(dh); String sh = sdfApiAdapter.openSession(dh);
DeviceInfo info = sdfApiAdapter.getDeviceInfo(sh); DeviceInfo info = sdfApiAdapter.getDeviceInfo(sh);
log.info("get DeviceInfo: {}", info); log.info("get DeviceInfo: {}", info);
EccPubKey eccPubKey = sdfApiAdapter.exportEncPublicKeyECC(sh, 2); byte[] eccPubKey = sdfApiAdapter.exportEncPublicKeyECC(sh, 2);
log.info("exportEncPublicKeyECC: {}", Hex.toHexString(eccPubKey.getPubKeyBytes())); log.info("exportEncPublicKeyECC: {}", Hex.toHexString(eccPubKey));
sdfApiAdapter.closeSession(sh); sdfApiAdapter.closeSession(sh);
sdfApiAdapter.closeDevice(dh); sdfApiAdapter.closeDevice(dh);
connected = true; connected = true;