密钥管理

chsm-web-manage/src/main/java/com/sunyard/chsm/controller/KeyInfoAsymController.java

@@ -63,7 +63,7 @@ public class KeyInfoAsymController {
         );
         // 设置下载响应的 headers
         HttpHeaders headers = new HttpHeaders();
-        headers.add(HttpHeaders.CONTENT_DISPOSITION, "attachment; filename=\"" + fileName + "\"");
+        headers.add(HttpHeaders.CONTENT_DISPOSITION, "attachment; filename=\"" + fileName + ".txt\"");
 
         // 返回带文件内容的响应
         return ResponseEntity.ok()

chsm-web-manage/src/main/java/com/sunyard/chsm/controller/KeyInfoSymController.java

@@ -65,7 +65,7 @@ public class KeyInfoSymController {
         );
         // 设置下载响应的 headers
         HttpHeaders headers = new HttpHeaders();
-        headers.add(HttpHeaders.CONTENT_DISPOSITION, "attachment; filename=\"" + fileName + "\"");
+        headers.add(HttpHeaders.CONTENT_DISPOSITION, "attachment; filename=\"" + fileName + ".txt\"");
 
         // 返回带文件内容的响应
         return ResponseEntity.ok()

chsm-web-manage/src/main/java/com/sunyard/chsm/dto/KeyInfoDTO.java

@@ -6,8 +6,8 @@ import lombok.Data;
 import lombok.EqualsAndHashCode;
 
 import javax.validation.constraints.Max;
-import javax.validation.constraints.NotEmpty;
 import javax.validation.constraints.NotNull;
+import javax.validation.constraints.Size;
 import java.time.LocalDate;
 import java.time.LocalDateTime;
 import java.util.List;
@@ -81,19 +81,16 @@ public abstract class KeyInfoDTO {
         /**
          * 密钥id列表
          */
-        @NotEmpty(message = "密钥id列表不能为空")
+        @Size(min = 1, max = 100,message = "密钥id列表长度在1-100之间")
+        @NotNull(message = "密钥id列表不能为空")
         private List<Long> ids;
 
 
     }
 
+    @EqualsAndHashCode(callSuper = true)
     @Data
-    public static class KeyUpdate {
-        /**
-         * 密钥id列表
-         */
-        @NotEmpty(message = "密钥id列表不能为空")
-        private List<Long> ids;
+    public static class KeyUpdate extends IDs{
         /**
          * 新密钥生效时间 yyyy-MM-dd
          */

chsm-web-manage/src/main/java/com/sunyard/chsm/service/impl/KeyInfoServiceImpl.java

@@ -297,7 +297,7 @@ public class KeyInfoServiceImpl implements KeyInfoService {
                         .gt(KeyInfo::getCreateTime, LocalDateTime.of(backup.getStartTime(), LocalTime.MIN))
                         .lt(KeyInfo::getCreateTime, LocalDateTime.of(backup.getEndTime(), LocalTime.MAX))
         );
-
+        Assert.isTrue(!CollectionUtils.isEmpty(keyInfos), "所选日期范围内,没有数据");
         StringBuilder builder = new StringBuilder();
         for (KeyInfo keyInfo : keyInfos) {
             List<KeyRecord> records = spKeyRecordMapper.selectList(
@@ -305,7 +305,7 @@ public class KeyInfoServiceImpl implements KeyInfoService {
                             .eq(KeyRecord::getKeyId, keyInfo.getId())
             );
             keyInfo.setRecords(records);
-            builder.append(JsonUtils.toJsonString(records)).append(System.lineSeparator());
+            builder.append(Hex.toHexString(JsonUtils.toJsonBytes(keyInfo))).append(System.lineSeparator());
         }
         return builder.toString().getBytes(StandardCharsets.UTF_8);
     }
@@ -327,7 +327,7 @@ public class KeyInfoServiceImpl implements KeyInfoService {
                 }
                 count++;
                 try {
-                    KeyInfo info = JsonUtils.parse(line, KeyInfo.class);
+                    KeyInfo info = JsonUtils.parse(Hex.decode(line), KeyInfo.class);
                     KeyInfo exist = keyInfoMapper.selectById(info.getId());
                     if (exist != null) {
                         exd++;
@@ -338,9 +338,12 @@ public class KeyInfoServiceImpl implements KeyInfoService {
                                     .eq(KeyRecord::getKeyId, info.getId())
                     );
                     keyInfoMapper.insert(info);
-                    info.getRecords().forEach(spKeyRecordMapper::insert);
+                    if (!CollectionUtils.isEmpty(info.getRecords())) {
+                        info.getRecords().forEach(spKeyRecordMapper::insert);
+                    }
                     suc++;
                 } catch (Exception ex) {
+                    log.error("解析恢复密钥失败, {}", line, ex);
                     err++;
                 }
             }
@@ -476,8 +479,11 @@ public class KeyInfoServiceImpl implements KeyInfoService {
             log.warn("archiveKey no exist key with ids: {}", ids.stream().map(String::valueOf).collect(Collectors.joining(",")));
             return;
         }
+        LocalDateTime now = LocalDateTime.now();
         List<String> unNormalCodes = keyInfos.stream()
-                .filter(it -> !Objects.equals(KeyStatus.DISABLED.getCode(), it.getStatus()))
+                .filter(it -> !(Objects.equals(KeyStatus.DISABLED.getCode(), it.getStatus())
+                        || (Objects.equals(KeyStatus.ENABLED.getCode(), it.getStatus()) && it.getExpiredTime().isBefore(now)))
+                )
                 .map(KeyInfo::getCode)
                 .collect(Collectors.toList());
         Assert.isTrue(CollectionUtils.isEmpty(unNormalCodes),

chsm-web-manage/src/main/resources/application.yml

@@ -16,9 +16,19 @@ spring:
     username: SUNYARD
     # Jasypt加密 可到common-utils中找到JasyptUtil加解密工具类生成加密结果 格式为ENC(加密结果)
     password: 123456
+    hikari:
+      minimum-idle: 3
+      maximum-pool-size: 10
+      idle-timeout: 600000           # 空闲连接的最大等待时间，单位为毫秒 (10 分钟)
+      max-lifetime: 1800000          # 连接池中连接的最大存活时间，单位为毫秒 (30 分钟)
+      connection-timeout: 30000      # 获取连接的超时时间，单位为毫秒 (30 秒)
+      leak-detection-threshold: 2000 # 连接泄漏检测阈值，单位为毫秒 (2 秒)
+      # 连接测试配置，确保连接有效性
+      connection-test-query: SELECT 1
+      validation-timeout: 5000       # 验证连接的超时时间，单位为毫秒 (5 秒)
   redis:
     #是否开启集群 false 不开启集群 , true 开启集群
-    isJq: ${solo_switch:false}
+    isJq: false
     host: 172.16.17.163
     port: 6379
     password: sunyard2