密钥管理

This commit is contained in:
liulu 2024-11-01 11:14:04 +08:00
parent 8b49400e08
commit d8be35ed68
5 changed files with 29 additions and 16 deletions

View File

@ -63,7 +63,7 @@ public class KeyInfoAsymController {
); );
// 设置下载响应的 headers // 设置下载响应的 headers
HttpHeaders headers = new HttpHeaders(); HttpHeaders headers = new HttpHeaders();
headers.add(HttpHeaders.CONTENT_DISPOSITION, "attachment; filename=\"" + fileName + "\""); headers.add(HttpHeaders.CONTENT_DISPOSITION, "attachment; filename=\"" + fileName + ".txt\"");
// 返回带文件内容的响应 // 返回带文件内容的响应
return ResponseEntity.ok() return ResponseEntity.ok()

View File

@ -65,7 +65,7 @@ public class KeyInfoSymController {
); );
// 设置下载响应的 headers // 设置下载响应的 headers
HttpHeaders headers = new HttpHeaders(); HttpHeaders headers = new HttpHeaders();
headers.add(HttpHeaders.CONTENT_DISPOSITION, "attachment; filename=\"" + fileName + "\""); headers.add(HttpHeaders.CONTENT_DISPOSITION, "attachment; filename=\"" + fileName + ".txt\"");
// 返回带文件内容的响应 // 返回带文件内容的响应
return ResponseEntity.ok() return ResponseEntity.ok()

View File

@ -6,8 +6,8 @@ import lombok.Data;
import lombok.EqualsAndHashCode; import lombok.EqualsAndHashCode;
import javax.validation.constraints.Max; import javax.validation.constraints.Max;
import javax.validation.constraints.NotEmpty;
import javax.validation.constraints.NotNull; import javax.validation.constraints.NotNull;
import javax.validation.constraints.Size;
import java.time.LocalDate; import java.time.LocalDate;
import java.time.LocalDateTime; import java.time.LocalDateTime;
import java.util.List; import java.util.List;
@ -81,19 +81,16 @@ public abstract class KeyInfoDTO {
/** /**
* 密钥id列表 * 密钥id列表
*/ */
@NotEmpty(message = "密钥id列表不能为空") @Size(min = 1, max = 100,message = "密钥id列表长度在1-100之间")
@NotNull(message = "密钥id列表不能为空")
private List<Long> ids; private List<Long> ids;
} }
@EqualsAndHashCode(callSuper = true)
@Data @Data
public static class KeyUpdate { public static class KeyUpdate extends IDs{
/**
* 密钥id列表
*/
@NotEmpty(message = "密钥id列表不能为空")
private List<Long> ids;
/** /**
* 新密钥生效时间 yyyy-MM-dd * 新密钥生效时间 yyyy-MM-dd
*/ */

View File

@ -297,7 +297,7 @@ public class KeyInfoServiceImpl implements KeyInfoService {
.gt(KeyInfo::getCreateTime, LocalDateTime.of(backup.getStartTime(), LocalTime.MIN)) .gt(KeyInfo::getCreateTime, LocalDateTime.of(backup.getStartTime(), LocalTime.MIN))
.lt(KeyInfo::getCreateTime, LocalDateTime.of(backup.getEndTime(), LocalTime.MAX)) .lt(KeyInfo::getCreateTime, LocalDateTime.of(backup.getEndTime(), LocalTime.MAX))
); );
Assert.isTrue(!CollectionUtils.isEmpty(keyInfos), "所选日期范围内,没有数据");
StringBuilder builder = new StringBuilder(); StringBuilder builder = new StringBuilder();
for (KeyInfo keyInfo : keyInfos) { for (KeyInfo keyInfo : keyInfos) {
List<KeyRecord> records = spKeyRecordMapper.selectList( List<KeyRecord> records = spKeyRecordMapper.selectList(
@ -305,7 +305,7 @@ public class KeyInfoServiceImpl implements KeyInfoService {
.eq(KeyRecord::getKeyId, keyInfo.getId()) .eq(KeyRecord::getKeyId, keyInfo.getId())
); );
keyInfo.setRecords(records); keyInfo.setRecords(records);
builder.append(JsonUtils.toJsonString(records)).append(System.lineSeparator()); builder.append(Hex.toHexString(JsonUtils.toJsonBytes(keyInfo))).append(System.lineSeparator());
} }
return builder.toString().getBytes(StandardCharsets.UTF_8); return builder.toString().getBytes(StandardCharsets.UTF_8);
} }
@ -327,7 +327,7 @@ public class KeyInfoServiceImpl implements KeyInfoService {
} }
count++; count++;
try { try {
KeyInfo info = JsonUtils.parse(line, KeyInfo.class); KeyInfo info = JsonUtils.parse(Hex.decode(line), KeyInfo.class);
KeyInfo exist = keyInfoMapper.selectById(info.getId()); KeyInfo exist = keyInfoMapper.selectById(info.getId());
if (exist != null) { if (exist != null) {
exd++; exd++;
@ -338,9 +338,12 @@ public class KeyInfoServiceImpl implements KeyInfoService {
.eq(KeyRecord::getKeyId, info.getId()) .eq(KeyRecord::getKeyId, info.getId())
); );
keyInfoMapper.insert(info); keyInfoMapper.insert(info);
info.getRecords().forEach(spKeyRecordMapper::insert); if (!CollectionUtils.isEmpty(info.getRecords())) {
info.getRecords().forEach(spKeyRecordMapper::insert);
}
suc++; suc++;
} catch (Exception ex) { } catch (Exception ex) {
log.error("解析恢复密钥失败, {}", line, ex);
err++; err++;
} }
} }
@ -476,8 +479,11 @@ public class KeyInfoServiceImpl implements KeyInfoService {
log.warn("archiveKey no exist key with ids: {}", ids.stream().map(String::valueOf).collect(Collectors.joining(","))); log.warn("archiveKey no exist key with ids: {}", ids.stream().map(String::valueOf).collect(Collectors.joining(",")));
return; return;
} }
LocalDateTime now = LocalDateTime.now();
List<String> unNormalCodes = keyInfos.stream() List<String> unNormalCodes = keyInfos.stream()
.filter(it -> !Objects.equals(KeyStatus.DISABLED.getCode(), it.getStatus())) .filter(it -> !(Objects.equals(KeyStatus.DISABLED.getCode(), it.getStatus())
|| (Objects.equals(KeyStatus.ENABLED.getCode(), it.getStatus()) && it.getExpiredTime().isBefore(now)))
)
.map(KeyInfo::getCode) .map(KeyInfo::getCode)
.collect(Collectors.toList()); .collect(Collectors.toList());
Assert.isTrue(CollectionUtils.isEmpty(unNormalCodes), Assert.isTrue(CollectionUtils.isEmpty(unNormalCodes),

View File

@ -16,9 +16,19 @@ spring:
username: SUNYARD username: SUNYARD
# Jasypt加密 可到common-utils中找到JasyptUtil加解密工具类生成加密结果 格式为ENC(加密结果) # Jasypt加密 可到common-utils中找到JasyptUtil加解密工具类生成加密结果 格式为ENC(加密结果)
password: 123456 password: 123456
hikari:
minimum-idle: 3
maximum-pool-size: 10
idle-timeout: 600000 # 空闲连接的最大等待时间,单位为毫秒 (10 分钟)
max-lifetime: 1800000 # 连接池中连接的最大存活时间,单位为毫秒 (30 分钟)
connection-timeout: 30000 # 获取连接的超时时间,单位为毫秒 (30 秒)
leak-detection-threshold: 2000 # 连接泄漏检测阈值,单位为毫秒 (2 秒)
# 连接测试配置,确保连接有效性
connection-test-query: SELECT 1
validation-timeout: 5000 # 验证连接的超时时间,单位为毫秒 (5 秒)
redis: redis:
#是否开启集群 false 不开启集群 , true 开启集群 #是否开启集群 false 不开启集群 , true 开启集群
isJq: ${solo_switch:false} isJq: false
host: 172.16.17.163 host: 172.16.17.163
port: 6379 port: 6379
password: sunyard2 password: sunyard2