密钥管理

This commit is contained in:
liulu 2024-11-01 11:14:04 +08:00
parent 8b49400e08
commit d8be35ed68
5 changed files with 29 additions and 16 deletions

View File

@ -63,7 +63,7 @@ public class KeyInfoAsymController {
);
// 设置下载响应的 headers
HttpHeaders headers = new HttpHeaders();
headers.add(HttpHeaders.CONTENT_DISPOSITION, "attachment; filename=\"" + fileName + "\"");
headers.add(HttpHeaders.CONTENT_DISPOSITION, "attachment; filename=\"" + fileName + ".txt\"");
// 返回带文件内容的响应
return ResponseEntity.ok()

View File

@ -65,7 +65,7 @@ public class KeyInfoSymController {
);
// 设置下载响应的 headers
HttpHeaders headers = new HttpHeaders();
headers.add(HttpHeaders.CONTENT_DISPOSITION, "attachment; filename=\"" + fileName + "\"");
headers.add(HttpHeaders.CONTENT_DISPOSITION, "attachment; filename=\"" + fileName + ".txt\"");
// 返回带文件内容的响应
return ResponseEntity.ok()

View File

@ -6,8 +6,8 @@ import lombok.Data;
import lombok.EqualsAndHashCode;
import javax.validation.constraints.Max;
import javax.validation.constraints.NotEmpty;
import javax.validation.constraints.NotNull;
import javax.validation.constraints.Size;
import java.time.LocalDate;
import java.time.LocalDateTime;
import java.util.List;
@ -81,19 +81,16 @@ public abstract class KeyInfoDTO {
/**
* 密钥id列表
*/
@NotEmpty(message = "密钥id列表不能为空")
@Size(min = 1, max = 100,message = "密钥id列表长度在1-100之间")
@NotNull(message = "密钥id列表不能为空")
private List<Long> ids;
}
@EqualsAndHashCode(callSuper = true)
@Data
public static class KeyUpdate {
/**
* 密钥id列表
*/
@NotEmpty(message = "密钥id列表不能为空")
private List<Long> ids;
public static class KeyUpdate extends IDs{
/**
* 新密钥生效时间 yyyy-MM-dd
*/

View File

@ -297,7 +297,7 @@ public class KeyInfoServiceImpl implements KeyInfoService {
.gt(KeyInfo::getCreateTime, LocalDateTime.of(backup.getStartTime(), LocalTime.MIN))
.lt(KeyInfo::getCreateTime, LocalDateTime.of(backup.getEndTime(), LocalTime.MAX))
);
Assert.isTrue(!CollectionUtils.isEmpty(keyInfos), "所选日期范围内,没有数据");
StringBuilder builder = new StringBuilder();
for (KeyInfo keyInfo : keyInfos) {
List<KeyRecord> records = spKeyRecordMapper.selectList(
@ -305,7 +305,7 @@ public class KeyInfoServiceImpl implements KeyInfoService {
.eq(KeyRecord::getKeyId, keyInfo.getId())
);
keyInfo.setRecords(records);
builder.append(JsonUtils.toJsonString(records)).append(System.lineSeparator());
builder.append(Hex.toHexString(JsonUtils.toJsonBytes(keyInfo))).append(System.lineSeparator());
}
return builder.toString().getBytes(StandardCharsets.UTF_8);
}
@ -327,7 +327,7 @@ public class KeyInfoServiceImpl implements KeyInfoService {
}
count++;
try {
KeyInfo info = JsonUtils.parse(line, KeyInfo.class);
KeyInfo info = JsonUtils.parse(Hex.decode(line), KeyInfo.class);
KeyInfo exist = keyInfoMapper.selectById(info.getId());
if (exist != null) {
exd++;
@ -338,9 +338,12 @@ public class KeyInfoServiceImpl implements KeyInfoService {
.eq(KeyRecord::getKeyId, info.getId())
);
keyInfoMapper.insert(info);
if (!CollectionUtils.isEmpty(info.getRecords())) {
info.getRecords().forEach(spKeyRecordMapper::insert);
}
suc++;
} catch (Exception ex) {
log.error("解析恢复密钥失败, {}", line, ex);
err++;
}
}
@ -476,8 +479,11 @@ public class KeyInfoServiceImpl implements KeyInfoService {
log.warn("archiveKey no exist key with ids: {}", ids.stream().map(String::valueOf).collect(Collectors.joining(",")));
return;
}
LocalDateTime now = LocalDateTime.now();
List<String> unNormalCodes = keyInfos.stream()
.filter(it -> !Objects.equals(KeyStatus.DISABLED.getCode(), it.getStatus()))
.filter(it -> !(Objects.equals(KeyStatus.DISABLED.getCode(), it.getStatus())
|| (Objects.equals(KeyStatus.ENABLED.getCode(), it.getStatus()) && it.getExpiredTime().isBefore(now)))
)
.map(KeyInfo::getCode)
.collect(Collectors.toList());
Assert.isTrue(CollectionUtils.isEmpty(unNormalCodes),

View File

@ -16,9 +16,19 @@ spring:
username: SUNYARD
# Jasypt加密 可到common-utils中找到JasyptUtil加解密工具类生成加密结果 格式为ENC(加密结果)
password: 123456
hikari:
minimum-idle: 3
maximum-pool-size: 10
idle-timeout: 600000 # 空闲连接的最大等待时间,单位为毫秒 (10 分钟)
max-lifetime: 1800000 # 连接池中连接的最大存活时间,单位为毫秒 (30 分钟)
connection-timeout: 30000 # 获取连接的超时时间,单位为毫秒 (30 秒)
leak-detection-threshold: 2000 # 连接泄漏检测阈值,单位为毫秒 (2 秒)
# 连接测试配置,确保连接有效性
connection-test-query: SELECT 1
validation-timeout: 5000 # 验证连接的超时时间,单位为毫秒 (5 秒)
redis:
#是否开启集群 false 不开启集群 , true 开启集群
isJq: ${solo_switch:false}
isJq: false
host: 172.16.17.163
port: 6379
password: sunyard2