worker.bank
/
scfs-api-sdk
4
0
Fork 0
Code Issues Pull Requests Packages Projects 1 Releases 1 Wiki Activity

fix: 校验证书取值

main
13009 2024-07-04 11:41:06 +08:00
parent e277a97b5c
commit 7b3a20a15a
5 changed files with 10 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
scfs-api-core/src/main/java/com/czcb/scfs/api/core/cipher/DefaultValidator.java
View File

@ -50,9 +50,9 @@ public final class DefaultValidator implements Validator {
public void validate(HttpRequest newRequest) {
// 校验证书
CertificateProvider provider = getProfile().getSignature().getCertificateProvider();
Signer signer = getProfile().getSignature().getSigner();
if (!provider.isAvailableCertificate(signer.getCertificateSerial())) {
throw new ValidationException(String.format("证书已失效, 序列号:%s", signer.getCertificateSerial()));
PrivacyEncryptor encryptor = getProfile().getPrivacy().getEncryptor();
if (!provider.isAvailableCertificate(encryptor.getCertificateSerial())) {
throw new ValidationException(String.format("证书已失效, 序列号:%s", encryptor.getCertificateSerial()));
}
}

2
scfs-api-core/src/test/java/com/czcb/scfs/api/core/cipher/DefaultValidatorTest.java
View File

@ -322,6 +322,6 @@ class DefaultValidatorTest {
DefaultValidator defaultValidator = new DefaultValidator(buildProfileInvalid());
ValidationException exception = Assertions.assertThrows(ValidationException.class, () -> defaultValidator.validate(null));
Assertions.assertEquals("证书已失效, 序列号:823CF3E310F2E2ED1AF85506E74A95DC4301006FDEF2FD019953FAF4DE12A8BF", exception.getMessage());
Assertions.assertEquals("证书已失效, 序列号:6CDDAA92CAD75998325027647847330C1756291", exception.getMessage());
}
}

2
scfs-api-core/src/test/java/com/czcb/scfs/api/core/http/client/ApacheHttpclientValidTest.java
View File

@ -104,7 +104,7 @@ class ApacheHttpclientValidTest {
HttpHeaders headers = new HttpHeaders();
ValidationException exception = Assertions.assertThrows(ValidationException.class, () -> apiClient.post("/mock/invalid", headers, requestBody, TestResponse.class));
Assertions.assertEquals("证书已失效, 序列号:823CF3E310F2E2ED1AF85506E74A95DC4301006FDEF2FD019953FAF4DE12A8BF", exception.getMessage());
Assertions.assertEquals("证书已失效, 序列号:6CDDAA92CAD75998325027647847330C1756291", exception.getMessage());
}

4
scfs-api-service/src/test/java/com/czcb/scfs/api/service/cipher/TestPrivacy.java
View File

@ -3,6 +3,7 @@ package com.czcb.scfs.api.service.cipher;
import com.czcb.scfs.api.core.cipher.*;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
public class TestPrivacy implements Privacy {
// 对称加密/解密器
@ -14,7 +15,8 @@ public class TestPrivacy implements Privacy {
public TestPrivacy(PrivateKey privateKey, CertificateProvider certificateProvider) {
this.secretCipher = new TestSecretCipher();
this.privacyEncryptor = new TestPrivacyEncryptor(certificateProvider.getAvailableCertificate().getPublicKey());
X509Certificate certificate = certificateProvider.getAvailableCertificate();
this.privacyEncryptor = new TestPrivacyEncryptor(certificateProvider.getAvailableCertificate().getPublicKey(), certificate.getSerialNumber().toString(16).toUpperCase());
this.privacyDecryptor = new TestPrivacyDecryptor(privateKey);
}

4
scfs-api-service/src/test/java/com/czcb/scfs/api/service/cipher/TestPrivacyEncryptor.java
View File

@ -10,7 +10,7 @@ public class TestPrivacyEncryptor extends AbstractPrivacyEncryptor {
*
* @param publicKey 使
*/
protected TestPrivacyEncryptor(PublicKey publicKey) {
super("RSA/ECB/OAEPWithSHA-1AndMGF1Padding", publicKey, null, "");
protected TestPrivacyEncryptor(PublicKey publicKey, String certificateSerial) {
super("RSA/ECB/OAEPWithSHA-1AndMGF1Padding", publicKey, null, certificateSerial);
}
}