From 8dc9c93469a89f5bbcb7d38341155f936d5cd2dc Mon Sep 17 00:00:00 2001 From: 13009 Date: Tue, 18 Jun 2024 18:31:00 +0800 Subject: [PATCH] =?UTF-8?q?test:=20=E6=B7=BB=E5=8A=A0=E8=AF=81=E4=B9=A6?= =?UTF-8?q?=E7=BC=96=E5=8F=B7?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../czcb/scfs/api/core/cipher/CipherType.java | 38 +++++++++++++++++++ .../spring/boot/starter/RsaConfiguration.java | 6 +++ .../starter/ScfsApiGatewayProperties.java | 6 ++- .../spring/boot/starter/SmConfiguration.java | 2 + .../starter/ScfsApiGatewayPropertiesTest.java | 2 +- .../src/main/resources/application.properties | 15 ++++---- .../resources/invalid_sm2_certificate.pem | 11 ++++++ .../resources/invalid_sm2_private_key.pem | 5 +++ 8 files changed, 76 insertions(+), 9 deletions(-) create mode 100644 scfs-api-core/src/main/java/com/czcb/scfs/api/core/cipher/CipherType.java create mode 100644 scfs-api-test/src/main/resources/invalid_sm2_certificate.pem create mode 100644 scfs-api-test/src/main/resources/invalid_sm2_private_key.pem diff --git a/scfs-api-core/src/main/java/com/czcb/scfs/api/core/cipher/CipherType.java b/scfs-api-core/src/main/java/com/czcb/scfs/api/core/cipher/CipherType.java new file mode 100644 index 0000000..50a9279 --- /dev/null +++ b/scfs-api-core/src/main/java/com/czcb/scfs/api/core/cipher/CipherType.java @@ -0,0 +1,38 @@ +/* + * Copyright 2012-2019 the original author or authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.czcb.scfs.api.core.cipher; + +/** + * @since 2.0.0 + */ +public enum CipherType { + /** + * 国密 + */ + SM("sm"), + RSA("rsa"); + + CipherType(String value) { + this.value = value; + } + + private final String value; + + public String getValue() { + return value; + } +} diff --git a/scfs-api-spring-boot-starter/src/main/java/com/czcb/scfs/spring/boot/starter/RsaConfiguration.java b/scfs-api-spring-boot-starter/src/main/java/com/czcb/scfs/spring/boot/starter/RsaConfiguration.java index d7c19c9..e54bfa7 100644 --- a/scfs-api-spring-boot-starter/src/main/java/com/czcb/scfs/spring/boot/starter/RsaConfiguration.java +++ b/scfs-api-spring-boot-starter/src/main/java/com/czcb/scfs/spring/boot/starter/RsaConfiguration.java @@ -4,6 +4,9 @@ import com.czcb.scfs.api.core.cipher.StoreType; import com.czcb.scfs.api.core.util.PemFile; import com.czcb.scfs.api.rsa.RsaProfile; import org.springframework.boot.autoconfigure.condition.ConditionalOnClass; +import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean; +import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; +import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import javax.annotation.Resource; @@ -19,6 +22,7 @@ import java.util.stream.Collectors; */ @Configuration @ConditionalOnClass(RsaProfile.class) +@ConditionalOnProperty(value = "scfs.api-gateway.cipher.type", havingValue = "rsa") public class RsaConfiguration extends AbstractAutoConfiguration { @Resource @@ -50,6 +54,8 @@ public class RsaConfiguration extends AbstractAutoConfiguration { return PemFile.loadPrivateKeyFromStream(inputStream); } + @Bean + @ConditionalOnMissingBean public RsaProfile rsaProfile() { return new RsaProfile.Builder() .channel(getChannel()) diff --git a/scfs-api-spring-boot-starter/src/main/java/com/czcb/scfs/spring/boot/starter/ScfsApiGatewayProperties.java b/scfs-api-spring-boot-starter/src/main/java/com/czcb/scfs/spring/boot/starter/ScfsApiGatewayProperties.java index 42bb818..e3d0ae8 100644 --- a/scfs-api-spring-boot-starter/src/main/java/com/czcb/scfs/spring/boot/starter/ScfsApiGatewayProperties.java +++ b/scfs-api-spring-boot-starter/src/main/java/com/czcb/scfs/spring/boot/starter/ScfsApiGatewayProperties.java @@ -1,5 +1,6 @@ package com.czcb.scfs.spring.boot.starter; +import com.czcb.scfs.api.core.cipher.CipherType; import com.czcb.scfs.api.core.cipher.StoreType; import com.czcb.scfs.api.core.http.LogLevel; import lombok.Data; @@ -56,6 +57,10 @@ public class ScfsApiGatewayProperties { @Data public static class Cipher { + /** + * 算法类型 + */ + private CipherType type = CipherType.SM; /** * 存储方式,默认文件系统(绝对路径) */ @@ -74,7 +79,6 @@ public class ScfsApiGatewayProperties { * 银行侧证书地址 */ private List certificate; - } @Data diff --git a/scfs-api-spring-boot-starter/src/main/java/com/czcb/scfs/spring/boot/starter/SmConfiguration.java b/scfs-api-spring-boot-starter/src/main/java/com/czcb/scfs/spring/boot/starter/SmConfiguration.java index 8892834..12daad1 100644 --- a/scfs-api-spring-boot-starter/src/main/java/com/czcb/scfs/spring/boot/starter/SmConfiguration.java +++ b/scfs-api-spring-boot-starter/src/main/java/com/czcb/scfs/spring/boot/starter/SmConfiguration.java @@ -6,6 +6,7 @@ import com.czcb.scfs.api.sm.SmProfile; import com.tencent.kona.KonaProvider; import org.springframework.boot.autoconfigure.condition.ConditionalOnClass; import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean; +import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; @@ -22,6 +23,7 @@ import java.util.stream.Collectors; */ @Configuration @ConditionalOnClass(SmProfile.class) +@ConditionalOnProperty(value = "scfs.api-gateway.cipher.type", havingValue = "sm", matchIfMissing = true) public class SmConfiguration extends AbstractAutoConfiguration { @Resource private ScfsApiGatewayProperties properties; diff --git a/scfs-api-spring-boot-starter/src/test/java/com/czcb/scfs/spring/boot/starter/ScfsApiGatewayPropertiesTest.java b/scfs-api-spring-boot-starter/src/test/java/com/czcb/scfs/spring/boot/starter/ScfsApiGatewayPropertiesTest.java index f18e8b1..a5ec113 100644 --- a/scfs-api-spring-boot-starter/src/test/java/com/czcb/scfs/spring/boot/starter/ScfsApiGatewayPropertiesTest.java +++ b/scfs-api-spring-boot-starter/src/test/java/com/czcb/scfs/spring/boot/starter/ScfsApiGatewayPropertiesTest.java @@ -94,7 +94,7 @@ class ScfsApiGatewayPropertiesTest { Assertions.assertNotNull(properties.getCipher()); - assertThatJson("{\"certificate\":[\"/home/c2.pem\"],\"channelCertificateSerial\":\"B47BF250D13D6DC72D2869D340CDF8B830F2CFD320B652586C3D4861F86CA355\",\"channelPrivateKey\":\"/home/key.pem\",\"storeType\":\"RESOURCES\"}") + assertThatJson("{\"type\":\"SM\",\"storeType\":\"RESOURCES\",\"channelPrivateKey\":\"/home/key.pem\",\"channelCertificateSerial\":\"B47BF250D13D6DC72D2869D340CDF8B830F2CFD320B652586C3D4861F86CA355\",\"certificate\":[\"/home/c2.pem\"]}") .isEqualTo(properties.getCipher()); } diff --git a/scfs-api-test/src/main/resources/application.properties b/scfs-api-test/src/main/resources/application.properties index af0f59e..abbde31 100644 --- a/scfs-api-test/src/main/resources/application.properties +++ b/scfs-api-test/src/main/resources/application.properties @@ -1,11 +1,12 @@ scfs.api-gateway.online=false -#scfs.api-gateway.host=http://10.131.98.80:8088/api-gateway -scfs.api-gateway.host=http://127.0.0.1:8088/api-gateway +scfs.api-gateway.host=http://10.131.98.80:8088/api-gateway +#scfs.api-gateway.host=http://127.0.0.1:8088/api-gateway scfs.api-gateway.channel.channel-no=1038 scfs.api-gateway.channel.app-no=41 scfs.api-gateway.cipher.store-type=resources -#scfs.api-gateway.cipher.channel-private-key=rsa_channel_private_key.pem -#scfs.api-gateway.cipher.certificate=rsa_channel_certificate.pem -scfs.api-gateway.cipher.channel-private-key=sm2_private_key.pem -scfs.api-gateway.cipher.channel-certificate-serial=C2C9A0FB3BD3F6252F3857E3681541DE9480D4FBBA4BFCE4EE714358FCEA1E7B -scfs.api-gateway.cipher.certificate=scfs_sm2_certificate.pem \ No newline at end of file +#scfs.api-gateway.cipher.channel-private-key=invalid_rsa_private_key.pem +#scfs.api-gateway.cipher.channel-certificate-serial=823CF3E310F2E2ED1AF85506E74A95DC4301006FDEF2FD019953FAF4DE12A8BF +#scfs.api-gateway.cipher.certificate=invalid_rsa_certificate.pem +scfs.api-gateway.cipher.channel-private-key=invalid_sm2_private_key.pem +scfs.api-gateway.cipher.channel-certificate-serial=B76D9E0B7317F45478CC26502048C44F602AA83A2724C8FF40086FBA307140A7 +scfs.api-gateway.cipher.certificate=invalid_sm2_certificate.pem \ No newline at end of file diff --git a/scfs-api-test/src/main/resources/invalid_sm2_certificate.pem b/scfs-api-test/src/main/resources/invalid_sm2_certificate.pem new file mode 100644 index 0000000..beb4bd8 --- /dev/null +++ b/scfs-api-test/src/main/resources/invalid_sm2_certificate.pem @@ -0,0 +1,11 @@ +-----BEGIN CERTIFICATE----- +MIIB7jCCAZOgAwIBAgIhALdtngtzF/RUeMwmUCBIxE9gKqg6JyTI/0AIb7owcUCnMAoGCCqBHM9V +AYN1MIGNMQswCQYDVQQGEwJDTjESMBAGA1UECAwJ5rWZ5rGf55yBMRIwEAYDVQQHDAnmna3lt57l +uIIxITAfBgNVBAoMGOa1meaxn+eooOW3nuWVhuS4mumTtuihjDEYMBYGA1UECwwP5pWw5a2X6YeR +6J6N6YOoMRkwFwYDVQQDDBBzY2ZzLmN6Y2IuY29tLmNuMB4XDTIzMDYxODEwMTE0N1oXDTI0MDYx +ODEwMTE0N1owUjELMAkGA1UEBhMCQ04xEjAQBgNVBAgMCea1meaxn+ecgTESMBAGA1UEBwwJ5p2t +5bee5biCMRswGQYDVQQKDBLnqKDlt57llYbkuJrpk7booYwwWTATBgcqhkjOPQIBBggqgRzPVQGC +LQNCAATgVojRcvIdy12MIpdBfrwkbSDROpyggvGs4KkZj7FQ4dfZjG9U/IemckKOiB1rziBmvMZ+ +xcNHM2f7sc4vnNGbMAoGCCqBHM9VAYN1A0kAMEYCIQDMYfauQRljajUQjQP8mhVxmCbpt8ttwmJ+ +tZaY3nYUdAIhAPBxzw9sBktnnfs0OL5JWoD/gtl7Q47DFozB1y7Lg/0D +-----END CERTIFICATE----- \ No newline at end of file diff --git a/scfs-api-test/src/main/resources/invalid_sm2_private_key.pem b/scfs-api-test/src/main/resources/invalid_sm2_private_key.pem new file mode 100644 index 0000000..564326b --- /dev/null +++ b/scfs-api-test/src/main/resources/invalid_sm2_private_key.pem @@ -0,0 +1,5 @@ +-----BEGIN PRIVATE KEY----- +MIGTAgEAMBMGByqGSM49AgEGCCqBHM9VAYItBHkwdwIBAQQgGAiYfS2SFBIImE3m/aYxU8hrIGtb +YMYJOG52CVAj6NmgCgYIKoEcz1UBgi2hRANCAATgVojRcvIdy12MIpdBfrwkbSDROpyggvGs4KkZ +j7FQ4dfZjG9U/IemckKOiB1rziBmvMZ+xcNHM2f7sc4vnNGb +-----END PRIVATE KEY----- \ No newline at end of file