open-source/payment-spring-boot
1
0
Fork 0
mirror of https://github.com/dromara/payment-spring-boot.git synced 2026-03-13 21:33:41 +08:00
Code Issues Packages Projects Releases Wiki Activity

factor: 优化证书store加载机制

Browse Source
This commit is contained in:
felord
2021-03-25 15:01:19 +08:00
parent 538e11dabe
commit 53e6016c4c
2 changed files with 15 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
payment-spring-boot-autoconfigure/src/main/java/cn/felord/payment/wechat/WechatPayConfiguration.java
View File

@@ -60,7 +60,7 @@ public class WechatPayConfiguration {
WechatPayProperties.V3 v3 = v3Map.get(tenantId); WechatPayProperties.V3 v3 = v3Map.get(tenantId);
String certPath = v3.getCertPath(); String certPath = v3.getCertPath();
String mchId = v3.getMchId(); String mchId = v3.getMchId();
WechatMetaBean wechatMetaBean = keyPairFactory.createPKCS12(certPath, CERT_ALIAS, mchId); WechatMetaBean wechatMetaBean = keyPairFactory.initWechatMetaBean(certPath, CERT_ALIAS, mchId);
wechatMetaBean.setV3(v3); wechatMetaBean.setV3(v3);
wechatMetaBean.setTenantId(tenantId); wechatMetaBean.setTenantId(tenantId);
container.addWechatMeta(tenantId, wechatMetaBean); container.addWechatMeta(tenantId, wechatMetaBean);

31
payment-spring-boot-autoconfigure/src/main/java/cn/felord/payment/wechat/v3/KeyPairFactory.java
View File

@@ -22,10 +22,7 @@ package cn.felord.payment.wechat.v3;
import cn.felord.payment.PayException; import cn.felord.payment.PayException;
import org.springframework.core.io.ClassPathResource; import org.springframework.core.io.ClassPathResource;
import java.security.KeyPair; import java.security.*;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.X509Certificate; import java.security.cert.X509Certificate;
/** /**
@@ -36,9 +33,16 @@ import java.security.cert.X509Certificate;
**/ **/
public class KeyPairFactory { public class KeyPairFactory {
private KeyStore store; private static final KeyStore PKCS12_KEY_STORE;
static {
try {
PKCS12_KEY_STORE = KeyStore.getInstance("PKCS12");
} catch (KeyStoreException e) {
throw new PayException(" wechat pay keystore initialization failed");
}
}
private final Object lock = new Object();
/** /**
* 获取公私钥. * 获取公私钥.
@@ -48,23 +52,16 @@ public class KeyPairFactory {
* @param keyPass password * @param keyPass password
* @return the key pair * @return the key pair
*/ */
public WechatMetaBean createPKCS12(String keyPath, String keyAlias, String keyPass) { public WechatMetaBean initWechatMetaBean(String keyPath, String keyAlias, String keyPass) {
ClassPathResource resource = new ClassPathResource(keyPath); ClassPathResource resource = new ClassPathResource(keyPath);
char[] pem = keyPass.toCharArray(); char[] pem = keyPass.toCharArray();
try { try {
synchronized (lock) { PKCS12_KEY_STORE.load(resource.getInputStream(), pem);
if (store == null) { X509Certificate certificate = (X509Certificate) PKCS12_KEY_STORE.getCertificate(keyAlias);
synchronized (lock) {
store = KeyStore.getInstance("PKCS12");
}
}
store.load(resource.getInputStream(), pem);
}
X509Certificate certificate = (X509Certificate) store.getCertificate(keyAlias);
certificate.checkValidity(); certificate.checkValidity();
String serialNumber = certificate.getSerialNumber().toString(16).toUpperCase(); String serialNumber = certificate.getSerialNumber().toString(16).toUpperCase();
PublicKey publicKey = certificate.getPublicKey(); PublicKey publicKey = certificate.getPublicKey();
PrivateKey storeKey = (PrivateKey) store.getKey(keyAlias, pem); PrivateKey storeKey = (PrivateKey) PKCS12_KEY_STORE.getKey(keyAlias, pem);
WechatMetaBean wechatMetaBean = new WechatMetaBean(); WechatMetaBean wechatMetaBean = new WechatMetaBean();
wechatMetaBean.setKeyPair(new KeyPair(publicKey, storeKey)); wechatMetaBean.setKeyPair(new KeyPair(publicKey, storeKey));
wechatMetaBean.setSerialNumber(serialNumber); wechatMetaBean.setSerialNumber(serialNumber);