factor: 优化证书store加载机制

payment-spring-boot-autoconfigure/src/main/java/cn/felord/payment/wechat/WechatPayConfiguration.java

@@ -60,7 +60,7 @@ public class WechatPayConfiguration {
             WechatPayProperties.V3 v3 = v3Map.get(tenantId);
             String certPath = v3.getCertPath();
             String mchId = v3.getMchId();
-            WechatMetaBean wechatMetaBean = keyPairFactory.createPKCS12(certPath, CERT_ALIAS, mchId);
+            WechatMetaBean wechatMetaBean = keyPairFactory.initWechatMetaBean(certPath, CERT_ALIAS, mchId);
             wechatMetaBean.setV3(v3);
             wechatMetaBean.setTenantId(tenantId);
             container.addWechatMeta(tenantId, wechatMetaBean);

payment-spring-boot-autoconfigure/src/main/java/cn/felord/payment/wechat/v3/KeyPairFactory.java

@@ -22,10 +22,7 @@ package cn.felord.payment.wechat.v3;
 import cn.felord.payment.PayException;
 import org.springframework.core.io.ClassPathResource;
 
-import java.security.KeyPair;
-import java.security.KeyStore;
-import java.security.PrivateKey;
-import java.security.PublicKey;
+import java.security.*;
 import java.security.cert.X509Certificate;
 
 /**
@@ -36,9 +33,16 @@ import java.security.cert.X509Certificate;
  **/
 public class KeyPairFactory {
 
-    private KeyStore store;
+    private static final KeyStore PKCS12_KEY_STORE;
+
+       static {
+           try {
+               PKCS12_KEY_STORE = KeyStore.getInstance("PKCS12");
+           } catch (KeyStoreException e) {
+             throw new PayException(" wechat pay keystore initialization failed");
+           }
+       }
 
-    private final Object lock = new Object();
 
     /**
      * 获取公私钥.
@@ -48,23 +52,16 @@ public class KeyPairFactory {
      * @param keyPass  password
      * @return the key pair
      */
-    public WechatMetaBean createPKCS12(String keyPath, String keyAlias, String keyPass) {
+    public WechatMetaBean initWechatMetaBean(String keyPath, String keyAlias, String keyPass) {
         ClassPathResource resource = new ClassPathResource(keyPath);
         char[] pem = keyPass.toCharArray();
         try {
-            synchronized (lock) {
-                if (store == null) {
-                    synchronized (lock) {
-                        store = KeyStore.getInstance("PKCS12");
-                    }
-                }
-                store.load(resource.getInputStream(), pem);
-            }
-            X509Certificate certificate = (X509Certificate) store.getCertificate(keyAlias);
+            PKCS12_KEY_STORE.load(resource.getInputStream(), pem);
+            X509Certificate certificate = (X509Certificate) PKCS12_KEY_STORE.getCertificate(keyAlias);
             certificate.checkValidity();
             String serialNumber = certificate.getSerialNumber().toString(16).toUpperCase();
             PublicKey publicKey = certificate.getPublicKey();
-            PrivateKey storeKey = (PrivateKey) store.getKey(keyAlias, pem);
+            PrivateKey storeKey = (PrivateKey) PKCS12_KEY_STORE.getKey(keyAlias, pem);
             WechatMetaBean wechatMetaBean = new WechatMetaBean();
             wechatMetaBean.setKeyPair(new KeyPair(publicKey, storeKey));
             wechatMetaBean.setSerialNumber(serialNumber);