1.修改生成证书服务

licence/pom.xml

@@ -34,5 +34,45 @@
             <artifactId>spring-boot-starter-web</artifactId>
         </dependency>
     </dependencies>
-
+    <!-- 构建工具 -->
+    <build>
+        <plugins>
+            <!-- 打包插件 -->
+            <plugin>
+                <groupId>org.springframework.boot</groupId>
+                <artifactId>spring-boot-maven-plugin</artifactId>
+                <configuration>
+                    <includeSystemScope>true</includeSystemScope>
+                </configuration>
+            </plugin>
+            <plugin>
+                <!--
+                    1. 加密后,方法体被清空,保留方法参数、注解等信息.主要兼容swagger文档注解扫描
+                    2. 方法体被清空后,反编译只能看到方法名和注解,看不到方法体的具体内容
+                    3. 加密后的项目需要设置javaagent来启动,启动过程中解密class,完全内存解密,不留下任何解密后的文件
+                    4. 启动加密后的jar,生成xxx-encrypted.jar,这个就是加密后的jar文件,加密后不可直接执行
+                    5. 无密码启动方式,java -javaagent:xxx-encrypted.jar -jar xxx-encrypted.jar
+                    6. 有密码启动方式,java -javaagent:xxx-encrypted.jar='-pwd= 密码' -jar xxx-encrypted.jar
+                -->
+                <groupId>net.roseboy</groupId>
+                <artifactId>classfinal-maven-plugin</artifactId>
+                <version>1.2.1</version>
+                <configuration>
+                    <password>#</password><!-- #表示启动时不需要密码,事实上对于代码混淆来说,这个密码没什么用,它只是一个启动密码 -->
+                    <excludes>org.spring</excludes>
+                    <packages>${groupId}</packages><!-- 加密的包名,多个包用逗号分开 -->
+                    <cfgfiles>application.yml,application-dev.yml</cfgfiles><!-- 加密的配置文件,多个包用逗号分开 -->
+                    <libjars>core-licence-1.0.0.RELEASE.jar</libjars> <!-- jar包lib下面要加密的jar依赖文件,多个包用逗号分开 -->
+                </configuration>
+                <executions>
+                    <execution>
+                        <phase>package</phase>
+                        <goals>
+                            <goal>classFinal</goal>
+                        </goals>
+                    </execution>
+                </executions>
+            </plugin>
+        </plugins>
+    </build>
 </project>

licence/server/pom.xml

@@ -24,4 +24,13 @@
             <version>5.8.27</version>
         </dependency>
     </dependencies>
+
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-jar-plugin</artifactId>
+            </plugin>
+        </plugins>
+    </build>
 </project>

licence/server/src/main/java/com/shcd/controller/ServerController.java

@@ -1,15 +1,13 @@
 package com.shcd.controller;
 
-import com.shcd.entity.LicenceEntity;
+import com.shcd.entity.LicenceDTO;
 import com.shcd.service.LicenceService;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
-import javax.servlet.http.HttpServletResponse;
-import java.util.UUID;
-
 /**
  * @author 上海城地
  * @description 控制层
@@ -24,35 +22,12 @@ public class ServerController {
     private LicenceService licenceService;
 
     /**
-     * 下载证书文件
-     * 实际项目可以根据前端传递的参数来创建证书字段属性。这里为了测试，直接写测试数据
-     *
-     * @param response
+     * 生成证书到本地
      */
-    @PostMapping("/downLoadLicence")
-    public void downLoadLicence(HttpServletResponse response) {
-        LicenceEntity dtoEntity = createEntity();
-        licenceService.downLoadLicence(dtoEntity, response);
+    @PostMapping("/locallyGenerated")
+    public void locallyGenerated(@RequestBody LicenceDTO dto) {
+        licenceService.locallyGenerated(dto);
     }
 
-    /**
-     * 创建测试实体
-     *
-     * @return
-     */
-    private LicenceEntity createEntity() {
-        LicenceEntity entity = new LicenceEntity();
-        entity.setLicenceId(UUID.randomUUID().toString().replaceAll("-", ""));//证书 ID
-        entity.setLicenceName("城地数据归集治理测产品软件");//证书名称
-        entity.setBusinessJarHash("0BB4742D7F1A7DD69EDE815897359432169BB1E90CF14F4FEDF3517E798415FF"); // 要么留空 要么输入业务jar的hash
-        entity.setBusinessJarPath("C:\\Users\\胡荣基\\Desktop\\client-offline-1.0.0.RELEASE-encrypted.jar"); // 要么留空 要么输入业务jar的hash
-        entity.setMac(null);//客户端机器的网卡物理地址，要么留空，要么输入客户端的 Mac 地址
-        entity.setEffectStartDate("2024-11-14");//证书生效开始日期，格式：yyyy-MM-dd
-        entity.setEffectEndDate("2024-12-15");//证书生效结束日期，格式：yyyy-MM-dd
-        entity.setContactName("400-821-2177");//联系人
-        entity.setContactWay("https://blog.csdn.net/BiandanLoveyou");//联系方式
-        entity.setOwner("上海城市地理信息系统发展有限公司");//证书所有者
-        return entity;
-    }
 
 }

licence/server/src/main/java/com/shcd/entity/LicenceDTO.java

@@ -0,0 +1,36 @@
+package com.shcd.entity;
+
+/**
+ * 类描述: 证书生成请求接收dto
+ *
+ * @Author Hu
+ * @Date 2024/11/20
+ * @Version 1.0.0
+ **/
+public class LicenceDTO extends LicenceEntity{
+    /**
+     *  生成路径
+     */
+    private String certificateDirectory;
+     /**
+     *  生成文件
+     */
+    private String certificateFile;
+
+
+    public String getCertificateDirectory() {
+        return certificateDirectory;
+    }
+
+    public void setCertificateDirectory(String certificateDirectory) {
+        this.certificateDirectory = certificateDirectory;
+    }
+
+    public String getCertificateFile() {
+        return certificateFile;
+    }
+
+    public void setCertificateFile(String certificateFile) {
+        this.certificateFile = certificateFile;
+    }
+}

licence/server/src/main/java/com/shcd/service/LicenceService.java

@@ -1,6 +1,6 @@
 package com.shcd.service;
 
-import com.shcd.entity.LicenceEntity;
+import com.shcd.entity.LicenceDTO;
 
 import javax.servlet.http.HttpServletResponse;
 
@@ -14,17 +14,29 @@ public interface LicenceService {
 
     /**
      * 创建证书 licence 内容
+     *
      * @param dtoEntity
      * @return
      */
-    LicenceEntity createLicence(LicenceEntity dtoEntity);
+    LicenceDTO createLicence(LicenceDTO dtoEntity);
+
+
+//    /**
+//     * 下载证书文件
+//     *
+//     * @param dtoEntity
+//     * @param response
+//     */
+//    void downLoadLicence(LicenceDTO dtoEntity, HttpServletResponse response);
 
 
     /**
-     * 下载证书文件
+     *  本地生成证书
+     *
      * @param dtoEntity
-     * @param response
+     * @return boolean
+     * @author Hu
+     * @date 2024/11/20 17:13
      */
-    void downLoadLicence(LicenceEntity dtoEntity, HttpServletResponse response);
-
+    void locallyGenerated(LicenceDTO dtoEntity);
 }

licence/server/src/main/java/com/shcd/service/impl/LicenceServiceImpl.java

@@ -1,8 +1,9 @@
 package com.shcd.service.impl;
 
+import cn.hutool.core.lang.UUID;
 import cn.hutool.crypto.asymmetric.RSA;
 import com.shcd.constant.CommonKeys;
-import com.shcd.entity.LicenceEntity;
+import com.shcd.entity.LicenceDTO;
 import com.shcd.service.LicenceService;
 import com.shcd.util.LicenceJsonUtil;
 import com.shcd.util.NativeSecurityUtil;
@@ -10,7 +11,6 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.BeanUtils;
 import org.springframework.beans.factory.annotation.Value;
-import org.springframework.scheduling.annotation.Async;
 import org.springframework.stereotype.Service;
 import org.springframework.util.StringUtils;
 
@@ -33,101 +33,105 @@ public class LicenceServiceImpl implements LicenceService {
 
     private static Logger log = LoggerFactory.getLogger(LicenceServiceImpl.class);
 
-    /**
-     * 获取配置文件的私钥
-     */
-    @Value("${licence.privateKey}")
-    private String privateKey;
-
-    /**
-     * 获取配置文件的公钥
-     */
-    @Value("${licence.publicKey}")
-    private String publicKey;
-
 
     /**
      * 创建证书 licence 内容
+     *
      * @param dtoEntity
      * @return
      */
     @Override
-    public LicenceEntity createLicence(LicenceEntity dtoEntity) {
-        LicenceEntity entity = new LicenceEntity();
+    public LicenceDTO createLicence(LicenceDTO dtoEntity) {
+        RSA rsa = new RSA();
+        LicenceDTO entity = new LicenceDTO();
         //赋值相同属性
         BeanUtils.copyProperties(dtoEntity, entity);
+        entity.setLicenceId(UUID.randomUUID().toString());
         //content 和 key 需要额外处理
-        if(StringUtils.isEmpty(privateKey) || StringUtils.isEmpty(publicKey)) return null;
-        entity.setKey(publicKey);//把公钥放进去，否则客户端无法获取公钥，就无法解密
+        entity.setKey(new String(rsa.getPublicKey().getEncoded()));//把公钥放进去，否则客户端无法获取公钥，就无法解密
         //把实体转成字符串
         String json = LicenceJsonUtil.objectToStr(entity);
         //把整个字符串加密
-        String content = NativeSecurityUtil.encryptByPrivateKey(json, privateKey);
+        String content = NativeSecurityUtil.encryptByPrivateKey(json, new String(rsa.getPrivateKey().getEncoded()));
         //把加密后的字符串赋值给 content
         entity.setContent(content);
         return entity;
     }
 
+//    /**
+//     * 下载证书文件
+//     *
+//     * @param dtoEntity
+//     * @param response
+//     */
+//    @Override
+//    public void downLoadLicence(LicenceDTO dtoEntity, HttpServletResponse response) {
+//        LicenceDTO licenceEntity = createLicence(dtoEntity);
+//        if (null == licenceEntity) {
+//            log.error("证书的秘钥未配置！");
+//            return;
+//        }
+//        //把实体转为字符串
+//        String result = LicenceJsonUtil.objectToStr(licenceEntity);
+//        BufferedOutputStream out = null;
+//        try {
+//            //证书文件名
+//            String fileName = CommonKeys.CERTIFICATE_FILE;
+//            response.setContentType("application/octet-stream");
+//            response.setHeader("Content-Disposition", "attachment; filename=\"" + fileName + "\"");
+//            response.setCharacterEncoding("UTF-8");
+//            out = new BufferedOutputStream(response.getOutputStream());
+//            out.write(result.getBytes("UTF-8"));
+//            out.flush();
+//        } catch (IOException e) {
+//            log.error(e.getMessage(), e);
+//        } finally {
+//            try {
+//                if (out != null) {
+//                    out.close();
+//                }
+//            } catch (Exception e) {
+//                log.error(e.getMessage(), e);
+//            }
+//        }
+//    }
+
     /**
-     * 下载证书文件
+     * 本地生成证书
+     *
      * @param dtoEntity
-     * @param response
+     * @return boolean
+     * @author Hu
+     * @date 2024/11/20 17:13
      */
     @Override
-    public void downLoadLicence(LicenceEntity dtoEntity, HttpServletResponse response) {
-        LicenceEntity licenceEntity = createLicence(dtoEntity);
-        if(null == licenceEntity){
-            log.error("证书的秘钥未配置！");
-            return;
-        }
+    public void locallyGenerated(LicenceDTO dtoEntity) {
+        // 生成证书实体类
+        LicenceDTO licenceEntity = createLicence(dtoEntity);
         //把实体转为字符串
         String result = LicenceJsonUtil.objectToStr(licenceEntity);
-        BufferedOutputStream out = null;
-        try {
-            //证书文件名
-            String fileName = CommonKeys.CERTIFICATE_FILE;
-            response.setContentType("application/octet-stream");
-            response.setHeader("Content-Disposition", "attachment; filename=\"" + fileName + "\"");
-            response.setCharacterEncoding("UTF-8");
-            out = new BufferedOutputStream(response.getOutputStream());
-            out.write(result.getBytes("UTF-8"));
-            out.flush();
-        } catch (IOException e) {
-            log.error(e.getMessage(), e);
-        } finally {
-            try {
-                if (out != null) {
-                    out.close();
-                }
-            } catch (Exception e) {
-                log.error(e.getMessage(), e);
-            }
-        }
-
-        //TODO 另外可以保存一份到指定目录下，方便测试（这是使用异步的形式）。上线的时候记得注释掉
-        saveLicenceToCertificate(result);
-
+        saveLicenceToCertificate(dtoEntity, result);
     }
 
     /**
-     * 异步保存证书文件到指定目录
+     * 保存证书文件到指定目录
+     *
      * @param result
      */
-    @Async
-    public void saveLicenceToCertificate(String result){
-        try{
+    public void saveLicenceToCertificate(LicenceDTO dtoEntity, String result) {
+        try {
             // 创建证书目录（如果尚未创建）
-            Path directory = Paths.get(CommonKeys.CERTIFICATE_DIRECTORY);
+            Path directory = Paths.get(null == dtoEntity.getCertificateDirectory() ? CommonKeys.CERTIFICATE_DIRECTORY : dtoEntity.getCertificateDirectory());
             Files.createDirectories(directory);
             // 构建证书文件的完整路径
-            Path filePath = directory.resolve(CommonKeys.CERTIFICATE_FILE);
+            Path filePath = directory.resolve(null == dtoEntity.getCertificateFile() ? CommonKeys.CERTIFICATE_FILE : dtoEntity.getCertificateFile());
             // 检查文件是否存在，存在则删掉
             Files.deleteIfExists(filePath);
             //创建文件（如果文件已经存在，此步骤可能会抛出 FileAlreadyExistsException）
             Files.createFile(filePath);
             //写入内容到文件，使用 StandardOpenOption.APPEND 可以追加内容而不是覆盖
             Files.write(filePath, result.getBytes("UTF-8"), StandardOpenOption.CREATE, StandardOpenOption.WRITE, StandardOpenOption.TRUNCATE_EXISTING);
-        }catch (Exception e){
+        } catch (Exception e) {
             log.error(e.getMessage(), e);
         }
     }