SaaS多租户平台私钥托管动态切换

sdk-transaction/src/main/java/org/fisco/bcos/sdk/transaction/manager/AssembleTransactionProcessor.java

@@ -14,10 +14,6 @@
  */
 package org.fisco.bcos.sdk.transaction.manager;
 
-import java.io.IOException;
-import java.math.BigInteger;
-import java.util.List;
-import java.util.concurrent.CompletableFuture;
 import org.apache.commons.lang3.tuple.Pair;
 import org.fisco.bcos.sdk.abi.ABICodec;
 import org.fisco.bcos.sdk.abi.ABICodecException;
@@ -48,6 +44,11 @@
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+import java.io.IOException;
+import java.math.BigInteger;
+import java.util.List;
+import java.util.concurrent.CompletableFuture;
+
 /**
  * ContractlessTransactionManager @Description: ContractlessTransactionManager
  *
@@ -96,7 +97,7 @@ public void deployOnly(String abi, String bin, List<Object> params) throws ABICo
 
     @Override
     public TransactionReceipt deployAndGetReceipt(String data) {
-        String signedData = createSignedTransaction(null, data, this.cryptoKeyPair);
+        String signedData = createSignedTransaction(null, data, getCryptoKeyPair());
         return transactionPusher.push(signedData);
     }
 
@@ -126,7 +127,7 @@ public TransactionResponse deployAndGetResponseWithStringParams(
                 createSignedTransaction(
                         null,
                         abiCodec.encodeConstructorFromString(abi, bin, params),
-                        this.cryptoKeyPair));
+                        getCryptoKeyPair()));
     }
 
     @Override
@@ -181,7 +182,7 @@ public void sendTransactionOnly(String signedData) {
     public TransactionResponse sendTransactionAndGetResponse(
             String to, String abi, String functionName, String data)
             throws TransactionBaseException, ABICodecException {
-        String signedData = createSignedTransaction(to, data, this.cryptoKeyPair);
+        String signedData = createSignedTransaction(to, data, getCryptoKeyPair());
         TransactionReceipt receipt = this.transactionPusher.push(signedData);
         try {
             return transactionDecoder.decodeReceiptWithValues(abi, functionName, receipt);
@@ -246,7 +247,7 @@ public void sendTransactionAsync(
             TransactionCallback callback)
             throws TransactionBaseException, ABICodecException {
         String data = encodeFunction(abi, functionName, params);
-        sendTransactionAsync(to, data, this.cryptoKeyPair, callback);
+        sendTransactionAsync(to, data, getCryptoKeyPair(), callback);
     }
 
     @Override
@@ -265,15 +266,15 @@ public void sendTransactionAndGetReceiptByContractLoaderAsync(
         String data =
                 abiCodec.encodeMethod(
                         contractLoader.getABIByContractName(contractName), functionName, args);
-        sendTransactionAsync(contractAddress, data, this.cryptoKeyPair, callback);
+        sendTransactionAsync(contractAddress, data, getCryptoKeyPair(), callback);
     }
 
     @Override
     public CallResponse sendCallByContractLoader(
             String contractName, String contractAddress, String functionName, List<Object> args)
             throws TransactionBaseException, ABICodecException {
         return sendCall(
-                this.cryptoKeyPair.getAddress(),
+                getCryptoKeyPair().getAddress(),
                 contractAddress,
                 contractLoader.getABIByContractName(contractName),
                 functionName,
@@ -328,7 +329,7 @@ public CallResponse callAndGetResponse(
     public String createSignedConstructor(String abi, String bin, List<Object> params)
             throws ABICodecException {
         return createSignedTransaction(
-                null, abiCodec.encodeConstructor(abi, bin, params), this.cryptoKeyPair);
+                null, abiCodec.encodeConstructor(abi, bin, params), getCryptoKeyPair());
     }
 
     @Override
@@ -397,4 +398,4 @@ private CallResponse parseCallResponseStatus(Call.CallOutput callOutput)
     public ContractLoader getContractLoader() {
         return contractLoader;
     }
-}
+}

sdk-transaction/src/main/java/org/fisco/bcos/sdk/transaction/manager/TransactionProcessor.java

@@ -14,12 +14,12 @@
  */
 package org.fisco.bcos.sdk.transaction.manager;
 
-import java.math.BigInteger;
 import org.fisco.bcos.sdk.client.Client;
 import org.fisco.bcos.sdk.client.protocol.request.Transaction;
 import org.fisco.bcos.sdk.client.protocol.response.Call;
 import org.fisco.bcos.sdk.crypto.CryptoSuite;
 import org.fisco.bcos.sdk.crypto.keypair.CryptoKeyPair;
+import org.fisco.bcos.sdk.model.CryptoType;
 import org.fisco.bcos.sdk.model.TransactionReceipt;
 import org.fisco.bcos.sdk.model.callback.TransactionCallback;
 import org.fisco.bcos.sdk.transaction.builder.TransactionBuilderInterface;
@@ -34,6 +34,8 @@
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+import java.math.BigInteger;
+
 public class TransactionProcessor implements TransactionProcessorInterface {
     protected static Logger log = LoggerFactory.getLogger(TransactionProcessor.class);
     protected final CryptoSuite cryptoSuite;
@@ -58,21 +60,21 @@ public TransactionProcessor(
     @Override
     public TransactionReceipt sendTransactionAndGetReceipt(
             String to, String data, CryptoKeyPair cryptoKeyPair) {
-        String signedData = createSignedTransaction(to, data, cryptoKeyPair);
+        String signedData = createSignedTransaction(to, data, getCryptoKeyPair());
         return this.client.sendRawTransactionAndGetReceipt(signedData);
     }
 
     @Override
     public void sendTransactionAsync(
             String to, String data, CryptoKeyPair cryptoKeyPair, TransactionCallback callback) {
-        String signedData = createSignedTransaction(to, data, cryptoKeyPair);
+        String signedData = createSignedTransaction(to, data, getCryptoKeyPair());
         client.sendRawTransactionAndGetReceiptAsync(signedData, callback);
     }
 
     @Override
     public byte[] sendTransactionAsyncAndGetHash(
             String to, String data, CryptoKeyPair cryptoKeyPair, TransactionCallback callback) {
-        String signedData = createSignedTransaction(to, data, cryptoKeyPair);
+        String signedData = createSignedTransaction(to, data, getCryptoKeyPair());
         client.sendRawTransactionAndGetReceiptAsync(signedData, callback);
         byte[] transactionHash = cryptoSuite.hash(Hex.decode(Numeric.cleanHexPrefix(signedData)));
         return transactionHash;
@@ -101,6 +103,28 @@ public String createSignedTransaction(String to, String data, CryptoKeyPair cryp
                         new BigInteger(this.chainId),
                         BigInteger.valueOf(this.groupId),
                         "");
-        return transactionEncoder.encodeAndSign(rawTransaction, cryptoKeyPair);
+        return transactionEncoder.encodeAndSign(rawTransaction, getCryptoKeyPair());
+    }
+
+    /**
+     * SaaS多租户平台私钥托管动态切换
+     * 1.识别租户(Controller从request Header中获取X-tenant租户ID存入ThreadLocal)
+     * 2.切换私钥(根据租户ID从DB查询托管私钥创建CryptoKeyPair)
+     * @return
+     */
+    protected CryptoKeyPair getCryptoKeyPair(){
+        //请根据实际业务实现租户识别和根据租户ID从DB查询托管私钥逻辑替换privateKey
+        //AccountService accountService = SpringUtils.getBean("accountService");
+        String privateKey = null;//accountService.getPrivateKey(TenantContextHolder.getTenant());
+        if(null == privateKey){
+            log.info("getCryptoKeyPair[accountService.getPrivateKey(tenantId)] is null, use default cryptoKeyPair");
+            return this.cryptoKeyPair;
+        }
+
+        //创建国密类型的CryptoSuite
+        CryptoKeyPair cryptoKeyPair = new CryptoSuite(CryptoType.SM_TYPE).createKeyPair(privateKey);
+        log.info("Dynamic CryptoKeyPair address => " + cryptoKeyPair.getAddress());
+        //cryptoSuite.setCryptoKeyPair(cryptoKeyPair);
+        return cryptoKeyPair;
     }
-}
+}