From 1f87086b457643309b99a5c5bd65d6fa2446a5c1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=BE=90=E6=B6=9B?= <midnite@outlook.com>
Date: Wed, 3 Apr 2024 10:57:27 +0800
Subject: [PATCH] =?UTF-8?q?feat(server):=E5=AE=8C=E6=88=90=E5=8A=A0?=
 =?UTF-8?q?=E8=BD=BD=E5=8A=A0=E5=AF=86=E8=AF=81=E4=B9=A6=E5=8A=9F=E8=83=BD?=
 =?UTF-8?q?=E3=80=82?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 license_server/src/certificate.rs | 36 +++++++++++++++++++++++++++++++
 license_server/src/main.rs        |  7 ++++++
 2 files changed, 43 insertions(+)
 create mode 100644 license_server/src/certificate.rs

diff --git a/license_server/src/certificate.rs b/license_server/src/certificate.rs
new file mode 100644
index 0000000..b612c95
--- /dev/null
+++ b/license_server/src/certificate.rs
@@ -0,0 +1,36 @@
+use std::{path::PathBuf, sync::OnceLock};
+
+use anyhow::bail;
+use openssl::{
+    pkey::{PKey, Private},
+    x509::X509,
+};
+
+static LICENSE_PUBKEY: OnceLock<X509> = OnceLock::new();
+static LICENSE_PRIKEY: OnceLock<PKey<Private>> = OnceLock::new();
+
+pub async fn load_certificates(certificate_filename: &str) -> anyhow::Result<()> {
+    let pubkey_file = PathBuf::from(".").join(format!("{}.pem", certificate_filename));
+    if !pubkey_file.exists() {
+        bail!("unable to load public key.");
+    }
+    let prikey_file = PathBuf::from(".").join(format!("{}.key", certificate_filename));
+    if !prikey_file.exists() {
+        bail!("unable to load private key.");
+    }
+    let pubkey = match cert_lib::load_certificate(pubkey_file) {
+        Ok(cert) => cert,
+        Err(e) => bail!("load certificate file failed: {}", e),
+    };
+    if let Err(_) = LICENSE_PUBKEY.set(pubkey) {
+        bail!("unable to store public key.");
+    }
+    let prikey = match cert_lib::load_private_key(prikey_file) {
+        Ok(key) => key,
+        Err(e) => bail!("load private key file failed: {}", e),
+    };
+    if let Err(_) = LICENSE_PRIKEY.set(prikey) {
+        bail!("unable to store private key.");
+    }
+    Ok(())
+}
diff --git a/license_server/src/main.rs b/license_server/src/main.rs
index f6bbc38..fc2d647 100644
--- a/license_server/src/main.rs
+++ b/license_server/src/main.rs
@@ -3,6 +3,7 @@
 
 use tracing::{error, info};
 
+mod certificate;
 mod controllers;
 mod logging;
 mod products;
@@ -21,6 +22,12 @@ async fn main() {
         Ok(_) => info!("Products loaded successfully"),
     }
 
+    // 加载用于加密的证书
+    match certificate::load_certificates("license").await {
+        Err(e) => error!("Failed to load certificates: {}", e),
+        Ok(_) => info!("Certificates loaded successfully"),
+    }
+
     let main_route = server_routes::ServerMainRouter::new().registers(controllers::controllers());
     // 启动服务
     let bind_addr = String::from("0.0.0.0:3000");