merge

2026-04-07 15:45:41 +08:00
parent 0120fa9ce3
commit 46fa58f6f8
27 changed files with 527 additions and 2818 deletions
--- a/include/kms/kms_common.hpp
+++ b/include/kms/kms_common.hpp
@@ -5,7 +5,7 @@
 #include <string>
 #include <queue>
 #include <unordered_map>
-
+#include <openssl/crypto.h>

 #define AES_BLOCK_SIZE 16

@@ -105,19 +105,45 @@ public:
    std::string getType() const override { return "local"; }
 };

-// Tencent KMS 配置
-class TencentKmsConfig : public IKmsConfig {
+// Huawei KMS 配置
+class HuaweiKmsConfig : public IKmsConfig {
 public:
-    std::string access_key;
-    std::string secret_key;
+    // 必需参数
+    std::string accessKey;
+    std::string secretKey;
+    std::string projectId;
    std::string region;
-    std::string endpoint;
-    // ... 自定义
    
-    TencentKmsConfig(const std::string& ak, const std::string& sk, const std::string& r)
-        : access_key(ak), secret_key(sk), region(r) {}
+    // 可选参数
+    std::string endpoint = "";
+    std::string keyAlias = "default-key";
    
-    std::string getType() const override { return "tencent"; }
+    // 实现 getType() 方法
+    std::string getType() const override {
+        return "huawei";
+    }
+    
+    // 有参构造函数
+    HuaweiKmsConfig(const std::string& ak, const std::string& sk,
+                   const std::string& pid, const std::string& reg,
+                   const std::string& ep = "", const std::string& alias = "")
+        : accessKey(ak), secretKey(sk), projectId(pid), 
+          region(reg), endpoint(ep), keyAlias(alias) {}
+
+    // 安全清除敏感信息
+    void ClearSensitiveData() {
+        OverwriteString(accessKey);
+        OverwriteString(secretKey);
+    }
+
+private:
+    void OverwriteString(std::string& str) {
+        if (!str.empty()) {
+            // 使用OpenSSL安全清除内存
+            OPENSSL_cleanse(&str[0], str.size());
+            str.clear();
+        }
+    }
 };

 #endif // KMS_COMMON_HPP