lakala

e6135e31 · wangp · f7bc9d5b · e6135e31 · e6135e31
Commit e6135e31 authored Jul 07, 2023 by wangp
Hide whitespace changes
Inline Side-by-side

Showing with 86 additions and 49 deletions

lkl-apigw-v2.cer cert/lkl-apigw-v2.cer +25 -0

notice.go controller/api/v1/pay/notice.go +61 -49

No files found.
--- a/cert/lkl-apigw-v2.cer
+++ b/cert/lkl-apigw-v2.cer
+-----BEGIN CERTIFICATE-----
+MIIEMTCCAxmgAwIBAgIGAXRTgcMnMA0GCSqGSIb3DQEBCwUAMHYxCzAJBgNVBAYT
+AkNOMRAwDgYDVQQIDAdCZWlKaW5nMRAwDgYDVQQHDAdCZWlKaW5nMRcwFQYDVQQK
+DA5MYWthbGEgQ28uLEx0ZDEqMCgGA1UEAwwhTGFrYWxhIE9yZ2FuaXphdGlvbiBW
+YWxpZGF0aW9uIENBMB4XDTIwMTAxMDA1MjQxNFoXDTMwMTAwODA1MjQxNFowZTEL
+MAkGA1UEBhMCQ04xEDAOBgNVBAgMB0JlaUppbmcxEDAOBgNVBAcMB0JlaUppbmcx
+FzAVBgNVBAoMDkxha2FsYSBDby4sTHRkMRkwFwYDVQQDDBBBUElHVy5MQUtBTEEu
+Q09NMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1zHL54HiI8d2sLJ
+lwoQji3/ln0nsvfZ/XVpOjuB+1YR6/0LdxEDMC/hxI6iH2Rm5MjwWz3dmN/6BZeI
+gwGeTOWJUZFARo8UduKrlhC6gWMRpAiiGC8wA8stikc5gYB+UeFVZi/aJ0WN0cpP
+JYCvPBhxhMvhVDnd4hNohnR1L7k0ypuWg0YwGjC25FaNAEFBYP9EYUyCJjE//9Z7
+sMzHR9SJYCqqo6r9bOH9G6sWKuEp+osuAh+kJIxJMHfipw7w3tEcWG0hce9u/el4
+cYJtg8/PPMVoccKmeCzMvarr7jdKP4lenJbtwlgyfs+JgNu60KMUJH8RS72wC9NY
+uFz09wIDAQABo4HVMIHSMIGSBgNVHSMEgYowgYeAFCnH4DkZPR6CZxRn/kIqVsMo
+dJHpoWekZTBjMQswCQYDVQQGEwJDTjEQMA4GA1UECAwHQmVpSmluZzEQMA4GA1UE
+BwwHQmVpSmluZzEXMBUGA1UECgwOTGFrYWxhIENvLixMdGQxFzAVBgNVBAMMDkxh
+a2FsYSBSb290IENBggYBaiUALIowHQYDVR0OBBYEFJ2Kx9YZfmWpkKFnC33C0r5D
+K3rFMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgeAMA0GCSqGSIb3DQEBCwUA
+A4IBAQBZoeU0XyH9O0LGF9R+JyGwfU/O5amoB97VeM+5n9v2z8OCiIJ8eXVGKN9L
+tl9QkpTEanYwK30KkpHcJP1xfVkhPi/cCMgfTWQ5eKYC7Zm16zk7n4CP6IIgZIqm
+TVGsIGKk8RzWseyWPB3lfqMDR52V1tdA1S8lJ7a2Xnpt5M2jkDXoArl3SVSwCb4D
+AmThYhak48M++fUJNYII9JBGRdRGbfJ2GSFdPXgesUL2CwlReQwbW4GZkYGOg9LK
+CNPK6XShlNdvgPv0CCR08KCYRwC3HZ0y1F0NjaKzYdGNPrvOq9lA495ONZCvzYDo
+gmsu/kd6eqxTs/JwdaIYr4sCMg8Z
+-----END CERTIFICATE-----
--- a/controller/api/v1/pay/notice.go
+++ b/controller/api/v1/pay/notice.go
 package pay

 import (
+	"crypto"
+	"crypto/rsa"
+	"crypto/sha256"
+	"crypto/x509"
+	"encoding/base64"
+	"encoding/pem"
+	"errors"
 	"fmt"
 	"github.com/gin-gonic/gin"
+	"io/ioutil"
 	"system_pay/controller/base"
 	"system_pay/models"
 	"system_pay/repository/pay"
@@ -39,13 +47,13 @@ func (l *PayController) WxNotice(c *gin.Context) {
 	//fmt.Println(ph2)

 	//验证签名
-	//_, err := verySignByPublicKey(c)
-	//if err != nil {
-	//	fmt.Println(err)
-	//}
+	_, err := verySignByPublicKey(c)
+	if err != nil {
+		fmt.Println("verySignByPublicKey err: ", err)
+	}

 	ph := new(models.WxNoticeInput)
-	err := c.ShouldBindJSON(ph)
+	err = c.ShouldBindJSON(ph)
 	if err != nil {
 		response := new(base.ResponseDataWxNotice)
 		response.Code = "FAIL"
@@ -95,50 +103,54 @@ func (l *PayController) WxNotice(c *gin.Context) {
 //	return errors.New("wangpei签名测试中。。。。。")
 //}

-//func verySignByPublicKey(c *gin.Context) (bool, error) {
-//
-//	//publicKey string, data []byte, signData []byte
-//	//String responseStr = IOUtils.toString(response.getEntity().getContent(), ENCODING);
-//	appid := c.GetHeader("Lklapi-Appid")
-//	lklapiSerial := c.GetHeader("Lklapi-Serial")
-//	timestamp := c.GetHeader("Lklapi-Timestamp")
-//	nonce := c.GetHeader("Lklapi-Nonce")
-//	signature := c.GetHeader("Lklapi-Signature")
-//	responseStr := c.GetHeader("")
-//
-//	source := appid + "\n" + lklapiSerial + "\n" + timestamp + "\n" + nonce + "\n" + responseStr + "\n";
-//
-//	publicKey =
-//		signData
-//	publicKey = FormatPrivateKey(publicKey)
-//	// 2、解码私钥字节，生成加密对象
-//	block, _ := pem.Decode([]byte(publicKey))
-//	if block == nil {
-//		return false, errors.New("私钥信息错误！")
-//	}
-//	// 3、解析DER编码的私钥，生成私钥对象
-//	pubKey, err := x509.ParsePKIXPublicKey(block.Bytes)
-//	if err != nil {
-//		return false, err
-//	}
-//
-//	hashed := sha256.Sum256(data)
-//
-//	fmt.Println("pubKey.(*rsa.PublicKey): ", pubKey.(*rsa.PublicKey))
-//
-//	pubK := pubKey.(*rsa.PublicKey)
-//
-//	sig, err := base64.StdEncoding.DecodeString(string(signData))
-//	fmt.Println("err: ", err)
-//
-//	err = rsa.VerifyPKCS1v15(pubK, crypto.SHA256, hashed[:], sig)
-//	if err != nil {
-//		return false, err
-//	}
-//
-//	return true, nil
-//}
-//
+func verySignByPublicKey(c *gin.Context) (bool, error) {
+
+	//publicKey string, data []byte, signData []byte
+	//String responseStr = IOUtils.toString(response.getEntity().getContent(), ENCODING);
+	appid := c.GetHeader("Lklapi-Appid")
+	lklapiSerial := c.GetHeader("Lklapi-Serial")
+	timestamp := c.GetHeader("Lklapi-Timestamp")
+	nonce := c.GetHeader("Lklapi-Nonce")
+	signature := c.GetHeader("Lklapi-Signature")
+	responseStr := c.GetHeader("")
+
+	data := appid + "\n" + lklapiSerial + "\n" + timestamp + "\n" + nonce + "\n" + responseStr + "\n";
+fmt.Println("verySignByPublicKey start...")
+fmt.Println(data)
+fmt.Println("signature="+signature)
+
+	// 1、读取公钥文件，获取公钥字节
+	publicKey, err := ioutil.ReadFile("../cert/lkl-apigw-v2.cer")
+	if err != nil {
+		return false, err
+	}
+	// 2、解码私钥字节，生成加密对象
+	block, _ := pem.Decode(publicKey)
+	if block == nil {
+		return false, errors.New("私钥信息错误！")
+	}
+	// 3、解析DER编码的私钥，生成私钥对象
+	pubKey, err := x509.ParsePKIXPublicKey(block.Bytes)
+	if err != nil {
+		return false, err
+	}
+
+	hashed := sha256.Sum256([]byte(data))
+
+	fmt.Println("pubKey.(*rsa.PublicKey): ", pubKey.(*rsa.PublicKey))
+
+	pubK := pubKey.(*rsa.PublicKey)
+
+	sig, err := base64.StdEncoding.DecodeString(signature)
+
+	err = rsa.VerifyPKCS1v15(pubK, crypto.SHA256, hashed[:], sig)
+	if err != nil {
+		return false, err
+	}
+
+	return true, nil
+}
+
 //const (
 //	PEM_BEGIN = "-----BEGIN RSA PRIVATE KEY-----\n"
 //	PEM_END   = "\n-----END RSA PRIVATE KEY-----"