From f95044efa417852897b91a1e85b8316c58129ff8 Mon Sep 17 00:00:00 2001 From: devil_gong Date: Thu, 28 Nov 2019 11:32:02 +0800 Subject: [PATCH] =?UTF-8?q?=E6=94=AF=E4=BB=98=E6=8F=92=E4=BB=B6=E4=BC=98?= =?UTF-8?q?=E5=8C=96?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- extend/payment/Alipay.php | 36 +- extend/payment/AlipayMini.php | 36 +- extend/payment/BaiduMini.php | 25 +- extend/payment/PayEase.php | 778 ---------------------------------- extend/payment/QQ.php | 28 +- extend/payment/Weixin.php | 3 +- 6 files changed, 83 insertions(+), 823 deletions(-) delete mode 100644 extend/payment/PayEase.php diff --git a/extend/payment/Alipay.php b/extend/payment/Alipay.php index 473dc2c41..6a71a48fb 100755 --- a/extend/payment/Alipay.php +++ b/extend/payment/Alipay.php @@ -75,7 +75,6 @@ class Alipay 'name' => 'rsa_public', 'placeholder' => '应用公钥', 'title' => '应用公钥', - 'desc' => '去除以 -- 开头结尾的字符和换行', 'is_required' => 0, 'rows' => 6, 'message' => '请填写应用公钥', @@ -85,7 +84,6 @@ class Alipay 'name' => 'rsa_private', 'placeholder' => '应用私钥', 'title' => '应用私钥', - 'desc' => '去除以 -- 开头结尾的字符和换行', 'is_required' => 0, 'rows' => 6, 'message' => '请填写应用私钥', @@ -95,7 +93,6 @@ class Alipay 'name' => 'out_rsa_public', 'placeholder' => '支付宝公钥', 'title' => '支付宝公钥', - 'desc' => '去除以 -- 开头结尾的字符和换行', 'is_required' => 0, 'rows' => 6, 'message' => '请填写支付宝公钥', @@ -551,9 +548,14 @@ class Alipay */ private function MyRsaSign($prestr) { - $res = "-----BEGIN RSA PRIVATE KEY-----\n"; - $res .= wordwrap($this->config['rsa_private'], 64, "\n", true); - $res .= "\n-----END RSA PRIVATE KEY-----"; + if(stripos($this->config['rsa_private'], '-----') === false) + { + $res = "-----BEGIN RSA PRIVATE KEY-----\n"; + $res .= wordwrap($this->config['rsa_private'], 64, "\n", true); + $res .= "\n-----END RSA PRIVATE KEY-----"; + } else { + $res = $this->config['rsa_private']; + } return openssl_sign($prestr, $sign, $res, OPENSSL_ALGO_SHA256) ? base64_encode($sign) : null; } @@ -568,9 +570,14 @@ class Alipay */ private function MyRsaDecrypt($content) { - $res = "-----BEGIN PUBLIC KEY-----\n"; - $res .= wordwrap($this->config['rsa_public'], 64, "\n", true); - $res .= "\n-----END PUBLIC KEY-----"; + if(stripos($this->config['rsa_public'], '-----') === false) + { + $res = "-----BEGIN PUBLIC KEY-----\n"; + $res .= wordwrap($this->config['rsa_public'], 64, "\n", true); + $res .= "\n-----END PUBLIC KEY-----"; + } else { + $res = $this->config['rsa_public']; + } $res = openssl_get_privatekey($res); $content = base64_decode($content); $result = ''; @@ -596,9 +603,14 @@ class Alipay */ private function OutRsaVerify($prestr, $sign) { - $res = "-----BEGIN PUBLIC KEY-----\n"; - $res .= wordwrap($this->config['out_rsa_public'], 64, "\n", true); - $res .= "\n-----END PUBLIC KEY-----"; + if(stripos($this->config['out_rsa_public'], '-----') === false) + { + $res = "-----BEGIN PUBLIC KEY-----\n"; + $res .= wordwrap($this->config['out_rsa_public'], 64, "\n", true); + $res .= "\n-----END PUBLIC KEY-----"; + } else { + $res = $this->config['out_rsa_public']; + } $pkeyid = openssl_pkey_get_public($res); $sign = base64_decode($sign); if($pkeyid) diff --git a/extend/payment/AlipayMini.php b/extend/payment/AlipayMini.php index e625fe02c..5eb6be83a 100755 --- a/extend/payment/AlipayMini.php +++ b/extend/payment/AlipayMini.php @@ -75,7 +75,6 @@ class AlipayMini 'name' => 'rsa_public', 'placeholder' => '应用公钥', 'title' => '应用公钥', - 'desc' => '去除以 -- 开头结尾的字符和换行', 'is_required' => 0, 'rows' => 6, 'message' => '请填写应用公钥', @@ -85,7 +84,6 @@ class AlipayMini 'name' => 'rsa_private', 'placeholder' => '应用私钥', 'title' => '应用私钥', - 'desc' => '去除以 -- 开头结尾的字符和换行', 'is_required' => 0, 'rows' => 6, 'message' => '请填写应用私钥', @@ -95,7 +93,6 @@ class AlipayMini 'name' => 'out_rsa_public', 'placeholder' => '支付宝公钥', 'title' => '支付宝公钥', - 'desc' => '去除以 -- 开头结尾的字符和换行', 'is_required' => 0, 'rows' => 6, 'message' => '请填写支付宝公钥', @@ -411,9 +408,14 @@ class AlipayMini */ private function MyRsaSign($prestr) { - $res = "-----BEGIN RSA PRIVATE KEY-----\n"; - $res .= wordwrap($this->config['rsa_private'], 64, "\n", true); - $res .= "\n-----END RSA PRIVATE KEY-----"; + if(stripos($this->config['rsa_private'], '-----') === false) + { + $res = "-----BEGIN RSA PRIVATE KEY-----\n"; + $res .= wordwrap($this->config['rsa_private'], 64, "\n", true); + $res .= "\n-----END RSA PRIVATE KEY-----"; + } else { + $res = $this->config['rsa_private']; + } return openssl_sign($prestr, $sign, $res, OPENSSL_ALGO_SHA256) ? base64_encode($sign) : null; } @@ -428,9 +430,14 @@ class AlipayMini */ private function MyRsaDecrypt($content) { - $res = "-----BEGIN PUBLIC KEY-----\n"; - $res .= wordwrap($this->config['rsa_public'], 64, "\n", true); - $res .= "\n-----END PUBLIC KEY-----"; + if(stripos($this->config['rsa_public'], '-----') === false) + { + $res = "-----BEGIN PUBLIC KEY-----\n"; + $res .= wordwrap($this->config['rsa_public'], 64, "\n", true); + $res .= "\n-----END PUBLIC KEY-----"; + } else { + $res = $this->config['rsa_public']; + } $res = openssl_get_privatekey($res); $content = base64_decode($content); $result = ''; @@ -456,9 +463,14 @@ class AlipayMini */ private function OutRsaVerify($prestr, $sign) { - $res = "-----BEGIN PUBLIC KEY-----\n"; - $res .= wordwrap($this->config['out_rsa_public'], 64, "\n", true); - $res .= "\n-----END PUBLIC KEY-----"; + if(stripos($this->config['out_rsa_public'], '-----') === false) + { + $res = "-----BEGIN PUBLIC KEY-----\n"; + $res .= wordwrap($this->config['out_rsa_public'], 64, "\n", true); + $res .= "\n-----END PUBLIC KEY-----"; + } else { + $res = $this->config['out_rsa_public']; + } $pkeyid = openssl_pkey_get_public($res); $sign = base64_decode($sign); if($pkeyid) diff --git a/extend/payment/BaiduMini.php b/extend/payment/BaiduMini.php index 6c2ab62f1..2cd5b67bb 100644 --- a/extend/payment/BaiduMini.php +++ b/extend/payment/BaiduMini.php @@ -85,7 +85,6 @@ class BaiduMini 'name' => 'rsa_public', 'placeholder' => '应用公钥', 'title' => '应用公钥', - 'desc' => '去除以 -- 开头结尾的字符和换行', 'is_required' => 0, 'rows' => 6, 'message' => '请填写应用公钥', @@ -95,7 +94,6 @@ class BaiduMini 'name' => 'rsa_private', 'placeholder' => '应用私钥', 'title' => '应用私钥', - 'desc' => '去除以 -- 开头结尾的字符和换行', 'is_required' => 0, 'rows' => 6, 'message' => '请填写应用私钥', @@ -105,7 +103,6 @@ class BaiduMini 'name' => 'out_rsa_public', 'placeholder' => '平台公钥', 'title' => '平台公钥', - 'desc' => '去除以 -- 开头结尾的字符和换行', 'is_required' => 0, 'rows' => 6, 'message' => '请填写平台公钥', @@ -239,9 +236,14 @@ class BaiduMini return $sign; } - $res = "-----BEGIN RSA PRIVATE KEY-----\n"; - $res .= wordwrap($this->config['rsa_private'], 64, "\n", true); - $res .= "\n-----END RSA PRIVATE KEY-----"; + if(stripos($this->config['rsa_private'], '-----') === false) + { + $res = "-----BEGIN RSA PRIVATE KEY-----\n"; + $res .= wordwrap($this->config['rsa_private'], 64, "\n", true); + $res .= "\n-----END RSA PRIVATE KEY-----"; + } else { + $res = $this->config['rsa_private']; + } $prikey = openssl_pkey_get_private($res); if(isset($data['sign'])) @@ -295,9 +297,14 @@ class BaiduMini $sign = base64_decode($sign); - $res = "-----BEGIN PUBLIC KEY-----\n"; - $res .= wordwrap($this->config['out_rsa_public'], 64, "\n", true); - $res .= "\n-----END PUBLIC KEY-----"; + if(stripos($this->config['out_rsa_public'], '-----') === false) + { + $res = "-----BEGIN PUBLIC KEY-----\n"; + $res .= wordwrap($this->config['out_rsa_public'], 64, "\n", true); + $res .= "\n-----END PUBLIC KEY-----"; + } else { + $res = $this->config['out_rsa_public']; + } $pubkey = openssl_pkey_get_public($res); $result = (bool)openssl_verify($str, $sign, $pubkey); openssl_free_key($pubkey); diff --git a/extend/payment/PayEase.php b/extend/payment/PayEase.php deleted file mode 100644 index 5f2626d1a..000000000 --- a/extend/payment/PayEase.php +++ /dev/null @@ -1,778 +0,0 @@ -config = $params; - } - - /** - * 配置信息 - * @author Devil - * @blog http://gong.gg/ - * @version 1.0.0 - * @date 2018-09-19 - * @desc description - */ - public function Config() - { - // 基础信息 - $base = [ - 'name' => '首信易支付', // 插件名称 - 'version' => '1.0.0', // 插件版本 - 'apply_version' => '不限', // 适用系统版本描述 - 'apply_terminal'=> ['pc','h5'], // 适用终端 默认全部 ['pc', 'h5', 'app', 'alipay', 'weixin', 'baidu'] - 'desc' => '适用PC+H5,致力于打造汇通全球的、领先的国际支付平台,为商家提供更优质、更安全的支付清算服务。立即申请', // 插件描述(支持html) - 'author' => 'Devil', // 开发者 - 'author_url' => 'http://shopxo.net/', // 开发者主页 - ]; - - // 配置信息 - $element = [ - [ - 'element' => 'input', - 'type' => 'text', - 'default' => '', - 'name' => 'merchantId', - 'placeholder' => '商户编号', - 'title' => '商户编号', - 'is_required' => 0, - 'message' => '请填写商户编号', - ], - [ - 'element' => 'input', - 'type' => 'text', - 'default' => '', - 'name' => 'password', - 'placeholder' => '密码', - 'title' => '密码', - 'is_required' => 0, - 'message' => '请填写密码', - ], - [ - 'element' => 'message', - 'message' => '请按照相应路径、将密钥证书对应放入文件夹中。
   应用公钥:'.$this->public_key.'
   应用私钥:'.$this->private_key.'
   平台公钥:'.$this->out_public_key, - ], - ]; - - return [ - 'base' => $base, - 'element' => $element, - ]; - } - - /** - * 支付入口 - * @author Devil - * @blog http://gong.gg/ - * @version 1.0.0 - * @date 2018-09-19 - * @desc description - * @param [array] $params [输入参数] - */ - public function Pay($params = []) - { - // 参数 - if(empty($params)) - { - return DataReturn('参数不能为空', -1); - } - - // 配置信息 - if(empty($this->config)) - { - return DataReturn('支付缺少配置', -1); - } - - // 证书是否配置 - if(!file_exists($this->private_key) || !file_exists($this->public_key) || !file_exists($this->out_public_key)) - { - return DataReturn('密钥证书未配置', -1); - } - - // 加密函数 - if(!function_exists('openssl_decrypt')) - { - return DataReturn('openssl不支持', -1); - } - - $data = [ - 'merchantId' => $this->config['merchantId'], - 'orderAmount' => $params['total_price']*100, - 'orderCurrency' => 'CNY', - 'requestId' => $params['order_no'].GetNumberCode(6), - 'notifyUrl' => $params['notify_url'], - 'callbackUrl' => $params['call_back_url'], - ]; - $payer = [ - 'idType' => 'IDCARD', - ]; - $data['payer'] = $payer; - $detail = [ - [ - 'name' => $params['name'], - 'quantity' => 1, - 'amount' => $params['total_price']*100, - ] - ]; - $data['productDetails'] = $detail; - - $str = $this->buildJson($this->private_key, $this->config['password'], $data); - $date = $this->creatdate($str, $this->public_key); - - $url = 'https://apis.5upay.com/onlinePay/order'; - return $this->execute( - $this->private_key, - $this->config['password'], - $this->public_key, - $url, - $date - ); - } - - /** - * 支付回调处理 - * @author Devil - * @blog http://gong.gg/ - * @version 1.0.0 - * @date 2018-09-19 - * @desc description - * @param [array] $params [输入参数] - */ - public function Respond($params = []) - { - // 同步返回,直接进入订单详情页面 - if(substr(CurrentScriptName(), -20) == '_payease_respond.php' && empty($params['hmac']) && !empty($params['requestId'])) - { - exit(header('location:'.MyUrl('index/order/detail', ['orderno'=>substr($params['requestId'], 0, strlen($params['requestId'])-6)]))); - } - - // 异步处理 - $params['encryptKey'] = isset($_SERVER['HTTP_ENCRYPTKEY']) ? $_SERVER['HTTP_ENCRYPTKEY'] : ''; - $params['merchantId'] = isset($_SERVER['HTTP_MERCHANTID']) ? $_SERVER['HTTP_MERCHANTID'] : ''; - $ret = $this->NotifyCheckHmac($this->private_key, $params, $this->out_public_key, $this->config['password']); - - // 支付状态 - if(isset($ret['code']) && $ret['code'] == 0 && isset($ret['data']['status']) && $ret['data']['status'] == 'SUCCESS') - { - return DataReturn('支付成功', 0, $this->ReturnData($ret['data'])); - } - - return DataReturn('支付失败', -100); - } - - /** - * [ReturnData 返回数据统一格式] - * @author Devil - * @blog http://gong.gg/ - * @version 1.0.0 - * @datetime 2018-10-06T16:54:24+0800 - * @param [array] $data [返回数据] - */ - private function ReturnData($data) - { - // 参数处理 - $out_trade_no = substr($data['requestId'], 0, strlen($data['requestId'])-6); - - // 返回数据固定基础参数 - $data['trade_no'] = isset($data['serialNumber']) ? $data['serialNumber'] : ''; // 支付平台 - 订单号 - $data['buyer_user'] = isset($data['bindCardId']) ? $data['bindCardId'] : ''; // 支付平台 - 用户 - $data['subject'] = isset($data['orderCurrency']) ? $data['orderCurrency'] : ''; // 本系统发起支付的 - 商品名称 - $data['out_trade_no'] = $out_trade_no; // 本系统发起支付的 - 订单号 - $data['pay_price'] = $data['orderAmount']/100; // 本系统发起支付的 - 总价 - return $data; - } - - /** - * 退款处理 - * @author Devil - * @blog http://gong.gg/ - * @version 1.0.0 - * @date 2019-05-28 - * @desc description - * @param [array] $params [输入参数] - */ - public function Refund($params = []) - { - // 参数 - $p = [ - [ - 'checked_type' => 'empty', - 'key_name' => 'order_no', - 'error_msg' => '订单号不能为空', - ], - [ - 'checked_type' => 'empty', - 'key_name' => 'trade_no', - 'error_msg' => '交易平台订单号不能为空', - ], - [ - 'checked_type' => 'empty', - 'key_name' => 'pay_price', - 'error_msg' => '支付金额不能为空', - ], - [ - 'checked_type' => 'empty', - 'key_name' => 'refund_price', - 'error_msg' => '退款金额不能为空', - ], - ]; - $ret = ParamsChecked($params, $p); - if($ret !== true) - { - return DataReturn($ret, -1); - } - - // 退款原因 - $refund_reason = empty($params['refund_reason']) ? $params['order_no'].'订单退款'.$params['refund_price'].'元' : $params['refund_reason']; - - $data = [ - 'merchantId' => $this->config['merchantId'], - 'requestId' => $params['order_no'].GetNumberCode(6), - 'amount' => $params['refund_price']*100, - 'orderId' => $params['trade_no'], - 'remark' => $refund_reason, - ]; - $str = $this->buildJson($this->private_key, $this->config['password'], $data); - $date = $this->creatdate($str, $this->public_key); - - $url = 'https://apis.5upay.com/onlinePay/refund'; - $ret = $this->execute( - $this->private_key, - $this->config['password'], - $this->public_key, - $url, - $date - ); - if(isset($ret['code'])) - { - if($ret['code'] == 0 && isset($ret['data']['status']) && $ret['data']['status'] == 'SUCCESS') - { - // 统一返回格式 - $data = [ - 'out_trade_no' => isset($ret['data']['requestId']) ? $ret['data']['requestId'] : '', - 'trade_no' => isset($ret['data']['serialNumber']) ? $ret['data']['serialNumber'] : '', - 'buyer_user' => isset($ret['data']['currency']) ? $ret['data']['currency'] : '', - 'refund_price' => isset($ret['data']['amount']) ? $ret['data']['amount']/100 : 0.00, - 'return_params' => $ret['data'], - ]; - return DataReturn('退款成功', 0, $data); - } - return $ret; - } - return DataReturn('退款失败', -100); - } - - - /* - * 生成16位随机数(AES秘钥) - */ - public function creatdate($strdata,$public_key) - { - $str1='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890'; - $randStr = str_shuffle($str1);//打乱字符串 - $rands= substr($randStr,0,16);//生成16位aes密钥 - - $encrypted=$this->rsaPublicEncode($public_key,$rands); - - $date=$this->aesEncrypt($strdata,$rands); - $json = array("data" =>$date,"encryptKey"=>$encrypted,"merchantId"=>$strdata['merchantId'],"requestId"=>$strdata['requestId']); - - return $json; - } - - /** - * 填充算法 - * @param string $source - * @return string - */ - private function addPKCS7Padding($string, $blocksize = 16) { - $len = strlen($string); - $pad = $blocksize - ($len % $blocksize); - $string .= str_repeat(chr($pad), $pad); - return $string; - - } - - - - /** - * hmac 验证 - * @return mixed - */ - public function checkHmac($private_key,$public_key,$data,$password) - { - $aeskey=$this->rsaPrivateDecode($data,$private_key,$password); - $encrypt_str=$this->aesDesc($data,$aeskey); - return $this->hmacSign($encrypt_str,$public_key); - } - - - public function execute($private_key,$password,$public_key,$url, $param) - { - $ret = $this->httpRequestPost($url, $param,$public_key,$password,$private_key); - if($ret['code'] != 0) - { - return $ret; - } - $this->handle($ret['data']); - return $ret; - } - - public function handle($data = array()) - { - if (isset($data['status']) && $data['status'] == 'REDIRECT'){ - header("Location: {$data['redirectUrl']}"); - exit; - } else if(isset($data['status']) && $data['status'] == 'SUCCESS'){ - if(isset($data["scanCode"])) - { - $aa=$data["scanCode"]; - $img = base64_decode($aa); - header('Content-type: image/jpg'); - print_r($img); - } - return DataReturn('处理成功', 0, $data); - } else if(isset($data['status']) && $data['status'] == 'CANCEL'){ - return DataReturn('处理失败', -1, $data); - }else if(isset($data['status']) && $data['status'] == 'INIT'){ - return DataReturn('处理失败', -1, $data); - }else{ - return DataReturn('响应错误', -1); - } - } - - /** - * post请求 - * @return mixed - */ - public function httpRequestPost($url, $param,$public_key,$password,$private_key) - { - $curl = curl_init($this->absoluteUrl($url)); - curl_setopt($curl,CURLOPT_HEADER, 1 ); // 过滤HTTP头 - curl_setopt($curl,CURLOPT_HTTPHEADER,array( - 'Content-Type: application/vnd.5upay-v3.0+json', - 'encryptKey: '.$param['encryptKey'], - 'merchantId: '.$param['merchantId'], - 'requestId: '.$param['requestId'] - )); - curl_setopt($curl,CURLOPT_RETURNTRANSFER, 1);// 显示输出结果 - curl_setopt($curl,CURLOPT_POST,true); // post传输数据 - curl_setopt($curl,CURLOPT_POSTFIELDS,$param['data']);// post传输数据 - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);//SSL证书认证 - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 2);//严格认证 - - $responseText = curl_exec($curl); - if (curl_errno($curl) || $responseText === false) { - curl_close($curl); - return DataReturn('请求错误', -1); - } - curl_close($curl); - preg_match_all('/(encryptKey|merchantId|data"):(\s+|")([^"\s]+)/s',$responseText,$m); - list($encryptKey, $merchantId, $data) = $m[3]; - $responsedata = array("data" =>$data,"encryptKey"=>$encryptKey,"merchantId"=>$merchantId); - if ($responsedata['merchantId'] == null){ - return DataReturn('请求错误', -1); - } - return $this->checkHmac($private_key,$public_key,$responsedata,$password); - } - - - /** - * - * @return string - */ - private function buildJson($private_key,$password,$para=null) - { - unset($para['response_hmac_fields']); - $data = array(); - foreach($para as $k=>$var){ - if(is_scalar($var) && $var !== '' && $var !== null){ - $data[$k] = $var; - }else if(is_object($var)){ - $data[$k] =array_filter((array) $var); - }else if(is_array($var)){ - $data[$k] =array_filter($var); - - } - if(empty($data[$k])){ - unset($data[$k]); - } - } - ksort($data); - $hmacSource = ''; - foreach($data as $key => $value){ - if (is_array($value)){ - ksort($value); - foreach ($value as $key2 => $value2) { - if(is_array($value2)) { - $value2 = array_filter((array)$value2); - ksort($value2); - foreach ($value2 as $oKey => $oValue) { - $oValue.='#'; - $hmacSource .= trim($oValue); - } - }else{ - $value2.='#'; - $hmacSource .= trim($value2); - } - } - } else { - $value.='#'; - $hmacSource .= trim($value); - } - } - $sha1=sha1($hmacSource, true); - $hmac=$this->rsaPrivateSign($sha1,$private_key,$password); - $data['hmac'] = $hmac; - return $data; - } - - - private function absoluteUrl($url, $param=null) - { - if ($param !== null) { - $parse = parse_url($url); - - $port = ''; - if ( ($parse['scheme'] == 'http') && ( empty($parse['port']) || $parse['port'] == 80) ){ - $port = ''; - }else{ - $port = $parse['port']; - } - $url = $parse['scheme'].'//'.$parse['host'].$port. $parse['path']; - - if(!empty($parse['query'])){ - parse_str($parse['query'], $output); - $param = array_merge($output, $param); - } - $url .= '?'. http_build_query($param); - } - - return $url; - } - /** - * AES加密方法 - * @param string $str - * @return string - */ - - function aesEncrypt($data,$decrypted){ - $str =json_encode($data); - $str = trim($str); - $str = $this->addPKCS7Padding($str); - $encrypt_str= openssl_encrypt($str, 'AES-128-ECB', $decrypted, OPENSSL_RAW_DATA|OPENSSL_ZERO_PADDING); - return base64_encode($encrypt_str); - } - /** - * AES解密方法 - * @param string $str - * @return string - */ - - function aesDesc($data,$decrypted){ - $date = json_encode($data['data']); - $screct_key = $decrypted; - // $iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128,MCRYPT_MODE_ECB),MCRYPT_RAND); - // $encrypt_str = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $screct_key, $date, MCRYPT_MODE_ECB, $iv); - $encrypt_str= openssl_decrypt($date,"AES-128-ECB",$screct_key); - $encrypt_str = preg_replace('/[\x00-\x1F]/','', $encrypt_str); - $encrypt_str = json_decode($encrypt_str,true); - return $encrypt_str; - } - /** - * 移去填充算法 - * @param string $source - * @return string - */ - function stripPKSC7Padding($source){ - $source = trim($source); - $char = substr($source, -1); - $num = ord($char); - if($num==62)return $source; - $source = substr($source,0,-$num); - return $source; - } - - /* - * 去除空值的元素 - */ - - function clearBlank($arr) - { - function odd($var) - { - return($var<>'');//return true or false - } - return (array_filter($arr, "odd")); - } - /* - * RSA公钥加密 - */ - function rsaPublicEncode($public_key,$rands){ - - $encryptKey=file_get_contents($public_key); - $pem = chunk_split(base64_encode($encryptKey),64,"\n");//转换为pem格式的公钥 - $public_key = "-----BEGIN CERTIFICATE-----\n".$pem."-----END CERTIFICATE-----\n"; - $pu_key = openssl_pkey_get_public($public_key); - openssl_public_encrypt($rands,$encrypted,$pu_key); - $encryptKey=base64_encode($encrypted); - - // $pem = chunk_split($public_key,64,"\n");//转换为pem格式的公钥 - // $pem = "-----BEGIN PUBLIC KEY-----\n".$pem."-----END PUBLIC KEY-----\n"; - // $publicKey = openssl_pkey_get_public($pem);//获取公钥内容 - // openssl_public_encrypt($rands,$encryptKey,$publicKey,OPENSSL_PKCS1_PADDING); - // $encryptKey = base64_encode($encryptKey);// - return $encryptKey; - } - /* - * RSA公钥解密 - * - */ - function rsaPublicDecode($public_key,$data){ - $pubkey=file_get_contents($public_key); - $encryptKey =$data['encryptKey']; - $pem1 = chunk_split(base64_encode($pubkey),64,"\n"); - $pem1 = "-----BEGIN CERTIFICATE-----\n".$pem1."-----END CERTIFICATE-----\n"; - $pi_key = openssl_pkey_get_public($pem1); - openssl_public_decrypt($encryptKey,$decrypted,$pem1); - return base64_encode($decrypted); - } - /* - * RSA私钥解密 - * - */ - function rsaPrivateDecode($data,$private_key,$password){ - $prikey=file_get_contents($private_key); - $encryptKey =$data['encryptKey']; - $results=array(); - openssl_pkcs12_read($prikey,$results,$password); - $private_key=$results['pkey']; - $pi_key = openssl_pkey_get_public($private_key); - openssl_private_decrypt(base64_decode($encryptKey),$decrypted,$private_key); - return $decrypted; - } - - /* - * RSA私钥签名 - */ - function rsaPrivateSign($data,$path,$password){ - $pubKey = file_get_contents($path); - $results=array(); - openssl_pkcs12_read($pubKey,$results,$password); - $private_key=$results['pkey']; - $pi_key = openssl_pkey_get_private($private_key);//这个函数可用来判断私钥是否是可用的,可用返回资源id Resource id - openssl_sign($data, $signature,$private_key,"md5"); - $signature=base64_encode($signature); - return $signature; - } - - /* - * RSA公钥验签 - * - */ - function rsaPubilcSign($data,$path,$hmac){ - $public_key=file_get_contents($path); - $pem1 = chunk_split(base64_encode($public_key),64,"\n"); - $pem1 = "-----BEGIN CERTIFICATE-----\n".$pem1."-----END CERTIFICATE-----\n"; - $pi_key = openssl_pkey_get_public($pem1); - $result=openssl_verify($data,base64_decode($hmac),$pem1,OPENSSL_ALGO_MD5); - return $result; - - } - - /* - * hamc签名验证 - * - * - */ - function hmacSign($encrypt_str,$path){ - - if (empty($encrypt_str['hmac'])) { - return DataReturn($encrypt_str['cause'].'['.$encrypt_str['code'].']', -1); - } - $hmac = $encrypt_str['hmac']; - unset($encrypt_str['hmac']); - - ksort($encrypt_str); - $hmacSource = ''; - foreach($encrypt_str as $key => $value){ - if($value == '') - { - continue; - } - if (is_array($value)) { - ksort($value); - foreach ($value as $key2 => $value2) { - if($value2 == '') - { - continue; - } - if (is_object($value2)) { - $value2 = array_filter((array)$value2); - ksort($value2); - foreach ($value2 as $oKey => $oValue) { - if($oValue == '') - { - continue; - } - $oValue .= '#'; - $hmacSource .= trim($oValue); - - } - } else if(is_array($value2)){ - ksort($value2); - foreach ($value2 as $key3 => $value3) { - if($value3 == '') - { - continue; - } - if (is_object($value3)) { - $value3 = array_filter((array)$value3); - ksort($value3); - foreach ($value3 as $oKey => $oValue) { - if($oValue == '') - { - continue; - } - $oValue .= '#'; - $hmacSource .= trim($oValue); - } - } else{ - $value3 .= '#'; - $hmacSource .= trim($value3); - } - } - } else{ - $value2 .= '#'; - $hmacSource .= trim($value2); - } - } - } else { - $value .= '#'; - $hmacSource .= trim($value); - } - } - $sourceHmac=sha1($hmacSource, true); - $hh=$this->rsaPubilcSign($sourceHmac,$path,$hmac); - if ($hh==0||$hh==-1){ - return DataReturn('HMAC验证错误', -1); - } - return DataReturn('校验成功', 0, $encrypt_str); - } - - - - /** - * hmac 验证 - * @return mixed - */ - public function NotifyCheckHmac($private_key,$data,$public_key,$password) - { - $prikey=file_get_contents($private_key); - $encryptKey =$data['encryptKey']; - $results=array(); - openssl_pkcs12_read($prikey,$results,$password); - $private_key=$results['pkey']; - $pi_key = openssl_pkey_get_public($private_key); - openssl_private_decrypt(base64_decode($encryptKey),$decrypted,$private_key); - - $date = json_encode($data['data']); - $screct_key = $decrypted; - $encrypt_str= openssl_decrypt($date,"AES-128-ECB",$screct_key); - $encrypt_str = preg_replace('/[\x00-\x1F]/','', $encrypt_str); - $encrypt_str = json_decode($encrypt_str,true); - - if (empty($encrypt_str['hmac'])){ - return DataReturn('HMAC验证错误', -1); - } - $hmac = $encrypt_str['hmac']; - unset($encrypt_str['hmac']); - - ksort($encrypt_str); - $hmacSource = ''; - foreach($encrypt_str as $key => $value){ - if($value == '') - { - continue; - } - if (is_array($value)) { - ksort($value); - foreach ($value as $key2 => $value2) { - if($value2 == '') - { - continue; - } - if (is_array($value2)) { - $value2 = array_filter((array)$value2); - ksort($value2); - foreach ($value2 as $oKey => $oValue) { - if($oValue == '') - { - continue; - } - $oValue .= '#'; - $hmacSource .= trim($oValue); - } - } else { - $value2 .= '#'; - $hmacSource .= trim($value2); - } - } - } else { - $value .= '#'; - $hmacSource .= trim($value); - } - } - $sourceHmac=sha1($hmacSource, true); - - $public_key=file_get_contents($public_key); - $pem1 = chunk_split(base64_encode($public_key),64,"\n"); - $pem1 = "-----BEGIN CERTIFICATE-----\n".$pem1."-----END CERTIFICATE-----\n"; - $pi_key = openssl_pkey_get_public($pem1); - $result=openssl_verify($sourceHmac,base64_decode($hmac),$pem1,OPENSSL_ALGO_MD5); - - if($result==0||$result==-1) - { - return DataReturn('签名错误', -1); - } - return DataReturn('校验成功', 0, $encrypt_str); - } -} -?> \ No newline at end of file diff --git a/extend/payment/QQ.php b/extend/payment/QQ.php index 32f4c17fe..1cbae53a3 100644 --- a/extend/payment/QQ.php +++ b/extend/payment/QQ.php @@ -119,7 +119,6 @@ class QQ 'name' => 'apiclient_cert', 'placeholder' => '证书(apiclient_cert.pem)', 'title' => '证书(apiclient_cert.pem)(退款操作必填项)', - 'desc' => '去除以 -- 开头结尾的字符和换行', 'is_required' => 0, 'rows' => 6, 'message' => '请填写证书(apiclient_cert.pem)', @@ -129,7 +128,6 @@ class QQ 'name' => 'apiclient_key', 'placeholder' => '证书密钥(apiclient_key.pem)', 'title' => '证书密钥(apiclient_key.pem)(退款操作必填项)', - 'desc' => '去除以 -- 开头结尾的字符和换行', 'is_required' => 0, 'rows' => 6, 'message' => '请填写证书密钥(apiclient_key.pem)', @@ -592,15 +590,25 @@ class QQ $apiclient_cert_file = ROOT.'runtime'.DS.'temp'.DS.'payment_qq_pay_apiclient_cert.pem'; $apiclient_key_file = ROOT.'runtime'.DS.'temp'.DS.'payment_qq_pay_apiclient_key.pem'; - // 文件是否存在 - $apiclient_cert = "-----BEGIN CERTIFICATE-----\n"; - $apiclient_cert .= wordwrap($this->config['apiclient_cert'], 64, "\n", true); - $apiclient_cert .= "\n-----END CERTIFICATE-----"; + // 证书处理 + if(stripos($this->config['apiclient_cert'], '-----') === false) + { + $apiclient_cert = "-----BEGIN CERTIFICATE-----\n"; + $apiclient_cert .= wordwrap($this->config['apiclient_cert'], 64, "\n", true); + $apiclient_cert .= "\n-----END CERTIFICATE-----"; + } else { + $apiclient_cert = $this->config['apiclient_cert']; + } file_put_contents($apiclient_cert_file, $apiclient_cert); - - $apiclient_key = "-----BEGIN PRIVATE KEY-----\n"; - $apiclient_key .= wordwrap($this->config['apiclient_key'], 64, "\n", true); - $apiclient_key .= "\n-----END PRIVATE KEY-----"; + + if(stripos($this->config['apiclient_key'], '-----') === false) + { + $apiclient_key = "-----BEGIN PRIVATE KEY-----\n"; + $apiclient_key .= wordwrap($this->config['apiclient_key'], 64, "\n", true); + $apiclient_key .= "\n-----END PRIVATE KEY-----"; + } else { + $apiclient_key = $this->config['apiclient_key']; + } file_put_contents($apiclient_key_file, $apiclient_key); return ['cert' => $apiclient_cert_file, 'key' => $apiclient_key_file]; diff --git a/extend/payment/Weixin.php b/extend/payment/Weixin.php index 11d93aba7..c924db9bf 100755 --- a/extend/payment/Weixin.php +++ b/extend/payment/Weixin.php @@ -106,7 +106,6 @@ class Weixin 'name' => 'apiclient_cert', 'placeholder' => '证书(apiclient_cert.pem)', 'title' => '证书(apiclient_cert.pem)(退款操作必填项)', - 'desc' => '去除以 -- 开头结尾的字符和换行', 'is_required' => 0, 'rows' => 6, 'message' => '请填写证书(apiclient_cert.pem)', @@ -116,7 +115,6 @@ class Weixin 'name' => 'apiclient_key', 'placeholder' => '证书密钥(apiclient_key.pem)', 'title' => '证书密钥(apiclient_key.pem)(退款操作必填项)', - 'desc' => '去除以 -- 开头结尾的字符和换行', 'is_required' => 0, 'rows' => 6, 'message' => '请填写证书密钥(apiclient_key.pem)', @@ -694,6 +692,7 @@ class Weixin $apiclient_cert_file = ROOT.'runtime'.DS.'temp'.DS.'payment_weixin_pay_apiclient_cert.pem'; $apiclient_key_file = ROOT.'runtime'.DS.'temp'.DS.'payment_weixin_pay_apiclient_key.pem'; + // 证书处理 if(stripos($this->config['apiclient_cert'], '-----') === false) { $apiclient_cert = "-----BEGIN CERTIFICATE-----\n";