This commit is contained in:
xl
2023-11-13 21:20:10 +08:00
parent 90c65a8c5f
commit 0d1cb506aa
10 changed files with 266 additions and 61 deletions
+29 -8
View File
@@ -3,6 +3,7 @@
namespace wchat\wx\V3;
use Exception;
use Kiri\Client;
use wchat\common\Help;
use function Sodium\crypto_aead_aes256gcm_decrypt;
use function Sodium\crypto_aead_aes256gcm_is_available;
@@ -30,6 +31,27 @@ trait WxV3PaymentTait
}
/**
* @param string $sign
* @param string $json
* @return Client
*/
public function createClient(string $sign, string $json): Client
{
$client = new Client('api.mch.weixin.qq.com', 443, TRUE);
$client->withAddedHeader('Authorization', $sign)
->withContentType('application/json')->withAddedHeader('User-Agent', 'application/json')
->withBody($json)->withAddedHeader("Accept", "*/*");
$proxyHost = $this->getConfig()->getProxyHost();
$proxyPort = $this->getConfig()->getProxyPort();
if (!empty($proxyHost) && $proxyPort > 0) {
$client->withProxyHost($proxyHost)->withProxyPort($proxyPort);
}
return $client;
}
/**
* @param string $http_method
* @param string $canonical_url
@@ -39,8 +61,8 @@ trait WxV3PaymentTait
*/
public function signature(string $http_method, string $canonical_url, string $body = ''): string
{
$rand = md5(random_bytes(32));
$time = time();
$rand = md5(random_bytes(32));
$time = time();
$message = sprintf("%s\n%s\n%d\n%s\n%s\n", $http_method, $canonical_url, $time, $rand, $body);
@@ -90,13 +112,12 @@ trait WxV3PaymentTait
/**
* @param $associatedData
* @param $nonceStr
* @param $ciphertext
* @param array $resource
* @return bool|string
*/
public function decryptToString($associatedData, $nonceStr, $ciphertext): bool|string
public function decryptToString(array $resource): bool|string
{
[$associatedData, $nonceStr, $cipher_algo, $ciphertext] = [$resource['associated_data'], $resource['nonce'], $resource['nonce'], $resource['ciphertext']];
$ciphertext = \base64_decode($ciphertext);
if (strlen($ciphertext) <= AUTH_TAG_LENGTH_BYTE) {
return FALSE;
@@ -107,10 +128,10 @@ trait WxV3PaymentTait
if (function_exists('\Sodium\crypto_aead_aes256gcm_is_available') && crypto_aead_aes256gcm_is_available()) {
return crypto_aead_aes256gcm_decrypt($ciphertext, $associatedData, $nonceStr, 'XGwwZbmMXy6sD5w0IrxfaBHLl7b7jCaR');
}
if (PHP_VERSION_ID >= 70100 && in_array('aes-256-gcm', \openssl_get_cipher_methods())) {
if (PHP_VERSION_ID >= 70100 && in_array($cipher_algo, \openssl_get_cipher_methods())) {
$ctext = substr($ciphertext, 0, -AUTH_TAG_LENGTH_BYTE);
$authTag = substr($ciphertext, -AUTH_TAG_LENGTH_BYTE);
return \openssl_decrypt($ctext, 'aes-256-gcm', 'XGwwZbmMXy6sD5w0IrxfaBHLl7b7jCaR', \OPENSSL_RAW_DATA, $nonceStr, $authTag, $associatedData);
return \openssl_decrypt($ctext, $cipher_algo, 'XGwwZbmMXy6sD5w0IrxfaBHLl7b7jCaR', \OPENSSL_RAW_DATA, $nonceStr, $authTag, $associatedData);
}
throw new \RuntimeException('AEAD_AES_256_GCM需要PHP 7.1以上或者安装libsodium-php');
}