eee
This commit is contained in:
@@ -3,6 +3,7 @@
|
||||
namespace wchat\wx\V3;
|
||||
|
||||
use Exception;
|
||||
use Kiri\Client;
|
||||
use wchat\common\Help;
|
||||
use function Sodium\crypto_aead_aes256gcm_decrypt;
|
||||
use function Sodium\crypto_aead_aes256gcm_is_available;
|
||||
@@ -30,6 +31,27 @@ trait WxV3PaymentTait
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* @param string $sign
|
||||
* @param string $json
|
||||
* @return Client
|
||||
*/
|
||||
public function createClient(string $sign, string $json): Client
|
||||
{
|
||||
$client = new Client('api.mch.weixin.qq.com', 443, TRUE);
|
||||
$client->withAddedHeader('Authorization', $sign)
|
||||
->withContentType('application/json')->withAddedHeader('User-Agent', 'application/json')
|
||||
->withBody($json)->withAddedHeader("Accept", "*/*");
|
||||
|
||||
$proxyHost = $this->getConfig()->getProxyHost();
|
||||
$proxyPort = $this->getConfig()->getProxyPort();
|
||||
if (!empty($proxyHost) && $proxyPort > 0) {
|
||||
$client->withProxyHost($proxyHost)->withProxyPort($proxyPort);
|
||||
}
|
||||
return $client;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* @param string $http_method
|
||||
* @param string $canonical_url
|
||||
@@ -39,8 +61,8 @@ trait WxV3PaymentTait
|
||||
*/
|
||||
public function signature(string $http_method, string $canonical_url, string $body = ''): string
|
||||
{
|
||||
$rand = md5(random_bytes(32));
|
||||
$time = time();
|
||||
$rand = md5(random_bytes(32));
|
||||
$time = time();
|
||||
|
||||
$message = sprintf("%s\n%s\n%d\n%s\n%s\n", $http_method, $canonical_url, $time, $rand, $body);
|
||||
|
||||
@@ -90,13 +112,12 @@ trait WxV3PaymentTait
|
||||
|
||||
|
||||
/**
|
||||
* @param $associatedData
|
||||
* @param $nonceStr
|
||||
* @param $ciphertext
|
||||
* @param array $resource
|
||||
* @return bool|string
|
||||
*/
|
||||
public function decryptToString($associatedData, $nonceStr, $ciphertext): bool|string
|
||||
public function decryptToString(array $resource): bool|string
|
||||
{
|
||||
[$associatedData, $nonceStr, $cipher_algo, $ciphertext] = [$resource['associated_data'], $resource['nonce'], $resource['nonce'], $resource['ciphertext']];
|
||||
$ciphertext = \base64_decode($ciphertext);
|
||||
if (strlen($ciphertext) <= AUTH_TAG_LENGTH_BYTE) {
|
||||
return FALSE;
|
||||
@@ -107,10 +128,10 @@ trait WxV3PaymentTait
|
||||
if (function_exists('\Sodium\crypto_aead_aes256gcm_is_available') && crypto_aead_aes256gcm_is_available()) {
|
||||
return crypto_aead_aes256gcm_decrypt($ciphertext, $associatedData, $nonceStr, 'XGwwZbmMXy6sD5w0IrxfaBHLl7b7jCaR');
|
||||
}
|
||||
if (PHP_VERSION_ID >= 70100 && in_array('aes-256-gcm', \openssl_get_cipher_methods())) {
|
||||
if (PHP_VERSION_ID >= 70100 && in_array($cipher_algo, \openssl_get_cipher_methods())) {
|
||||
$ctext = substr($ciphertext, 0, -AUTH_TAG_LENGTH_BYTE);
|
||||
$authTag = substr($ciphertext, -AUTH_TAG_LENGTH_BYTE);
|
||||
return \openssl_decrypt($ctext, 'aes-256-gcm', 'XGwwZbmMXy6sD5w0IrxfaBHLl7b7jCaR', \OPENSSL_RAW_DATA, $nonceStr, $authTag, $associatedData);
|
||||
return \openssl_decrypt($ctext, $cipher_algo, 'XGwwZbmMXy6sD5w0IrxfaBHLl7b7jCaR', \OPENSSL_RAW_DATA, $nonceStr, $authTag, $associatedData);
|
||||
}
|
||||
throw new \RuntimeException('AEAD_AES_256_GCM需要PHP 7.1以上或者安装libsodium-php');
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user