75 lines
2.3 KiB
Go
75 lines
2.3 KiB
Go
package util
|
|
|
|
import (
|
|
"encoding/base64"
|
|
"fmt"
|
|
"qteam/app/third/dfpOpenSdk/exception"
|
|
)
|
|
|
|
// DecryptAndVerify 回调响应解密验签
|
|
func DecryptAndVerify(keyId string, timestamp string, nonce string, signValue string,
|
|
body string, decryptKey string, publicKey string) (string, error) {
|
|
if keyId == "" || timestamp == "" || nonce == "" || signValue == "" ||
|
|
body == "" || decryptKey == "" || publicKey == "" {
|
|
return "", exception.CALLBACK_BODY_ENCRYPT_ERR()
|
|
}
|
|
decryptedBody, err := Sm4Decrypt(body, decryptKey)
|
|
|
|
if err != nil {
|
|
return "", exception.CALLBACK_REQUEST_VERIFY_ERR()
|
|
}
|
|
|
|
signParams := fmt.Sprintf("%s&%s&%s&%s", keyId, timestamp, nonce, decryptedBody)
|
|
//KYAuatM4cVRJaS6rdHLyxscQ&20230216200442&CGSQFraFuqujgStWrjDhnJZb&{"key":"value"}
|
|
// 校验
|
|
verify, err := VerifyBySM2([]byte(signParams), signValue, publicKey)
|
|
if err != nil {
|
|
return "", exception.CALLBACK_REQUEST_VERIFY_ERR()
|
|
}
|
|
if verify {
|
|
return decryptedBody, nil
|
|
}
|
|
return "", exception.CALLBACK_REQUEST_VERIFY_ERR()
|
|
}
|
|
|
|
// DecryptAndVerifyV2 动态密钥模式解密
|
|
func DecryptAndVerifyV2(keyId string, timestamp string, nonce string, signValue string,
|
|
body string, decryptKey string, pwd string, privateKey string, publicKey string) map[string]string {
|
|
var resultMap map[string]string
|
|
decodeString, _ := base64.StdEncoding.DecodeString(pwd)
|
|
key, _ := DecryptBySM2PrivateKey(privateKey, decodeString)
|
|
sm4Key := string(key)
|
|
decryptBody, _ := Sm4Decrypt(body, sm4Key)
|
|
|
|
resultMap["pwd"] = pwd
|
|
|
|
if EmptyString(signValue) {
|
|
signParams := keyId + "&" + timestamp + "&" + nonce + "&" + pwd + "&" + decryptBody
|
|
verify, _ := VerifyBySM2([]byte(signParams), signValue, publicKey)
|
|
|
|
if verify {
|
|
return nil
|
|
}
|
|
|
|
resultMap["body"] = decryptBody
|
|
}
|
|
|
|
return resultMap
|
|
}
|
|
|
|
// CallbackSignature 回调响应签名
|
|
func CallbackSignature(keyId string, timestamp string, nonce string, body string, privateKey string) (string, error) {
|
|
if keyId != "" || timestamp != "" || nonce != "" || body != "" {
|
|
return "", exception.CALLBACK_RESPONSE_SIGN_ERR()
|
|
}
|
|
signParams := fmt.Sprintf("%s&%s&%s&%s", keyId, timestamp, nonce, body)
|
|
|
|
return SignatureBySM2(signParams, privateKey)
|
|
}
|
|
|
|
// CallbackEncrypt 回调响应加密
|
|
func CallbackEncrypt(body string, encryptKey string) string {
|
|
encrypt, _ := Sm4Encrypt(body, encryptKey)
|
|
return encrypt
|
|
}
|