cmb

2025-03-05 15:18:57 +08:00 · 2025-03-05 15:18:57 +08:00 · d5267dede1
parent f7def09458
commit d5267dede1
6 changed files with 58 additions and 35 deletions
--- a/configs/config.yaml
+++ b/configs/config.yaml
@ -49,8 +49,7 @@ wechat:
 cmb:
  sm2Prk: "" # 私钥 非对称加解密算法SM2 公钥长度为65字节，私钥长度为32字节。非对称密钥是基于国密推荐的椭圆曲线生成的，国密推荐曲线sm2p256v1
  sm2Puk: "" # 公钥，给到招行密钥
-  sm4Key: "" # 对称加解密算法SM4 SM4/CBC/PKCS5Padding，密钥长度为16字节，明文长度不做要求，IV长度为16字节。
-  cmbSm2Puk: ""
+  cmbSm2Puk: "" # 招行公钥
  mid: "d6fdd78b6fd13a808818286b9cad9687"
  aid: "5efaa21263b94f669a1c90ed0279df20"
  notifyUrl: "https://gateway.dev.cdlsxd.cn/ymt/jd/v1/notify"
--- a/internal/conf/conf.pb.go
+++ b/internal/conf/conf.pb.go
@ -422,6 +422,9 @@ type Cmb struct {

 	Mid       string `protobuf:"bytes,1,opt,name=mid,proto3" json:"mid,omitempty"`
 	Aid       string `protobuf:"bytes,2,opt,name=aid,proto3" json:"aid,omitempty"`
+	Sm2Prk    string `protobuf:"bytes,4,opt,name=sm2Prk,proto3" json:"sm2Prk,omitempty"`
+	Sm2Puk    string `protobuf:"bytes,5,opt,name=sm2Puk,proto3" json:"sm2Puk,omitempty"`
+	CmbSm2Puk string `protobuf:"bytes,6,opt,name=cmbSm2Puk,proto3" json:"cmbSm2Puk,omitempty"`
 	NotifyUrl string `protobuf:"bytes,3,opt,name=notifyUrl,proto3" json:"notifyUrl,omitempty"`
 }

@ -471,6 +474,27 @@ func (x *Cmb) GetAid() string {
 	return ""
 }

+func (x *Cmb) GetSm2Prk() string {
+	if x != nil {
+		return x.Sm2Prk
+	}
+	return ""
+}
+
+func (x *Cmb) GetSm2Puk() string {
+	if x != nil {
+		return x.Sm2Puk
+	}
+	return ""
+}
+
+func (x *Cmb) GetCmbSm2Puk() string {
+	if x != nil {
+		return x.CmbSm2Puk
+	}
+	return ""
+}
+
 func (x *Cmb) GetNotifyUrl() string {
 	if x != nil {
 		return x.NotifyUrl
@ -924,18 +948,23 @@ var file_conf_conf_proto_rawDesc = []byte{
 	0x0a, 0x1a, 0x6d, 0x63, 0x68, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65,
 	0x53, 0x65, 0x72, 0x69, 0x61, 0x6c, 0x4e, 0x75, 0x6d, 0x62, 0x65, 0x72, 0x18, 0x02, 0x20, 0x01,
 	0x28, 0x09, 0x52, 0x1a, 0x6d, 0x63, 0x68, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61,
-	0x74, 0x65, 0x53, 0x65, 0x72, 0x69, 0x61, 0x6c, 0x4e, 0x75, 0x6d, 0x62, 0x65, 0x72, 0x22, 0x47,
-	0x0a, 0x03, 0x43, 0x6d, 0x62, 0x12, 0x10, 0x0a, 0x03, 0x6d, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01,
-	0x28, 0x09, 0x52, 0x03, 0x6d, 0x69, 0x64, 0x12, 0x10, 0x0a, 0x03, 0x61, 0x69, 0x64, 0x18, 0x02,
-	0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x61, 0x69, 0x64, 0x12, 0x1c, 0x0a, 0x09, 0x6e, 0x6f, 0x74,
-	0x69, 0x66, 0x79, 0x55, 0x72, 0x6c, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x6e, 0x6f,
-	0x74, 0x69, 0x66, 0x79, 0x55, 0x72, 0x6c, 0x22, 0x3a, 0x0a, 0x04, 0x4c, 0x6f, 0x67, 0x73, 0x12,
-	0x1a, 0x0a, 0x08, 0x62, 0x75, 0x73, 0x69, 0x6e, 0x65, 0x73, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28,
-	0x09, 0x52, 0x08, 0x62, 0x75, 0x73, 0x69, 0x6e, 0x65, 0x73, 0x73, 0x12, 0x16, 0x0a, 0x06, 0x61,
-	0x63, 0x63, 0x65, 0x73, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x61, 0x63, 0x63,
-	0x65, 0x73, 0x73, 0x42, 0x17, 0x5a, 0x15, 0x76, 0x6f, 0x75, 0x63, 0x68, 0x65, 0x72, 0x2f, 0x63,
-	0x70, 0x6e, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x3b, 0x63, 0x6f, 0x6e, 0x66, 0x62, 0x06, 0x70, 0x72,
-	0x6f, 0x74, 0x6f, 0x33,
+	0x74, 0x65, 0x53, 0x65, 0x72, 0x69, 0x61, 0x6c, 0x4e, 0x75, 0x6d, 0x62, 0x65, 0x72, 0x22, 0x95,
+	0x01, 0x0a, 0x03, 0x43, 0x6d, 0x62, 0x12, 0x10, 0x0a, 0x03, 0x6d, 0x69, 0x64, 0x18, 0x01, 0x20,
+	0x01, 0x28, 0x09, 0x52, 0x03, 0x6d, 0x69, 0x64, 0x12, 0x10, 0x0a, 0x03, 0x61, 0x69, 0x64, 0x18,
+	0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x61, 0x69, 0x64, 0x12, 0x16, 0x0a, 0x06, 0x73, 0x6d,
+	0x32, 0x50, 0x72, 0x6b, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x73, 0x6d, 0x32, 0x50,
+	0x72, 0x6b, 0x12, 0x16, 0x0a, 0x06, 0x73, 0x6d, 0x32, 0x50, 0x75, 0x6b, 0x18, 0x05, 0x20, 0x01,
+	0x28, 0x09, 0x52, 0x06, 0x73, 0x6d, 0x32, 0x50, 0x75, 0x6b, 0x12, 0x1c, 0x0a, 0x09, 0x63, 0x6d,
+	0x62, 0x53, 0x6d, 0x32, 0x50, 0x75, 0x6b, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x63,
+	0x6d, 0x62, 0x53, 0x6d, 0x32, 0x50, 0x75, 0x6b, 0x12, 0x1c, 0x0a, 0x09, 0x6e, 0x6f, 0x74, 0x69,
+	0x66, 0x79, 0x55, 0x72, 0x6c, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x6e, 0x6f, 0x74,
+	0x69, 0x66, 0x79, 0x55, 0x72, 0x6c, 0x22, 0x3a, 0x0a, 0x04, 0x4c, 0x6f, 0x67, 0x73, 0x12, 0x1a,
+	0x0a, 0x08, 0x62, 0x75, 0x73, 0x69, 0x6e, 0x65, 0x73, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09,
+	0x52, 0x08, 0x62, 0x75, 0x73, 0x69, 0x6e, 0x65, 0x73, 0x73, 0x12, 0x16, 0x0a, 0x06, 0x61, 0x63,
+	0x63, 0x65, 0x73, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x61, 0x63, 0x63, 0x65,
+	0x73, 0x73, 0x42, 0x17, 0x5a, 0x15, 0x76, 0x6f, 0x75, 0x63, 0x68, 0x65, 0x72, 0x2f, 0x63, 0x70,
+	0x6e, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x3b, 0x63, 0x6f, 0x6e, 0x66, 0x62, 0x06, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x33,
 }

 var (
--- a/internal/conf/conf.proto
+++ b/internal/conf/conf.proto
@ -73,6 +73,9 @@ message Wechat {
 message Cmb {
  string mid = 1;
  string aid = 2;
+  string sm2Prk = 4;
+  string sm2Puk = 5;
+  string cmbSm2Puk = 6;
  string notifyUrl = 3;
 }

--- a/internal/pkg/cmb/sm2.go
+++ b/internal/pkg/cmb/sm2.go
@ -43,12 +43,11 @@ func publicKeyToString(publicKey *sm2.PublicKey) string {
 	return hex.EncodeToString(publicKeyBytes)
 }

-func encrypt(sopPublicKey, inputJson string) (string, error) {
-	data, _ := base64.StdEncoding.DecodeString(inputJson)
+func encrypt(sopPublicKey, input string) (string, error) {

 	sm4Key := GenerateSM4Key()
 	iv := GetSM4IV()
-	encryptedBody, err := sm4.CBCEncrypt(sm4Key, iv, Padding(data, 1))
+	encryptedBody, err := sm4.CBCEncrypt(sm4Key, iv, Padding([]byte(input), 1))

 	keyAndIv := AssemblingByteArray(sm4Key, iv)

@ -67,13 +66,8 @@ func encrypt(sopPublicKey, inputJson string) (string, error) {
 	return fmt.Sprintf("%s|%s", base64.StdEncoding.EncodeToString([]byte(kvTmp)), base64.StdEncoding.EncodeToString(encryptedBody)), nil
 }

-func decrypt(privateKey, inputJson string) (string, error) {
-	data, err := base64.StdEncoding.DecodeString(inputJson)
-	if err != nil {
-		return "", err
-	}
-
-	tmpDataArr := strings.Split(string(data), "|")
+func decrypt(privateKey, input string) (string, error) {
+	tmpDataArr := strings.Split(input, "|")
 	if len(tmpDataArr) != 2 {
 		return "", fmt.Errorf("数据格式错误")
 	}
@ -121,9 +115,11 @@ func sign(privateKey, input string) (string, error) {
 		SetData([]byte(input)).
 		Sign().
 		ToString()
+
 	if err != nil {
 		return "", err
 	}
+
 	return base64.StdEncoding.EncodeToString([]byte(signData)), nil
 }

--- a/internal/pkg/cmb/sm2_test.go
+++ b/internal/pkg/cmb/sm2_test.go
@ -1,7 +1,6 @@
 package cmb

 import (
-	"encoding/base64"
 	"testing"
 )

@ -19,16 +18,14 @@ func TestGenerateSm2Key(t *testing.T) {
 func TestEncrypt(t *testing.T) {
 	pukKey := "04a702106cf530dc981e44cd515b394747cfd6bb059247696b188b25281ea4278fe7c6e34a83680110eec71becd31f5db14abc671e5d8e67ce7ca3c6b3adc86674"
 	content := `{"name":"zhangxx","phoneNo":"137xxxxxxxx"}`
-	base64Content := base64.StdEncoding.EncodeToString([]byte(content))
-	xx, err := encrypt(pukKey, base64Content)
+	xx, err := encrypt(pukKey, content)
 	t.Log(xx, err)
 }

 func TestDecrypt(t *testing.T) {
 	priKey := "9450c673cf801164435b9c164ac1404e87997245bc6f323fde22015875a03f6e"
 	content := "BHeko/ZYFzQOJn6Q3y46X1AjNz8Nh5fq1FfMuWebh+TangLnlK5iFqePCst4rjG/FKJInijiKO2Qq18sJULlMEEgri05s+bHHDKM+Y+73crAbCnIhHbZxUjt8A0cq2rKjzkl8bxW33dU18uuiTEAmsAvKvmZgE6zJ1eDyjFWefHEIFJaKCNY2cTQOInt|8UYFZFTkx0DovPhaWCbdBkAqbgGmegT14F5gwXLJ6G1uWdYNvX+i5QWAYUGtd8u9"
-	base64Content := base64.StdEncoding.EncodeToString([]byte(content))
-	xx, err := decrypt(priKey, base64Content)
+	xx, err := decrypt(priKey, content)
 	t.Log(xx, err)
 }

@ -37,17 +34,15 @@ func TestEncryptDecrypt(t *testing.T) {
 	pukKey := "0479c4d66ffc74d5e0ff667d53da72f63f2c091cf4ee5fc3cc53142bc104dd68ffe332cf1151ce07e0cc62d64c9c7c3b5c94b161668d281691cab2424013eadfb2"

 	content := `{"name":"zhangxx","phoneNo":"137xxxxxxxx"}`
-	base64EncryptContent := base64.StdEncoding.EncodeToString([]byte(content))

-	xx, err := encrypt(pukKey, base64EncryptContent)
+	xx, err := encrypt(pukKey, content)
 	if err != nil {
 		t.Log(err)
 		return
 	}
 	t.Log(xx)

-	base64DecryptContent := base64.StdEncoding.EncodeToString([]byte(xx))
-	aa, err := decrypt(priKey, base64DecryptContent)
+	aa, err := decrypt(priKey, xx)
 	if err != nil {
 		t.Log(err)
 		return
@ -68,7 +63,6 @@ func TestVerify(t *testing.T) {
 	pukKey := "04838f74275e6f4f2373d4e6e974ac790c10ab6f9c17e273cf0c84848c6838979c158315932e36f0b9444442f145e4671b1ee5d43d5d63913a70d4d0d52cc3c0d6"

 	content := "accessToken.json?aid=9dad6d3900ec3ffabd80e46522a10ead&cmbKeyAlias=SM2_CMBLIFE&date=20250305115032&encryptBody=BHeko/ZYFzQOJn6Q3y46X1AjNz8Nh5fq1FfMuWebh+TangLnlK5iFqePCst4rjG/FKJInijiKO2Qq18sJULlMEEgri05s+bHHDKM+Y+73crAbCnIhHbZxUjt8A0cq2rKjzkl8bxW33dU18uuiTEAmsAvKvmZgE6zJ1eDyjFWefHEIFJaKCNY2cTQOInt|8UYFZFTkx0DovPhaWCbdBkAqbgGmegT14F5gwXLJ6G1uWdYNvX+i5QWAYUGtd8u9&keyAlias=CO_PUB_KEY_SM2&mid=f806c259d86e3b9aa956c98d475b6af7&random=286d97b1d8ed4bbf822b004470c92ae8"
-
 	signDataBase64 := "MEUCIAg1zxnKG+X8t/hlwEoyL/T33iKgle09S6bfb3eZh/FqAiEAxtK5TdGAo+JpK7JmL15tT4nlQyrUzC14flu0Tq+9Svo="

 	xx, err := verify(pukKey, content, signDataBase64)
--- a/internal/service/cmb_mock.go
+++ b/internal/service/cmb_mock.go
@ -7,11 +7,13 @@ import (

 func (s *VoucherService) CmbOrderMock(ctx http.Context) error {

-	var req v1.CmbOrderReply
+	var req v1.CmbOrderRequest
 	if err := ctx.BindForm(&req); err != nil {
 		return err
 	}

+	//bizJson := req.String()
+
 	reply := &v1.CmbRequest{}

 	return ctx.JSON(200, reply)