diff --git a/bin/payserver/config/config.json b/bin/payserver/config/config.json index cafe399..f302a2e 100644 --- a/bin/payserver/config/config.json +++ b/bin/payserver/config/config.json @@ -2,5 +2,5 @@ "gameapi_url": "https://game2006api-test.kingsome.cn", "wx_url": "api.weixin.qq.com|api2.weixin.qq.com|sh.api.weixin.qq.com|sz.api.weixin.qq.com|hk.api.weixin.qq.com", "wx_notify_token": "dV93f4FwSGMwkYcvsRHD8egdW5egPMhF", - "wx_notify_encoding_aes_key": "H60uFIXjyd431hLVhlsKyus3U28RVIzWncey424DqpY" + "wx_notify_encoding_aes_key": "t7zDjlqSow7OY4s61q8wp4EabjWnUtTSi5w0KM48O1K" } diff --git a/server/payserver/api/v1/mainservice/mainservice.go b/server/payserver/api/v1/mainservice/mainservice.go index 469342f..5ca92de 100644 --- a/server/payserver/api/v1/mainservice/mainservice.go +++ b/server/payserver/api/v1/mainservice/mainservice.go @@ -74,30 +74,9 @@ func (this *MainServiceApi) WxTNotify(c *gin.Context) { func (this *MainServiceApi) WxNotifyPurchase(c *gin.Context) { f5.GetSysLog().Debug("wx notify purchase:%s", c.Request.URL.RawQuery) - // signature := c.Query("signature") timestamp := c.Query("timestamp") nonce := c.Query("nonce") - // if len(signature) > 0 || len(timestamp) > 0 || len(nonce) > 0 { - // strs := []string{mt.Table.Config.GetWxNotifyToken(), timestamp, nonce} - // sort.Strings(strs) - // sb := strings.Builder{} - // sb.WriteString(strs[0]) - // sb.WriteString(strs[1]) - // sb.WriteString(strs[2]) - // m := sha1.New() - // io.WriteString(m, sb.String()) - // sign := string(hex.EncodeToString(m.Sum(nil))) - - // f5.GetSysLog().Debug("wx sign:%s, %s", sign, signature) - // if sign != signature { - // c.String(200, "wrong") - // return - // } - // c.String(200, c.Query("echostr")) - // return - // } - rspObj := struct { ErrorCode int32 `json:"ErrCode"` ErrMsg string `json:"ErrMsg"` @@ -121,7 +100,7 @@ func (this *MainServiceApi) WxNotifyPurchase(c *gin.Context) { } smsg, appid := service.Wxpay.DecryptMsg(msg_signature, timestamp, nonce, postObj.Encrypt) - if smsg == nil || appid == nil || len(smsg) == 0 || len(appid) == 0 { + if len(smsg) == 0 || len(appid) == 0 { rspObj.ErrorCode = 402 rspObj.ErrMsg = "decrypt data error" c.JSON(200, rspObj) diff --git a/server/payserver/service/wxpaybase.go b/server/payserver/service/wxpaybase.go index aafc65e..738f0af 100644 --- a/server/payserver/service/wxpaybase.go +++ b/server/payserver/service/wxpaybase.go @@ -49,7 +49,7 @@ func (wp *wxpay) DecryptMsg(sMsgSignature string, sTimeStamp string, sNonce stri //4.decode aes sAesKey := wp.GenAesKeyFromEncodingKey(mt.Table.Config.GetWxNotifyEncodingAesKey()) - if sAesKey == "" { + if len(sAesKey) == 0 { return } sNoEncryptData := wp.AES_CBCDecrypt(sAesData, sAesKey) @@ -61,7 +61,7 @@ func (wp *wxpay) DecryptMsg(sMsgSignature string, sTimeStamp string, sNonce stri netlenbyte := sNoEncryptData[constant.WX_RANDENCRYPT_STRLEN : constant.WX_RANDENCRYPT_STRLEN+constant.WX_KMSG_LEN] buf := bytes.NewReader(netlenbyte) iMsgLen := int(0) //ntohl(iNetLen); - binary.Read(buf, binary.BigEndian, &iMsgLen) + binary.Read(buf, binary.LittleEndian, &iMsgLen) if len(sNoEncryptData) <= constant.WX_RANDENCRYPT_STRLEN+constant.WX_KMSG_LEN+iMsgLen { return } @@ -105,26 +105,26 @@ func (wp *wxpay) ComputeSignature(sToken string, sTimeStamp string, sNonce strin return hex.EncodeToString(sha1crypto.Sum(nil)) } -func (wp *wxpay) GenAesKeyFromEncodingKey(sEncodingKey string) string { +func (wp *wxpay) GenAesKeyFromEncodingKey(sEncodingKey string) (aeskey []byte) { if len(sEncodingKey) != len(mt.Table.Config.GetWxNotifyEncodingAesKey()) { - return "" + return } sBase64 := sEncodingKey + "=" data, err := base64.StdEncoding.DecodeString(sBase64) if err != nil { - return "" + return } - return string(data) + return data } -func (wp *wxpay) AES_CBCDecrypt(sSource []byte, sKey string) []byte { +func (wp *wxpay) AES_CBCDecrypt(sSource []byte, sKey []byte) []byte { if len(sSource) < constant.WX_AESKEY_SIZE || len(sSource)%constant.WX_AESKEY_SIZE != 0 { return []byte{} } - key := []byte(sKey) + key := sKey if len(sKey) > constant.WX_AESKEY_SIZE { key = key[0:constant.WX_AESKEY_SIZE] }