Skip to content

Commit

Permalink
sha256 new everytime
Browse files Browse the repository at this point in the history
  • Loading branch information
iGoogle-ink committed Oct 19, 2023
1 parent d85f535 commit b135c2b
Show file tree
Hide file tree
Showing 4 changed files with 12 additions and 36 deletions.
9 changes: 0 additions & 9 deletions alipay/client.go
Original file line number Diff line number Diff line change
Expand Up @@ -2,13 +2,9 @@ package alipay

import (
"crypto/rsa"
"crypto/sha1"
"crypto/sha256"
"encoding/base64"
"encoding/json"
"fmt"
"hash"
"sync"
"time"

"github.com/go-pay/gopay"
Expand Down Expand Up @@ -39,9 +35,6 @@ type Client struct {
DebugSwitch gopay.DebugSwitch
location *time.Location
hc *xhttp.Client
sha1Hash hash.Hash
sha256Hash hash.Hash
mu sync.Mutex
}

// 初始化支付宝客户端
Expand All @@ -66,8 +59,6 @@ func NewClient(appid, privateKey string, isProd bool) (client *Client, err error
privateKey: priKey,
DebugSwitch: gopay.DebugOff,
hc: xhttp.NewClient(),
sha1Hash: sha1.New(),
sha256Hash: sha256.New(),
}
return client, nil
}
Expand Down
15 changes: 6 additions & 9 deletions alipay/sign.go
Original file line number Diff line number Diff line change
Expand Up @@ -182,25 +182,22 @@ func (a *Client) getRsaSign(bm gopay.BodyMap, signType string) (sign string, err

switch signType {
case RSA:
h = a.sha1Hash
h = sha1.New()
hashs = crypto.SHA1
case RSA2:
h = a.sha256Hash
h = sha256.New()
hashs = crypto.SHA256
default:
h = a.sha256Hash
h = sha256.New()
hashs = crypto.SHA256
}
signParams := bm.EncodeAliPaySignParams()
if a.DebugSwitch == gopay.DebugOn {
xlog.Debugf("Alipay_Request_SignStr: %s", signParams)
}
a.mu.Lock()
defer func() {
h.Reset()
a.mu.Unlock()
}()
h.Write([]byte(signParams))
if _, err = h.Write([]byte(signParams)); err != nil {
return
}
if encryptedBytes, err = rsa.SignPKCS1v15(rand.Reader, a.privateKey, hashs, h.Sum(nil)); err != nil {
return util.NULL, fmt.Errorf("[%w]: %+v", gopay.SignatureErr, err)
}
Expand Down
4 changes: 0 additions & 4 deletions wechat/v3/client.go
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,6 @@ package wechat
import (
"context"
"crypto/rsa"
"crypto/sha256"
"hash"
"sync"

"github.com/go-pay/gopay"
Expand All @@ -21,7 +19,6 @@ type ClientV3 struct {
WxSerialNo string
autoSign bool
rwMu sync.RWMutex
sha256Hash hash.Hash
hc *xhttp.Client
privateKey *rsa.PrivateKey
wxPublicKey *rsa.PublicKey
Expand All @@ -48,7 +45,6 @@ func NewClientV3(mchid, serialNo, apiV3Key, privateKey string) (client *ClientV3
SerialNo: serialNo,
ApiV3Key: []byte(apiV3Key),
privateKey: priKey,
sha256Hash: sha256.New(),
ctx: context.Background(),
DebugSwitch: gopay.DebugOff,
hc: xhttp.NewClient(),
Expand Down
20 changes: 6 additions & 14 deletions wechat/v3/sign.go
Original file line number Diff line number Diff line change
Expand Up @@ -254,13 +254,9 @@ func (c *ClientV3) rsaSign(str string) (string, error) {
if c.privateKey == nil {
return "", errors.New("privateKey can't be nil")
}
c.rwMu.Lock()
defer func() {
c.sha256Hash.Reset()
c.rwMu.Unlock()
}()
c.sha256Hash.Write([]byte(str))
result, err := rsa.SignPKCS1v15(rand.Reader, c.privateKey, crypto.SHA256, c.sha256Hash.Sum(nil))
h := sha256.New()
h.Write([]byte(str))
result, err := rsa.SignPKCS1v15(rand.Reader, c.privateKey, crypto.SHA256, h.Sum(nil))
if err != nil {
return util.NULL, fmt.Errorf("[%w]: %+v", gopay.SignatureErr, err)
}
Expand Down Expand Up @@ -292,13 +288,9 @@ func (c *ClientV3) verifySyncSign(si *SignInfo) (err error) {
}
str := si.HeaderTimestamp + "\n" + si.HeaderNonce + "\n" + si.SignBody + "\n"
signBytes, _ := base64.StdEncoding.DecodeString(si.HeaderSignature)
c.rwMu.Lock()
defer func() {
c.sha256Hash.Reset()
c.rwMu.Unlock()
}()
c.sha256Hash.Write([]byte(str))
if err = rsa.VerifyPKCS1v15(wxPublicKey, crypto.SHA256, c.sha256Hash.Sum(nil), signBytes); err != nil {
h := sha256.New()
h.Write([]byte(str))
if err = rsa.VerifyPKCS1v15(wxPublicKey, crypto.SHA256, h.Sum(nil), signBytes); err != nil {
return fmt.Errorf("[%w]: %v", gopay.VerifySignatureErr, err)
}
return nil
Expand Down

0 comments on commit b135c2b

Please sign in to comment.