helper/cmb.go

package helper

import (
    "bytes"
    "encoding/base64"
    "encoding/hex"
    "errors"
    "git.tetele.net/tgo/crypter"
    "github.com/ZZMarquis/gm/sm2"
    "github.com/ZZMarquis/gm/sm3"
    jsoniter "github.com/json-iterator/go"
    "io/ioutil"
    "log"
    "math/big"
    "net/http"
    "reflect"
    "sort"
    "strings"
    "time"
)

var json = jsoniter.ConfigCompatibleWithStandardLibrary

// 合并map数据
func MergeMapData(x, y map[string]interface{}) map[string]interface{} {

    n := make(map[string]interface{})

    for i, v := range x {
        for j, w := range y {
            if i == j {
                n[i] = w

            } else {
                if _, ok := n[i]; !ok {
                    n[i] = v
                }
                if _, ok := n[j]; !ok {
                    n[j] = w
                }
            }
        }
    }

    return n
}

// 针对传参为json或者数组类型的字段，进行字符串排序
func HttpBuildSort(data map[string]interface{}) string {
    keySlice := []string{}

    for k, _ := range data {
        keySlice = append(keySlice, k)
    }
    // 排序字符串
    sort.Strings(keySlice)

    res := make(map[string]interface{}, 0)

    for _, value := range keySlice {
        data_val := ToStr(data[value])

        if value != "" && data_val != "" {
            res[value] = data_val
        }
    }

    res_byte, _ := json.Marshal(res)

    return string(res_byte)
}

// body参数处理
func FormatBodyData(body map[string]interface{}) map[string]interface{} {
    data := map[string]interface{}{}

    if len(body) > 0 {
        for k, v := range body {
            typeOfA := reflect.TypeOf(v)

            if typeOfA.Kind().String() == "map" {
                build_str_format, _ := InterfaceToMapInterface(v)

                if len(build_str_format) < 1 {
                    continue
                }
                // json键值对处理
                data[k] = HttpBuildSort(build_str_format)
                // log.Println("排序后的数据: ", data[k])
            } else if typeOfA.Kind().String() == "slice" {
                val_slice := []interface{}{}
                // json键值对处理
                for _, val_inter := range v.([]interface{}) {
                    val_map, _ := InterfaceToMapInterface(val_inter)
                    each_val := HttpBuildSort(val_map)
                    val_slice = append(val_slice, each_val)
                }

                if len(val_slice) < 1 {
                    continue
                }

                data[k] = val_slice
                // log.Println("排序后的数据: ", data[k])
            } else {
                data[k] = v
            }
        }
    }

    return data
}

// 字符串排序拼接
func CmbHttpBuildQuery(data map[string]interface{}, filter_sign bool) string {
    keySlice := []string{}
    // 剔除sign字段
    for k, _ := range data {
        if filter_sign && k == "sign" {
            continue
        }
        keySlice = append(keySlice, k)
    }
    // 排序字符串
    sort.Strings(keySlice)

    var query string

    for _, value := range keySlice {
        if value != "" && data[value] != "" {
            query += StringJoin(value, "=", ToStr(data[value]), "&")
        }
    }

    build_str := strings.Trim(query, "&")

    log.Println("拼接后的数据: ", build_str)
    return build_str
}

// 生成签名sign--聚合支付
func SetSign(data map[string]interface{}, privateKey string) string {
    log.Println("招行加签start")
    build_str := CmbHttpBuildQuery(data, true)

    priv := new(sm2.PrivateKey)
    priv.Curve = sm2.GetSm2P256V1()
    dBytes, _ := hex.DecodeString(privateKey)
    priv.D = new(big.Int).SetBytes(dBytes)

    signature, err := sm2.Sign(priv, []byte("1234567812345678"), []byte(build_str))

    if err != nil {
        log.Println("国密加密异常", err)
        return ""
    }

    sign := base64.StdEncoding.EncodeToString(signature)

    log.Println("加密后sign值: ", sign)
    log.Println("招行加签end")
    return sign
}

// 创建请求头信息--聚合支付
func HeaderInfo(appid, secret, sign string) map[string]string {
    if appid == "" || secret == "" || sign == "" {
        return map[string]string{}
    }

    headerData := map[string]string{}

    headerData["appid"] = appid
    headerData["sign"] = sign
    headerData["secret"] = secret
    headerData["timestamp"] = ToStr(time.Now().Unix())

    build_str := CmbHttpBuildQuery(MapStringToInterface(headerData), false)

    headerData["apisign"] = crypter.Md5Str(build_str)

    delete(headerData, "sign")
    delete(headerData, "secret")

    log.Println("header信息", headerData)

    return headerData
}

// 接口验签--各客户端请求我们接口验签
func CheckSign(appid, app_secret, timeStamp, nonce, sign string, body map[string]interface{}) error {
    log.Println("请求验签start")

    /*time_now := time.Now().Unix()

      if time_now-ToInt64(timeStamp) > 10 {
          return errors.New("请求时间超出范围，拒绝访问")
      }*/

    sign_info := map[string]interface{}{
        "appid":     appid,
        "timestamp": timeStamp,
        "nonce":     nonce,
    }

    if len(body) > 0 {
        body_format := FormatBodyDataNoList(body)
        sign_info = MergeMapData(sign_info, body_format)
    }

    str := CmbHttpBuildQuery(sign_info, false) + "&" + app_secret
    log.Println("加密前数据: ", str)
    sign_str := crypter.Md5Str(str)
    log.Println("加密后数据: ", sign_str)

    if sign_str != sign {
        return errors.New("签名不正确")
    }

    log.Println("请求验签end")

    return nil
}

// post 请求
func PostJsonData(url string, param interface{}, headerinfo map[string]string) ([]byte, error) {
    httpClient := &http.Client{}
    params, err := json.Marshal(param)

    if err != nil {
        return []byte(""), err
    }

    log.Println(bytes.NewBuffer(params))

    req, err := http.NewRequest("POST", url, bytes.NewBuffer(params))
    if err != nil {
        return []byte(""), err
    }

    req.Header.Set("Content-Type", "application/json")

    if len(headerinfo) > 0 {
        for k, v := range headerinfo {
            req.Header[k] = []string{v}
        }
    }

    resp, err := httpClient.Do(req)
    if err != nil {
        return []byte(""), err
    }

    defer resp.Body.Close()
    body, err := ioutil.ReadAll(resp.Body)
    if err != nil {
        return []byte(""), err
    }

    return body, nil
}

func SetSignsm3(data map[string]interface{}) string {
    build_str := HttpBuildjson(data, false)
    h := sm3.New()
    h.Write([]byte(build_str))
    sum := h.Sum(nil)
    sign := hex.EncodeToString(sum)
    return sign
}

func CashierHeaderInfoCompany(appid, secret, sign, private_key string) map[string]string {
    if appid == "" || secret == "" || sign == "" || private_key == "" {
        return map[string]string{}
    }

    headerData := map[string]string{}

    headerData["appid"] = appid
    headerData["sign"] = sign
    headerData["secret"] = secret
    headerData["timestamp"] = ToStr(time.Now().Unix())
    headerData["apisign"] = SetSignhex(headerData, private_key)
    headerData["verify"] = "SM3withSM2"
    delete(headerData, "secret")
    return headerData
}

// 生成签名sign
func SetSignhex(data map[string]string, privateKey string) string {
    build_str := CmbHttpBuildQuery(MapStringToInterface(data), false)
    priv := new(sm2.PrivateKey)
    priv.Curve = sm2.GetSm2P256V1()
    dBytes, _ := hex.DecodeString(privateKey)
    priv.D = new(big.Int).SetBytes(dBytes)
    sign, _ := sm2.Sign(priv, []byte("1234567812345678"), []byte(build_str))
    sign = SM2Asn1ToRaw(sign)
    return hex.EncodeToString(sign)
}
func SM2Asn1ToRaw(data []byte) []byte {
    i := 3
    ret := []byte{}
    if data[i] == 32 {
        i = i + 1
    } else if data[i] == 33 {
        i = i + 2
    }
    for k := 0; k < 32; k++ {
        ret = append(ret, data[i+k])
    }
    i = i + 32
    i = i + 1
    if data[i] == 32 {
        i = i + 1
    } else if data[i] == 33 {
        i = i + 2
    }
    for k := 0; k < 32; k++ {
        ret = append(ret, data[i+k])
    }
    return ret
}

// 字符串排序拼接
func HttpBuildjson(data map[string]interface{}, filter_sign bool) string {
    keySlice := []string{}
    res := map[string]interface{}{}
    // 剔除sign字段
    for k, _ := range data {
        if filter_sign && k == "sign" {
            continue
        }
        keySlice = append(keySlice, k)
    }
    // 排序字符串
    sort.Strings(keySlice)
    for _, value := range keySlice {
        if value != "" && data[value] != "" {
            res[value] = data[value]
        }
    }
    ss, _ := json.Marshal(res)
    log.Println("拼接后的数据: ", string(ss))
    return string(ss)
}

// body参数处理
func FormatBodyDataNoList(body map[string]interface{}) map[string]interface{} {
    data := map[string]interface{}{}

    if len(body) > 0 {
        for k, v := range body {
            typeOfA := reflect.TypeOf(v)

            if typeOfA.Kind().String() == "map" || typeOfA.Kind().String() == "slice" {
                continue
            } else {
                if typeOfA.Kind().String() == "string" {
                    if ToStr(v) != "" {
                        data[k] = v
                    }
                }
            }
        }
    }

    return data
}

// 聚合支付异步回调验签
func JhNotifyCheckSign(sign, public_key string, data map[string]string) bool {
    build_sort_str := CmbHttpBuildQuery(MapStringToInterface(data), true)
    pub_x := ""
    pub_y := ""
    // 私钥截取
    if len(public_key) == 128 {
        pub_x = public_key[:64]
        pub_y = public_key[64:]
    } else if len(public_key) == 130 && (public_key[:2] == "04") {
        public_key = public_key[2:]
        pub_x = public_key[:64]
        pub_y = public_key[64:]
    } else {
        log.Println("异步验签公钥出错", public_key)
        return false
    }

    sign_b64, _ := base64.StdEncoding.DecodeString(sign)
    pub := new(sm2.PublicKey)
    pub.Curve = sm2.GetSm2P256V1()
    xBytes, _ := hex.DecodeString(pub_x)
    yBytes, _ := hex.DecodeString(pub_y)
    pub.X = new(big.Int).SetBytes(xBytes)
    pub.Y = new(big.Int).SetBytes(yBytes)
    result := sm2.Verify(pub, []byte("1234567812345678"), []byte(build_sort_str), sign_b64)

    if !result {
        return false
    }

    return true
}