2020.02新版

plugins/jdpay/inc/cert/config.ini

@@ -0,0 +1,46 @@
+[wepay]
+;======================= 商户开通的商户号
+merchantNum=22294531
+
+;======================= 商户DES密钥
+desKey=ta4E/aspLA3lgFGKmNDNRYU92RkZ4w2t
+
+;=======================京东支付在线支付PC端请求地址
+serverPayUrl=https://wepay.jd.com/jdpay/saveOrder
+
+;=======================京东支付在线支付H5端请求地址
+;serverPayUrl=https://h5pay.jd.com/jdpay/saveOrder
+
+;=======================京东查询服务地址
+serverQueryUrl=https://paygate.jd.com/service/query
+
+;=======================退款服务地址
+refundUrl=https://paygate.jd.com/service/refund
+
+;=======================callback地址
+callbackUrl=http://localhost/jdPay2Demo/com/jdjr/pay/demo/action/CallBack.php
+
+;=======================notify地址
+notifyUrl=http://localhost/jdPay2Demo/com/jdjr/pay/demo/action/AsnyNotify.php
+
+;======================扫码创建订单
+uniorderUrl= https://paygate.jd.com/service/uniorder
+
+;======================交易号查退款
+queryRefundUrl=https://paygate.jd.com/service/queryRefund
+
+;==========撤销地址
+revokeUrl=https://paygate.jd.com/service/revoke
+
+;=========付款码支付
+fkmPayUrl=https://paygate.jd.com/service/fkmPay
+
+;=========用户关系查询地址
+getUserRelationUrl=https://paygate.jd.com/service/getUserRelation
+
+;=========用户关系解绑地址
+cancelUserRelationUrl=https://paygate.jd.com/service/cancelUserRelation
+
+;=========白条策略查询地址
+queryBaiTiaoFQUrl=https://paygate.jd.com/service/queryBaiTiaoFQ
+

plugins/jdpay/inc/cert/seller_rsa_private_key.pem

@@ -0,0 +1,18 @@
+-----BEGIN PRIVATE KEY-----
+MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBALXf6twUqul1TATO
++5nA66p2wjnRd+g96IXpfV6Sf8WXxwizGj+L19LQYRBXpZHmRh82prJ48d0FcHbo
+CiN8pKutnuZrrKYhvORysOc5bVli0hcCn1TfYDoUWJ1UhjUQloqZKWjUz6LV9QY6
+bIZ1W4+Hmw6HK1bfFwUq0WzIGkJNAgMBAAECgYBlIFQeev9tP+M86TnMjBB9f/sO
+2wGpCIM5slIbO6n/3By3IZ7+pmsitOrDg3h0X22t/V1C7yzMkDGwa+T3Rl7ogwc4
+UNVj0ZQorOTx3OEPx3nP1yT3zmJ9djKaHKAmee4XmhQHdqqIuMT2XQaqatBzcsnP
++Jnw/WVOsIJIqMeFAQJBAP9yq4hE+UfM/YSXZ5JR33k9RolUUq8S/elmeJIDo/3N
+2qDmzLjOr9iEZHxioc8JOxubtZ0BxA+NdfKz4v0BSpkCQQC2RIrAPRj9vOk6GfT9
+W1hbJ4GdnzTb+4vp3RDQQ3x9JGXzWFlg8xJT1rNgM8R95Gkxn3KGnYHJQTLlCsIy
+2FnVAkAWXolM3pVhxz6wHL4SHx9Ns6L4payz7hrUFIgcaTs0H5G0o2FsEZVuhXFz
+PwPiaHGHomQOAriTkBSzEzOeaj2JAkEAtYUFefZfETQ2QbrgFgIGuKFboJKRnhOi
+f8G9oOvU6vx43CS8vqTVN9G2yrRDl+0GJnlZIV9zhe78tMZGKUT2EQJAHQawBKGl
+XlMe49Fo24yOy5DvKeohobjYqzJAtbqaAH7iIQTpOZx91zUcL/yG4dWS6r+wGO7Z
+1RKpupOJLKG3lA==
+-----END PRIVATE KEY-----
+
+

plugins/jdpay/inc/cert/wy_rsa_public_key.pem

@@ -0,0 +1,6 @@
+-----BEGIN PUBLIC KEY-----
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCKE5N2xm3NIrXON8Zj19GNtLZ8
+xwEQ6uDIyrS3S03UhgBJMkGl4msfq4Xuxv6XUAN7oU1XhV3/xtabr9rXto4Ke3d6
+WwNbxwXnK5LSgsQc1BhT5NcXHXpGBdt7P8NMez5qGieOKqHGvT0qvjyYnYA29a8Z
+4wzNR7vAVHp36uD5RwIDAQAB
+-----END PUBLIC KEY-----

plugins/jdpay/inc/common/HttpUtils.php

@@ -0,0 +1,34 @@
+<?php
+
+/**
+ * HTTP工具类
+ *
+ * @author wywangzhenlong
+ *        
+ */
+class HttpUtils {
+
+	public function http_post_data($url, $data_string ) {
+
+		$TIMEOUT = 30;	//超时时间(秒)
+
+		$ch = curl_init ();
+        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
+        curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
+    	curl_setopt($ch, CURLOPT_TIMEOUT, $TIMEOUT);
+    	curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $TIMEOUT-2);
+		curl_setopt($ch, CURLOPT_URL, $url);
+		curl_setopt($ch, CURLOPT_POST, 1);
+		curl_setopt($ch, CURLOPT_POSTFIELDS, $data_string);
+		curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/xml;charset=utf-8'));
+		curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
+		$return_content = curl_exec($ch);
+		$return_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
+		curl_close($ch);
+		return array (
+				$return_code,
+				$return_content 
+		);
+	}
+
+}

plugins/jdpay/inc/common/RSAUtils.php

@@ -0,0 +1,18 @@
+<?php
+class RSAUtils{
+	public static function encryptByPrivateKey($data) {
+		$pi_key =  openssl_pkey_get_private(file_get_contents(PAY_ROOT.'inc/cert/seller_rsa_private_key.pem'));//这个函数可用来判断私钥是否是可用的，可用返回资源id Resource id
+		$encrypted="";
+		openssl_private_encrypt($data,$encrypted,$pi_key,OPENSSL_PKCS1_PADDING);//私钥加密
+		$encrypted = base64_encode($encrypted);//加密后的内容通常含有特殊字符，需要编码转换下，在网络间通过url传输时要注意base64编码是否是url安全的
+		return $encrypted;
+	}
+	
+	public static function decryptByPublicKey($data) {
+		$pu_key =  openssl_pkey_get_public(file_get_contents(PAY_ROOT.'inc/cert/wy_rsa_public_key.pem'));//这个函数可用来判断公钥是否是可用的，可用返回资源id Resource id
+		$decrypted = "";
+		$data = base64_decode($data);
+		openssl_public_decrypt($data,$decrypted,$pu_key);//公钥解密
+		return $decrypted;
+	}
+}

plugins/jdpay/inc/common/SignUtil.php

@@ -0,0 +1,49 @@
+<?php
+
+
+include PAY_ROOT.'inc/common/RSAUtils.php';
+
+/**
+ * 签名
+ *
+ *        
+ */
+class SignUtil {
+	
+// 	public static $unSignKeyList = array (
+// 			"merchantSign",
+// 			"version", 
+// 			"successCallbackUrl",
+// 			"forPayLayerUrl"
+// 	);
+	public static function signWithoutToHex($params,$unSignKeyList) {
+		ksort($params);
+  		$sourceSignString = SignUtil::signString ( $params, $unSignKeyList );
+  		//echo  "sourceSignString=".htmlspecialchars($sourceSignString)."<br/>";
+  		//error_log("=========>sourceSignString:".$sourceSignString, 0);
+  		$sha256SourceSignString = hash ( "sha256", $sourceSignString);	
+  		//error_log($sha256SourceSignString, 0);
+  		//echo "sha256SourceSignString=".htmlspecialchars($sha256SourceSignString)."<br/>";
+        return RSAUtils::encryptByPrivateKey ($sha256SourceSignString);
+	}
+	
+	public static function sign($params,$unSignKeyList) {
+		ksort($params);
+		$sourceSignString = SignUtil::signString ( $params, $unSignKeyList );
+		//error_log($sourceSignString, 0);
+		$sha256SourceSignString = hash ( "sha256", $sourceSignString);
+		//error_log($sha256SourceSignString, 0);
+		return RSAUtils::encryptByPrivateKey ($sha256SourceSignString);
+	}
+	
+	public static function signString($data, $unSignKeyList) {
+		$linkStr="";
+		$isFirst=true;
+		ksort($data);
+		foreach($data as $key=>$value){
+			if($value=="" || in_array($key, $unSignKeyList)) continue;
+			$linkStr.=$key."=".$value."&";
+		}
+		return substr($linkStr,0,-1);
+	}
+}

plugins/jdpay/inc/common/TDESUtil.php

@@ -0,0 +1,59 @@
+<?php
+
+class TDESUtil {
+	
+	/**
+	 * 将元数据进行补位后进行3DES加密
+	 * <p/>
+	 * 补位后 byte[] = 描述有效数据长度(int)的byte[]+原始数据byte[]+补位byte[]
+	 *
+	 * @param
+	 *        	sourceData 元数据字符串
+	 * @return 返回3DES加密后的16进制表示的字符串
+	 */
+	public static function encrypt2HexStr($keys, $sourceData) {
+		$length = strlen($sourceData);
+		$result = '';
+		for($i = 0; $i < 4; $i ++) {
+			$shift = (4 - 1 - $i) * 8;
+			$result .= chr(($length >> $shift) & 0x000000FF);
+		}
+		$result .= $sourceData;
+		$add = 8 - ($length+4) % 8;
+		if($add>0){
+			for($i=0; $i<$add; $i++){
+				$result .= chr(0);
+			}
+		}
+		$desdata = self::encrypt( $result, $keys );
+		return bin2hex( $desdata );
+	}
+	
+	/**
+	 * 3DES 解密 进行了补位的16进制表示的字符串数据
+	 *
+	 * @return
+	 *
+	 */
+	public static function decrypt4HexStr($keys, $data) {
+		$unDesResult = self::decrypt(hex2bin($data),$keys);
+
+		$length=0;
+		for($i = 0; $i < 4; $i ++) {
+			$shift = (4 - 1 - $i) * 8;
+			$length += (ord($unDesResult[$i]) & 0x000000FF) << $shift;
+		}
+		$result = substr($unDesResult, 4, $length);
+
+		return $result;
+	}
+	
+	// 加密算法
+	public static function encrypt($input, $key) {
+		return openssl_encrypt($input, 'des-ede3', $key, OPENSSL_NO_PADDING, "");
+	}
+	// 解密算法
+	public static function decrypt($encrypted, $key) {
+		return openssl_decrypt($encrypted, 'des-ede3', $key, OPENSSL_NO_PADDING, "");
+	}
+}

plugins/jdpay/inc/common/XMLUtil.php

@@ -0,0 +1,123 @@
+<?php
+include PAY_ROOT.'inc/common/RSAUtils.php';
+include PAY_ROOT.'inc/common/TDESUtil.php';
+
+class XMLUtil{
+	public static function arrtoxml($arr,$dom=0,$item=0){
+		//ksort($arr);
+		if (!$dom){
+				
+			$dom = new DOMDocument("1.0","UTF-8");
+		}
+		if(!$item){
+			$item = $dom->createElement("jdpay");
+			$item = $dom->appendChild($item);
+		}
+		
+		foreach ($arr as $key=>$val){
+			$itemx = $dom->createElement(is_string($key)?$key:"item");
+			$itemx = $item->appendChild($itemx);
+			if (!is_array($val)){
+				$text = $dom->createTextNode($val);
+				$text = $itemx->appendChild($text);
+				 
+			}else {
+				XMLUtil::arrtoxml($val,$dom,$itemx);
+			}
+		}
+		return $dom;
+	}
+	
+	public static function xmlToString($dom){
+		$xmlStr = $dom->saveXML();
+		$xmlStr = str_replace("\r", "", $xmlStr);
+		$xmlStr = str_replace("\n", "", $xmlStr);
+		$xmlStr = str_replace("\t", "", $xmlStr);
+		$xmlStr = preg_replace("/>\s+</", "><", $xmlStr);
+		$xmlStr = preg_replace("/\s+\/>/", "/>", $xmlStr);
+		$xmlStr = str_replace("=utf-8", "=UTF-8", $xmlStr);
+		return $xmlStr;
+	}
+	
+	public static function encryptReqXml($param){
+		$dom = XMLUtil::arrtoxml($param);
+		$xmlStr = XMLUtil::xmlToString($dom);
+		//echo "源串：".htmlspecialchars($xmlStr)."<br/>";
+		$sha256SourceSignString = hash("sha256", $xmlStr);
+		//echo "摘要:".$sha256SourceSignString."<br/>";
+		$sign = RSAUtils::encryptByPrivateKey($sha256SourceSignString);
+		$rootDom = $dom->getElementsByTagName("jdpay");
+		$signDom = $dom->createElement("sign");
+		$signDom = $rootDom[0]->appendChild($signDom);
+		$signText = $dom->createTextNode($sign);
+		$signText = $signDom->appendChild($signText);
+		$data = XMLUtil::xmlToString($dom);
+		//echo "封装后:".htmlspecialchars($data)."<br/>";
+		
+		$desKey = Confid_desKey;
+		$keys = base64_decode($desKey);
+		$encrypt = TDESUtil::encrypt2HexStr($keys, $data);
+		//echo "3DES后:".$encrypt."<br/>";
+		$encrypt = base64_encode($encrypt);
+		//echo "base64后:".$encrypt."<br/>";
+		$reqParam;
+		$reqParam["version"]=$param["version"];
+		$reqParam["merchant"]=$param["merchant"];
+		$reqParam["encrypt"]=$encrypt;
+		$reqDom = XMLUtil::arrtoxml($reqParam,0,0);
+		$reqXmlStr = XMLUtil::xmlToString($reqDom);
+		//echo htmlspecialchars($reqXmlStr)."<br/>";
+		return $reqXmlStr;
+	}
+	
+	public static function decryptResXml($resultData,&$resData){
+		$resultXml = simplexml_load_string($resultData);
+		$resultObj = json_decode(json_encode($resultXml),TRUE);
+		$encryptStr = $resultObj["encrypt"];
+		$encryptStr=base64_decode($encryptStr);
+		$desKey = Confid_desKey;
+		$keys = base64_decode($desKey);
+		$reqBody = TDESUtil::decrypt4HexStr($keys, $encryptStr);
+		//echo "请求返回encrypt Des解密后:".$reqBody."\n";
+		
+		$bodyXml = simplexml_load_string($reqBody);
+		//echo "请求返回encrypt Des解密后:".$bodyXml->saveXML()."\n";
+		$resData = json_decode(json_encode($bodyXml),TRUE);
+		
+		$inputSign = $resData["sign"];
+// 		$bodyDom = XMLUtil::arrtoxml($bodyObj,0,0);
+// 		$rootDom = $bodyDom->getElementsByTagName("jdpay");
+// 		$signNodelist = $rootDom[0]->getElementsByTagName("sign");
+// 		$rootDom[0]->removeChild($signNodelist[0]);
+		
+// 		$reqBodyStr = XMLUtil::xmlToString($bodyDom);
+
+		$startIndex = strpos($reqBody,"<sign>");
+		$endIndex = strpos($reqBody,"</sign>");
+		
+		if($startIndex!=false && $endIndex!=false){
+			$xmls = substr($reqBody, 0,$startIndex);
+			$xmle = substr($reqBody,$endIndex+7,strlen($reqBody));
+			$xml=$xmls.$xmle;
+		}
+		
+		//echo "本地摘要原串:".$xml."\n";
+		$sha256SourceSignString = hash("sha256", $xml);
+		//echo "本地摘要:".$sha256SourceSignString."\n";
+		
+		$decryptStr = RSAUtils::decryptByPublicKey($inputSign);
+		//echo "解密后摘要:".$decryptStr."\n";
+		if($decryptStr==$sha256SourceSignString){
+			//echo "验签成功<br/>";
+			$flag=true;
+		}else{
+			//echo "验签失败<br/>";
+			$flag=false;
+		}
+		$resData["version"]=$resultObj["version"];
+		$resData["merchant"]=$resultObj["merchant"];
+		$resData["result"]=$resultObj["result"];
+		//echo var_dump($resData);
+		return $flag;
+	}
+}