|
|
@@ -8,8 +8,10 @@ class RefillCallBack implements refill\IRefillCallBack
|
|
|
{
|
|
|
public function verify($params): bool
|
|
|
{
|
|
|
- $sign = $this->sign($params);
|
|
|
- if ($params['Sign'] == $sign) {
|
|
|
+ $input = $params;
|
|
|
+ unset($input['sign']);
|
|
|
+ $sign = $this->sign($input);
|
|
|
+ if ($params['sign'] == $sign) {
|
|
|
return true;
|
|
|
} else {
|
|
|
return false;
|
|
|
@@ -18,9 +20,20 @@ class RefillCallBack implements refill\IRefillCallBack
|
|
|
|
|
|
private function sign($params)
|
|
|
{
|
|
|
- $key = config::KEY;
|
|
|
- $content = "Orderid={$params['Orderid']}&Chargeid={$params['Chargeid']}&Orderstatu_int={$params['Orderstatu_int']}&Errorcode={$params['Errorcode']}&Password={$key}";
|
|
|
- return md5($content);
|
|
|
+ $content = '';
|
|
|
+ ksort($params);
|
|
|
+ foreach ($params as $key => $val){
|
|
|
+ $content .= "{$key}={$val}&";
|
|
|
+ }
|
|
|
+ $content = rtrim($content,'&');
|
|
|
+ $res = openssl_pkey_get_private(config::PRIVATE_KEY);
|
|
|
+ openssl_sign($content, $sign, $res);
|
|
|
+ return bin2hex($sign);
|
|
|
+ }
|
|
|
+
|
|
|
+ public function message_decrypt($message)
|
|
|
+ {
|
|
|
+ return json_decode(openssl_decrypt($message, 'AES-256-ECB', config::AES_KEY, 0, ''));
|
|
|
}
|
|
|
|
|
|
|
