zhimeng
/
agent_ad
2
0
Derivar 0
Código Questões 0 Pedidos de integração 0 Lançamentos 0 Wiki Trabalho
广告平台(站长下代理使用)
Não pode escolher mais do que 25 tópicos Os tópicos devem começar com uma letra ou um número, podem incluir traços ('-') e podem ter até 35 caracteres.
14 Cometimentos
1 Ramo
465 KiB
Árvore: f3b22c6b9c
Ramos Etiquetas
${ item.name }
Criar ramo ${ searchTerm }
de 'f3b22c6b9c'
${ noResults }
agent_ad/app/utils/sign_check.go

sign_check.go 3.7 KiB
Em bruto Vista normal Histórico

first commit
há 1 mês
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125 
  1. package utils

  2. 

  3. import (

  4. 	"applet/app/utils/logx"

  5. 	"fmt"

  6. 	"github.com/forgoer/openssl"

  7. 	"github.com/gin-gonic/gin"

  8. 	"github.com/syyongx/php2go"

  9. 	"strings"

  10. )

  11. 

  12. var publicKey = []byte(`-----BEGIN PUBLIC KEY-----

  13. MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCFQD7RL2tDNuwdg0jTfV0zjAzh

  14. WoCWfGrcNiucy2XUHZZU2oGhHv1N10qu3XayTDD4pu4sJ73biKwqR6ZN7IS4Sfon

  15. vrzaXGvrTG4kmdo3XrbrkzmyBHDLTsJvv6pyS2HPl9QPSvKDN0iJ66+KN8QjBpw1

  16. FNIGe7xbDaJPY733/QIDAQAB

  17. -----END PUBLIC KEY-----`)

  18. 

  19. var privateKey = []byte(`-----BEGIN RSA PRIVATE KEY-----

  20. MIICXAIBAAKBgQCFQD7RL2tDNuwdg0jTfV0zjAzhWoCWfGrcNiucy2XUHZZU2oGh

  21. Hv1N10qu3XayTDD4pu4sJ73biKwqR6ZN7IS4SfonvrzaXGvrTG4kmdo3Xrbrkzmy

  22. BHDLTsJvv6pyS2HPl9QPSvKDN0iJ66+KN8QjBpw1FNIGe7xbDaJPY733/QIDAQAB

  23. AoGADi14wY8XDY7Bbp5yWDZFfV+QW0Xi2qAgSo/k8gjeK8R+I0cgdcEzWF3oz1Q2

  24. 9d+PclVokAAmfj47e0AmXLImqMCSEzi1jDBUFIRoJk9WE1YstE94mrCgV0FW+N/u

  25. +L6OgZcjmF+9dHKprnpaUGQuUV5fF8j0qp8S2Jfs3Sw+dOECQQCQnHALzFjmXXIR

  26. Ez3VSK4ZoYgDIrrpzNst5Hh6AMDNZcG3CrCxlQrgqjgTzBSr3ZSavvkfYRj42STk

  27. TqyX1tQFAkEA6+O6UENoUTk2lG7iO/ta7cdIULnkTGwQqvkgLIUjk6w8E3sBTIfw

  28. rerTEmquw5F42HHE+FMrRat06ZN57lENmQJAYgUHlZevcoZIePZ35Qfcqpbo4Gc8

  29. Fpm6vwKr/tZf2Vlt0qo2VkhWFS6L0C92m4AX6EQmDHT+Pj7BWNdS+aCuGQJBAOkq

  30. NKPZvWdr8jNOV3mKvxqB/U0uMigIOYGGtvLKt5vkh42J7ILFbHW8w95UbWMKjDUG

  31. X/hF3WQEUo//Imsa2yECQHSZIpJxiTRueoDiyRt0LH+jdbYFUu/6D0UIYXhFvP/p

  32. EZX+hfCfUnNYX59UVpRjSZ66g0CbCjuBPOhmOD+hDeQ=

  33. -----END RSA PRIVATE KEY-----`)

  34. 

  35. func GetApiVersion(c *gin.Context) int {

  36. 	var apiVersion = c.GetHeader("apiVersion")

  37. 	if StrToInt(apiVersion) == 0 { //没有版本号先不校验

  38. 		apiVersion = c.GetHeader("Apiversion")

  39. 	}

  40. 	if StrToInt(apiVersion) == 0 { //没有版本号先不校验

  41. 		apiVersion = c.GetHeader("api_version")

  42. 	}

  43. 	return StrToInt(apiVersion)

  44. }

  45. 

  46. //签名校验

  47. func SignCheck(c *gin.Context) bool {

  48. 	var apiVersion = GetApiVersion(c)

  49. 	if apiVersion == 0 { //没有版本号先不校验

  50. 		return true

  51. 	}

  52. 	//1.通过rsa 解析出 aes

  53. 	var key = c.GetHeader("key")

  54. 

  55. 	//拼接对应参数

  56. 	var uri = c.Request.RequestURI

  57. 	var query = GetQueryParam(uri)

  58. 	fmt.Println(query)

  59. 	query["timestamp"] = c.GetHeader("timestamp")

  60. 	query["nonce"] = c.GetHeader("nonce")

  61. 	query["key"] = key

  62. 	token := c.GetHeader("Authorization")

  63. 	if token != "" {

  64. 		// 按空格分割

  65. 		parts := strings.SplitN(token, " ", 2)

  66. 		if len(parts) == 2 && parts[0] == "Bearer" {

  67. 			token = parts[1]

  68. 		}

  69. 	}

  70. 	query["token"] = token

  71. 	//2.query参数按照 ASCII 码从小到大排序

  72. 	str := JoinStringsInASCII(query, "&", false, false, "")

  73. 	//3.拼上密钥

  74. 	secret := ""

  75. 	if InArr(c.GetHeader("platform"), []string{"android", "ios"}) {

  76. 		secret = c.GetString("app_api_secret_key")

  77. 	} else if c.GetHeader("platform") == "wap" {

  78. 		secret = c.GetString("h5_api_secret_key")

  79. 	} else {

  80. 		secret = c.GetString("applet_api_secret_key")

  81. 	}

  82. 	str = fmt.Sprintf("%s&secret=%s", str, secret)

  83. 	fmt.Println(str)

  84. 	//4.md5加密 转小写

  85. 	sign := strings.ToLower(Md5(str))

  86. 	//5.判断跟前端传来的sign是否一致

  87. 	if sign != c.GetHeader("sign") {

  88. 		return false

  89. 	}

  90. 	return true

  91. }

  92. 

  93. func ResultAes(c *gin.Context, raw []byte) string {

  94. 	var key = c.GetHeader("key")

  95. 	base, _ := php2go.Base64Decode(key)

  96. 	aes, err := RsaDecrypt([]byte(base), privateKey)

  97. 	if err != nil {

  98. 		logx.Info(err)

  99. 		return ""

  100. 	}

  101. 

  102. 	str, _ := openssl.AesECBEncrypt(raw, aes, openssl.PKCS7_PADDING)

  103. 	value := php2go.Base64Encode(string(str))

  104. 	fmt.Println(value)

  105. 

  106. 	return value

  107. }

  108. 

  109. func ResultAesDecrypt(c *gin.Context, raw string) string {

  110. 	var key = c.GetHeader("key")

  111. 	base, _ := php2go.Base64Decode(key)

  112. 	aes, err := RsaDecrypt([]byte(base), privateKey)

  113. 	if err != nil {

  114. 		logx.Info(err)

  115. 		return ""

  116. 	}

  117. 	fmt.Println(raw)

  118. 	value1, _ := php2go.Base64Decode(raw)

  119. 	if value1 == "" {

  120. 		return ""

  121. 	}

  122. 	str1, _ := openssl.AesECBDecrypt([]byte(value1), aes, openssl.PKCS7_PADDING)

  123. 

  124. 	return string(str1)

  125. }