Skip to content

N
nlt-pufa-interface
Commit 871afdc6 by dliangx
Options

加解密测试

parent 66d904c4
Showing with 79 additions and 32 deletions
handler/auth.go
...@@ -14,17 +14,32 @@ import ( ...@@ -14,17 +14,32 @@ import (
func Auth(ctx context.Context, c *app.RequestContext) { func Auth(ctx context.Context, c *app.RequestContext) {
var err error var err error
var creq model.CryptHttpBodyReq[string] var creq model.CryptHttpBodyReq[[]byte]
var req model.HttpBodyReq[model.AuthReq] var req model.HttpBodyReq[model.AuthReq]
var resp model.HttpBodyResp[model.AuthResp] var resp model.HttpBodyResp[model.AuthResp]
err = c.BindAndValidate(&req) err = c.BindAndValidate(&req)
req = model.VerifyAndDecrypt[model.AuthReq](creq)
fmt.Println(req)
if err != nil { if err != nil {
resp.Head.Code = nltconst.PARAM_ERROR resp.Head.Code = nltconst.PARAM_ERROR
resp.Head.ServiceTime = nltconst.GetNowTime() resp.Head.ServiceTime = nltconst.GetNowTime()
resp.Head.ServiceSn = req.Head.ServiceSn resp.Head.ServiceSn = req.Head.ServiceSn
c.JSON(consts.StatusOK, model.EncryptAndSign(resp)) cresp, _ := model.EncryptAndSign(resp)
c.JSON(consts.StatusOK, cresp)
return
}
req, err = model.VerifyAndDecrypt[model.AuthReq](creq)
fmt.Println(req)
if err != nil {
if err.Error() == "解密错误" {
resp.Head.Code = nltconst.DECRYPT_ERROR
} else if err.Error() == "验签错误" {
resp.Head.Code = nltconst.VERIFY_ERROR
} else {
resp.Head.Code = nltconst.SYS_ERROR
}
resp.Head.ServiceTime = nltconst.GetNowTime()
resp.Head.ServiceSn = req.Head.ServiceSn
cresp, _ := model.EncryptAndSign(resp)
c.JSON(consts.StatusOK, cresp)
return return
} }
rows, err := db.DB.Query("select farm_name from loan_orderinfo where id_num = ?", &req.Request.IdNo) rows, err := db.DB.Query("select farm_name from loan_orderinfo where id_num = ?", &req.Request.IdNo)
...@@ -33,7 +48,8 @@ func Auth(ctx context.Context, c *app.RequestContext) { ...@@ -33,7 +48,8 @@ func Auth(ctx context.Context, c *app.RequestContext) {
resp.Head.Code = nltconst.SYS_ERROR resp.Head.Code = nltconst.SYS_ERROR
resp.Head.ServiceTime = nltconst.GetNowTime() resp.Head.ServiceTime = nltconst.GetNowTime()
resp.Head.ServiceSn = req.Head.ServiceSn resp.Head.ServiceSn = req.Head.ServiceSn
c.JSON(consts.StatusOK, model.EncryptAndSign(resp)) cresp, _ := model.EncryptAndSign(resp)
c.JSON(consts.StatusOK, cresp)
return return
} }
...@@ -49,7 +65,8 @@ func Auth(ctx context.Context, c *app.RequestContext) { ...@@ -49,7 +65,8 @@ func Auth(ctx context.Context, c *app.RequestContext) {
resp.Head.Code = string(nltconst.PERSON_INFO_NO_MATCH) resp.Head.Code = string(nltconst.PERSON_INFO_NO_MATCH)
resp.Head.ServiceTime = nltconst.GetNowTime() resp.Head.ServiceTime = nltconst.GetNowTime()
resp.Head.ServiceSn = req.Head.ServiceSn resp.Head.ServiceSn = req.Head.ServiceSn
c.JSON(consts.StatusOK, model.EncryptAndSign(resp)) cresp, _ := model.EncryptAndSign(resp)
c.JSON(consts.StatusOK, cresp)
return return
} }
...@@ -59,7 +76,8 @@ func Auth(ctx context.Context, c *app.RequestContext) { ...@@ -59,7 +76,8 @@ func Auth(ctx context.Context, c *app.RequestContext) {
resp.Head.Code = nltconst.SYS_ERROR resp.Head.Code = nltconst.SYS_ERROR
resp.Head.ServiceTime = nltconst.GetNowTime() resp.Head.ServiceTime = nltconst.GetNowTime()
resp.Head.ServiceSn = req.Head.ServiceSn resp.Head.ServiceSn = req.Head.ServiceSn
c.JSON(consts.StatusOK, model.EncryptAndSign(resp)) cresp, _ := model.EncryptAndSign(resp)
c.JSON(consts.StatusOK, cresp)
return return
} }
...@@ -67,7 +85,7 @@ func Auth(ctx context.Context, c *app.RequestContext) { ...@@ -67,7 +85,7 @@ func Auth(ctx context.Context, c *app.RequestContext) {
resp.Head.ServiceTime = nltconst.GetNowTime() resp.Head.ServiceTime = nltconst.GetNowTime()
resp.Head.ServiceSn = req.Head.ServiceSn resp.Head.ServiceSn = req.Head.ServiceSn
resp.Response.DirectURL = nltconst.DURL + "?param=" + req.Request.DuebillNoOrg resp.Response.DirectURL = nltconst.DURL + "?param=" + req.Request.DuebillNoOrg
cresp, _ := model.EncryptAndSign(resp)
c.JSON(consts.StatusOK, cresp)
c.JSON(consts.StatusOK, model.EncryptAndSign(resp))
return
} }
handler/pay_result.go
...@@ -14,15 +14,29 @@ import ( ...@@ -14,15 +14,29 @@ import (
func QueryPayResult(ctx context.Context, c *app.RequestContext) { func QueryPayResult(ctx context.Context, c *app.RequestContext) {
var err error var err error
var creq model.CryptHttpBodyReq[string] var creq model.CryptHttpBodyReq[[]byte]
var req model.HttpBodyReq[model.PayResultReq] var req model.HttpBodyReq[model.PayResultReq]
var resp model.HttpBodyResp[model.PayResultResp] var resp model.HttpBodyResp[model.PayResultResp]
err = c.BindAndValidate(&creq) err = c.BindAndValidate(&creq)
req = model.VerifyAndDecrypt[model.PayResultReq](creq)
if err != nil { if err != nil {
resp.Head.Code = nltconst.PARAM_ERROR resp.Head.Code = nltconst.PARAM_ERROR
resp.Head.ServiceTime = nltconst.GetNowTime() resp.Head.ServiceTime = nltconst.GetNowTime()
c.JSON(consts.StatusOK, model.EncryptAndSign(resp)) cresp, _ := model.EncryptAndSign(resp)
c.JSON(consts.StatusOK, cresp)
return
}
req, err = model.VerifyAndDecrypt[model.PayResultReq](creq)
if err != nil {
if err.Error() == "解密错误" {
resp.Head.Code = nltconst.DECRYPT_ERROR
} else if err.Error() == "验签错误" {
resp.Head.Code = nltconst.VERIFY_ERROR
} else {
resp.Head.Code = nltconst.SYS_ERROR
}
resp.Head.ServiceTime = nltconst.GetNowTime()
cresp, _ := model.EncryptAndSign(resp)
c.JSON(consts.StatusOK, cresp)
return return
} }
...@@ -36,7 +50,8 @@ func QueryPayResult(ctx context.Context, c *app.RequestContext) { ...@@ -36,7 +50,8 @@ func QueryPayResult(ctx context.Context, c *app.RequestContext) {
resp.Head.Code = nltconst.SYS_ERROR resp.Head.Code = nltconst.SYS_ERROR
resp.Head.ServiceTime = nltconst.GetNowTime() resp.Head.ServiceTime = nltconst.GetNowTime()
resp.Head.ServiceSn = req.Head.ServiceSn resp.Head.ServiceSn = req.Head.ServiceSn
c.JSON(consts.StatusOK, model.EncryptAndSign(resp)) cresp, _ := model.EncryptAndSign(resp)
c.JSON(consts.StatusOK, cresp)
return return
} }
var count int var count int
...@@ -53,7 +68,8 @@ func QueryPayResult(ctx context.Context, c *app.RequestContext) { ...@@ -53,7 +68,8 @@ func QueryPayResult(ctx context.Context, c *app.RequestContext) {
resp.Head.Code = nltconst.NODATA resp.Head.Code = nltconst.NODATA
resp.Head.ServiceTime = nltconst.GetNowTime() resp.Head.ServiceTime = nltconst.GetNowTime()
resp.Head.ServiceSn = req.Head.ServiceSn resp.Head.ServiceSn = req.Head.ServiceSn
c.JSON(consts.StatusOK, model.EncryptAndSign(resp)) cresp, _ := model.EncryptAndSign(resp)
c.JSON(consts.StatusOK, cresp)
return return
} }
...@@ -63,14 +79,14 @@ func QueryPayResult(ctx context.Context, c *app.RequestContext) { ...@@ -63,14 +79,14 @@ func QueryPayResult(ctx context.Context, c *app.RequestContext) {
resp.Head.Code = nltconst.SYS_ERROR resp.Head.Code = nltconst.SYS_ERROR
resp.Head.ServiceTime = nltconst.GetNowTime() resp.Head.ServiceTime = nltconst.GetNowTime()
resp.Head.ServiceSn = req.Head.ServiceSn resp.Head.ServiceSn = req.Head.ServiceSn
c.JSON(consts.StatusOK, model.EncryptAndSign(resp)) cresp, _ := model.EncryptAndSign(resp)
c.JSON(consts.StatusOK, cresp)
return return
} }
resp.Head.Code = string(nltconst.SUCCESS) resp.Head.Code = string(nltconst.SUCCESS)
resp.Head.ServiceTime = nltconst.GetNowTime() resp.Head.ServiceTime = nltconst.GetNowTime()
resp.Head.ServiceSn = req.Head.ServiceSn resp.Head.ServiceSn = req.Head.ServiceSn
cresp, _ := model.EncryptAndSign(resp)
c.JSON(consts.StatusOK, model.EncryptAndSign(resp)) c.JSON(consts.StatusOK, cresp)
return
} }
model/http_body.go
...@@ -3,6 +3,7 @@ package model ...@@ -3,6 +3,7 @@ package model
import ( import (
"crypto/rand" "crypto/rand"
"encoding/json" "encoding/json"
"errors"
"log" "log"
"strings" "strings"
...@@ -12,12 +13,12 @@ import ( ...@@ -12,12 +13,12 @@ import (
type CryptHttpBodyReq[T any] struct { type CryptHttpBodyReq[T any] struct {
Request HttpBodyReq[T] Request HttpBodyReq[T]
Signature string Signature []byte
} }
type CryptHttpBodyResp[T any] struct { type CryptHttpBodyResp[T any] struct {
Response HttpBodyResp[T] Response HttpBodyResp[T]
Signature string Signature []byte
} }
type HttpBodyReq[T any] struct { type HttpBodyReq[T any] struct {
...@@ -41,8 +42,8 @@ type RespHead struct { ...@@ -41,8 +42,8 @@ type RespHead struct {
ServiceSn string `json:"serviceSn"` ServiceSn string `json:"serviceSn"`
} }
func EncryptAndSign[T any](resp HttpBodyResp[T]) CryptHttpBodyResp[string] { func EncryptAndSign[T any](resp HttpBodyResp[T]) (CryptHttpBodyResp[[]byte], error) {
var cresp CryptHttpBodyResp[string] var cresp CryptHttpBodyResp[[]byte]
privateKeyBytes, _ := sm2.GenerateKey(strings.NewReader(nltconst.SM2_PRIVATE_KEY)) privateKeyBytes, _ := sm2.GenerateKey(strings.NewReader(nltconst.SM2_PRIVATE_KEY))
// 对应的公钥 // 对应的公钥
...@@ -50,49 +51,59 @@ func EncryptAndSign[T any](resp HttpBodyResp[T]) CryptHttpBodyResp[string] { ...@@ -50,49 +51,59 @@ func EncryptAndSign[T any](resp HttpBodyResp[T]) CryptHttpBodyResp[string] {
body, err := json.Marshal(resp.Response) body, err := json.Marshal(resp.Response)
if err != nil { if err != nil {
log.Println(err.Error()) log.Println(err.Error())
return cresp, err
} }
ciphertext, err := sm2.Encrypt(publicKey, body, rand.Reader, sm2.C1C2C3) ciphertext, err := sm2.Encrypt(publicKey, body, rand.Reader, sm2.C1C2C3)
if err != nil { if err != nil {
log.Println(err) log.Println(err)
return cresp, err
} }
cresp.Response.Head = resp.Head cresp.Response.Head = resp.Head
cresp.Response.Response = string(ciphertext) cresp.Response.Response = ciphertext
response, err := json.Marshal(resp) jsonResp, err := json.Marshal(resp)
if err != nil {
log.Println(err)
return cresp, err
}
uid := []byte("tk") uid := []byte("tk")
r, s, err := sm2.Sm2Sign(privateKeyBytes, response, uid, rand.Reader) r, s, err := sm2.Sm2Sign(privateKeyBytes, jsonResp, uid, rand.Reader)
if err != nil { if err != nil {
log.Println(err) log.Println(err)
return cresp, err
} }
rBytes := r.Bytes() rBytes := r.Bytes()
sBytes := s.Bytes() sBytes := s.Bytes()
signature := append(rBytes, sBytes...) signature := append(rBytes, sBytes...)
cresp.Signature = string(signature) cresp.Signature = signature
return cresp return cresp, err
} }
func VerifyAndDecrypt[T any](creq CryptHttpBodyReq[string]) HttpBodyReq[T] { func VerifyAndDecrypt[T any](creq CryptHttpBodyReq[[]byte]) (HttpBodyReq[T], error) {
var req HttpBodyReq[T] var req HttpBodyReq[T]
privateKeyBytes, _ := sm2.GenerateKey(strings.NewReader(nltconst.SM2_PRIVATE_KEY)) privateKeyBytes, _ := sm2.GenerateKey(strings.NewReader(nltconst.SM2_PRIVATE_KEY))
signature := creq.Signature signature := creq.Signature
r, s, err := sm2.SignDataToSignDigit([]byte(signature)) r, s, err := sm2.SignDataToSignDigit([]byte(signature))
if err != nil { if err != nil {
log.Println(err) log.Println(err)
return req, err
} }
uid := []byte("tk") uid := []byte("tk")
if sm2.Sm2Verify(&privateKeyBytes.PublicKey, []byte(creq.Request.Request), uid, r, s) { if sm2.Sm2Verify(&privateKeyBytes.PublicKey, creq.Signature, uid, r, s) {
tx, err := sm2.Decrypt(privateKeyBytes, []byte(creq.Request.Request), sm2.C1C2C3) tx, err := sm2.Decrypt(privateKeyBytes, []byte(creq.Request.Request), sm2.C1C2C3)
if err != nil { if err != nil {
log.Println(err) log.Println(err)
return req, errors.New("解密错误")
} }
req.Head = creq.Request.Head req.Head = creq.Request.Head
err = json.Unmarshal(tx, req.Request) err = json.Unmarshal(tx, req.Request)
if err != nil { if err != nil {
log.Println(err) log.Println(err)
return req, err
} }
return req return req, err
} else {
return req, errors.New("验签错误")
} }
return req
} }
nltconst/const.go
...@@ -15,6 +15,8 @@ const ( ...@@ -15,6 +15,8 @@ const (
PERSON_INFO_NO_MATCH = "W380002" PERSON_INFO_NO_MATCH = "W380002"
NO_ACCESS_BUSI = "W380003" NO_ACCESS_BUSI = "W380003"
DATA_LOADING = "W380004" DATA_LOADING = "W380004"
VERIFY_ERROR = "W380005"
DECRYPT_ERROR = "W380006"
) )
func (c NLTStatus) String() string { func (c NLTStatus) String() string {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment