Add public key certificate encryption method.

Author: maxsky

src/AbstractAopGateway.php

@@ -158,6 +158,86 @@ public function setPrivateKey($value)
     }
 
 
+    /**
+     * @return mixed
+     */
+    public function getAlipayRootCert()
+    {
+        return $this->getParameter('alipay_root_cert');
+    }
+
+
+    /**
+     * @param $value
+     *
+     * @return $this
+     */
+    public function setAlipayRootCert($value)
+    {
+        return $this->setParameter('alipay_root_cert', $value);
+    }
+
+
+    /**
+     * @return mixed
+     */
+    public function getAlipayPublicCert()
+    {
+        return $this->getParameter('alipay_public_cert');
+    }
+
+
+    /**
+     * @param $value
+     *
+     * @return $this
+     */
+    public function setAlipayPublicCert($value)
+    {
+        return $this->setParameter('alipay_public_cert', $value);
+    }
+
+
+    /**
+     * @return mixed
+     */
+    public function getAppCert()
+    {
+        return $this->getParameter('app_cert');
+    }
+
+
+    /**
+     * @param $value
+     *
+     * @return $this
+     */
+    public function setAppCert($value)
+    {
+        return $this->setParameter('app_cert', $value);
+    }
+
+
+    /**
+     * @return mixed
+     */
+    public function getCheckAlipayPublicCert()
+    {
+        return $this->getParameter('check_alipay_public_cert');
+    }
+
+
+    /**
+     * @param bool $value
+     *
+     * @return $this
+     */
+    public function setCheckAlipayPublicCert($value)
+    {
+        return $this->setParameter('check_alipay_public_cert', $value);
+    }
+
+
     /**
      * @return mixed
      */

src/Common/Signer.php

@@ -7,6 +7,7 @@
 /**
  * Sign Tool for Alipay
  * Class Signer
+ *
  * @package Omnipay\Alipay\Common
  */
 class Signer
@@ -17,7 +18,7 @@ class Signer
     const KEY_TYPE_PUBLIC = 1;
     const KEY_TYPE_PRIVATE = 2;
 
-    protected $ignores = ['sign', 'sign_type'];
+    protected $ignores = ['sign'];
 
     protected $sort = true;
 
@@ -124,16 +125,29 @@ protected function sort(&$params)
     }
 
 
+    /**
+     * @param string $privateKey
+     * @param int    $alg
+     *
+     * @return string
+     * @throws Exception
+     */
     public function signWithRSA($privateKey, $alg = OPENSSL_ALGO_SHA1)
     {
         $content = $this->getContentToSign();
 
-        $sign = $this->signContentWithRSA($content, $privateKey, $alg);
-
-        return $sign;
+        return $this->signContentWithRSA($content, $privateKey, $alg);
     }
 
 
+    /**
+     * @param string $content
+     * @param string $privateKey
+     * @param int    $alg
+     *
+     * @return string
+     * @throws Exception
+     */
     public function signContentWithRSA($content, $privateKey, $alg = OPENSSL_ALGO_SHA1)
     {
         $privateKey = $this->prefix($privateKey);
@@ -153,9 +167,8 @@ public function signContentWithRSA($content, $privateKey, $alg = OPENSSL_ALGO_SH
         }
 
         openssl_free_key($res);
-        $sign = base64_encode($sign);
 
-        return $sign;
+        return base64_encode($sign);
     }
 
 
@@ -201,8 +214,8 @@ public function format($key, $type)
     /**
      * Convert one line key to standard format
      *
-     * @param $key
-     * @param $type
+     * @param string $key
+     * @param int    $type
      *
      * @return string
      */
@@ -236,6 +249,15 @@ public function verifyWithMD5($content, $sign, $key)
     }
 
 
+    /**
+     * @param string $content
+     * @param string $sign
+     * @param string $publicKey
+     * @param int    $alg
+     *
+     * @return bool
+     * @throws Exception
+     */
     public function verifyWithRSA($content, $sign, $publicKey, $alg = OPENSSL_ALGO_SHA1)
     {
         $publicKey = $this->prefix($publicKey);

src/Common/helpers.php

@@ -1,15 +1,15 @@
 <?php
 
-/**
- * Get an item from an array using "dot" notation.
- *
- * @param  array  $array
- * @param  string $key
- * @param  mixed  $default
- *
- * @return mixed
- */
-if (! function_exists('array_get')) {
+if (!function_exists('array_get')) {
+    /**
+     * Get an item from an array using "dot" notation.
+     *
+     * @param array  $array
+     * @param string $key
+     * @param mixed  $default
+     *
+     * @return mixed
+     */
     function array_get($array, $key, $default = null)
     {
         if (is_null($key)) {
@@ -21,7 +21,7 @@ function array_get($array, $key, $default = null)
         }
 
         foreach (explode('.', $key) as $segment) {
-            if (! is_array($array) || ! array_key_exists($segment, $array)) {
+            if (!is_array($array) || !array_key_exists($segment, $array)) {
                 return value($default);
             }
 
@@ -32,7 +32,7 @@ function array_get($array, $key, $default = null)
     }
 }
 
-if (! function_exists('array_has')) {
+if (!function_exists('array_has')) {
     function array_has($array, $key)
     {
         if (empty($array) || is_null($key)) {
@@ -44,7 +44,7 @@ function array_has($array, $key)
         }
 
         foreach (explode('.', $key) as $segment) {
-            if (! is_array($array) || ! array_key_exists($segment, $array)) {
+            if (!is_array($array) || !array_key_exists($segment, $array)) {
                 return false;
             }
 
@@ -55,16 +55,116 @@ function array_has($array, $key)
     }
 }
 
-/**
- * Return the default value of the given value.
- *
- * @param  mixed $value
- *
- * @return mixed
- */
-if (! function_exists('value')) {
+if (!function_exists('value')) {
+    /**
+     * Return the default value of the given value.
+     *
+     * @param mixed $value
+     *
+     * @return mixed
+     */
     function value($value)
     {
         return $value instanceof Closure ? $value() : $value;
     }
 }
+
+if (!function_exists('hex2dec')) {
+    /**
+     * @param string $hex
+     *
+     * @return string
+     */
+    function hex2dec($hex)
+    {
+        $dec = '0';
+
+        $len = strlen($hex);
+
+        for ($i = 1; $i <= $len; $i++) {
+            $n = $hex[$i - 1];
+            if (ctype_xdigit($n)) {
+                $dec = bcadd($dec, bcmul((string)hexdec($n), bcpow('16', (string)($len - $i))));
+            }
+        }
+
+        return $dec;
+    }
+}
+
+if (!function_exists('getRootCertSN')) {
+    /**
+     * @param string $certPath
+     *
+     * @return string|null
+     */
+    function getRootCertSN($certPath)
+    {
+        $array = explode('-----END CERTIFICATE-----', file_get_contents($certPath));
+
+        $rootSN = null;
+
+        foreach ($array as $i) {
+            $ssl = openssl_x509_parse($i . '-----END CERTIFICATE-----');
+
+            if (in_array($ssl['signatureTypeLN'], ['sha1WithRSAEncryption', 'sha256WithRSAEncryption'])) {
+                $sn = getCertSN($ssl, true);
+                if (is_null($rootSN)) {
+                    $rootSN = $sn;
+                } else {
+                    $rootSN .= "_{$sn}";
+                }
+            }
+        }
+
+        return $rootSN;
+    }
+}
+
+if (!function_exists('getCertSN')) {
+    /**
+     * @param string $cert
+     * @param bool   $parsed
+     *
+     * @return string|null
+     */
+    function getCertSN($cert, $parsed = false)
+    {
+        if ($parsed) {
+            $ssl = $cert;
+        } else {
+            if (is_file($cert)) {
+                $cert = file_get_contents($cert);
+            }
+            $ssl = openssl_x509_parse($cert);
+        }
+
+        if (strpos($ssl['serialNumber'], '0x') === 0) {
+            $ssl['serialNumber'] = hex2dec($ssl['serialNumber']);
+        }
+
+        $array = array_reverse($ssl['issuer']);
+
+        $names = [];
+        foreach ($array as $key => $value) {
+            $names[] = "{$key}={$value}";
+        }
+
+        return md5(implode(',', $names) . $ssl['serialNumber']);
+    }
+}
+
+if (!function_exists('getPublicKey')) {
+    /**
+     * @param string $certPath
+     *
+     * @return string
+     */
+    function getPublicKey($certPath)
+    {
+        $pkey = openssl_pkey_get_public(file_get_contents($certPath));
+        $keyData = openssl_pkey_get_details($pkey);
+        $public_key = str_replace('-----BEGIN PUBLIC KEY-----', '', $keyData['key']);
+        return trim(str_replace('-----END PUBLIC KEY-----', '', $public_key));
+    }
+}