lxm_library_java/WxJava
1
0
Fork 0
mirror of synced 2025-12-23 18:48:00 +08:00
Code Issues Projects Releases Wiki Activity

🎨 【微信支付】调整逻辑:当完全使用公钥模式时,也可从p12证书中读取证书私钥等

Browse Source
This commit is contained in:
Molzx
2025-06-03 11:53:45 +08:00
committed by GitHub
parent ecce9292b2
commit 388188b694
1 changed files with 21 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
weixin-java-pay/src/main/java/com/github/binarywang/wxpay/config/WxPayConfig.java
View File

@@ -298,24 +298,6 @@ public class WxPayConfig {
PrivateKey merchantPrivateKey = null; PrivateKey merchantPrivateKey = null;
PublicKey publicKey = null; PublicKey publicKey = null;
// 使用完全公钥模式时只加载公钥相关配置避免下载平台证书使灰度切换无法达到100%覆盖
if (this.fullPublicKeyModel) {
if (StringUtils.isBlank(this.getCertSerialNo())) {
throw new WxPayException("使用公钥模式时请确保certSerialNo(apiV3证书序列号)值已设置");
}
if (StringUtils.isBlank(this.getPublicKeyId())) {
throw new WxPayException("使用公钥模式时请确保publicKeyId值已设置");
}
if (StringUtils.isBlank(this.getPublicKeyString()) && StringUtils.isBlank(this.getPublicKeyPath()) && this.getPublicKeyContent() == null) {
throw new WxPayException("使用公钥模式时请确保publicKeyString/publicKeyPath/publicKeyContent其中一项值已设置");
}
try (InputStream pubInputStream =
this.loadConfigInputStream(this.getPublicKeyString(), this.getPublicKeyPath(),
this.getPublicKeyContent(), "publicKeyPath")) {
publicKey = PemUtils.loadPublicKey(pubInputStream);
}
} else {
// 不使用完全公钥模式时,同时兼容平台证书和公钥 // 不使用完全公钥模式时,同时兼容平台证书和公钥
X509Certificate certificate = null; X509Certificate certificate = null;
// 尝试从p12证书中加载私钥和证书 // 尝试从p12证书中加载私钥和证书
@@ -332,6 +314,7 @@ public class WxPayConfig {
} }
this.certSerialNo = certificate.getSerialNumber().toString(16).toUpperCase(); this.certSerialNo = certificate.getSerialNumber().toString(16).toUpperCase();
} }
if (this.getPublicKeyString() != null || this.getPublicKeyPath() != null || this.publicKeyContent != null) { if (this.getPublicKeyString() != null || this.getPublicKeyPath() != null || this.publicKeyContent != null) {
if (StringUtils.isBlank(this.getPublicKeyId())) { if (StringUtils.isBlank(this.getPublicKeyId())) {
throw new WxPayException("请确保和publicKeyId配套使用"); throw new WxPayException("请确保和publicKeyId配套使用");
@@ -342,7 +325,6 @@ public class WxPayConfig {
publicKey = PemUtils.loadPublicKey(pubInputStream); publicKey = PemUtils.loadPublicKey(pubInputStream);
} }
} }
}
// 加载api私钥 // 加载api私钥
if (merchantPrivateKey == null && (StringUtils.isNotBlank(this.getPrivateKeyPath()) || StringUtils.isNotBlank(this.getPrivateKeyString()) || null != this.privateKeyContent)) { if (merchantPrivateKey == null && (StringUtils.isNotBlank(this.getPrivateKeyPath()) || StringUtils.isNotBlank(this.getPrivateKeyString()) || null != this.privateKeyContent)) {
@@ -358,6 +340,7 @@ public class WxPayConfig {
// 构造证书验签器 // 构造证书验签器
Verifier certificatesVerifier; Verifier certificatesVerifier;
if (this.fullPublicKeyModel) { if (this.fullPublicKeyModel) {
// 使用完全公钥模式时只加载公钥相关配置避免下载平台证书使灰度切换无法达到100%覆盖
certificatesVerifier = VerifierBuilder.buildPublicCertVerifier(this.publicKeyId, publicKey); certificatesVerifier = VerifierBuilder.buildPublicCertVerifier(this.publicKeyId, publicKey);
} else { } else {
certificatesVerifier = VerifierBuilder.build( certificatesVerifier = VerifierBuilder.build(