🎨 【微信支付】调整逻辑：当完全使用公钥模式时，也可从p12证书中读取证书私钥等

2025-12-23 02:18:07 +08:00 · 2025-06-03 11:53:45 +08:00
parent ecce9292b2
commit 388188b694
1 changed files with 21 additions and 38 deletions
--- a/weixin-java-pay/src/main/java/com/github/binarywang/wxpay/config/WxPayConfig.java
+++ b/weixin-java-pay/src/main/java/com/github/binarywang/wxpay/config/WxPayConfig.java
@@ -298,24 +298,6 @@ public class WxPayConfig {
      PrivateKey merchantPrivateKey = null;
      PublicKey publicKey = null;

-      // 使用完全公钥模式时，只加载公钥相关配置，避免下载平台证书使灰度切换无法达到100%覆盖
-      if (this.fullPublicKeyModel) {
-        if (StringUtils.isBlank(this.getCertSerialNo())) {
-          throw new WxPayException("使用公钥模式时，请确保certSerialNo(apiV3证书序列号)值已设置");
-        }
-        if (StringUtils.isBlank(this.getPublicKeyId())) {
-          throw new WxPayException("使用公钥模式时，请确保publicKeyId值已设置");
-        }
-        if (StringUtils.isBlank(this.getPublicKeyString()) && StringUtils.isBlank(this.getPublicKeyPath()) && this.getPublicKeyContent() == null) {
-          throw new WxPayException("使用公钥模式时，请确保publicKeyString/publicKeyPath/publicKeyContent其中一项值已设置");
-        }
-
-        try (InputStream pubInputStream =
-               this.loadConfigInputStream(this.getPublicKeyString(), this.getPublicKeyPath(),
-                 this.getPublicKeyContent(), "publicKeyPath")) {
-          publicKey = PemUtils.loadPublicKey(pubInputStream);
-        }
-      } else {
      // 不使用完全公钥模式时，同时兼容平台证书和公钥
      X509Certificate certificate = null;
      // 尝试从p12证书中加载私钥和证书
@@ -332,6 +314,7 @@ public class WxPayConfig {
        }
        this.certSerialNo = certificate.getSerialNumber().toString(16).toUpperCase();
      }
+
      if (this.getPublicKeyString() != null || this.getPublicKeyPath() != null || this.publicKeyContent != null) {
        if (StringUtils.isBlank(this.getPublicKeyId())) {
          throw new WxPayException("请确保和publicKeyId配套使用");
@@ -342,7 +325,6 @@ public class WxPayConfig {
          publicKey = PemUtils.loadPublicKey(pubInputStream);
        }
      }
-      }

      // 加载api私钥
      if (merchantPrivateKey == null && (StringUtils.isNotBlank(this.getPrivateKeyPath()) || StringUtils.isNotBlank(this.getPrivateKeyString()) || null != this.privateKeyContent)) {
@@ -358,6 +340,7 @@ public class WxPayConfig {
      // 构造证书验签器
      Verifier certificatesVerifier;
      if (this.fullPublicKeyModel) {
+        // 使用完全公钥模式时，只加载公钥相关配置，避免下载平台证书使灰度切换无法达到100%覆盖
        certificatesVerifier = VerifierBuilder.buildPublicCertVerifier(this.publicKeyId, publicKey);
      } else {
        certificatesVerifier = VerifierBuilder.build(