From b135c2bb71b5e69d3e5ebb453761ad6e5a83b115 Mon Sep 17 00:00:00 2001 From: Jerry <85411418@qq.com> Date: Thu, 19 Oct 2023 16:50:57 +0800 Subject: [PATCH] sha256 new everytime --- alipay/client.go | 9 --------- alipay/sign.go | 15 ++++++--------- wechat/v3/client.go | 4 ---- wechat/v3/sign.go | 20 ++++++-------------- 4 files changed, 12 insertions(+), 36 deletions(-) diff --git a/alipay/client.go b/alipay/client.go index 17d0d8da..15847812 100644 --- a/alipay/client.go +++ b/alipay/client.go @@ -2,13 +2,9 @@ package alipay import ( "crypto/rsa" - "crypto/sha1" - "crypto/sha256" "encoding/base64" "encoding/json" "fmt" - "hash" - "sync" "time" "github.com/go-pay/gopay" @@ -39,9 +35,6 @@ type Client struct { DebugSwitch gopay.DebugSwitch location *time.Location hc *xhttp.Client - sha1Hash hash.Hash - sha256Hash hash.Hash - mu sync.Mutex } // 初始化支付宝客户端 @@ -66,8 +59,6 @@ func NewClient(appid, privateKey string, isProd bool) (client *Client, err error privateKey: priKey, DebugSwitch: gopay.DebugOff, hc: xhttp.NewClient(), - sha1Hash: sha1.New(), - sha256Hash: sha256.New(), } return client, nil } diff --git a/alipay/sign.go b/alipay/sign.go index dba8d1b2..a8dd3905 100644 --- a/alipay/sign.go +++ b/alipay/sign.go @@ -182,25 +182,22 @@ func (a *Client) getRsaSign(bm gopay.BodyMap, signType string) (sign string, err switch signType { case RSA: - h = a.sha1Hash + h = sha1.New() hashs = crypto.SHA1 case RSA2: - h = a.sha256Hash + h = sha256.New() hashs = crypto.SHA256 default: - h = a.sha256Hash + h = sha256.New() hashs = crypto.SHA256 } signParams := bm.EncodeAliPaySignParams() if a.DebugSwitch == gopay.DebugOn { xlog.Debugf("Alipay_Request_SignStr: %s", signParams) } - a.mu.Lock() - defer func() { - h.Reset() - a.mu.Unlock() - }() - h.Write([]byte(signParams)) + if _, err = h.Write([]byte(signParams)); err != nil { + return + } if encryptedBytes, err = rsa.SignPKCS1v15(rand.Reader, a.privateKey, hashs, h.Sum(nil)); err != nil { return util.NULL, fmt.Errorf("[%w]: %+v", gopay.SignatureErr, err) } diff --git a/wechat/v3/client.go b/wechat/v3/client.go index f795d473..2242f96b 100644 --- a/wechat/v3/client.go +++ b/wechat/v3/client.go @@ -3,8 +3,6 @@ package wechat import ( "context" "crypto/rsa" - "crypto/sha256" - "hash" "sync" "github.com/go-pay/gopay" @@ -21,7 +19,6 @@ type ClientV3 struct { WxSerialNo string autoSign bool rwMu sync.RWMutex - sha256Hash hash.Hash hc *xhttp.Client privateKey *rsa.PrivateKey wxPublicKey *rsa.PublicKey @@ -48,7 +45,6 @@ func NewClientV3(mchid, serialNo, apiV3Key, privateKey string) (client *ClientV3 SerialNo: serialNo, ApiV3Key: []byte(apiV3Key), privateKey: priKey, - sha256Hash: sha256.New(), ctx: context.Background(), DebugSwitch: gopay.DebugOff, hc: xhttp.NewClient(), diff --git a/wechat/v3/sign.go b/wechat/v3/sign.go index e04ff063..eeccd1ce 100644 --- a/wechat/v3/sign.go +++ b/wechat/v3/sign.go @@ -254,13 +254,9 @@ func (c *ClientV3) rsaSign(str string) (string, error) { if c.privateKey == nil { return "", errors.New("privateKey can't be nil") } - c.rwMu.Lock() - defer func() { - c.sha256Hash.Reset() - c.rwMu.Unlock() - }() - c.sha256Hash.Write([]byte(str)) - result, err := rsa.SignPKCS1v15(rand.Reader, c.privateKey, crypto.SHA256, c.sha256Hash.Sum(nil)) + h := sha256.New() + h.Write([]byte(str)) + result, err := rsa.SignPKCS1v15(rand.Reader, c.privateKey, crypto.SHA256, h.Sum(nil)) if err != nil { return util.NULL, fmt.Errorf("[%w]: %+v", gopay.SignatureErr, err) } @@ -292,13 +288,9 @@ func (c *ClientV3) verifySyncSign(si *SignInfo) (err error) { } str := si.HeaderTimestamp + "\n" + si.HeaderNonce + "\n" + si.SignBody + "\n" signBytes, _ := base64.StdEncoding.DecodeString(si.HeaderSignature) - c.rwMu.Lock() - defer func() { - c.sha256Hash.Reset() - c.rwMu.Unlock() - }() - c.sha256Hash.Write([]byte(str)) - if err = rsa.VerifyPKCS1v15(wxPublicKey, crypto.SHA256, c.sha256Hash.Sum(nil), signBytes); err != nil { + h := sha256.New() + h.Write([]byte(str)) + if err = rsa.VerifyPKCS1v15(wxPublicKey, crypto.SHA256, h.Sum(nil), signBytes); err != nil { return fmt.Errorf("[%w]: %v", gopay.VerifySignatureErr, err) } return nil