Home Esplora Aiuto
Registrati Accedi
fusion
/
ach_demo
2
0
Forka 0
File Problemi 0 Pull Requests 0 Wiki
Ramo (Branch): master
Rami (Branch) Tag
ach_demo
/
verifyWebhook.js

verifyWebhook.js 4.5 KB
Permalink Cronologia Originale

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101 
  1. const fs = require("fs");
    2. 

  2. const path = require("path");
    3. 

  3. const { parse } = require("querystring");
    4. 

  4. const { createVerify, createPrivateKey } = require("crypto");
    5. 

  5. const NodeRSA = require('node-rsa');
    6. 

  6. const base64 = require('base-64');
    7. 

  7. 

  8. const PRIVATE_KEY =`-----BEGIN RSA PRIVATE KEY-----
    9. 

  9. MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAK/q2uuuf+s4pd2gkVAyhHkpog1o4RL5+Dm2ZOe5i7O/ELKJvj/9JIrNO1abNNuG8g2nvBnOeJ5uii1q83Qy9C4aaey1UjqYd3iVupuO8Xfmr/3sHTec6R8X0HZnuQ/fsU8uREYEQFUfBFcZtiNz2TqXfjJXMXAeTpXc6CbKOLe3AgMBAAECgYAYDVvWSnsJ7apb9Ya4uNd8+3DBNZxEbHIAbgw41Jkhv9doGcYt2I4k/i+FRV5CP56buFnTC3RZcRKqaAuWURsqcnDG8ufFIhoSEiD11FcFrXanFdixfj9gijuPiTE4w9f07eDVEfdQjFMSO8tYDbsMUoaMPUTOoreqyy86uW0G0QJBAN5zaUsxjgtJhqO3OsoHXpu+67bsM2ounuoHWq7KehiVeb9ykrS6quZ1+r5+0SIMEFkKZKbpwfIG+Hi9NII85/ECQQDKctaP1WQzuLQvm97lfQEfgY/JWL9RZuWriGd7fDT7Nrl0FTK5O9q22HvJdwIQktaTOQca28KzHucIxa7ouYInAkB1KehteF5OR52ooRtPyW3lLjvMjr/Nz1xX+yOiKHcCd8g2M8xdcGwPEljM+NKB0kTSAQ1edIR4S3+XaGA9sIKhAkEAsfVaqJry9wgw0/zXZbGJsDFKvLpXiu3BjBReqszXIdDMGr+bk/qKWtpXjhQf64O4PTgPB8wQDTZn7m0fQJH5VwJBAIDnGXiaoMRammmmOl6sYwar8APUMhRkCNqxzwiEokmwRsrR0GKuKtLKpRg/jNAAQbj2ajVihhgR7F3/04kc/jE=
    10. 

  10. -----END RSA PRIVATE KEY-----`
    11. 

  11. const PUBLIC_KEY = "-----BEGIN PUBLIC KEY-----\n" + "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCv6trrrn/rOKXdoJFQMoR5KaINaOES+fg5tmTnuYuzvxCyib4//SSKzTtWmzTbhvINp7wZzniebootavN0MvQuGmnstVI6mHd4lbqbjvF35q/97B03nOkfF9B2Z7kP37FPLkRGBEBVHwRXGbYjc9k6l34yVzFwHk6V3Ogmyji3twIDAQAB" + "\n-----END PUBLIC KEY-----";
    12. 

  12. 

  13. 

  14. function longDecrypt(privateKey, msg) {
    15. 

  15.     // Format the private key
    16. 

  16.     privateKey = privateKey.match(/.{1,64}/g).join('\n');
    17. 

  17.     privateKey = `-----BEGIN RSA PRIVATE KEY-----\n${privateKey}\n-----END RSA PRIVATE KEY-----`;
    18. 

  18. 

  19.     // Decode the base64 message
    20. 

  20.     const bufferMsg = Buffer.from(msg, 'base64');
    21. 

  21.     const length = bufferMsg.length;
    22. 

  22.     const defaultLength = 128;
    23. 

  23.     
    24. 

  24.     const key = new NodeRSA(privateKey, 'pkcs1');
    25. 

  25.     key.setOptions({ encryptionScheme: 'pkcs1' });
    26. 

  26. 

  27.     let offset = 0;
    28. 

  28.     let res = [];
    29. 

  29. 

  30.     while (length - offset > 0) {
    31. 

  31.         if (length - offset > defaultLength) {
    32. 

  32.             res.push(key.decrypt(bufferMsg.slice(offset, offset + defaultLength)));
    33. 

  33.         } else {
    34. 

  34.             res.push(key.decrypt(bufferMsg.slice(offset)));
    35. 

  35.         }
    36. 

  36.         offset += defaultLength;
    37. 

  37.     }
    38. 

  38. 

  39.     return Buffer.concat(res).toString('utf8');
    40. 

  40. }
    41. 

  41. 

  42. 

  43. function verifyWebhook() {
    44. 

  44.   const parsedData = {"meta":{"success":true,"code":"0000","message":"Request Success"},"data":{"merchantNo":"AC202299319","merchantOrderNo":"DS202412311005240317","orderNo":"R08OC0241231100525384624557803","currency":"JPY","payType":"JAPAN_PAY","orderAmount":10000,"paidAmount":null,"orderFee":700,"payModel":"BankTransfer","orderStatus":"PENDING","webUrl":null,"page":null,"orderTime":1735610725000,"finishTime":0,"sign":"V0EZCULoPBG7q8CuWxSnAkTnigjPbX49IquVzqH8TZ2Kp+SYJmXAmAWPLKPWWTQdvAw99T3PrkEMmutKfCE2zEay5uKhtHU8BY4T0phLr8cU3G9MTWNjp3AJ/dtJ6nh19/L20vis5anvj0aC4ShnEcIzfVeWtWszT+meu7LC4Js52C9vmGGKtPWUUbD6zV/+3YYnNxf/BIEBLOewWIaHccne6E37wbzjbHWczAPecka/E7KOGPyG2PPa67Y5ixsGUjhSD6RHHjbXKJatD8+vTa4BpwieQ4FZTF1dF2oCWJjVOLiB4ZSwMs4vRf9bb0GhWmJuf1N45eWWJkMRJ+392A==","remark":"","errorMessage":null,"descriptor":null},"sign":"589092dbe5aca882cfcc409d1f868d0e"};
    45. 

  45. 

  46.   const dataJson = parsedData.data;
    47. 

  47.   console.log("Decoded data:", JSON.stringify(dataJson, null, 2));
    48. 

  48. 

  49.   // 提取签名
    50. 

  50.   const sign = dataJson.sign;
    51. 

  51.   delete dataJson.sign;
    52. 

  52.   console.log("Signature:", sign);
    53. 

  53. 

  54.   // 生成待签名的字符串
    55. 

  55.   function createSortedDataString(data) {
    56. 

  56.     const validKeys = [
    57. 

  57.       "merchantNo",
    58. 

  58.       "merchantOrderNo",
    59. 

  59.       "orderNo",
    60. 

  60.       "currency",
    61. 

  61.       "orderAmount",
    62. 

  62.       "orderFee",
    63. 

  63.       "payModel",
    64. 

  64.       "orderStatus",
    65. 

  65.       "payType",
    66. 

  66.     ];
    67. 

  67.     const sortedData = Object.keys(data)
    68. 

  68.       .filter((key) => validKeys.includes(key))
    69. 

  69.       .sort()
    70. 

  70.       .map((key) => `${key}=${data[key]}`)
    71. 

  71.       .join("&");
    72. 

  72.     return sortedData;
    73. 

  73.   }
    74. 

  74. 

  75.   const signStr = createSortedDataString(dataJson);
    76. 

  76.   console.log("String to be signed:", signStr);
    77. 

  77. 

  78.   // 验证签名
    79. 

  79.   try {
    80. 

  80.     const verify = createVerify("SHA256");
    81. 

  81.     verify.update(signStr);
    82. 

  82.     verify.end();
    83. 

  83. 

  84.     // const isVerified = verify.verify(PRIVATE_KEY, sign, "base64");
    85. 

  85.     const isVerified = longDecrypt(PRIVATE_KEY, sign);
    86. 

  86.     console.log(58, isVerified);
    87. 

  87. 

  88.     if (isVerified) {
    89. 

  89.       console.log("Verification passed");
    90. 

  90.       return true;
    91. 

  91.     } else {
    92. 

  92.       console.log("Verification failed");
    93. 

  93.       return false;
    94. 

  94.     }
    95. 

  95.   } catch (error) {
    96. 

  96.     console.error(`Decryption error: ${error.message}`);
    97. 

  97.     return false;
    98. 

  98.   }
    99. 

  99. }
    100. 

  100. 

  101. verifyWebhook();
    102.