兼容平台证书向公钥模式过渡

minibear2021 · minibear2021 · commit 3349384ae7c3 · 2024-11-05T17:53:27.000+08:00
diff --git a/docs/CHANGELOG.md b/docs/CHANGELOG.md
@@ -1,5 +1,11 @@
 # Changelog
 
+## [1.3.4] - 2024-11-05
+
+### Added
+
+- 兼容平台证书向公钥模式过渡
+
 ## [1.3.3] - 2024-10-23
 
 ### Added
diff --git a/setup.py b/setup.py
@@ -6,7 +6,7 @@
 
 setup(
     name="wechatpayv3",
-    version="1.3.3",
+    version="1.3.4",
     author="minibear",
     description="微信支付 API v3 Python SDK(python sdk for wechatpay v3)",
     long_description=long_description,
diff --git a/wechatpayv3/core.py b/wechatpayv3/core.py
@@ -25,13 +25,11 @@ def __init__(self, mchid, cert_serial_no, private_key, apiv3_key, cert_dir=None,
         self._logger = logger
         self._timeout = timeout
         if public_key:
-            self._pubkey_mode = True
             self._public_key = load_public_key(public_key)
             if not public_key_id:
                 raise Exception('public_key_serial_no is not assigned.')
             self._public_key_id = public_key_id
         else:
-            self._pubkey_mode = False
             self._init_certificates()
 
     def _update_certificates(self):
@@ -104,9 +102,7 @@ def _verify_signature(self, headers, body):
         signature_type = headers.get(signature_type_mark)
         if signature_type != 'WECHATPAY2-SHA256-RSA2048':
             raise Exception('wechatpayv3 does not support this algorithm: ' + signature_type)
-        if self._pubkey_mode:
-            if serial_no != self._public_key_id:
-                return False
+        if serial_no == self._public_key_id:
             public_key = self._public_key
         else:
             cert_found = False
@@ -137,7 +133,7 @@ def request(self, path, method=RequestType.GET, data=None, skip_verify=False, si
         headers.update({'Accept': 'application/json'})
         headers.update({'User-Agent': 'wechatpay v3 api python sdk(https://github.com/minibear2021/wechatpayv3)'})
         if cipher_data:
-            wechatpay_serial = self._public_key_id if self._pubkey_mode else hex(self._last_certificate().serial_number)[2:].upper()
+            wechatpay_serial = self._public_key_id if self._public_key_id else hex(self._last_certificate().serial_number)[2:].upper()
             headers.update({'Wechatpay-Serial': wechatpay_serial})
         authorization = build_authorization(
             path,
@@ -261,7 +257,7 @@ def decrypt(self, ciphtext):
         return rsa_decrypt(ciphertext=ciphtext, private_key=self._private_key)
 
     def encrypt(self, text):
-        if self._pubkey_mode:
+        if self._public_key_id:
             public_key = self._public_key
         else:
             public_key = self._last_certificate().public_key()
