private static function bindMerchantCertificateByFile()
{
$tMerchantCertFiles = self::getParameterByName('MerchantCertFile');
$tMerchantCertPasswords = self::getParameterByName('MerchantCertPassword');
$tMerchantCertFileArray = array_filter(array_map('trim', explode(',', $tMerchantCertFiles, 100)));
$tMerchantCertPasswordArray = array_filter(array_map('trim', explode(',', $tMerchantCertPasswords, 100)));
if (self::$iMerchantNum != count($tMerchantCertFileArray) || self::$iMerchantNum != count($tMerchantCertPasswordArray)) {
throw new TrxException(TrxException::TRX_EXC_CODE_1007, TrxException::TRX_EXC_MSG_1007);
}
self::$iMerchantCertificates = array();
self::$iMerchantKeys = array();
for ($i = 0; $i < self::$iMerchantNum; $i++) {
//1、读取证书
$tCertificate = array();
if (openssl_pkcs12_read(file_get_contents($tMerchantCertFileArray[$i]), $tCertificate, $tMerchantCertPasswordArray[$i])) {
//2、验证证书是否在有效期内
$cer = openssl_x509_parse($tCertificate['cert']);
$t = time();
if ($t < $cer['validFrom_time_t'] || $t > $cer['validTo_time_t']) {
throw new TrxException(TrxException::TRX_EXC_CODE_1005, TrxException::TRX_EXC_MSG_1005);
}
self::$iMerchantCertificates[] = $tCertificate;
//3、取得密钥
$pkey = openssl_pkey_get_private($tCertificate['pkey']);
if ($pkey) {
self::$iMerchantKeys[] = $pkey;
} else {
echo TrxException::TRX_EXC_CODE_1003 . TrxException::TRX_EXC_MSG_1003 . "无法生成私钥证书对象!";
self::$iLogWriter->logNewLine(TrxException::TRX_EXC_CODE_1003 . TrxException::TRX_EXC_MSG_1003 . "无法生成私钥证书对象!");
}
} else {
echo TrxException::TRX_EXC_CODE_1002 . TrxException::TRX_EXC_MSG_1002 . '[' . $tMerchantCertFileArray[$i] . "]!";
self::$iLogWriter->logNewLine(TrxException::TRX_EXC_CODE_1003 . TrxException::TRX_EXC_MSG_1003 . "无法生成私钥证书对象!");
}
}
}
