diff --git a/pages/order/pay/index.js b/pages/order/pay/index.js
index 954b961..ac5b3c4 100644
--- a/pages/order/pay/index.js
+++ b/pages/order/pay/index.js
@@ -271,7 +271,7 @@ Page({
     })
   },
   // 电子钱包支付
-  walletPay:function(password){
+  walletPay:function(otherData){
     let item = this.data.payList[this.data.numIndex];
     commonApi.user_post("order/pay",{
       order_id:this.data.id,
@@ -279,8 +279,7 @@ Page({
       pay_platform:"MINI",
       app_name:"WxXcxConfig",
       ins_no:item.ins_no,
-      password: password,
-      type: 1,
+      ...otherData
     }).then(res=>{
       let data = res.data?JSON.parse(res.data):{};
       if(data && data.RESULT && data.RESULT=='Y'){
@@ -377,15 +376,18 @@ Page({
     if (val.length==6) {
         let password = pwEncode.handleEncrypt(val)
         // 验证密码
-        commonApi.user_post("pay_password/verifyPassword",{password:password})
-        .then(res=>{
+        commonApi.user_post("pay_password/verifyPassword",{password:password}).then(res =>{
             // 密码校验成功
             if (res.code == 1) {
-                this.setData({
-                    vcode: '',
-                    SBMask: false,
+                this.setData({vcode: '',SBMask: false})
+                commonApi.user_post('pay_password/getNonce',{}).then(nonceRes =>{
+                    if (nonceRes.code == 1) {
+                        let pwSign =  pwEncode.getPWSignature(password, nonceRes.data)
+                        pwSign.password = password
+                        pwSign.type = 1
+                        this.walletPay(pwSign)
+                    }
                 })
-                this.walletPay(password)
             } else {
                 this.setData({
                     vcode: '',
diff --git a/utils/passwordEncode.js b/utils/passwordEncode.js
index 032958e..254f3b2 100644
--- a/utils/passwordEncode.js
+++ b/utils/passwordEncode.js
@@ -1,4 +1,5 @@
 const JSEncrypt = require('./jsencrypt.min.js');
+import CryptoJS from "crypto-js";
 
 
 // 支付密码加密
@@ -16,6 +17,41 @@ const handleEncrypt = (str) => {
     return jsencrypt.encrypt(str); // 对数据进行加密
 }
 
+// 生成支付加密参数
+const getPWSignature = (password,nonce) => {
+    const salt = generateRandomSalt(16)
+   // 使用 PBKDF2 派生密钥
+   const iterations = 10000;
+   const keySize = 256 / 32; // 256 位密钥
+   const clientKey = CryptoJS.PBKDF2(password, salt, {
+     keySize: keySize,
+     iterations: iterations
+   }).toString(CryptoJS.enc.Base64);
+   // 生成 signature
+   const signature = CryptoJS.HmacSHA256(nonce, clientKey).toString(CryptoJS.enc.Base64)
+
+   return {
+      //  nonce: nonce,
+       signature: signature,
+       client_salt: salt,
+      //  clientKey: clientKey,
+   }
+}
+
+  // 生成指定长度的随机 Salt
+  const generateRandomSalt = (length)=> {
+    const charset = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
+    let salt = '';
+    for (let i = 0; i < length; i++) {
+      const randomIndex = Math.floor(Math.random() * charset.length);
+      salt += charset.charAt(randomIndex);
+    }
+    return salt;
+  }
+
+
+
 module.exports = {
     handleEncrypt: handleEncrypt,
+    getPWSignature: getPWSignature
 }