开发者社区> 问答> 正文

#支付宝 如何使用证书签名验签?

如何使用证书签名验签?

展开
收起
保持可爱mmm 2020-05-05 16:50:29 1399 0
1 条回答
写回答
取消 提交回答
  • 各语言公钥证书方式sdk内签名生成sign值及各语言回调数据验签示例代码。

    开放平台SDK(如接口调用是使用execute和certificateExecute方法进行提交的)是封装了同步返回响应参数的验签方法,只需在创建DefaultAlipayClient对象进行初始化,设置请求网关(gateway),应用id(app_id),应用私钥(private_key),编码格式(charset),支付宝公钥(alipay_public_key),签名类型(sign_type)即可,同步返回响应参数报文时会自动进行验签,无需自己再单独对同步响应数据作验签处理。

    注:本文示例代码仅供测试参考 java语言: 签名方法:

    //请求的待签名字符串(需要在待签名字符串中加alipay_root_cert_sn和app_cert_sn) String content = "app_id=201***222&biz_content={}&******...."; //私钥 String privateKey=""; //编码格式 String charset="utf-8"; //签名方式 String sign_type="RSA2";

        //签名方法
            String sign=AlipaySignature.rsaSign(content, privateKey, charset,sign_type);
            System.out.println("sign:"+ sign);
    

    验签方法: 异步同步通知数据验签:

    //回调的待验签字符串 String resultInfo = "buyer_id=2042&total_amount=0.01&body=..."; //编码格式 String charset="GBK"; //支付宝公钥 String alipayPublicCertPath="支付宝公钥证书绝对路径"; //签名方式 String sign_type="RSA2"; //对待签名字符串数据通过&进行拆分 String [] temp = resultInfo.split("&"); LinkedHashMap<String, String> map = new LinkedHashMap<String, String>();
    //把拆分数据放在map集合内 for (int i = 0; i < temp.length; i++) {
    String[] arr = temp[i].split("=", 2); //通过"="号分割成2个数据
    String[] tempAagin = new String[arr.length]; //再开辟一个数组用来接收分割后的数据
    for (int j = 0; j < arr.length; j++) {
    tempAagin[j] = arr[j];
    }
    map.put(tempAagin[0], tempAagin[1]);
    }
    System.out.println(map); //验签方法 boolean signVerified= AlipaySignature.rsaCertCheckV1(map, alipayPublicCertPath, charset,sign_type); if(signVerified){ // TODO 验签成功后 System.out.println("success"); }else{ System.out.println("fail");
    }

    生活号响应返回的数据验签:

    //回调的待验签字符串 String resultInfo = "biz_content= ....";
    //编码格式 String charset="GBK"; //支付宝公钥 String alipayPublicCertPath="支付宝公钥证书绝对路径"; //签名方式 String sign_type="RSA2"; //对待签名字符串数据通过&进行拆分 String [] temp = resultInfo.split("&"); LinkedHashMap<String, String> map = new LinkedHashMap<String, String>();
    //把拆分数据放在map集合内 for (int i = 0; i < temp.length; i++) {
    String[] arr = temp[i].split("=", 2); //通过"="号分割成2个数据
    String[] tempAagin = new String[arr.length]; //再开辟一个数组用来接收分割后的数据
    for (int j = 0; j < arr.length; j++) {
    tempAagin[j] = arr[j];
    }
    map.put(tempAagin[0], tempAagin[1]);
    }
    System.out.println(map); //验签方法 boolean signVerified= AlipaySignature.rsaCertCheckV2(map, alipayPublicCertPath, charset,sign_type); if(signVerified){ // TODO 验签成功后 System.out.println("success"); }else{ System.out.println("fail");
    }

    同步响应数据验签:

    //响应的待验签字符串 String content = "{"code":"10000","msg":"Success","out_trade_no":"20190862203200101010018","qr_code":"https:\/\/qr.alipay.com\/89545488784"}"; //响应数据返回的sign值 String sign=""; //编码格式 String charset="utf-8"; //支付宝公钥 String alipayPublicCertPath="支付宝公钥证书绝对路径"; //签名方式 String sign_type="RSA2"; //验签方法 boolean signVerified= AlipaySignature.rsaCertCheck(content, sign, alipayPublicCertPath, charset, sign_type);
    if(signVerified){ // TODO 验签成功后 System.out.println("success"); }else{ System.out.println("fail");
    }

    php语言: 签名方法:

    $aop = new AopCertClient(); //私钥 $privatekey=""; //签名方式 $signType="RSA2"; //待签名字符串(需要在待签名字符串中加alipay_root_cert_sn和app_cert_sn) $data="app_id=201***222&biz_content={}&******...."; //sdk内封装的签名方法 $sign=$aop->alonersaSign($data,$privatekey,$signType,false); echo "sign:".$sign;

    验签方法: 异步同步通知数据验签:

    $aop = new AopCertClient();

    //证书路径 $alipayCertPath = "支付宝公钥证书绝对路径"; //支付宝公钥赋值 $aop->alipayrsaPublicKey = $aop->getPublicKey($alipayCertPath); //待签名字符串 $_POST="buyer_id=2042&total_amount=0.01&body=...";

    //签名方式 $sign_type="RSA2";

    //把字符串通过&符号拆分成数组 $data = explode("&", $_POST);

    $params = array();

    //遍历数组 foreach ($data as $param) { $item = explode('=',$param,"2"); $params[$item[0]] = $item[1]; } //输出拆分后的数据数据 print_r($params);

    //验签代码 $flag = $aop->rsaCheckV1($params, null, $sign_type);

    if ($flag) { echo "success"; } else { echo "fail"; }

    生活号响应返回的数据验签:

    $aop = new AopCertClient();

    //证书路径 $alipayCertPath = "支付宝公钥证书绝对路径"; //支付宝公钥赋值 $aop->alipayrsaPublicKey = $aop->getPublicKey($alipayCertPath); //待签名字符串 $_POST="biz_content= &sign=W2bSxqt4W9Tspjx+Cem5AfvJcphh7mAbKCWrwawOFDSAnqUJqWjvtt6qwqt63RZ/lDip0iyl9UAY0U2AqQBFyv1+lCI3bw/XqXIHY819EsZMxB13kf6926t5a/hB9vC1pEAcBenw5PanXQtRSCnpC29eUUyqce3I9cZyjaa/LCRaQjv5s6FIAJ4oKEN3ns/YXd1GSk2urR4x2SVA87D/+DZ5briesccVAN82A1DDuW40Rx1eWgSaP8gkN6vEEW2pAjBp6yNcCsZ6o799LIIOBgBZuMaQdJiFq6lhqSdZ/OdPRGTN5kWpJsMUhkSnyBbFYiWeDVuaQv5hd0GPLQZmsw==&sign_type=RSA2&service=alipay.service.check&charset=GBK";

    //签名方式 $sign_type="RSA2";

    //把字符串通过&符号拆分成数组 $data = explode('&', $_POST); $params = array(); //遍历数组 foreach ($data as $param) { $item = explode('=', $param,'2'); $params[$item[0]] = $item[1]; } //验签代码 $flag = $aop->rsaCheckV2($params, null, $sign_type); if ($flag) { echo "success"; } else { echo "fail"; }

    同步响应数据验签:

    $aop = new AopCertClient();

    //证书路径 $alipayCertPath = "支付宝公钥证书绝对路径"; //支付宝公钥赋值 $aop->alipayrsaPublicKey = $aop->getPublicKey($alipayCertPath); //待签名字符串 $_POST="{"code":"10000","msg":"Success","app_id":"2015","auth_app_id":"20141*****75","charset":"utf-8","timestamp":"2019-04-01 14:33:01","out_trade_no":"0401022927-9449","total_amount":"0.01","trade_no":"201473539","seller_id":"208***5"}"; //sign值 $sign=""; //签名方式 $sign_type="RSA2"; //验签代码 $flag = $aop->verify($_POST, $sign,null,$sign_type);

    if ($flag) { echo "success"; } else { echo "fail"; }

    .net语言: 签名方法:

    //请求的待签名字符串(需要在待签名字符串中加alipay_root_cert_sn和app_cert_sn) string content = "app_id=20141***22&biz_content={"out_trade_no":"2019040***6451724","total_amount":"0.01"}&charset=UTF-8......";

    //应用私钥:PKCS1格式 string privateKey = "";

    //签名方法 string sign = AlipaySignature.RSASign(content, privateKey, "UTF-8", "RSA2", false);

    Response.Write("sign:" + sign);

    验签方法: 异步同步通知数据验签:

    //异步通知参数 string str = "buyer_id=20880*42&total_amount=0.01&body=.......";

        string charset = "utf-8";
    
        string sign_type = "RSA2";
    
        var dics = new Dictionary<string, string>();
        var rearray = str.Split('&');
        foreach (var a in rearray)
        {
            var array = a.IndexOf('=');
            dics.Add(a.Substring(0, array), a.Substring(array + 1));
            Response.Write(a + "<br/>");
        }
    
        //支付宝公钥
        string alipayPublicCertPath = "支付宝公钥证书绝对路径";
    
        //验签方法   
        bool flag = AlipaySignature.RSACertCheckV1(dics, alipayPublicCertPath, charset, sign_type);
    
        Response.Write(flag);
    

    生活号响应返回的数据验签:

    //异步通知参数 string str = "biz_content= *****";

        string charset = "utf-8";
    
        string sign_type = "RSA2";
    
        var dics = new Dictionary<string, string>();
        var rearray = str.Split('&');
        foreach (var a in rearray)
        {
            var array = a.IndexOf('=');
            dics.Add(a.Substring(0, array), a.Substring(array + 1));
            Response.Write(a + "<br/>");
        }
    
        //支付宝公钥
        string alipayPublicCertPath = "支付宝公钥证书绝对路径";
    
        //验签方法   
        bool flag = AlipaySignature.RSACertCheckV2(dics, alipayPublicCertPath, charset, sign_type);
    
        Response.Write(flag);
    

    同步响应数据验签:

    //同步响应返回的{}内的数据包含{} string str = "{"code":"10000","msg":"Success","app_id":"20115775","auth_app_id":"20*0015775","charset":"utf-8","timestamp":"2019-04-01 14:33:01","out_trade_no":"0401022927-9449","total_amount":"0.01","trade_no":"2019040122001456751039","seller_id":"20886**35"}";

        string charset = "utf-8";
    
        string sign_type = "RSA2";
    
        string sign = "";
    
        //解析支付宝公钥的值
        string alipayPublicCertPath = "支付宝公钥绝对路径";
        //X509Certificate定义需引用using Org.BouncyCastle.X509
        X509Certificate alipayPublicKeyCert = AntCertificationUtil.ParseCert(File.ReadAllText(alipayPublicCertPath));
        string alipayPublicKey = AntCertificationUtil.ExtractPemPublicKeyFromCert(alipayPublicKeyCert);
        //验签方法   
        bool flag = AlipaySignature.RSACheckContent(str, sign, alipayPublicKey, charset, sign_type, false);
    
       //输出验签结果
       Response.Write(flag);
    
    2020-05-05 16:50:43
    赞同 展开评论 打赏
问答地址:
问答排行榜
最热
最新

相关电子书

更多
友盟+智能认证U-Verify 立即下载
低代码开发师(初级)实战教程 立即下载
阿里巴巴DevOps 最佳实践手册 立即下载

相关实验场景

更多