各语言公钥证书方式sdk内签名生成sign值及各语言回调数据验签示例代码。
开放平台SDK(如接口调用是使用execute和certificateExecute方法进行提交的)是封装了同步返回响应参数的验签方法,只需在创建DefaultAlipayClient对象进行初始化,设置请求网关(gateway),应用id(app_id),应用私钥(private_key),编码格式(charset),支付宝公钥(alipay_public_key),签名类型(sign_type)即可,同步返回响应参数报文时会自动进行验签,无需自己再单独对同步响应数据作验签处理。
注:本文示例代码仅供测试参考 java语言: 签名方法:
//请求的待签名字符串(需要在待签名字符串中加alipay_root_cert_sn和app_cert_sn) String content = "app_id=201***222&biz_content={}&******...."; //私钥 String privateKey=""; //编码格式 String charset="utf-8"; //签名方式 String sign_type="RSA2";
//签名方法
String sign=AlipaySignature.rsaSign(content, privateKey, charset,sign_type);
System.out.println("sign:"+ sign);
验签方法: 异步同步通知数据验签:
//回调的待验签字符串 String resultInfo = "buyer_id=2042&total_amount=0.01&body=..."; //编码格式 String charset="GBK"; //支付宝公钥 String alipayPublicCertPath="支付宝公钥证书绝对路径"; //签名方式 String sign_type="RSA2"; //对待签名字符串数据通过&进行拆分 String [] temp = resultInfo.split("&"); LinkedHashMap<String, String> map = new LinkedHashMap<String, String>();
//把拆分数据放在map集合内 for (int i = 0; i < temp.length; i++) {
String[] arr = temp[i].split("=", 2); //通过"="号分割成2个数据
String[] tempAagin = new String[arr.length]; //再开辟一个数组用来接收分割后的数据
for (int j = 0; j < arr.length; j++) {
tempAagin[j] = arr[j];
}
map.put(tempAagin[0], tempAagin[1]);
}
System.out.println(map); //验签方法 boolean signVerified= AlipaySignature.rsaCertCheckV1(map, alipayPublicCertPath, charset,sign_type); if(signVerified){ // TODO 验签成功后 System.out.println("success"); }else{ System.out.println("fail");
}
生活号响应返回的数据验签:
//回调的待验签字符串 String resultInfo = "biz_content=
....";
//编码格式 String charset="GBK"; //支付宝公钥 String alipayPublicCertPath="支付宝公钥证书绝对路径"; //签名方式 String sign_type="RSA2"; //对待签名字符串数据通过&进行拆分 String [] temp = resultInfo.split("&"); LinkedHashMap<String, String> map = new LinkedHashMap<String, String>();
//把拆分数据放在map集合内 for (int i = 0; i < temp.length; i++) {
String[] arr = temp[i].split("=", 2); //通过"="号分割成2个数据
String[] tempAagin = new String[arr.length]; //再开辟一个数组用来接收分割后的数据
for (int j = 0; j < arr.length; j++) {
tempAagin[j] = arr[j];
}
map.put(tempAagin[0], tempAagin[1]);
}
System.out.println(map); //验签方法 boolean signVerified= AlipaySignature.rsaCertCheckV2(map, alipayPublicCertPath, charset,sign_type); if(signVerified){ // TODO 验签成功后 System.out.println("success"); }else{ System.out.println("fail");
}
同步响应数据验签:
//响应的待验签字符串 String content = "{"code":"10000","msg":"Success","out_trade_no":"20190862203200101010018","qr_code":"https:\/\/qr.alipay.com\/89545488784"}"; //响应数据返回的sign值 String sign=""; //编码格式 String charset="utf-8"; //支付宝公钥 String alipayPublicCertPath="支付宝公钥证书绝对路径"; //签名方式 String sign_type="RSA2"; //验签方法 boolean signVerified= AlipaySignature.rsaCertCheck(content, sign, alipayPublicCertPath, charset, sign_type);
if(signVerified){ // TODO 验签成功后 System.out.println("success"); }else{ System.out.println("fail");
}
php语言: 签名方法:
$aop = new AopCertClient(); //私钥 $privatekey=""; //签名方式 $signType="RSA2"; //待签名字符串(需要在待签名字符串中加alipay_root_cert_sn和app_cert_sn) $data="app_id=201***222&biz_content={}&******...."; //sdk内封装的签名方法 $sign=$aop->alonersaSign($data,$privatekey,$signType,false); echo "sign:".$sign;
验签方法: 异步同步通知数据验签:
$aop = new AopCertClient();
//证书路径 $alipayCertPath = "支付宝公钥证书绝对路径"; //支付宝公钥赋值 $aop->alipayrsaPublicKey = $aop->getPublicKey($alipayCertPath); //待签名字符串 $_POST="buyer_id=2042&total_amount=0.01&body=...";
//签名方式 $sign_type="RSA2";
//把字符串通过&符号拆分成数组 $data = explode("&", $_POST);
$params = array();
//遍历数组 foreach ($data as $param) { $item = explode('=',$param,"2"); $params[$item[0]] = $item[1]; } //输出拆分后的数据数据 print_r($params);
//验签代码 $flag = $aop->rsaCheckV1($params, null, $sign_type);
if ($flag) { echo "success"; } else { echo "fail"; }
生活号响应返回的数据验签:
$aop = new AopCertClient();
//证书路径 $alipayCertPath = "支付宝公钥证书绝对路径"; //支付宝公钥赋值 $aop->alipayrsaPublicKey = $aop->getPublicKey($alipayCertPath); //待签名字符串 $_POST="biz_content= &sign=W2bSxqt4W9Tspjx+Cem5AfvJcphh7mAbKCWrwawOFDSAnqUJqWjvtt6qwqt63RZ/lDip0iyl9UAY0U2AqQBFyv1+lCI3bw/XqXIHY819EsZMxB13kf6926t5a/hB9vC1pEAcBenw5PanXQtRSCnpC29eUUyqce3I9cZyjaa/LCRaQjv5s6FIAJ4oKEN3ns/YXd1GSk2urR4x2SVA87D/+DZ5briesccVAN82A1DDuW40Rx1eWgSaP8gkN6vEEW2pAjBp6yNcCsZ6o799LIIOBgBZuMaQdJiFq6lhqSdZ/OdPRGTN5kWpJsMUhkSnyBbFYiWeDVuaQv5hd0GPLQZmsw==&sign_type=RSA2&service=alipay.service.check&charset=GBK";
//签名方式 $sign_type="RSA2";
//把字符串通过&符号拆分成数组 $data = explode('&', $_POST); $params = array(); //遍历数组 foreach ($data as $param) { $item = explode('=', $param,'2'); $params[$item[0]] = $item[1]; } //验签代码 $flag = $aop->rsaCheckV2($params, null, $sign_type); if ($flag) { echo "success"; } else { echo "fail"; }
同步响应数据验签:
$aop = new AopCertClient();
//证书路径 $alipayCertPath = "支付宝公钥证书绝对路径"; //支付宝公钥赋值 $aop->alipayrsaPublicKey = $aop->getPublicKey($alipayCertPath); //待签名字符串 $_POST="{"code":"10000","msg":"Success","app_id":"2015","auth_app_id":"20141*****75","charset":"utf-8","timestamp":"2019-04-01 14:33:01","out_trade_no":"0401022927-9449","total_amount":"0.01","trade_no":"201473539","seller_id":"208***5"}"; //sign值 $sign=""; //签名方式 $sign_type="RSA2"; //验签代码 $flag = $aop->verify($_POST, $sign,null,$sign_type);
if ($flag) { echo "success"; } else { echo "fail"; }
.net语言: 签名方法:
//请求的待签名字符串(需要在待签名字符串中加alipay_root_cert_sn和app_cert_sn) string content = "app_id=20141***22&biz_content={"out_trade_no":"2019040***6451724","total_amount":"0.01"}&charset=UTF-8......";
//应用私钥:PKCS1格式 string privateKey = "";
//签名方法 string sign = AlipaySignature.RSASign(content, privateKey, "UTF-8", "RSA2", false);
Response.Write("sign:" + sign);
验签方法: 异步同步通知数据验签:
//异步通知参数 string str = "buyer_id=20880*42&total_amount=0.01&body=.......";
string charset = "utf-8";
string sign_type = "RSA2";
var dics = new Dictionary<string, string>();
var rearray = str.Split('&');
foreach (var a in rearray)
{
var array = a.IndexOf('=');
dics.Add(a.Substring(0, array), a.Substring(array + 1));
Response.Write(a + "<br/>");
}
//支付宝公钥
string alipayPublicCertPath = "支付宝公钥证书绝对路径";
//验签方法
bool flag = AlipaySignature.RSACertCheckV1(dics, alipayPublicCertPath, charset, sign_type);
Response.Write(flag);
生活号响应返回的数据验签:
//异步通知参数 string str = "biz_content= *****";
string charset = "utf-8";
string sign_type = "RSA2";
var dics = new Dictionary<string, string>();
var rearray = str.Split('&');
foreach (var a in rearray)
{
var array = a.IndexOf('=');
dics.Add(a.Substring(0, array), a.Substring(array + 1));
Response.Write(a + "<br/>");
}
//支付宝公钥
string alipayPublicCertPath = "支付宝公钥证书绝对路径";
//验签方法
bool flag = AlipaySignature.RSACertCheckV2(dics, alipayPublicCertPath, charset, sign_type);
Response.Write(flag);
同步响应数据验签:
//同步响应返回的{}内的数据包含{} string str = "{"code":"10000","msg":"Success","app_id":"20115775","auth_app_id":"20*0015775","charset":"utf-8","timestamp":"2019-04-01 14:33:01","out_trade_no":"0401022927-9449","total_amount":"0.01","trade_no":"2019040122001456751039","seller_id":"20886**35"}";
string charset = "utf-8";
string sign_type = "RSA2";
string sign = "";
//解析支付宝公钥的值
string alipayPublicCertPath = "支付宝公钥绝对路径";
//X509Certificate定义需引用using Org.BouncyCastle.X509
X509Certificate alipayPublicKeyCert = AntCertificationUtil.ParseCert(File.ReadAllText(alipayPublicCertPath));
string alipayPublicKey = AntCertificationUtil.ExtractPemPublicKeyFromCert(alipayPublicKeyCert);
//验签方法
bool flag = AlipaySignature.RSACheckContent(str, sign, alipayPublicKey, charset, sign_type, false);
//输出验签结果
Response.Write(flag);
版权声明:本文内容由阿里云实名注册用户自发贡献,版权归原作者所有,阿里云开发者社区不拥有其著作权,亦不承担相应法律责任。具体规则请查看《阿里云开发者社区用户服务协议》和《阿里云开发者社区知识产权保护指引》。如果您发现本社区中有涉嫌抄袭的内容,填写侵权投诉表单进行举报,一经查实,本社区将立刻删除涉嫌侵权内容。