时间:2021-07-01 10:21:17 帮助过:70人阅读
array (
'discount' => '0.00',
'payment_type' => '1',
'subject' => '测试02',
'trade_no' => '201603122100106821',
'buyer_email' => '18776152065',
'gmt_create' => '2016-03-12 11:30:08',
'notify_type' => 'trade_status_sync',
'quantity' => '1',
'out_trade_no' => '1603125610283',
'seller_id' => '2088122451677261',
'notify_time' => '2016-03-13 11:54:40',
'body' => '测试02',
'trade_status' => 'TRADE_SUCCESS',
'is_total_fee_adjust' => 'N',
'total_fee' => '0.01',
'gmt_payment' => '2016-03-12 11:30:09',
'seller_email' => 'xxxx@126.com',
'price' => '0.01',
'buyer_id' => '2088612804',
'notify_id' => 'ba20b13f6lk2',
'use_coupon' => 'N',
'sign_type' => 'RSA',
'sign' => 'Bn6IEyE9=',
)
然后ksort()
排序,去除sign_type
,sign
,拼接成body=Hello&buyer_email=13788888888&buyer_id=2088002007013600..............
这样字符串
openssl_verify(`拼接字符串`, base64_decode($_POST['sign']), $publickey);
总返回 0 ,验证不成功,是哪一步出错
支付宝回调,得到这样一个数组(数组只是形式,并不是真实数据)
array (
'discount' => '0.00',
'payment_type' => '1',
'subject' => '测试02',
'trade_no' => '201603122100106821',
'buyer_email' => '18776152065',
'gmt_create' => '2016-03-12 11:30:08',
'notify_type' => 'trade_status_sync',
'quantity' => '1',
'out_trade_no' => '1603125610283',
'seller_id' => '2088122451677261',
'notify_time' => '2016-03-13 11:54:40',
'body' => '测试02',
'trade_status' => 'TRADE_SUCCESS',
'is_total_fee_adjust' => 'N',
'total_fee' => '0.01',
'gmt_payment' => '2016-03-12 11:30:09',
'seller_email' => 'xxxx@126.com',
'price' => '0.01',
'buyer_id' => '2088612804',
'notify_id' => 'ba20b13f6lk2',
'use_coupon' => 'N',
'sign_type' => 'RSA',
'sign' => 'Bn6IEyE9=',
)
然后ksort()
排序,去除sign_type
,sign
,拼接成body=Hello&buyer_email=13788888888&buyer_id=2088002007013600..............
这样字符串
openssl_verify(`拼接字符串`, base64_decode($_POST['sign']), $publickey);
总返回 0 ,验证不成功,是哪一步出错
支付宝都会提供 demo 的,里面包含了验证签名的算法,其实提供了整个lib包,你直接拿来用就可以了