fix(pay): 修复支付宝证书模式的签名验证

- 修改 AbstractAlipayPayClient 类中的签名验证逻辑 - 在证书模式下，使用正确的公钥编码方式进行验证- 优化代码，确保支付宝签名验证的正确性和可靠性
2025-08-09 00:32:41 +08:00 · 2025-08-09 00:32:41 +08:00 · 9f4c7f1fea
parent 2382c3d844
commit 9f4c7f1fea
1 changed files with 1 additions and 1 deletions
--- a/yudao-module-pay/yudao-module-pay-server/src/main/java/cn/iocoder/yudao/module/pay/framework/pay/core/client/impl/alipay/AbstractAlipayPayClient.java
+++ b/yudao-module-pay/yudao-module-pay-server/src/main/java/cn/iocoder/yudao/module/pay/framework/pay/core/client/impl/alipay/AbstractAlipayPayClient.java
@ -353,7 +353,7 @@ public abstract class AbstractAlipayPayClient extends AbstractPayClient<AlipayPa
        } else if (Objects.equals(config.getMode(), MODE_CERTIFICATE)) {
            // 由于 rsaCertCheckV1 的第二个参数是 path，所以不能这么调用！！！通过阅读源码，发现可以采用如下方式！
            X509Certificate cert = AntCertificationUtil.getCertFromContent(config.getAlipayPublicCertContent());
-            String publicKey = Base64.encodeBase64String(cert.getEncoded());
+            String publicKey = Base64.encodeBase64String(cert.getPublicKey().getEncoded());
            verify = AlipaySignature.rsaCheckV1(params, publicKey,
                    StandardCharsets.UTF_8.name(), config.getSignType());
        } else {