yudao
/
spring-cloud
mirror of https://gitee.com/zhijiantianya/yudao-cloud.git
3
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix(pay): 修复支付宝证书模式的签名验证 

- 修改 AbstractAlipayPayClient 类中的签名验证逻辑
- 在证书模式下,使用正确的公钥编码方式进行验证- 优化代码,确保支付宝签名验证的正确性和可靠性
pull/204/head
wuKong 2025-08-09 00:32:41 +08:00
parent 2382c3d844
commit 9f4c7f1fea
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
yudao-module-pay/yudao-module-pay-server/src/main/java/cn/iocoder/yudao/module/pay/framework/pay/core/client/impl/alipay/AbstractAlipayPayClient.java
View File

@ -353,7 +353,7 @@ public abstract class AbstractAlipayPayClient extends AbstractPayClient<AlipayPa
} else if (Objects.equals(config.getMode(), MODE_CERTIFICATE)) { } else if (Objects.equals(config.getMode(), MODE_CERTIFICATE)) {
// 由于 rsaCertCheckV1 的第二个参数是 path所以不能这么调用通过阅读源码发现可以采用如下方式 // 由于 rsaCertCheckV1 的第二个参数是 path所以不能这么调用通过阅读源码发现可以采用如下方式
X509Certificate cert = AntCertificationUtil.getCertFromContent(config.getAlipayPublicCertContent()); X509Certificate cert = AntCertificationUtil.getCertFromContent(config.getAlipayPublicCertContent());
String publicKey = Base64.encodeBase64String(cert.getEncoded()); String publicKey = Base64.encodeBase64String(cert.getPublicKey().getEncoded());
verify = AlipaySignature.rsaCheckV1(params, publicKey, verify = AlipaySignature.rsaCheckV1(params, publicKey,
StandardCharsets.UTF_8.name(), config.getSignType()); StandardCharsets.UTF_8.name(), config.getSignType());
} else { } else {