不经历风雨怎么见彩虹 冰貂主人
请输入关键字
网站首页
关于我
个人简介
个人相册
技术文章
数据库
其他
微信小程序
区别
python
谈天说地
民生
可笑
服务器
手册
thinkphp5手册
laravel8手册
thinkphp6
前端
您现在的位置是:
首页
PHP
PHP的RSA签名和验签
发布时间:2020-10-29
作者:小灵龙
点击:88
//
签名生成
public function SHA256withRSA($datas){
// $datas='{"merc_order":"234234","pay_price":"130","pay_date":"15685985","imei":"25252525","pay_type":"scan"}';//对方获取加油站单个站点数据
$data=json_encode($datas);
//可以百度在线生成rsa,
也可以使用php生成
$privateKeypath="E:/phpstudy/WWW/gtzyc_api/config/certs/posterminal/cert_private.pem";
$privateKeyfile = file_get_contents($privateKeypath);
$pKeyId = openssl_pkey_get_private($privateKeyfile); // 加载私匙;
$digest=openssl_digest($data,'sha256');//生成摘要
$signature='';
openssl_sign($digest, $signature, $pKeyId,OPENSSL_ALGO_SHA256); //签名
openssl_free_key($pKeyId);
return base64_encode($signature);
}
//验签//用对方公钥验签
public function checkrsa($signstr){
$jsontoarr=json_decode($signstr,true);
$signature=$jsontoarr['hfsign'];
array_pop($jsontoarr);
$data=json_encode($jsontoarr,JSON_UNESCAPED_UNICODE);
log::info('checkrsa()获取的待签名串转译之后: '.$data);
// 接入方公钥
$publickeyFile='E:/phpstudy/WWW/gtzyc_api/config/certs/posterminal/other_cert_public.key';
//摘要及签名的算法
$digestAlgo='sha256';
$algo=OPENSSL_ALGO_SHA256;
//加载公钥
$publickey=openssl_pkey_get_public(file_get_contents($publickeyFile));
//生成摘要
$digest=openssl_digest($data,$digestAlgo);
//验签
$verify=openssl_verify($digest,base64_decode($signature),$publickey,$algo);
return $verify;
}
//接收对方订单数据,
接入方调用我们的接口
public function getPosOrder(Request $req){
$orderstr=$req->getContent();//获取对方数据
$orderarr=json_decode($orderstr,true); //json格式转成数组
//判断数组是否为空,如果为空就不是json格式,因为json_decode()只转译json格式
if(is_null($orderarr)){
return response()->json(['code'=>'1003','msg'=>'待签名串不是json格式']);
}
//验证数据是否为授权方发送
$rsares=$this->checkrsa($orderstr);
if($rsares!=1){
return response()->json(['code'=>'1001','msg'=>'验签失败','merc_order'=>$orderarr['merc_order']]);
}
//验证所有字段是否符合数据库约束
// $datas='{"merc_order":"234234","pay_price":"130","pay_date":"15685985","imei":"25252525","pay_type":"scan"}';
$data=['merc_order'=>$orderarr['merc_order'],'pay_price'=>$orderarr['pay_price'],'pay_date'=>$orderarr['pay_date'],'worker_id'=>$orderarr['imei'],'pay_type'=>$orderarr['pay_type']];
$validate=Validator::make($data,[
'merc_order'=>'required|min:3|max:32'
,'pay_price'=>'required|numeric'
,'pay_date'=>'required|numeric'
,'worker_id'=>'required'
,'pay_type'=>'required|numeric'
]);
if($validate->fails()){
return response()->json(['code'=>'1004','msg'=>$validate->errors()->first()]);
}
$data['confirm_date']=$orderarr['pay_date'];
$data['pay_terminal']=4;
$data['is_type']=3;//1产品2积分3加油4洗车
$data['order_state']=2;//订单状态 0:待付款 1:已付款,2已完成
$data['info']='一卡通pos机支付全部加油订单金额';
$orderid=DB::table('gczyc_wxcx_order')->where('merc_order',$orderarr['merc_order'])->value('id');
if($orderid){
return response()->json(['code'=>'1005','msg'=>'订单编号重复']);
}
$db=DB::table('gczyc_wxcx_order')->insert($data);
if($db){
$back=['code'=>'1000','msg'=>'SUCCESS','merc_order'=>$orderarr['merc_order']];
$signature=$this->SHA256withRSA($back);//签名
return response()->json(['code'=>'1000','msg'=>'SUCCESS','merc_order'=>$orderarr['merc_order'],'hfsign'=>$signature]);
}else{
return response()->json(['code'=>'1002','msg'=>'保存失败']);
}
}
//
我方调用接入方的接口
。推送数据给接入方,
public function reqExceptionOrder(Request $req){
$array=array("merc_order"=>$req->merc_order,"is_normal"=>"1","order_price"=>$req->order_price,"kou_price"=>$req->pay_price,"back_price"=>$req->back_price);
//签名
$sign=$this->
SHA256withRSA
($array);
$array['hfsign']=$sign;
$data = json_encode($array,
JSON_UNESCAPED_UNICODE
);
$headerArray =array("Content-type:application/json","Accept:application/json");
$url=‘/admin/pos/senddata’;
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST,FALSE);
curl_setopt($curl, CURLOPT_POST, 1);
curl_setopt($curl, CURLOPT_POSTFIELDS, $data);
curl_setopt($curl,CURLOPT_HTTPHEADER,$headerArray);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
$output = curl_exec($curl);
log::info('调用商户退款接口::::'.PHP_EOL.date('Y-m-d H:i:s').PHP_EOL.'发送'.PHP_EOL.var_export($data, true));
$err = curl_error($curl);
if ($err) {
log::info('请求商户异常接口 cURL Error #:'. $err);
return response()->json(['result'=>200,'msg'=>$err]);
}
if(empty($output)){
log::info('请求商户异常接口,返回的$output为空,可能银行系统出错');
return response()->json(['result'=>200,'msg'=>'返回数据为空']);
}
curl_close($curl);
$res=json_decode($output,true);
if($res['code']==1){
log::info('请求商户完成接口,返回的为1');
// 验签
$verify=$this->
checkrsa
($output,$mercfile);
if($verify==1){
return response()->json(['result'=>100,'msg'=>$res['msg']]);
}else{
log::info('请求商户异常订单接口完成,但是验签失败。。。');
return response()->json(['result'=>200,'msg'=>'验签失败']);
}
}else{
log::info('请求商户异常订单接口完成,但是返还结果处理失败。。。'.$res['msg']);
return response()->json(['result'=>200,'msg'=>$res['msg']]);
}
}
标签:php,sha256withrs
上一篇:
php如何生成RSA公钥私钥
下一篇:
laravel 显示419错误
阿里云免费试用
云小站专属代金券
云大使金秋云创季
云服务器省钱攻略
云服务器精选特惠
个人/企业代金券
免费试用计划
最新活动,劲爆优惠
对象存储OSS