php支付宝签名验证类
<?php /* * 黎明互联 * https://www.liminghulian.com/ */ class RSA { /** * RSA签名 * @param $data 待签名数据 * @param $private_key 私钥字符串 * return 签名结果 */ function rsaSign($data, $private_key,$type = 'RSA') { $search = [ "-----BEGIN RSA PRIVATE KEY-----", "-----END RSA PRIVATE KEY-----", "\n", "\r", "\r\n" ]; $private_key=str_replace($search,"",$private_key); $private_key=$search[0] . PHP_EOL . wordwrap($private_key, 64, "\n", true) . PHP_EOL . $search[1]; $res=openssl_get_privatekey($private_key); if($res) { if($type == 'RSA'){ openssl_sign($data, $sign,$res); }elseif($type == 'RSA2'){ //OPENSSL_ALGO_SHA256 openssl_sign($data, $sign,$res,OPENSSL_ALGO_SHA256); } openssl_free_key($res); }else { exit("私钥格式有误"); } $sign = base64_encode($sign); return $sign; } /** * RSA验签 * @param $data 待签名数据 * @param $public_key 公钥字符串 * @param $sign 要校对的的签名结果 * return 验证结果 */ function rsaCheck($data, $public_key, $sign,$type = 'RSA') { $search = [ "-----BEGIN PUBLIC KEY-----", "-----END PUBLIC KEY-----", "\n", "\r", "\r\n" ]; $public_key=str_replace($search,"",$public_key); $public_key=$search[0] . PHP_EOL . wordwrap($public_key, 64, "\n", true) . PHP_EOL . $search[1]; $res=openssl_get_publickey($public_key); if($res) { if($type == 'RSA'){ $result = (bool)openssl_verify($data, base64_decode($sign), $res); }elseif($type == 'RSA2'){ $result = (bool)openssl_verify($data, base64_decode($sign), $res,OPENSSL_ALGO_SHA256); } openssl_free_key($res); }else{ exit("公钥格式有误!"); } return $result; } }
<?php require "RSA.php"; /**** * Class Base * 支付宝基类 */ class Base extends RSA{ /** * 以下信息需要根据自己实际情况修改 */ const PID = '支付宝后台获取';//合作伙伴ID const REURL = '';//同步通知地址 const NOURL = '';//异步通知地址 const KEY = '支付宝后台获取'; const PAYGAGEWAY = 'https://mapi.alipay.com/gateway.do'; const APPPRIKEY =""; const ALIPUBKEY = ''; const APPID = ''; const NEW_ALIPUBKE = ''; const NEW_PAYGATEWAY = 'https://openapi.alipay.com/gateway.do'; //生成json數據的方法 public function getStr($arr,$type = 'RSA'){ //筛选 if(isset($arr['sign'])){ unset($arr['sign']); } if(isset($arr['sign_type']) && $type == 'RSA'){ unset($arr['sign_type']); } //排序 ksort($arr); //拼接 return $this->getUrl($arr,false); } //将数组转换为url格式的字符串 public function getUrl($arr,$encode = true){ if($encode){ return http_build_query($arr); }else{ return urldecode(http_build_query($arr)); } } //获取签名MD5 public function getSign($arr){ return md5($this->getStr($arr) . self::KEY ); } //获取含有签名的数组MD5 public function setSign($arr){ $arr['sign'] = $this->getSign($arr); return $arr; } //获取签名RSA public function getRsaSign($arr){ return $this->rsaSign($this->getStr($arr), self::APPPRIKEY) ; } //获取含有签名的数组RSA public function setRsaSign($arr){ $arr['sign'] = $this->getRsaSign($arr); return $arr; } //获取签名RSA2 public function getRsa2Sign($arr){ return $this->rsaSign($this->getStr($arr,'RSA2'), self::APPPRIKEY,'RSA2') ; } //获取含有签名的数组RSA public function setRsa2Sign($arr){ $arr['sign'] = $this->getRsa2Sign($arr); return $arr; } //记录日志 public function logs($filename,$data){ file_put_contents('./public/logs/' . $filename, $data . "\r\n",FILE_APPEND); } //2.验证签名 public function checkSign($arr){ $sign = $this->getSign($arr); if($sign == $arr['sign']){ return true; }else{ return false; } } //验证是否来之支付宝的通知 public function isAlipay($arr){ $str = file_get_contents(self::CHECKURL . $arr['notify_id']); if($str == 'true'){ return true; }else{ return false; } } // 4.验证交易状态 public function checkOrderStatus($arr){ if($arr['trade_status'] == 'TRADE_SUCCESS' || $arr['trade_status'] == 'TRADE_FINISHED'){ return true; } else { return false; } } }
、、、、5555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555、、、、、、、、、、、、、、、、、、、、、、、、、、、、、、、、、、