PHP implements the RSA signature generation order function using Alipay as an example

This article mainly introduces the PHP implementation of the RSA signature generation order function, involving PHP random strings and encoding-related operating techniques, as well as the reading and use of Alipay public key files. Friends in need can refer to the following

This article describes the example of PHP implementing the RSA signature generation order function. Share it with everyone for your reference, the details are as follows:

//组合签名
$a=time();
$b=substr($a, 1);
//生成随机订单号
$orderid= $b.mt_rand(10000,99999);
//合作身份者id，以2088开头的16位纯数字
$mygoods['partner']="2088011744308664";
//商家账号
$mygoods['seller']="2088011744308664";
//订单号
$mygoods['out_trade_no']=$orderid;
//主题
$mygoods['subject']=$goods_name;
//商品描述信息
$mygoods['body']=$goods_infro;
//商品价格
$mygoods['total_fee']=$score;
//服务器端异步响应地址
$mygoods['notify_url']= "http://211.149.220.47/php/notify_url.php";
//排序
$mygoods = argSort($mygoods);
//拼接
$mystr = createLinkstring($mygoods);
//签名
$sign = rsaSign($mystr);
//对签名进行urlencode转码
$sign = urlencode($sign);
//生成最终签名信息
$orderInfor = $mystr."&sign=".$sign."&sign_type=RSA";
/*******特殊的 验签支付宝反馈给App的签名信息*******/
//支付宝反馈给App端信息拆解如下
$str = 'body=%E7%B2%BE%E5%93%81%E5%84%BF%E7%AB%A5%E4%B9%A6%E5%8C%85%E5%96%9C%E6%B4%8B%E6%B4%8B%E7%9A%84&notify_url=http%3A%2F%2F211.149.220.47%2Fphp%2Fnotify_url.php&out_trade_no=40609294027478&partner=2088011744308664&seller=2088011744308664&subject=%E4%B9%A6%E5%8C%85&success=true&total_fee=0.01';
//被拆解后的支付宝签名
$sign = 'Itorzqous2F7kYWWOpmoB%2FJUYgySRzh%2FOOKMhVhv%2BM48CnFk%2BQCp2cKcSsNGcDTs2AsAk%2BRYTuyMYZkGH56t8jcV2GGFkrJr%2FPxcGRlEK08QadAhImYzy9piVjoW0102lhSJYapiXGBTl5eiZ88RiyRA62D2nJEtH%2FBVXpuq63A%3D';
//得到签名
$sign = urldecode($sign);
//得到待签名字符串
$str = urldecode($str);
//验签数据,验签成功将返回true 否则 flase
var_dump(verify($str, $sign));
/*************************需要使用到的方法*******************************/
/**
 * 把数组所有元素，按照“参数=参数值”的模式用“&”字符拼接成字符串
 * @param $para 需要拼接的数组
 * return 拼接完成以后的字符串
 */
function createLinkstring($para) {
  $arg = "";
  while (list ($key, $val) = each ($para)) {
    $arg.=$key."=".$val."&";
  }
  //去掉最后一个&字符
  $arg = substr($arg,0,count($arg)-2);
  //如果存在转义字符，那么去掉转义
  if(get_magic_quotes_gpc()){$arg = stripslashes($arg);}
  return $arg;
}
/**
 * 对数组排序
 * @param $para 排序前的数组
 * return 排序后的数组
 */
function argSort($para) {
  ksort($para);
  reset($para);
  return $para;
}
/**
 * RSA签名
 * @param $data 待签名数据
 * @param $private_key_path 商户私钥文件路径
 * return 签名结果
 */
function rsaSign($data, $private_key_path) {
  $priKey = file_get_contents($private_key_path);
  $res = openssl_get_privatekey($priKey);
  openssl_sign($data, $sign, $res);
  openssl_free_key($res);
  //base64编码
  $sign = base64_encode($sign);
  return $sign;
}
/**RSA验签
 * $data待签名数据
 * $sign需要验签的签名
 * 验签用支付宝公钥
 * return 验签是否通过 bool值
 */
function verify($data, $sign) {
  //读取支付宝公钥文件
  $pubKey = file_get_contents('key/alipay_public_key.pem');
  //转换为openssl格式密钥
  $res = openssl_get_publickey($pubKey);
  //调用openssl内置方法验签，返回bool值
  $result = (bool)openssl_verify($data, base64_decode($sign), $res);
  //释放资源
  openssl_free_key($res);
  //返回资源是否成功
  return $result;
}

The above is the detailed content of PHP implements the RSA signature generation order function using Alipay as an example. For more information, please follow other related articles on the PHP Chinese website!