Home > PHP Framework > ThinkPHP > thinkphp website Alipay asynchronous callback signature verification failure problem

thinkphp website Alipay asynchronous callback signature verification failure problem

藏色散人
Release: 2020-07-03 13:26:58
forward
3431 people have browsed it

The following tutorial column of thinkphp framework will introduce to you the problem of Alipay asynchronous callback signature verification failure on the thinkphp website. I hope it will be helpful to friends in need!

thinkphp website Alipay asynchronous callback signature verification failure problem

A project at hand uses Alipay mobile website payment. The project is made with TP. After downloading the Alipay SDK and modifying it, it can be called up normally. The synchronous interface can also be accessed, but it is asynchronous. The interface signature verification always fails with an error. It is traced to line 580 of AopClient.php, and

if ("RSA2" == $signType) {
    $result = (bool) openssl_verify($data, base64_decode($sign), $res, OPENSSL_ALGO_SHA256);//这句报错
} else {
    $result = (bool) openssl_verify($data, base64_decode($sign), $res);
}
Copy after login

is printed at the bottom of the code. print_r(openssl_error_string());, The output is

error:0906D06C:PEM routines:PEM_read_bio:no start line
Copy after login

Baidu has no results. Some people say that the certificate is wrong. It is useless to change the certificate myself.

Later, I accidentally discovered that there was a problem with the input, and finally found a reason:

When receiving Alipay asynchronous notifications, the I function cannot be used

$data=I("post.");//项目中这样写,导致支付宝传来的数据部分特殊字符被过滤,具体主要是fund_bill_list和sign这两部分
$data=$_POST;//写成这样就好了
Copy after login

One more thing:

No matter whether the signature verification is correct or not, openssl_error_string() always outputs error:0906D06C:PEM routines:PEM_read_bio:no start line. This is my situation and I have not delved into the details. .

The above is the detailed content of thinkphp website Alipay asynchronous callback signature verification failure problem. For more information, please follow other related articles on the PHP Chinese website!

Related labels:
source:csdn.net
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template