public function checkSign() { $param = array(); $param["token"] = $_GET["token"]; $param["tradeAmount"] = $_GET["tradeAmount"]; $param["tradeCurrency"] = $_GET["tradeCurrency"]; $param["tradeDate"] = $_GET["tradeDate"]; $param["tradeNote"] = $_GET["tradeNote"]; $param["tradeNum"] = $_GET["tradeNum"]; $param["tradeStatus"] = $_GET["tradeStatus"]; $param["tradeTime"] = $_GET["tradeTime"]; $data = SignUtil::signString($param, SignUtil::$unSignKeyList); error_log($data, 0); //1.解密签名内容 $decryptStr = RSAUtils::decryptByPublicKey($_GET["sign"]); //2.对data进行sha256摘要加密 $sha256SourceSignString = hash("sha256", $data); error_log($decryptStr, 0); error_log($sha256SourceSignString, 0); //3.比对结果 if ($decryptStr == $sha256SourceSignString) { $_SESSION['errorMsg'] = $_GET["tradeNum"] . ":验签成功"; } else { $_SESSION['errorMsg'] = "验证签名失败!"; } header("location:../tpl/payResult.php"); }
public function execute() { $params = $this->prepareParms(); $data = json_encode($params); list($return_code, $return_content) = HttpUtils::http_post_data(ConfigUtil::get_val_by_key("serverRefundUrl"), $data); $return_content = str_replace("\n", '', $return_content); $return_data = json_decode($return_content, true); $_SESSION['errorMsg'] = null; $_SESSION['resultData'] = null; //执行状态 成功 if ($return_data['resultCode'] == 0) { $mapResult = $return_data['resultData']; //有返回数据 if (null != $mapResult) { $data = $mapResult["data"]; $sign = $mapResult["sign"]; //1.解密签名内容 $decryptStr = RSAUtils::decryptByPublicKey($sign); //2.对data进行sha256摘要加密 $sha256SourceSignString = hash("sha256", $data); //3.比对结果 if ($decryptStr == $sha256SourceSignString) { /** * 验签通过 */ //解密data $decrypData = TDESUtil::decrypt4HexStr(base64_decode(ConfigUtil::get_val_by_key("desKey")), $data); //退款结果实体 $resultData = json_decode($decrypData, true); //错误消息 if (null == $resultData) { $_SESSION['errorMsg'] = $decrypData; } else { $_SESSION['resultData'] = $resultData; } } else { /** * 验签失败 不受信任的响应数据 * 终止 */ $_SESSION['errorMsg'] = "签名失败!"; } } } else { $_SESSION['errorMsg'] = $return_data['resultMsg']; } header("location:../tpl/refundResult.php"); }