LePay融合支付流程

开发文档:https://lepay.unionpay95516.cc/payapi/api
POST方式传参接口地址:https://openapi.unionpay95516.cc/pre.lepay.api/order/add
开发需要证书pdtclient.pfx以及验签证书pdtserver.pem
由于获取密钥需要获取文件资源句柄,所以我在CI框架里用了file文件辅助函数中的read_file函数,文件路径都是相对于index.php入口文件所在的路径
接口所需参数参考开发文档,下面说说签名过程。
由于我们加密需要用到的pdtclient.pfx是证书文件,所以需要用到证书密钥来获取相关数据。

    //获取证书序列号
    function getSignCertId($cert_path, $cert_pwd) {
        $pkcs12certdata = read_file ( $cert_path );
        openssl_pkcs12_read ( $pkcs12certdata, $certs, $cert_pwd ); //开发文档中的密钥是PKCS12格式的,转换为数组,有两个键值对,分别是cert和pkey(private_key)
        $x509data = $certs ['cert'];
        openssl_x509_read ( $x509data ); //转换cert
        $certdata = openssl_x509_parse ( $x509data ); x509格式转换为数组
        $cert_id = $certdata ['serialNumber']; //证书序列号
        return $cert_id;
    }
    //签名
    function sign(&$params, $cert_path, $cert_pwd) {
        if(isset($params['signature'])){
            unset($params['signature']);
        }
        // 转换成key=val&串
        $params_str = createLinkString ( $params, true, false );
        // $log->LogInfo ( "签名key=val&...串 >" . $params_str );

        $params_sha1x16 = sha1 ( $params_str, FALSE ); //sha1散列

        $private_key = getPrivateKey ( $cert_path, $cert_pwd );
        // 签名
        $sign_falg = openssl_sign ( $params_sha1x16, $signature, $private_key, OPENSSL_ALGO_SHA1 );
        if ($sign_falg) {
            $signature_base64 = base64_encode ( $signature );
            $params ['signature'] = $signature_base64;
        } else {
            // $log->LogInfo ( ">>>>>签名失败<<<<<<<" );
        }
    }
    //验签
    function verify($params,$cert_path) {
        // 公钥
        $public_key = getPublicKey ($cert_path );
        $signature_str = $params ['signature'];
        unset ( $params ['signature'] );
        $params_str = createLinkString ( $params, true, false );
        // $log->LogInfo ( '报文去[signature] key=val&串>' . $params_str );
        $signature = base64_decode (    $signature_str  );
        $params_sha1x16 = sha1 ( $params_str, FALSE ););    
        $isSuccess = openssl_verify ( $params_sha1x16, $signature,$public_key  ,OPENSSL_ALGO_SHA1 );//
        return $isSuccess;
    }

你可能感兴趣的:(LePay融合支付流程)