OpenSSL.crypto.Error: [('asn1 encoding routines', 'asn1_check_tlen', 'wrong tag'), ('asn1 encoding routines', 'asn1_d2i_ex_primitive', 'nested asn1 error'), ('asn1 encoding routines', 'asn1_template_noexp_d2i', 'nested asn1 error'), ('asn1 encoding routines', 'asn1_template_noexp_d2i', 'nested asn1 error'), ('PEM routines', 'PEM_ASN1_read_bio', 'ASN1 lib')]

[Firesuiry]

Describe the bug A clear and concise description of what the bug is.

Environment OS version:windows10 Python version:3.7 Alipay version:

To reproduce app_private_key_string = open(str(settings.BASE_DIR) + '/key/main/应用私钥2048.txt', 'r').read() app_public_key_cert_string = open(str(settings.BASE_DIR) + '/key/main/应用公钥2048.txt', 'r').read()

alipay_public_key_cert_string = open(str(settings.BASE_DIR) + '/key/main/alipayCertPublicKey_RSA2.crt', 'r', encoding='utf-8').read() alipay_root_cert_string = open(str(settings.BASE_DIR) + '/key/main/alipayRootCert.crt', 'r', encoding='utf-8').read()

alipay = DCAliPay( appid=settings.ALIPAY_APPID, app_notify_url="http://example.com/app_notify_url", app_private_key_string=app_private_key_string, app_public_key_cert_string=app_public_key_cert_string, alipay_public_key_cert_string=alipay_public_key_cert_string, alipay_root_cert_string=alipay_root_cert_string, debug=True, sign_type='RSA2', )

def pay(request):

电脑网站支付，需要跳转到https://openapi.alipaydev.com/gateway.do? + order_string

order_string = alipay.api_alipay_trade_page_pay(
    out_trade_no=f'xx{time.time()}',  # 生成随时间变动而变动的唯一订单号
    total_amount=str(0.01),  # 将Decimal类型转换为字符串交给支付宝
    subject="测试订单",
    body="Python入门视频",
    return_url="https://example.com",
    notify_url="https://example.com/notify"  # 可选, 不填则使用默认notify url
)

# 让用户进行支付的支付宝页面网址
url = settings.ALIPAY_URL + "?" + order_string

return JsonResponse({"code": 0, "message": "请求支付成功", "url": url})

报错信息: Traceback (most recent call last): File "D:\Users\46907\Anaconda3\envs\web\lib\site-packages\django\core\handlers\exception.py", line 34, in inner response = get_response(request) File "D:\Users\46907\Anaconda3\envs\web\lib\site-packages\django\core\handlers\base.py", line 115, in _get_response response = self.process_exception_by_middleware(e, request) File "D:\Users\46907\Anaconda3\envs\web\lib\site-packages\django\core\handlers\base.py", line 113, in _get_response response = wrapped_callback(request, *callback_args, *callback_kwargs) File "D:\develop\testDjnaog\app\views.py", line 184, in pay notify_url="https://example.com/notify" # 可选, 不填则使用默认notify url File "D:\Users\46907\Anaconda3\envs\web\lib\site-packages\alipay__init.py", line 263, in api_alipay_trade_page_pay notify_url=notify_url File "D:\Users\46907\Anaconda3\envs\web\lib\site-packages\alipay__init__.py", line 680, in build_body data["app_cert_sn"] = self.app_cert_sn File "D:\Users\46907\Anaconda3\envs\web\lib\site-packages\alipay\init.py", line 740, in app_cert_sn self._app_cert_sn = self.get_cert_sn(self._app_public_key_cert_string) File "D:\Users\46907\Anaconda3\envs\web\lib\site-packages\alipay\init__.py", line 700, in get_cert_sn cert = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM, cert) File "D:\Users\46907\Anaconda3\envs\web\lib\site-packages\OpenSSL\crypto.py", line 1794, in load_certificate _raise_current_error() File "D:\Users\46907\Anaconda3\envs\web\lib\site-packages\OpenSSL_util.py", line 54, in exception_from_error_queue raise exception_type(errors) OpenSSL.crypto.Error: [('asn1 encoding routines', 'asn1_check_tlen', 'wrong tag'), ('asn1 encoding routines', 'asn1_d2i_ex_primitive', 'nested asn1 error'), ('asn1 encoding routines', 'asn1_template_noexp_d2i', 'nested asn1 error'), ('asn1 encoding routines', 'asn1_template_noexp_d2i', 'nested asn1 error'), ('PEM routines', 'PEM_ASN1_read_bio', 'ASN1 lib')] Internal Server Error: /check_pay/ Traceback (most recent call last): File "D:\Users\46907\Anaconda3\envs\web\lib\site-packages\django\core\handlers\exception.py", line 34, in inner response = get_response(request) File "D:\Users\46907\Anaconda3\envs\web\lib\site-packages\django\core\handlers\base.py", line 115, in _get_response response = self.process_exception_by_middleware(e, request) File "D:\Users\46907\Anaconda3\envs\web\lib\site-packages\django\core\handlers\base.py", line 113, in _get_response response = wrapped_callback(request, callback_args, **callback_kwargs) File "D:\develop\testDjnaog\app\views.py", line 199, in check_pay response = alipay.api_alipay_trade_query(order_id) # response是一个字典 File "D:\Users\46907\Anaconda3\envs\web\lib\site-packages\alipay__init.py", line 303, in api_alipay_trade_query data = self.build_body("alipay.trade.query", biz_content) File "D:\Users\46907\Anaconda3\envs\web\lib\site-packages\alipay__init__.py", line 680, in build_body data["app_cert_sn"] = self.app_cert_sn File "D:\Users\46907\Anaconda3\envs\web\lib\site-packages\alipay\init.py", line 740, in app_cert_sn self._app_cert_sn = self.get_cert_sn(self._app_public_key_cert_string) File "D:\Users\46907\Anaconda3\envs\web\lib\site-packages\alipay\init__.py", line 700, in get_cert_sn cert = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM, cert) File "D:\Users\46907\Anaconda3\envs\web\lib\site-packages\OpenSSL\crypto.py", line 1794, in load_certificate _raise_current_error() File "D:\Users\46907\Anaconda3\envs\web\lib\site-packages\OpenSSL_util.py", line 54, in exception_from_error_queue raise exception_type(errors) OpenSSL.crypto.Error: [('asn1 encoding routines', 'asn1_check_tlen', 'wrong tag'), ('asn1 encoding routines', 'asn1_d2i_ex_primitive', 'nested asn1 error'), ('asn1 encoding routines', 'asn1_template_noexp_d2i', 'nested asn1 error'), ('asn1 encoding routines', 'asn1_template_noexp_d2i', 'nested asn1 error'), ('PEM routines', 'PEM_ASN1_read_bio', 'ASN1 lib')]

我看之前issue有些不同的地方： 我的alipayCertPublicKey_RSA2里面有有两段 而我看issue里面成功的那个里面只有一段

读取文件内容： 应用公钥2048.txt -----BEGIN CERTIFICATE----- XXXXXXXXXXXXX -----END CERTIFICATE----- 应用私钥2048.txt -----BEGIN RSA PRIVATE KEY----- XXXX -----END RSA PRIVATE KEY----- alipayCertPublicKey_RSA2.crt -----BEGIN CERTIFICATE----- XXXXXXXXXXXXX -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- XXXXXXXXXXXXX -----END CERTIFICATE----- alipayRootCert.crt -----BEGIN CERTIFICATE----- XXXXXXXXXXXXX -----END CERTIFICATE-----

-----BEGIN CERTIFICATE----- XXXXXXXXXXXXX -----END CERTIFICATE-----

-----BEGIN CERTIFICATE----- XXXXXXXXXXXXX -----END CERTIFICATE-----

-----BEGIN CERTIFICATE----- XXXXXXXXXXXXX -----END CERTIFICATE-----

我现在怀疑是不是RSA和RSA2不一样导致的问题呢？

[fzlee]

1我的alipayCertPublicKey_RSA2里面有有两段` 问题应该出在这里， 因为是公钥， 可以贴上来看看吗

[Firesuiry]

-----BEGIN CERTIFICATE----- MIIDuDCCAqCgAwIBAgIQICEIFv4pYUUA9sCfRdSLejANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UE BhMCQ04xFjAUBgNVBAoMDUFudCBGaW5hbmNpYWwxIDAeBgNVBAsMF0NlcnRpZmljYXRpb24gQXV0 aG9yaXR5MTkwNwYDVQQDDDBBbnQgRmluYW5jaWFsIENlcnRpZmljYXRpb24gQXV0aG9yaXR5IENs YXNzIDIgUjEwHhcNMjEwODE2MDE1ODI4WhcNMjMwODE2MDE1ODI4WjCBmDELMAkGA1UEBhMCQ04x MzAxBgNVBAoMKueEpuS9nOW4guWlvem6puWkmuenkeaKgOWVhui0uOaciemZkOWFrOWPuDEPMA0G A1UECwwGQWxpcGF5MUMwQQYDVQQDDDrmlK/ku5jlrp0o5Lit5Zu9Kee9kee7nOaKgOacr+aciemZ kOWFrOWPuC0yMDg4MjQxMTY2OTAxMDI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA uag+WfoISCIMrJgMuE7MSqmvIhsnG1X7Vcznuy/L9QgiZzKMf8FRivTAfhpq/aBXpVtSykR3y08v JJwAN8iNTsZscQxa/BV5bXUdV6CY96v0lpUqluvorVW3g5mYo4xYE73EvhZuvC2B1TDWNXV6mCs7 FpJKrTkU3xqCTCFnmNmio6IXfR6eHzS51vPmONcGcqRWZyO6t4CxGftW2c/DE3VHhtzC8fLCZDKq Jb9gCbzVXVGTiMPnWmTnuUp50JKwKFclrZdqJPYwDCgtvPCHJ+HiOi6rjAffj8USo7eYn+FFQ+fK wCv9bT/GTzpkn0OkUegeYS07FbZDmUsGr/2MSwIDAQABoxIwEDAOBgNVHQ8BAf8EBAMCA/gwDQYJ KoZIhvcNAQELBQADggEBACLk9+SpPzuXOVyLyqKXJemRgv3XmjoEkXZo8fwVx/S7lX0Ozy0RVHjz sEx6Ih6J6/LN5BwQAmqaXyKcrJ1XotnSZFLEwmua/pdHiQ8ZU50fpa2lK8fTOhs+FM9kymXvFRRG wNB7QJdbZeeryn/YjC/0d2vOcJXlOX1KCFDib143VtHQdF3nVNL5j40DaVIai/baasHIlH04WkU0 9zT/jGDp1Pbo4G0wiE3hkMD5JXE13goB5dwkETVdOXY6n6uGJAQOgXgdRFLTLmjeAaXAbFJyDcIH XoDiVt0a4VyGViW3/PLEsS2gK98B+dBjAqS59PpgndreFJLuIaTS9zJzjHE= -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIE4jCCAsqgAwIBAgIIYsSr5bKAMl8wDQYJKoZIhvcNAQELBQAwejELMAkGA1UEBhMCQ04xFjAU BgNVBAoMDUFudCBGaW5hbmNpYWwxIDAeBgNVBAsMF0NlcnRpZmljYXRpb24gQXV0aG9yaXR5MTEw LwYDVQQDDChBbnQgRmluYW5jaWFsIENlcnRpZmljYXRpb24gQXV0aG9yaXR5IFIxMB4XDTE4MDMy MjE0MzQxNVoXDTM3MTEyNjE0MzQxNVowgYIxCzAJBgNVBAYTAkNOMRYwFAYDVQQKDA1BbnQgRmlu YW5jaWFsMSAwHgYDVQQLDBdDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTE5MDcGA1UEAwwwQW50IEZp bmFuY2lhbCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSBDbGFzcyAyIFIxMIIBIjANBgkqhkiG9w0B AQEFAAOCAQ8AMIIBCgKCAQEAsLMfYaoRoPRbmDcAfXPCmKf43pWRN5yTXa/KJWO0l+mrgQvs89bA NEvbDUxlkGwycwtwi5DgBuBgVhLliXu+R9CYgr2dXs8D8Hx/gsggDcyGPLmVrDOnL+dyeauheARZ fA3du60fwEwwbGcVIpIxPa/4n3IS/ElxQa6DNgqxh8J9Xwh7qMGl0JK9+bALuxf7B541Gr4p0WEN G8fhgjBV4w4ut9eQLOoa1eddOUSZcy46Z7allwowwgt7b5VFfx/P1iKJ3LzBMgkCK7GZ2kiLrL7R iqV+h482J7hkJD+ardoc6LnrHO/hIZymDxok+VH9fVeUdQa29IZKrIDVj65THQIDAQABo2MwYTAf BgNVHSMEGDAWgBRfdLQEwE8HWurlsdsio4dBspzhATAdBgNVHQ4EFgQUSqHkYINtUSAtDPnS8Xoy oP9p7qEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQELBQADggIB AIQ8TzFy4bVIVb8+WhHKCkKNPcJe2EZuIcqvRoi727lZTJOfYy/JzLtckyZYfEI8J0lasZ29wkTt a1IjSo+a6XdhudU4ONVBrL70U8Kzntplw/6TBNbLFpp7taRALjUgbCOk4EoBMbeCL0GiYYsTS0mw 7xdySzmGQku4GTyqutIGPQwKxSj9iSFw1FCZqr4VP4tyXzMUgc52SzagA6i7AyLedd3tbS6lnR5B L+W9Kx9hwT8L7WANAxQzv/jGldeuSLN8bsTxlOYlsdjmIGu/C9OWblPYGpjQQIRyvs4Cc/mNhrh+ 14EQgwuemIIFDLOgcD+iISoN8CqegelNcJndFw1PDN6LkVoiHz9p7jzsge8RKay/QW6C03KNDpWZ EUCgCUdfHfo8xKeR+LL1cfn24HKJmZt8L/aeRZwZ1jwePXFRVtiXELvgJuM/tJDIFj2KD337iV64 fWcKQ/ydDVGqfDZAdcU4hQdsrPWENwPTQPfVPq2NNLMyIH9+WKx9Ed6/WzeZmIy5ZWpX1TtTolo6 OJXQFeItMAjHxW/ZSZTok5IS3FuRhExturaInnzjYpx50a6kS34c5+c8hYq7sAtZ/CNLZmBnBCFD aMQqT8xFZJ5uolUaSeXxg7JFY1QsYp5RKvj4SjFwCGKJ2+hPPe9UyyltxOidNtxjaknOCeBHytOr -----END CERTIFICATE-----

[Firesuiry]

这是我下载的公钥

[fzlee]

你要用上面那一段， 这其实是一个证书链， 包含两个证书

将两份文本分别复制到a.txt 和b.txt

之后使用命令行 openssl x509 -in a或者b.txt -noout -text 可以看到证书的详情

[Firesuiry]

你要用上面那一段， 这其实是一个证书链， 包含两个证书

将两份文本分别复制到a.txt 和b.txt

之后使用命令行 openssl x509 -in a或者b.txt -noout -text 可以看到证书的详情

谢谢您 我再试试