Closed zhangchaoming005 closed 3 months ago
同时也打印出了,要签名的内容: 1718466819 MpigGQPjeITf4IIkwyvFuZKSb4UzHc11 {"create_time":"2024-06-15T21:49:36+08:00","event_type":"TRANSACTION.SUCCESS","id":"8dc45bdd-2033-595b-9c93-a23635cc7ede","resource":{"algorithm":"AEAD_AES_256_GCM","associated_data":"transaction","ciphertext":"WHNI+jwxdxBHauJiO6fucSZsF466gxjSr9v1lGEuKChsgBsmh9O+hdU8z4lH36TmXvISTsj/3rMnda5MSMyuuSIo/Wy46dZGA2REAbmAPt2GfuJHPoSzIrzVXVaGc/BMSP32XLqgl84nOgXsHP+zggnapq0N7C4cKSu+bVcrh4FlXKTl1R4XiSWiqLdFP7zU/YzKSGqu15rIR8Sj52PeY0KOiLaLVOODZ/VVIGg3a+35bpk28pf9YTvsdIXcOl9R82LXv1+nMLrMsHoiKj71t13Ce0onsIjqCPPMaCHz8V3hce6ymqhfKfYzrR8vFCSa9Ore6FBdfpxrsazLsKbtH78y60kXKz54x9axogXpi/rVTZIvmfnU+gEIPy2EPhGH6Fn53efllzXR9LT/jEctMqaI7hFj0G436M8wxwEx1qhd01e2s8R7zUldfUFelA8cYlI6tnaqHfbwo4jMnwYHBt0/07X7fZ3z5zgmGClfc9A8bDPSMPzXZFHG/tkpHxnzsHkrwA/zuadE5cJlTw7q3q/laj1N3KOq+ESkHrj6nZZcHxvHeSTFwPl9eo5OvPKVYRkQJ2Mi40qZOA==","nonce":"IpKrHESiX3uV","original_type":"transaction"},"resource_type":"encrypt-resource","summary":"支付成功"}
检查了我们发送的报文,你这里打印出来的报文并不是回调的原文,所以验签不通过。我估计是中间处理时做了转换。你得检查下验签的请求数据。
建议先验签,再做检查和业务逻辑。
同时也打印出了,要签名的内容: 1718466819 MpigGQPjeITf4IIkwyvFuZKSb4UzHc11 {"create_time":"2024-06-15T21:49:36+08:00","event_type":"TRANSACTION.SUCCESS","id":"8dc45bdd-2033-595b-9c93-a23635cc7ede","resource":{"algorithm":"AEAD_AES_256_GCM","associated_data":"transaction","ciphertext":"WHNI+jwxdxBHauJiO6fucSZsF466gxjSr9v1lGEuKChsgBsmh9O+hdU8z4lH36TmXvISTsj/3rMnda5MSMyuuSIo/Wy46dZGA2REAbmAPt2GfuJHPoSzIrzVXVaGc/BMSP32XLqgl84nOgXsHP+zggnapq0N7C4cKSu+bVcrh4FlXKTl1R4XiSWiqLdFP7zU/YzKSGqu15rIR8Sj52PeY0KOiLaLVOODZ/VVIGg3a+35bpk28pf9YTvsdIXcOl9R82LXv1+nMLrMsHoiKj71t13Ce0onsIjqCPPMaCHz8V3hce6ymqhfKfYzrR8vFCSa9Ore6FBdfpxrsazLsKbtH78y60kXKz54x9axogXpi/rVTZIvmfnU+gEIPy2EPhGH6Fn53efllzXR9LT/jEctMqaI7hFj0G436M8wxwEx1qhd01e2s8R7zUldfUFelA8cYlI6tnaqHfbwo4jMnwYHBt0/07X7fZ3z5zgmGClfc9A8bDPSMPzXZFHG/tkpHxnzsHkrwA/zuadE5cJlTw7q3q/laj1N3KOq+ESkHrj6nZZcHxvHeSTFwPl9eo5OvPKVYRkQJ2Mi40qZOA==","nonce":"IpKrHESiX3uV","original_type":"transaction"},"resource_type":"encrypt-resource","summary":"支付成功"}
检查了我们发送的报文,你这里打印出来的报文并不是回调的原文,所以验签不通过。我估计是中间处理时做了转换。你得检查下验签的请求数据。
建议先验签,再做检查和业务逻辑。
感谢提醒,是一个防XSS注入攻击的中间件导致的。
无论如何处理,总是验签失败:
invalid notification, err: validate verify fail serial=[38A599535618DC3E17612AEC229EFD326FE363F6] request-id=[] err=verify signature with public key err:crypto/rsa: verification error, request: &{Method:POST URL:/fonts/wx/pay/callback Proto:HTTP/1.0 ProtoMajor:1 ProtoMinor:0 Header:map[Accept:[*/*] Cache-Control:[no-cache] Connection:[close] Content-Length:[919] Content-Type:[application/json] Pragma:[no-cache] User-Agent:[Mozilla/4.0] Wechatpay-Nonce:[MpigGQPjeITf4IIkwyvFuZKSb4UzHc11] Wechatpay-Serial:[38A599535618DC3E17612AEC229EFD326FE363F6] Wechatpay-Signature:[LCnNSR+5ouNNySDSYZsy0ZhFBfcL3nnxPzKNAmKKB3PynPuW3DM0/DsRDt7N+91uqQuEb0MdYFWe0tNFbiZOoXh+Kg7a4szAJG+vW7NmW2Ht5C4T8fZ94mzXYWRhuGoXaxSAC2XIRFn9J1WGvJGbv8H1XVxZ1D8B1Ttloes61GJrAMcBaWVIlZpKGO/13E+YuAQboPATC8/jzHBDDn8xDGE1KzXOH7NdF+sNWjgMd90wMhFHY6c22KRqq5UUuaVdBZpc+PdaKggmTWxrw/70heVODY9YGyEfQDIqCrAwMKeKx1fsjECNk7AnI0w/6e6ps+bJsnP0RHPEN7VPDscShg==] Wechatpay-Signature-Type:[WECHATPAY2-SHA256-RSA2048] Wechatpay-Timestamp:[1718466819] X-Forwarded-For:[121.51.30.176] X-Real-Ip:[121.51.30.176]] Body:{Reader:{"create_time":"2024-06-15T21:49:36+08:00","event_type":"TRANSACTION.SUCCESS","id":"8dc45bdd-2033-595b-9c93-a23635cc7ede","resource":{"algorithm":"AEAD_AES_256_GCM","associated_data":"transaction","ciphertext":"WHNI+jwxdxBHauJiO6fucSZsF466gxjSr9v1lGEuKChsgBsmh9O+hdU8z4lH36TmXvISTsj/3rMnda5MSMyuuSIo/Wy46dZGA2REAbmAPt2GfuJHPoSzIrzVXVaGc/BMSP32XLqgl84nOgXsHP+zggnapq0N7C4cKSu+bVcrh4FlXKTl1R4XiSWiqLdFP7zU/YzKSGqu15rIR8Sj52PeY0KOiLaLVOODZ/VVIGg3a+35bpk28pf9YTvsdIXcOl9R82LXv1+nMLrMsHoiKj71t13Ce0onsIjqCPPMaCHz8V3hce6ymqhfKfYzrR8vFCSa9Ore6FBdfpxrsazLsKbtH78y60kXKz54x9axogXpi/rVTZIvmfnU+gEIPy2EPhGH6Fn53efllzXR9LT/jEctMqaI7hFj0G436M8wxwEx1qhd01e2s8R7zUldfUFelA8cYlI6tnaqHfbwo4jMnwYHBt0/07X7fZ3z5zgmGClfc9A8bDPSMPzXZFHG/tkpHxnzsHkrwA/zuadE5cJlTw7q3q/laj1N3KOq+ESkHrj6nZZcHxvHeSTFwPl9eo5OvPKVYRkQJ2Mi40qZOA==","nonce":"IpKrHESiX3uV","original_type":"transaction"},"resource_type":"encrypt-resource","summary":"支付成功"}} GetBody:<nil> ContentLength:919 TransferEncoding:[] Close:true Host:www.lzsfbj.com Form:map[] PostForm:map[] MultipartForm:<nil> Trailer:map[] RemoteAddr:127.0.0.1:37128 RequestURI:/fonts/wx/pay/callback TLS:<nil> Cancel:<nil> Response:<nil> ctx:0xc0008e45a0}
同时也打印出了,要签名的内容:
1718466819 MpigGQPjeITf4IIkwyvFuZKSb4UzHc11 {"create_time":"2024-06-15T21:49:36+08:00","event_type":"TRANSACTION.SUCCESS","id":"8dc45bdd-2033-595b-9c93-a23635cc7ede","resource":{"algorithm":"AEAD_AES_256_GCM","associated_data":"transaction","ciphertext":"WHNI+jwxdxBHauJiO6fucSZsF466gxjSr9v1lGEuKChsgBsmh9O+hdU8z4lH36TmXvISTsj/3rMnda5MSMyuuSIo/Wy46dZGA2REAbmAPt2GfuJHPoSzIrzVXVaGc/BMSP32XLqgl84nOgXsHP+zggnapq0N7C4cKSu+bVcrh4FlXKTl1R4XiSWiqLdFP7zU/YzKSGqu15rIR8Sj52PeY0KOiLaLVOODZ/VVIGg3a+35bpk28pf9YTvsdIXcOl9R82LXv1+nMLrMsHoiKj71t13Ce0onsIjqCPPMaCHz8V3hce6ymqhfKfYzrR8vFCSa9Ore6FBdfpxrsazLsKbtH78y60kXKz54x9axogXpi/rVTZIvmfnU+gEIPy2EPhGH6Fn53efllzXR9LT/jEctMqaI7hFj0G436M8wxwEx1qhd01e2s8R7zUldfUFelA8cYlI6tnaqHfbwo4jMnwYHBt0/07X7fZ3z5zgmGClfc9A8bDPSMPzXZFHG/tkpHxnzsHkrwA/zuadE5cJlTw7q3q/laj1N3KOq+ESkHrj6nZZcHxvHeSTFwPl9eo5OvPKVYRkQJ2Mi40qZOA==","nonce":"IpKrHESiX3uV","original_type":"transaction"},"resource_type":"encrypt-resource","summary":"支付成功"}
另外,同时使用了自动更新和本地文件的,均无法验签通过: 本地方式: · cert, err := utils.LoadCertificateWithPath(common.Conf.WxPlatformPem) if err != nil { log.Println("微信Handler初始化失败,加载证书失败", err) return }
自动更新:
ctx := context.Background() //1. 使用
RegisterDownloaderWithPrivateKey` 注册下载器 instance := downloader.MgrInstance() err := instance.RegisterDownloaderWithPrivateKey(ctx, mchPrivateKey, mchCertificateSerialNumber, mchID, mchAPIv3Key)