支付宝扫码支付(当面付)开发之 RSAWithSHA1 / How to integrate scanning user Alipay paycode to get payment about RSAWithSHA1?

in #cn8 years ago

上一篇 支付宝扫码支付(当面付)开发流程 / How to integrate scanning user Alipay paycode to get payment?

我描述一下流程,在实现过程中,发现一个问题,就是如果你用得不是阿里官方支持的开发语言(C#, Java, PHP),那么你需要自己使用处理 HTTP 请求,其中最麻烦的一步是  商户请求参数的签名串,详见签名 ,当前这里只支持 RSAWithSHA1,我这次用的是 Delphi,在网上找了一代码,比如 

 http://bbs.csdn.net/topics/391854462 

这段代码很奇怪,有时候签出来的了符不对,所以我直接用 VC2010 写了一个 DLL 直接 link OpenSSL 的 libary (这个 library 在 secret_key_tools_RSA_win 自带

int __stdcall sign_data(

        const void *buf,    /* input data: byte array */

        size_t buf_len, 

        void *pkey,         /* input private key: byte array of the PEM representation */

        size_t pkey_len,

        void *out_sig,     /* output signature block, allocated in the function */

        size_t out_sig_len) 

{

    int status = EXIT_SUCCESS;

    int rc = 1;


    SHA_CTX sha_ctx = { 0 };

    unsigned char digest[SHA_DIGEST_LENGTH];


    rc = SHA1_Init(&sha_ctx);

//if (1 != rc) { status = EXIT_FAILURE; goto end; }


    rc = SHA1_Update(&sha_ctx, buf, buf_len);

//if (1 != rc) { status = EXIT_FAILURE; goto end; }


    rc = SHA1_Final(digest, &sha_ctx);

//if (1 != rc) { status = EXIT_FAILURE; goto end; }


BIO *b = NULL;

    RSA *r = NULL;


    b = BIO_new_mem_buf(pkey, pkey_len);

    r = PEM_read_bio_RSAPrivateKey(b, NULL, NULL, NULL);


unsigned char *sig = NULL;

    unsigned int sig_len = 0;


int s = RSA_size(r);


sig = (unsigned char *)malloc(s);

//if (NULL == sig) {status = EXIT_FAILURE; goto end; }


rc = RSA_sign(NID_sha1, digest, sizeof digest, sig, &sig_len, r);

//if (1 != rc) {status = EXIT_FAILURE; goto end; }


base64_encode((char *)sig, sig_len, (char *)out_sig, out_sig_len);


return status;

}

Delphi 里

声明:

function sign_data(

  buf: PChar;

  buf_len: integer;

  pkey: PChar;

  pkey_len: integer;

  out_sig: PChar;

  out_sign_len: integer): integer;

  external 'RSAWithSHA1DLL.dll';