平台证书微信平台是没有提供的,需要我们自个获取
需要准备的东西如下:
商户号、apiclient_key.pem(下载证书的时候有提供)、api秘钥
依赖
<!-- alipay-->
<dependency>
<groupId>com.alipay.sdk</groupId>
<artifactId>alipay-sdk-java</artifactId>
<!--<version>3.7.26.ALL</version>-->
</dependency>
下面开始上代码
/** * 获取平台证书 * * @return */ @Override public Map<String, Object> getPlatformCertificate() { // 获取平台证书列表 try { IJPayHttpResponse response = WxPayApi.v3( RequestMethod.GET, WxDomain.CHINA.toString(), WxApiType.GET_CERTIFICATES.toString(), WxPayConfig.MCH_ID, getSerialNumber(), null, WxPayConfig.keyPath, "" ); //String timestamp = response.getHeader("Wechatpay-Timestamp"); //String nonceStr = response.getHeader("Wechatpay-Nonce"); String serialNumber = response.getHeader("Wechatpay-Serial"); //String signature = response.getHeader("Wechatpay-Signature"); String body = response.getBody(); int status = response.getStatus(); log.info("serialNumber: {}", serialNumber); log.info("status: {}", status); log.info("body: {}", body); int isOk = 200; if (status == isOk) { cn.hutool.json.JSONObject jsonObject = JSONUtil.parseObj(body); JSONArray dataArray = jsonObject.getJSONArray("data"); // 默认认为只有一个平台证书 cn.hutool.json.JSONObject encryptObject = dataArray.getJSONObject(0); JSONObject encryptCertificate = encryptObject.getJSONObject("encrypt_certificate"); String associatedData = encryptCertificate.getStr("associated_data"); String cipherText = encryptCertificate.getStr("ciphertext"); String nonce = encryptCertificate.getStr("nonce"); String serialNo = encryptObject.getStr("serial_no"); //平台证书文件要存在,即使是空的 String platSerialNo = savePlatformCert(associatedData, nonce, cipherText, WxPayConfig.platformCertPath); log.info("平台证书序列号: {} serialNo: {}", platSerialNo, serialNo); } // 根据证书序列号查询对应的证书来验证签名结果 boolean verifySignature = WxPayKit.verifySignature(response, WxPayConfig.platformCertPath); System.out.println("verifySignature:" + verifySignature); Map<String, Object> maps = (Map<String, Object>) JSON.parse(body); return maps; } catch (Exception e) { e.printStackTrace(); throw new CustomException("系统繁忙,请稍后重试"); } }
/** * 保存平台证书 * * @param associatedData 关联数据 * @param nonce 随机字符串 * @param cipherText 密文 * @param certPath 证书路径 * @return */ private String savePlatformCert(String associatedData, String nonce, String cipherText, String certPath) { try { AesUtil aesUtil = new AesUtil(WxPayConfig.API_SECRET.getBytes(StandardCharsets.UTF_8)); // 平台证书密文解密 // encrypt_certificate 中的 associated_data nonce ciphertext String publicKey = aesUtil.decryptToString(associatedData.getBytes(StandardCharsets.UTF_8), nonce.getBytes(StandardCharsets.UTF_8), cipherText); // 保存证书 FileWriter writer = new FileWriter(certPath); writer.write(publicKey); // 获取平台证书序列号 X509Certificate certificate = PayKit.getCertificate(new ByteArrayInputStream(publicKey.getBytes())); return certificate.getSerialNumber().toString(16).toUpperCase(); } catch (Exception e) { e.printStackTrace(); return e.getMessage(); } }
/** * 平台证书 格式.pem 这里需要用绝对路径 */ public static final String platformCertPath = "classpath:cert/platformCert.pem";
执行后平台证书就下载到target目录下了
-----BEGIN PUBLIC KEY----- -----END PUBLIC KEY-----