-
Notifications
You must be signed in to change notification settings - Fork 283
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
验证回调通知事件签名提示:Signature does not match #139
Comments
字面意思,签名错误。 可能传参错误、混用了不同商户号(即用商户A去验签商户B的回调)等原因。 请贴下完整代码看看。 |
定位到了问题,我定义input的时候字段的顺序与官方文档的顺序的不一致,将顺序修改成一样后,还是使用上面的方式将input反序列化后验签,可以通过了! |
不建议你这么搞。以后微信突然调整字段顺序了你怎么办?或者人家传给你的 JSON 里突然多了空格怎么办? { "key1": "value1", "key2": "value2" }
{"key2":"value2","key1":"value1"} 虽然一个有空格一个没空格、键顺序也不一样,但从数据的角度上讲,这俩 JSON 完全一样。可从字符串上看,这就是俩不同的字符串,当然签名结果会不一样。
微信官方也强调了,要使用原始报文主体验签。 |
好的,感谢大神指出问题~ |
想问下调用VerifyEventSignatureAsync提示(Signature does not match)是什么原因?
Signature does not match. Maybe "JrJT0uT4TKpnqka6mLemixE2Gy5JShpkctrX7gfjiVYCvHAvze3dVIvaTcU/e2tQ1Ises/2w4qsbmG6huw4L5fmz/XqvboxGNNj92z3Y2JgyC4LcZzUtvpiaRObwr8vF6cd53IGrCRg0OOgFC8BtgxgvNGjtFyEOc4cakkj7xDOe2MMue7hP35x1+ZEyWOp2TyiqlQPeZScoMaXDsNEBCjaGRsiRGCVNnR6UDx417kuH3G09601mtBozMte9+t97mBYCSOoNOoXC3pZvfFclzZgibCX3hZs8kJSFcNoJ+3K/nbrnivgOj3ddzo8Np35yYgIj3Pvpjg4WdHQLApcprA==" is an illegal signature.
使用的就是请求头微信返回的签名字段(Wechatpay-Signature),ExecuteQueryCertificatesAsync拿到的平台证书我也调用(DecryptResponseSensitiveProperty)解密了
CertificateEntry里的AlgorithmType是“RSA”,是否应该是“WECHATPAY2-SHA256-RSA2048”是这个原因吗?
PS.我将AlgorithmType改为“AlgorithmType”,会提示我:The value of
algorithmType
an invalid value. (Parameter 'algorithmType')The text was updated successfully, but these errors were encountered: