'RTPM', // 实时代付 'merId' => '6888803045944', // 此处更换商户号 'url' => '/agentpay', 'pt' => array( 'version' => '01', 'productId' => '00000004', 'orderCode' => $orderNo, 'tranTime' => date('YmdHis'), 'tranAmt' => str_pad($amount*100,12,'0',STR_PAD_LEFT), 'currencyCode' => '156', 'accAttr' => '0', 'accNo' => $cardNo, 'accType' => '4', 'accName' => $cardUserName, //'bankName' => 'cbc', 'remark' => '提现'.$remark, // 这个字段不要出现“代付”的字样 'payMode' => '1', 'channelType' => '07' ) ); try { //--------------------------------------------1、基础参数配置------------------------------------------------ $api = 'https://caspay.sandpay.com.cn/agent-main/openapi/'; $publicKeyPath = '/www/wwwroot/xiang_admin.qcyjsh.com/application/common/library/shande/cert/sand.cer'; //！！！ 公钥文件，这个不要改动 $priKeyPath = '/www/wwwroot/xiang_admin.qcyjsh.com/application/common/library/shande/cert/6888803045944.pfx'; //const PUB_KEY_PATH = 'cert/SAND_PUBLIC_KEY.cer'; //公钥文件 //const PRI_KEY_PATH_2 = 'cert/MID_RSA_PRIVATE_KEY.pfx'; //私钥文件 $priPwd='980801'; // 获取公私钥匙 $priKey = loadPk12Cert($priKeyPath, $priPwd); //$priKey_2 = loadPk12Cert(PRI_KEY_PATH_2, CERT_PWD); $pubKey = loadX509Cert($publicKeyPath); // step1: 拼接报文及配置 $transCode = $info['transCode']; // 交易码 $accessType = '0'; // 接入类型 0-商户接入，默认；1-平台接入 $merId = $info['merId']; // 此处更换商户号 $path = $info['url']; // 服务地址 $pt = $info['pt']; // 报文 // step2: 生成AESKey并使用公钥加密 $AESKey = aes_generate(16); $encryptKey = RSAEncryptByPub($AESKey, $pubKey); // step3: 使用AESKey加密报文 $encryptData = AESEncrypt($pt, $AESKey); // step4: 使用私钥签名报文 $sign = sign($pt, $priKey); // step5: 拼接post数据 $post = array( 'transCode' => $transCode, 'accessType' => $accessType, 'merId' => $merId, 'encryptKey' => $encryptKey, 'encryptData' => $encryptData, 'sign' => $sign ); // step6: post请求 $result = http_post_json($api . $path, $post); parse_str($result, $arr); // step7: 使用私钥解密AESKey $decryptAESKey = RSADecryptByPri($arr['encryptKey'], $priKey); // step8: 使用解密后的AESKey解密报文 $decryptPlainText = AESDecrypt($arr['encryptData'], $decryptAESKey); // step9: 使用公钥验签报文 verify($decryptPlainText, $arr['sign'], $pubKey); } catch (\Exception $e) { throw $e; } $json=json_decode($decryptPlainText,true); // if($json['respCode']!='0000'){ // throw new \Exception($json['respDesc']); // } return $json; } }