置顶微信支付ApiV3回调验签失败？精选热门

2024-12-3010802浏览问题模块： API和组件

openssl verify -verbose -CAfile ./CertTrustChain.pem ./wechatpay_****.pem

./wechatpay_****.pem: OK

微信公钥没问题，下面是验签java代码：

public static boolean verify(String str, String publicKey, String sign) throws Exception {

byte[] data = str.getBytes();

byte[] signBytes = Base64.getDecoder().decode(sign);

X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(decryptBASE64(publicKey));

KeyFactory keyFactory = KeyFactory.getInstance(“RSA”);

PublicKey pubKey = keyFactory.generatePublic(x509KeySpec);

Signature signature = Signature.getInstance(“SHA256withRSA”);

signature.initVerify(pubKey);

signature.update(data);

return signature.verify(signBytes);

}

报错：

Caused by: java.security.InvalidKeyException: IOException: DerValue.getOID, not an OID -96

at java.base/sun.security.x509.X509Key.decode(X509Key.java:375)

at java.base/sun.security.x509.X509Key.decode(X509Key.java:380)

at java.base/sun.security.rsa.RSAPublicKeyImpl.<init>(RSAPublicKeyImpl.java:146)

at java.base/sun.security.rsa.RSAPublicKeyImpl.newKey(RSAPublicKeyImpl.java:78)

at java.base/sun.security.rsa.RSAKeyFactory.generatePublic(RSAKeyFactory.java:324)

at java.base/sun.security.rsa.RSAKeyFactory.engineGeneratePublic(RSAKeyFactory.java:237)