Issue

When using WeChat Pay V3 public key mode for transfer APIs (商户转账 - merchant transfer to user's balance), signature verification would fail with error "应答的微信支付签名验证失败" (WeChat Pay response signature verification failed) even though the transfer operation was successful and funds were locked in the merchant account.

This issue specifically affects the new transfer API endpoint /v3/fund-app/mch-transfer/transfer-bills when using public key authentication mode.

Root Cause

The PublicCertificateVerifier.verify() method had a logic flaw when handling WeChat Pay responses:

1. WeChat Pay may return responses with a platform certificate serial number in the Wechatpay-Serial header (not containing "PUB_KEY_ID")
2. However, the signature in these responses is actually signed with the merchant's public key
3. The original code would see the serial number doesn't contain "PUB_KEY_ID" and delegate to the certificate verifier
4. If certificate verification failed, it would return false without attempting public key verification
5. This caused legitimate public key-signed responses to fail verification

Solution

Modified PublicCertificateVerifier.verify() to implement a fallback mechanism:

@Override
public boolean verify(String serialNumber, byte[] message, String signature) {
 // Try certificate verification first if serial doesn't contain "PUB_KEY_ID"
 if (!serialNumber.contains("PUB_KEY_ID") && this.certificateVerifier != null) {
 try {
 if (this.certificateVerifier.verify(serialNumber, message, signature)) {
 return true;
 }
 } catch (Exception e) {
 // Certificate verification failed, fallback to public key verification
 }
 }
 // Use public key verification as fallback (handles public key transfer scenarios)
 // ... (existing public key verification code)
}

Key improvements:

• Wraps certificate verification in try-catch to handle failures gracefully
• Falls back to public key verification if certificate verification fails or returns false
• Ensures both platform certificate and public key signed responses work correctly

Impact

✅ Fixes: Public key transfer signature verification failures
✅ Maintains: Full backward compatibility with platform certificate mode
✅ Supports: Both full public key mode and hybrid mode configurations
✅ User Impact: No changes required in user code - fix is transparent

Testing

• ✅ Code style validation (checkstyle) passed
• ✅ Full compilation succeeded (all 35 modules)
• ✅ Full package build succeeded

Related Documentation

This fix supports the new transfer API documented in:

• NEW_TRANSFER_API_SUPPORT.md
• NEW_TRANSFER_API_USAGE.md

Fixes #[issue number]

💬 Share your feedback on Copilot coding agent for the chance to win a 200ドル gift card! Click here to start the survey.