From 6e356abf1ece2b8f17d1e37db192960fd67642aa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=85=AD=E5=A6=82?= <8775@163.com> Date: Wed, 12 Nov 2025 09:22:18 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BC=98=E5=8C=96=E7=AD=BE=E5=90=8D=E9=AA=8C?= =?UTF-8?q?=E8=AF=81=E7=AE=97=E6=B3=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- changelog.md | 1 + .../service/validate/sign/SignUtil.java | 61 +++---- .../java/com/gitee/sop/sdk/sign/SignUtil.java | 157 +++++++++--------- .../gitee/sop/test/AlipayClientPostTest.java | 1 - 4 files changed, 115 insertions(+), 105 deletions(-) diff --git a/changelog.md b/changelog.md index 2e6d8a1e..cda04cb0 100755 --- a/changelog.md +++ b/changelog.md @@ -2,6 +2,7 @@ ## 日常更新 +- 2025-11-12:优化签名验证算法 - 2025-11-05:添加SDK示例,返回List。详见:com.gitee.sop.sdk.SdkTest.testList - 2025-11-01:添加回调处理。有升级SQL,见:[sop-20251101.sql](./upgrade/sop-20251101.sql) - 2025-09-12:修复推送文档报找不到@Open注解问题 diff --git a/sop-gateway/src/main/java/com/gitee/sop/gateway/service/validate/sign/SignUtil.java b/sop-gateway/src/main/java/com/gitee/sop/gateway/service/validate/sign/SignUtil.java index b11e539e..2d6bbd6d 100755 --- a/sop-gateway/src/main/java/com/gitee/sop/gateway/service/validate/sign/SignUtil.java +++ b/sop-gateway/src/main/java/com/gitee/sop/gateway/service/validate/sign/SignUtil.java @@ -36,10 +36,10 @@ import java.util.Map; */ public class SignUtil { - private static final String SIGN_TYPE_RSA = "RSA"; - private static final String SIGN_TYPE_RSA2 = "RSA2"; - private static final String SIGN_ALGORITHMS = "SHA1WithRSA"; - private static final String SIGN_SHA256RSA_ALGORITHMS = "SHA256WithRSA"; + private static final String RSA = "RSA"; + private static final String RSA2 = "RSA2"; + private static final String SHA1_WITH_RSA = "SHA1WithRSA"; + private static final String SHA256_WITH_RSA = "SHA256WithRSA"; private static final String CHARSET_GBK = "GBK"; /** @@ -85,9 +85,9 @@ public class SignUtil { public static String rsaSign(String content, String publicKey, String charset, String signType) throws SignException { - if (SIGN_TYPE_RSA.equals(signType)) { + if (RSA.equals(signType)) { return rsaSign(content, publicKey, charset); - } else if (SIGN_TYPE_RSA2.equals(signType)) { + } else if (RSA2.equals(signType)) { return rsa256Sign(content, publicKey, charset); } else { throw new SignException(ErrorEnum.ISV_INVALID_SIGNATURE_TYPE); @@ -107,11 +107,11 @@ public class SignUtil { String charset) throws SignException { try { - PrivateKey priKey = getPrivateKeyFromPKCS8(SIGN_TYPE_RSA, + PrivateKey priKey = getPrivateKeyFromPKCS8(RSA, new ByteArrayInputStream(privateKey.getBytes())); java.security.Signature signature = java.security.Signature - .getInstance(SIGN_SHA256RSA_ALGORITHMS); + .getInstance(SHA256_WITH_RSA); signature.initSign(priKey); @@ -141,11 +141,11 @@ public class SignUtil { public static String rsaSign(String content, String publicKey, String charset) throws SignException { try { - PrivateKey priKey = getPrivateKeyFromPKCS8(SIGN_TYPE_RSA, + PrivateKey priKey = getPrivateKeyFromPKCS8(RSA, new ByteArrayInputStream(publicKey.getBytes())); java.security.Signature signature = java.security.Signature - .getInstance(SIGN_ALGORITHMS); + .getInstance(SHA1_WITH_RSA); signature.initSign(priKey); @@ -262,29 +262,32 @@ public class SignUtil { public static boolean rsaCheck(String content, String sign, String publicKey, String charset, String signType) throws SignException { - - if (SIGN_TYPE_RSA.equals(signType)) { - + if (RSA.equals(signType)) { return rsaCheckContent(content, sign, publicKey, charset); - - } else if (SIGN_TYPE_RSA2.equals(signType)) { - + } else if (RSA2.equals(signType)) { return rsa256CheckContent(content, sign, publicKey, charset); - } else { throw new SignException(ErrorEnum.ISV_INVALID_SIGNATURE_TYPE); } - } + + /** + * 使用公钥验证签名 + * + * @param content 原始数据 + * @param sign 签名值(Base64编码) + * @param publicKey 公钥 + * @return 验证是否成功 + * @throws SignException 验证过程中的异常 + */ public static boolean rsa256CheckContent(String content, String sign, String publicKey, String charset) throws SignException { try { - PublicKey pubKey = getPublicKeyFromX509("RSA", - new ByteArrayInputStream(publicKey.getBytes())); + PublicKey pubKey = getPublicKeyFromX509(RSA, new ByteArrayInputStream(publicKey.getBytes())); java.security.Signature signature = java.security.Signature - .getInstance(SIGN_SHA256RSA_ALGORITHMS); + .getInstance(SHA256_WITH_RSA); signature.initVerify(pubKey); @@ -294,7 +297,7 @@ public class SignUtil { signature.update(content.getBytes(charset)); } - return signature.verify(Base64.decodeBase64(sign.getBytes())); + return signature.verify(java.util.Base64.getDecoder().decode(sign)); } catch (Exception e) { throw new SignException(ErrorEnum.ISV_INVALID_SIGNATURE, e); } @@ -303,11 +306,11 @@ public class SignUtil { public static boolean rsaCheckContent(String content, String sign, String publicKey, String charset) throws SignException { try { - PublicKey pubKey = getPublicKeyFromX509("RSA", + PublicKey pubKey = getPublicKeyFromX509(RSA, new ByteArrayInputStream(publicKey.getBytes())); java.security.Signature signature = java.security.Signature - .getInstance(SIGN_ALGORITHMS); + .getInstance(SHA1_WITH_RSA); signature.initVerify(pubKey); @@ -317,7 +320,7 @@ public class SignUtil { signature.update(content.getBytes(charset)); } - return signature.verify(Base64.decodeBase64(sign.getBytes())); + return signature.verify(java.util.Base64.getDecoder().decode(sign)); } catch (Exception e) { throw new SignException(ErrorEnum.ISV_INVALID_SIGNATURE, e); } @@ -520,9 +523,9 @@ public class SignUtil { public static String rsaEncrypt(String content, String publicKey, String charset) throws SignException { try { - PublicKey pubKey = getPublicKeyFromX509(SIGN_TYPE_RSA, + PublicKey pubKey = getPublicKeyFromX509(RSA, new ByteArrayInputStream(publicKey.getBytes())); - Cipher cipher = Cipher.getInstance(SIGN_TYPE_RSA); + Cipher cipher = Cipher.getInstance(RSA); cipher.init(Cipher.ENCRYPT_MODE, pubKey); byte[] data = StringUtils.isEmpty(charset) ? content.getBytes() : content.getBytes(charset); @@ -563,9 +566,9 @@ public class SignUtil { public static String rsaDecrypt(String content, String publicKey, String charset) throws SignException { try { - PrivateKey priKey = getPrivateKeyFromPKCS8(SIGN_TYPE_RSA, + PrivateKey priKey = getPrivateKeyFromPKCS8(RSA, new ByteArrayInputStream(publicKey.getBytes())); - Cipher cipher = Cipher.getInstance(SIGN_TYPE_RSA); + Cipher cipher = Cipher.getInstance(RSA); cipher.init(Cipher.DECRYPT_MODE, priKey); byte[] encryptedData = StringUtils.isEmpty(charset) ? Base64.decodeBase64(content.getBytes()) diff --git a/sop-sdk/sdk-java/src/main/java/com/gitee/sop/sdk/sign/SignUtil.java b/sop-sdk/sdk-java/src/main/java/com/gitee/sop/sdk/sign/SignUtil.java index 8b11676d..fe49bc0e 100755 --- a/sop-sdk/sdk-java/src/main/java/com/gitee/sop/sdk/sign/SignUtil.java +++ b/sop-sdk/sdk-java/src/main/java/com/gitee/sop/sdk/sign/SignUtil.java @@ -1,7 +1,6 @@ package com.gitee.sop.sdk.sign; - import com.gitee.sop.sdk.util.Base64Util; import javax.crypto.Cipher; @@ -26,29 +25,36 @@ import java.util.Map; */ public class SignUtil { - /** RSA最大加密明文大小 */ + /** + * RSA最大加密明文大小 + */ private static final int MAX_ENCRYPT_BLOCK = 117; - /** RSA最大解密密文大小 */ + /** + * RSA最大解密密文大小 + */ private static final int MAX_DECRYPT_BLOCK = 128; - public static final String SIGN_TYPE_RSA = "RSA"; + public static final String RSA = "RSA"; /** * sha256WithRsa 算法请求类型 */ - public static final String SIGN_TYPE_RSA2 = "RSA2"; + public static final String RSA2 = "RSA2"; - public static final String SIGN_ALGORITHMS = "SHA1WithRSA"; + public static final String SHA1_WITH_RSA = "SHA1WithRSA"; - public static final String SIGN_SHA256RSA_ALGORITHMS = "SHA256WithRSA"; + public static final String SHA256_WITH_RSA = "SHA256WithRSA"; - /** GBK字符集 **/ - public static final String CHARSET_GBK = "GBK"; + /** + * GBK字符集 + **/ + public static final String CHARSET_GBK = "GBK"; /** * 获取签名内容 + * * @param sortedParams * @return */ @@ -68,25 +74,22 @@ public class SignUtil { } /** - * rsa内容签名 + * rsa内容签名 * - * @param content - * @param privateKey - * @param charset - * @return - * @throws SopSignException + * @param content 内容 + * @param privateKey 私钥 + * @param charset 字符集 + * @return 返回签名 + * @throws SopSignException 报错异常 */ public static String rsaSign(String content, String privateKey, String charset, String signType) throws SopSignException { - if (SIGN_TYPE_RSA.equals(signType)) { - + if (RSA.equals(signType)) { return rsaSign(content, privateKey, charset); - } else if (SIGN_TYPE_RSA2.equals(signType)) { - + } else if (RSA2.equals(signType)) { return rsa256Sign(content, privateKey, charset); } else { - throw new SopSignException("Sign Type is Not Support : signType=" + signType); } @@ -105,11 +108,11 @@ public class SignUtil { String charset) throws SopSignException { try { - PrivateKey priKey = getPrivateKeyFromPKCS8(SIGN_TYPE_RSA, - new ByteArrayInputStream(privateKey.getBytes())); + PrivateKey priKey = getPrivateKeyFromPKCS8(RSA, + new ByteArrayInputStream(privateKey.getBytes())); java.security.Signature signature = java.security.Signature - .getInstance(SIGN_SHA256RSA_ALGORITHMS); + .getInstance(SHA256_WITH_RSA); signature.initSign(priKey); @@ -140,11 +143,11 @@ public class SignUtil { public static String rsaSign(String content, String privateKey, String charset) throws SopSignException { try { - PrivateKey priKey = getPrivateKeyFromPKCS8(SIGN_TYPE_RSA, - new ByteArrayInputStream(privateKey.getBytes())); + PrivateKey priKey = getPrivateKeyFromPKCS8(RSA, + new ByteArrayInputStream(privateKey.getBytes())); java.security.Signature signature = java.security.Signature - .getInstance(SIGN_ALGORITHMS); + .getInstance(SHA1_WITH_RSA); signature.initSign(priKey); @@ -237,11 +240,11 @@ public class SignUtil { } public static boolean rsaCheckV1(Map params, String publicKey, - String charset,String signType) throws SopSignException { - String sign = params.get("sign"); - String content = getSignCheckContentV1(params); + String charset, String signType) throws SopSignException { + String sign = params.get("sign"); + String content = getSignCheckContentV1(params); - return rsaCheck(content, sign, publicKey, charset,signType); + return rsaCheck(content, sign, publicKey, charset, signType); } public static boolean rsaCheckV2(Map params, String publicKey, @@ -253,21 +256,21 @@ public class SignUtil { } public static boolean rsaCheckV2(Map params, String publicKey, - String charset,String signType) throws SopSignException { - String sign = String.valueOf(params.get("sign")); - String content = getSignCheckContentV2(params); + String charset, String signType) throws SopSignException { + String sign = String.valueOf(params.get("sign")); + String content = getSignCheckContentV2(params); - return rsaCheck(content, sign, publicKey, charset,signType); - } + return rsaCheck(content, sign, publicKey, charset, signType); + } public static boolean rsaCheck(String content, String sign, String publicKey, String charset, String signType) throws SopSignException { - if (SIGN_TYPE_RSA.equals(signType)) { + if (RSA.equals(signType)) { return rsaCheckContent(content, sign, publicKey, charset); - } else if (SIGN_TYPE_RSA2.equals(signType)) { + } else if (RSA2.equals(signType)) { return rsa256CheckContent(content, sign, publicKey, charset); @@ -282,10 +285,10 @@ public class SignUtil { String charset) throws SopSignException { try { PublicKey pubKey = getPublicKeyFromX509("RSA", - new ByteArrayInputStream(publicKey.getBytes())); + new ByteArrayInputStream(publicKey.getBytes())); java.security.Signature signature = java.security.Signature - .getInstance(SIGN_SHA256RSA_ALGORITHMS); + .getInstance(SHA256_WITH_RSA); signature.initVerify(pubKey); @@ -295,10 +298,10 @@ public class SignUtil { signature.update(content.getBytes(charset)); } - return signature.verify(Base64Util.decodeBase64(sign.getBytes())); + return signature.verify(java.util.Base64.getDecoder().decode(sign)); } catch (Exception e) { throw new SopSignException( - "RSAcontent = " + content + ",sign=" + sign + ",charset = " + charset, e); + "RSAcontent = " + content + ",sign=" + sign + ",charset = " + charset, e); } } @@ -306,10 +309,10 @@ public class SignUtil { String charset) throws SopSignException { try { PublicKey pubKey = getPublicKeyFromX509("RSA", - new ByteArrayInputStream(publicKey.getBytes())); + new ByteArrayInputStream(publicKey.getBytes())); java.security.Signature signature = java.security.Signature - .getInstance(SIGN_ALGORITHMS); + .getInstance(SHA1_WITH_RSA); signature.initVerify(pubKey); @@ -319,10 +322,10 @@ public class SignUtil { signature.update(content.getBytes(charset)); } - return signature.verify(Base64Util.decodeBase64(sign.getBytes())); + return signature.verify(java.util.Base64.getDecoder().decode(sign)); } catch (Exception e) { throw new SopSignException( - "RSAcontent = " + content + ",sign=" + sign + ",charset = " + charset, e); + "RSAcontent = " + content + ",sign=" + sign + ",charset = " + charset, e); } } @@ -346,12 +349,13 @@ public class SignUtil { * 目前适用于公众号
* params参数示例: *
{ - *
biz_content=M0qGiGz+8kIpxe8aF4geWJdBn0aBTuJRQItLHo9R7o5JGhpic/MIUjvXo2BLB++BbkSq2OsJCEQFDZ0zK5AJYwvBgeRX30gvEj6eXqXRt16/IkB9HzAccEqKmRHrZJ7PjQWE0KfvDAHsJqFIeMvEYk1Zei2QkwSQPlso7K0oheo/iT+HYE8aTATnkqD/ByD9iNDtGg38pCa2xnnns63abKsKoV8h0DfHWgPH62urGY7Pye3r9FCOXA2Ykm8X4/Bl1bWFN/PFCEJHWe/HXj8KJKjWMO6ttsoV0xRGfeyUO8agu6t587Dl5ux5zD/s8Lbg5QXygaOwo3Fz1G8EqmGhi4+soEIQb8DBYanQOS3X+m46tVqBGMw8Oe+hsyIMpsjwF4HaPKMr37zpW3fe7xOMuimbZ0wq53YP/jhQv6XWodjT3mL0H5ACqcsSn727B5ztquzCPiwrqyjUHjJQQefFTzOse8snaWNQTUsQS7aLsHq0FveGpSBYORyA90qPdiTjXIkVP7mAiYiAIWW9pCEC7F3XtViKTZ8FRMM9ySicfuAlf3jtap6v2KPMtQv70X+hlmzO/IXB6W0Ep8DovkF5rB4r/BJYJLw/6AS0LZM9w5JfnAZhfGM2rKzpfNsgpOgEZS1WleG4I2hoQC0nxg9IcP0Hs+nWIPkEUcYNaiXqeBc=, - *
sign=rlqgA8O+RzHBVYLyHmrbODVSANWPXf3pSrr82OCO/bm3upZiXSYrX5fZr6UBmG6BZRAydEyTIguEW6VRuAKjnaO/sOiR9BsSrOdXbD5Rhos/Xt7/mGUWbTOt/F+3W0/XLuDNmuYg1yIC/6hzkg44kgtdSTsQbOC9gWM7ayB4J4c=, - * sign_type=RSA, - *
charset=UTF-8 + *
biz_content=M0qGiGz+8kIpxe8aF4geWJdBn0aBTuJRQItLHo9R7o5JGhpic/MIUjvXo2BLB++BbkSq2OsJCEQFDZ0zK5AJYwvBgeRX30gvEj6eXqXRt16/IkB9HzAccEqKmRHrZJ7PjQWE0KfvDAHsJqFIeMvEYk1Zei2QkwSQPlso7K0oheo/iT+HYE8aTATnkqD/ByD9iNDtGg38pCa2xnnns63abKsKoV8h0DfHWgPH62urGY7Pye3r9FCOXA2Ykm8X4/Bl1bWFN/PFCEJHWe/HXj8KJKjWMO6ttsoV0xRGfeyUO8agu6t587Dl5ux5zD/s8Lbg5QXygaOwo3Fz1G8EqmGhi4+soEIQb8DBYanQOS3X+m46tVqBGMw8Oe+hsyIMpsjwF4HaPKMr37zpW3fe7xOMuimbZ0wq53YP/jhQv6XWodjT3mL0H5ACqcsSn727B5ztquzCPiwrqyjUHjJQQefFTzOse8snaWNQTUsQS7aLsHq0FveGpSBYORyA90qPdiTjXIkVP7mAiYiAIWW9pCEC7F3XtViKTZ8FRMM9ySicfuAlf3jtap6v2KPMtQv70X+hlmzO/IXB6W0Ep8DovkF5rB4r/BJYJLw/6AS0LZM9w5JfnAZhfGM2rKzpfNsgpOgEZS1WleG4I2hoQC0nxg9IcP0Hs+nWIPkEUcYNaiXqeBc=, + *
sign=rlqgA8O+RzHBVYLyHmrbODVSANWPXf3pSrr82OCO/bm3upZiXSYrX5fZr6UBmG6BZRAydEyTIguEW6VRuAKjnaO/sOiR9BsSrOdXbD5Rhos/Xt7/mGUWbTOt/F+3W0/XLuDNmuYg1yIC/6hzkg44kgtdSTsQbOC9gWM7ayB4J4c=, + * sign_type=RSA, + *
charset=UTF-8 *
} *

+ * * @param params * @param alipayPublicKey 支付宝公钥 * @param cusPrivateKey 商户私钥 @@ -384,12 +388,13 @@ public class SignUtil { * 目前适用于公众号
* params参数示例: *
{ - *
biz_content=M0qGiGz+8kIpxe8aF4geWJdBn0aBTuJRQItLHo9R7o5JGhpic/MIUjvXo2BLB++BbkSq2OsJCEQFDZ0zK5AJYwvBgeRX30gvEj6eXqXRt16/IkB9HzAccEqKmRHrZJ7PjQWE0KfvDAHsJqFIeMvEYk1Zei2QkwSQPlso7K0oheo/iT+HYE8aTATnkqD/ByD9iNDtGg38pCa2xnnns63abKsKoV8h0DfHWgPH62urGY7Pye3r9FCOXA2Ykm8X4/Bl1bWFN/PFCEJHWe/HXj8KJKjWMO6ttsoV0xRGfeyUO8agu6t587Dl5ux5zD/s8Lbg5QXygaOwo3Fz1G8EqmGhi4+soEIQb8DBYanQOS3X+m46tVqBGMw8Oe+hsyIMpsjwF4HaPKMr37zpW3fe7xOMuimbZ0wq53YP/jhQv6XWodjT3mL0H5ACqcsSn727B5ztquzCPiwrqyjUHjJQQefFTzOse8snaWNQTUsQS7aLsHq0FveGpSBYORyA90qPdiTjXIkVP7mAiYiAIWW9pCEC7F3XtViKTZ8FRMM9ySicfuAlf3jtap6v2KPMtQv70X+hlmzO/IXB6W0Ep8DovkF5rB4r/BJYJLw/6AS0LZM9w5JfnAZhfGM2rKzpfNsgpOgEZS1WleG4I2hoQC0nxg9IcP0Hs+nWIPkEUcYNaiXqeBc=, - *
sign=rlqgA8O+RzHBVYLyHmrbODVSANWPXf3pSrr82OCO/bm3upZiXSYrX5fZr6UBmG6BZRAydEyTIguEW6VRuAKjnaO/sOiR9BsSrOdXbD5Rhos/Xt7/mGUWbTOt/F+3W0/XLuDNmuYg1yIC/6hzkg44kgtdSTsQbOC9gWM7ayB4J4c=, - * sign_type=RSA, - *
charset=UTF-8 + *
biz_content=M0qGiGz+8kIpxe8aF4geWJdBn0aBTuJRQItLHo9R7o5JGhpic/MIUjvXo2BLB++BbkSq2OsJCEQFDZ0zK5AJYwvBgeRX30gvEj6eXqXRt16/IkB9HzAccEqKmRHrZJ7PjQWE0KfvDAHsJqFIeMvEYk1Zei2QkwSQPlso7K0oheo/iT+HYE8aTATnkqD/ByD9iNDtGg38pCa2xnnns63abKsKoV8h0DfHWgPH62urGY7Pye3r9FCOXA2Ykm8X4/Bl1bWFN/PFCEJHWe/HXj8KJKjWMO6ttsoV0xRGfeyUO8agu6t587Dl5ux5zD/s8Lbg5QXygaOwo3Fz1G8EqmGhi4+soEIQb8DBYanQOS3X+m46tVqBGMw8Oe+hsyIMpsjwF4HaPKMr37zpW3fe7xOMuimbZ0wq53YP/jhQv6XWodjT3mL0H5ACqcsSn727B5ztquzCPiwrqyjUHjJQQefFTzOse8snaWNQTUsQS7aLsHq0FveGpSBYORyA90qPdiTjXIkVP7mAiYiAIWW9pCEC7F3XtViKTZ8FRMM9ySicfuAlf3jtap6v2KPMtQv70X+hlmzO/IXB6W0Ep8DovkF5rB4r/BJYJLw/6AS0LZM9w5JfnAZhfGM2rKzpfNsgpOgEZS1WleG4I2hoQC0nxg9IcP0Hs+nWIPkEUcYNaiXqeBc=, + *
sign=rlqgA8O+RzHBVYLyHmrbODVSANWPXf3pSrr82OCO/bm3upZiXSYrX5fZr6UBmG6BZRAydEyTIguEW6VRuAKjnaO/sOiR9BsSrOdXbD5Rhos/Xt7/mGUWbTOt/F+3W0/XLuDNmuYg1yIC/6hzkg44kgtdSTsQbOC9gWM7ayB4J4c=, + * sign_type=RSA, + *
charset=UTF-8 *
} *

+ * * @param params * @param alipayPublicKey 支付宝公钥 * @param cusPrivateKey 商户私钥 @@ -404,7 +409,7 @@ public class SignUtil { String charset = params.get("charset"); String bizContent = params.get("biz_content"); if (isCheckSign) { - if (!rsaCheckV2(params, alipayPublicKey, charset,signType)) { + if (!rsaCheckV2(params, alipayPublicKey, charset, signType)) { throw new SopSignException("rsaCheck failure:rsaParams=" + params); } } @@ -419,6 +424,7 @@ public class SignUtil { /** * 加密并签名
* 目前适用于公众号 + * * @param bizContent 待加密、签名内容 * @param alipayPublicKey 支付宝公钥 * @param cusPrivateKey 商户私钥 @@ -429,10 +435,10 @@ public class SignUtil { *

* 返回示例: * - * 密文 - * RSA - * sign - * RSA + * 密文 + * RSA + * sign + * RSA * *

* @throws SopSignException @@ -472,6 +478,7 @@ public class SignUtil { /** * 加密并签名
* 目前适用于公众号 + * * @param bizContent 待加密、签名内容 * @param alipayPublicKey 支付宝公钥 * @param cusPrivateKey 商户私钥 @@ -482,17 +489,17 @@ public class SignUtil { *

* 返回示例: * - * 密文 - * RSA - * sign - * RSA + * 密文 + * RSA + * sign + * RSA * *

* @throws SopSignException */ public static String encryptAndSign(String bizContent, String alipayPublicKey, String cusPrivateKey, String charset, boolean isEncrypt, - boolean isSign,String signType) throws SopSignException { + boolean isSign, String signType) throws SopSignException { StringBuilder sb = new StringBuilder(); if (StringUtils.isEmpty(charset)) { charset = CHARSET_GBK; @@ -538,12 +545,12 @@ public class SignUtil { public static String rsaEncrypt(String content, String publicKey, String charset) throws SopSignException { try { - PublicKey pubKey = getPublicKeyFromX509(SIGN_TYPE_RSA, - new ByteArrayInputStream(publicKey.getBytes())); - Cipher cipher = Cipher.getInstance(SIGN_TYPE_RSA); + PublicKey pubKey = getPublicKeyFromX509(RSA, + new ByteArrayInputStream(publicKey.getBytes())); + Cipher cipher = Cipher.getInstance(RSA); cipher.init(Cipher.ENCRYPT_MODE, pubKey); byte[] data = StringUtils.isEmpty(charset) ? content.getBytes() - : content.getBytes(charset); + : content.getBytes(charset); int inputLen = data.length; ByteArrayOutputStream out = new ByteArrayOutputStream(); int offSet = 0; @@ -564,10 +571,10 @@ public class SignUtil { out.close(); return StringUtils.isEmpty(charset) ? new String(encryptedData) - : new String(encryptedData, charset); + : new String(encryptedData, charset); } catch (Exception e) { throw new SopSignException("EncryptContent = " + content + ",charset = " + charset, - e); + e); } } @@ -583,13 +590,13 @@ public class SignUtil { public static String rsaDecrypt(String content, String privateKey, String charset) throws SopSignException { try { - PrivateKey priKey = getPrivateKeyFromPKCS8(SIGN_TYPE_RSA, - new ByteArrayInputStream(privateKey.getBytes())); - Cipher cipher = Cipher.getInstance(SIGN_TYPE_RSA); + PrivateKey priKey = getPrivateKeyFromPKCS8(RSA, + new ByteArrayInputStream(privateKey.getBytes())); + Cipher cipher = Cipher.getInstance(RSA); cipher.init(Cipher.DECRYPT_MODE, priKey); byte[] encryptedData = StringUtils.isEmpty(charset) - ? Base64Util.decodeBase64(content.getBytes()) - : Base64Util.decodeBase64(content.getBytes(charset)); + ? Base64Util.decodeBase64(content.getBytes()) + : Base64Util.decodeBase64(content.getBytes(charset)); int inputLen = encryptedData.length; ByteArrayOutputStream out = new ByteArrayOutputStream(); int offSet = 0; @@ -610,7 +617,7 @@ public class SignUtil { out.close(); return StringUtils.isEmpty(charset) ? new String(decryptedData) - : new String(decryptedData, charset); + : new String(decryptedData, charset); } catch (Exception e) { throw new SopSignException("EncodeContent = " + content + ",charset = " + charset, e); } diff --git a/sop-test/src/test/java/com/gitee/sop/test/AlipayClientPostTest.java b/sop-test/src/test/java/com/gitee/sop/test/AlipayClientPostTest.java index 56d3f978..48b057d4 100755 --- a/sop-test/src/test/java/com/gitee/sop/test/AlipayClientPostTest.java +++ b/sop-test/src/test/java/com/gitee/sop/test/AlipayClientPostTest.java @@ -33,7 +33,6 @@ public class AlipayClientPostTest extends TestBase { app_auth_token String 否 40 详见应用授权概述 biz_content String 是 请求参数的集合,最大长度不限,除公共参数外所有请求参数都必须放在这个参数中传递,具体参照各产品快速接入文档 */ - // 这个请求会路由到story服务 @Test public void testGet() throws Exception {