7x31/SOP
1
0
Fork 0
mirror of https://gitee.com/durcframework/SOP.git synced 2025-11-13 09:46:09 +08:00
Code Issues Packages Projects Releases Wiki Activity

优化签名验证算法

Browse Source
This commit is contained in:
六如
2025-11-12 09:22:18 +08:00
parent 7599c51f80
commit 6e356abf1e
4 changed files with 115 additions and 105 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
changelog.md
View File

@@ -2,6 +2,7 @@
## 日常更新 ## 日常更新
- 2025-11-12优化签名验证算法
- 2025-11-05添加SDK示例返回List。详见com.gitee.sop.sdk.SdkTest.testList - 2025-11-05添加SDK示例返回List。详见com.gitee.sop.sdk.SdkTest.testList
- 2025-11-01添加回调处理。有升级SQL[sop-20251101.sql](./upgrade/sop-20251101.sql) - 2025-11-01添加回调处理。有升级SQL[sop-20251101.sql](./upgrade/sop-20251101.sql)
- 2025-09-12修复推送文档报找不到@Open注解问题 - 2025-09-12修复推送文档报找不到@Open注解问题

61
sop-gateway/src/main/java/com/gitee/sop/gateway/service/validate/sign/SignUtil.java
View File

@@ -36,10 +36,10 @@ import java.util.Map;
*/ */
public class SignUtil { public class SignUtil {
private static final String SIGN_TYPE_RSA = "RSA"; private static final String RSA = "RSA";
private static final String SIGN_TYPE_RSA2 = "RSA2"; private static final String RSA2 = "RSA2";
private static final String SIGN_ALGORITHMS = "SHA1WithRSA"; private static final String SHA1_WITH_RSA = "SHA1WithRSA";
private static final String SIGN_SHA256RSA_ALGORITHMS = "SHA256WithRSA"; private static final String SHA256_WITH_RSA = "SHA256WithRSA";
private static final String CHARSET_GBK = "GBK"; private static final String CHARSET_GBK = "GBK";
/** /**
@@ -85,9 +85,9 @@ public class SignUtil {
public static String rsaSign(String content, String publicKey, String charset, public static String rsaSign(String content, String publicKey, String charset,
String signType) throws SignException { String signType) throws SignException {
if (SIGN_TYPE_RSA.equals(signType)) { if (RSA.equals(signType)) {
return rsaSign(content, publicKey, charset); return rsaSign(content, publicKey, charset);
} else if (SIGN_TYPE_RSA2.equals(signType)) { } else if (RSA2.equals(signType)) {
return rsa256Sign(content, publicKey, charset); return rsa256Sign(content, publicKey, charset);
} else { } else {
throw new SignException(ErrorEnum.ISV_INVALID_SIGNATURE_TYPE); throw new SignException(ErrorEnum.ISV_INVALID_SIGNATURE_TYPE);
@@ -107,11 +107,11 @@ public class SignUtil {
String charset) throws SignException { String charset) throws SignException {
try { try {
PrivateKey priKey = getPrivateKeyFromPKCS8(SIGN_TYPE_RSA, PrivateKey priKey = getPrivateKeyFromPKCS8(RSA,
new ByteArrayInputStream(privateKey.getBytes())); new ByteArrayInputStream(privateKey.getBytes()));
java.security.Signature signature = java.security.Signature java.security.Signature signature = java.security.Signature
.getInstance(SIGN_SHA256RSA_ALGORITHMS); .getInstance(SHA256_WITH_RSA);
signature.initSign(priKey); signature.initSign(priKey);
@@ -141,11 +141,11 @@ public class SignUtil {
public static String rsaSign(String content, String publicKey, public static String rsaSign(String content, String publicKey,
String charset) throws SignException { String charset) throws SignException {
try { try {
PrivateKey priKey = getPrivateKeyFromPKCS8(SIGN_TYPE_RSA, PrivateKey priKey = getPrivateKeyFromPKCS8(RSA,
new ByteArrayInputStream(publicKey.getBytes())); new ByteArrayInputStream(publicKey.getBytes()));
java.security.Signature signature = java.security.Signature java.security.Signature signature = java.security.Signature
.getInstance(SIGN_ALGORITHMS); .getInstance(SHA1_WITH_RSA);
signature.initSign(priKey); signature.initSign(priKey);
@@ -262,29 +262,32 @@ public class SignUtil {
public static boolean rsaCheck(String content, String sign, String publicKey, String charset, public static boolean rsaCheck(String content, String sign, String publicKey, String charset,
String signType) throws SignException { String signType) throws SignException {
if (RSA.equals(signType)) {
if (SIGN_TYPE_RSA.equals(signType)) {
return rsaCheckContent(content, sign, publicKey, charset); return rsaCheckContent(content, sign, publicKey, charset);
} else if (RSA2.equals(signType)) {
} else if (SIGN_TYPE_RSA2.equals(signType)) {
return rsa256CheckContent(content, sign, publicKey, charset); return rsa256CheckContent(content, sign, publicKey, charset);
} else { } else {
throw new SignException(ErrorEnum.ISV_INVALID_SIGNATURE_TYPE); throw new SignException(ErrorEnum.ISV_INVALID_SIGNATURE_TYPE);
} }
} }
/**
* 使用公钥验证签名
*
* @param content 原始数据
* @param sign 签名值(Base64编码)
* @param publicKey 公钥
* @return 验证是否成功
* @throws SignException 验证过程中的异常
*/
public static boolean rsa256CheckContent(String content, String sign, String publicKey, public static boolean rsa256CheckContent(String content, String sign, String publicKey,
String charset) throws SignException { String charset) throws SignException {
try { try {
PublicKey pubKey = getPublicKeyFromX509("RSA", PublicKey pubKey = getPublicKeyFromX509(RSA, new ByteArrayInputStream(publicKey.getBytes()));
new ByteArrayInputStream(publicKey.getBytes()));
java.security.Signature signature = java.security.Signature java.security.Signature signature = java.security.Signature
.getInstance(SIGN_SHA256RSA_ALGORITHMS); .getInstance(SHA256_WITH_RSA);
signature.initVerify(pubKey); signature.initVerify(pubKey);
@@ -294,7 +297,7 @@ public class SignUtil {
signature.update(content.getBytes(charset)); signature.update(content.getBytes(charset));
} }
return signature.verify(Base64.decodeBase64(sign.getBytes())); return signature.verify(java.util.Base64.getDecoder().decode(sign));
} catch (Exception e) { } catch (Exception e) {
throw new SignException(ErrorEnum.ISV_INVALID_SIGNATURE, e); throw new SignException(ErrorEnum.ISV_INVALID_SIGNATURE, e);
} }
@@ -303,11 +306,11 @@ public class SignUtil {
public static boolean rsaCheckContent(String content, String sign, String publicKey, public static boolean rsaCheckContent(String content, String sign, String publicKey,
String charset) throws SignException { String charset) throws SignException {
try { try {
PublicKey pubKey = getPublicKeyFromX509("RSA", PublicKey pubKey = getPublicKeyFromX509(RSA,
new ByteArrayInputStream(publicKey.getBytes())); new ByteArrayInputStream(publicKey.getBytes()));
java.security.Signature signature = java.security.Signature java.security.Signature signature = java.security.Signature
.getInstance(SIGN_ALGORITHMS); .getInstance(SHA1_WITH_RSA);
signature.initVerify(pubKey); signature.initVerify(pubKey);
@@ -317,7 +320,7 @@ public class SignUtil {
signature.update(content.getBytes(charset)); signature.update(content.getBytes(charset));
} }
return signature.verify(Base64.decodeBase64(sign.getBytes())); return signature.verify(java.util.Base64.getDecoder().decode(sign));
} catch (Exception e) { } catch (Exception e) {
throw new SignException(ErrorEnum.ISV_INVALID_SIGNATURE, e); throw new SignException(ErrorEnum.ISV_INVALID_SIGNATURE, e);
} }
@@ -520,9 +523,9 @@ public class SignUtil {
public static String rsaEncrypt(String content, String publicKey, public static String rsaEncrypt(String content, String publicKey,
String charset) throws SignException { String charset) throws SignException {
try { try {
PublicKey pubKey = getPublicKeyFromX509(SIGN_TYPE_RSA, PublicKey pubKey = getPublicKeyFromX509(RSA,
new ByteArrayInputStream(publicKey.getBytes())); new ByteArrayInputStream(publicKey.getBytes()));
Cipher cipher = Cipher.getInstance(SIGN_TYPE_RSA); Cipher cipher = Cipher.getInstance(RSA);
cipher.init(Cipher.ENCRYPT_MODE, pubKey); cipher.init(Cipher.ENCRYPT_MODE, pubKey);
byte[] data = StringUtils.isEmpty(charset) ? content.getBytes() byte[] data = StringUtils.isEmpty(charset) ? content.getBytes()
: content.getBytes(charset); : content.getBytes(charset);
@@ -563,9 +566,9 @@ public class SignUtil {
public static String rsaDecrypt(String content, String publicKey, public static String rsaDecrypt(String content, String publicKey,
String charset) throws SignException { String charset) throws SignException {
try { try {
PrivateKey priKey = getPrivateKeyFromPKCS8(SIGN_TYPE_RSA, PrivateKey priKey = getPrivateKeyFromPKCS8(RSA,
new ByteArrayInputStream(publicKey.getBytes())); new ByteArrayInputStream(publicKey.getBytes()));
Cipher cipher = Cipher.getInstance(SIGN_TYPE_RSA); Cipher cipher = Cipher.getInstance(RSA);
cipher.init(Cipher.DECRYPT_MODE, priKey); cipher.init(Cipher.DECRYPT_MODE, priKey);
byte[] encryptedData = StringUtils.isEmpty(charset) byte[] encryptedData = StringUtils.isEmpty(charset)
? Base64.decodeBase64(content.getBytes()) ? Base64.decodeBase64(content.getBytes())

157
sop-sdk/sdk-java/src/main/java/com/gitee/sop/sdk/sign/SignUtil.java
View File

@@ -1,7 +1,6 @@
package com.gitee.sop.sdk.sign; package com.gitee.sop.sdk.sign;
import com.gitee.sop.sdk.util.Base64Util; import com.gitee.sop.sdk.util.Base64Util;
import javax.crypto.Cipher; import javax.crypto.Cipher;
@@ -26,29 +25,36 @@ import java.util.Map;
*/ */
public class SignUtil { public class SignUtil {
/** RSA最大加密明文大小 */ /**
* RSA最大加密明文大小
*/
private static final int MAX_ENCRYPT_BLOCK = 117; private static final int MAX_ENCRYPT_BLOCK = 117;
/** RSA最大解密密文大小 */ /**
* RSA最大解密密文大小
*/
private static final int MAX_DECRYPT_BLOCK = 128; private static final int MAX_DECRYPT_BLOCK = 128;
public static final String SIGN_TYPE_RSA = "RSA"; public static final String RSA = "RSA";
/** /**
* sha256WithRsa 算法请求类型 * sha256WithRsa 算法请求类型
*/ */
public static final String SIGN_TYPE_RSA2 = "RSA2"; public static final String RSA2 = "RSA2";
public static final String SIGN_ALGORITHMS = "SHA1WithRSA"; public static final String SHA1_WITH_RSA = "SHA1WithRSA";
public static final String SIGN_SHA256RSA_ALGORITHMS = "SHA256WithRSA"; public static final String SHA256_WITH_RSA = "SHA256WithRSA";
/** GBK字符集 **/ /**
public static final String CHARSET_GBK = "GBK"; * GBK字符集
**/
public static final String CHARSET_GBK = "GBK";
/** /**
* 获取签名内容 * 获取签名内容
*
* @param sortedParams * @param sortedParams
* @return * @return
*/ */
@@ -68,25 +74,22 @@ public class SignUtil {
} }
/** /**
* rsa内容签名 * rsa内容签名
* *
* @param content * @param content 内容
* @param privateKey * @param privateKey 私钥
* @param charset * @param charset 字符集
* @return * @return 返回签名
* @throws SopSignException * @throws SopSignException 报错异常
*/ */
public static String rsaSign(String content, String privateKey, String charset, public static String rsaSign(String content, String privateKey, String charset,
String signType) throws SopSignException { String signType) throws SopSignException {
if (SIGN_TYPE_RSA.equals(signType)) { if (RSA.equals(signType)) {
return rsaSign(content, privateKey, charset); return rsaSign(content, privateKey, charset);
} else if (SIGN_TYPE_RSA2.equals(signType)) { } else if (RSA2.equals(signType)) {
return rsa256Sign(content, privateKey, charset); return rsa256Sign(content, privateKey, charset);
} else { } else {
throw new SopSignException("Sign Type is Not Support : signType=" + signType); throw new SopSignException("Sign Type is Not Support : signType=" + signType);
} }
@@ -105,11 +108,11 @@ public class SignUtil {
String charset) throws SopSignException { String charset) throws SopSignException {
try { try {
PrivateKey priKey = getPrivateKeyFromPKCS8(SIGN_TYPE_RSA, PrivateKey priKey = getPrivateKeyFromPKCS8(RSA,
new ByteArrayInputStream(privateKey.getBytes())); new ByteArrayInputStream(privateKey.getBytes()));
java.security.Signature signature = java.security.Signature java.security.Signature signature = java.security.Signature
.getInstance(SIGN_SHA256RSA_ALGORITHMS); .getInstance(SHA256_WITH_RSA);
signature.initSign(priKey); signature.initSign(priKey);
@@ -140,11 +143,11 @@ public class SignUtil {
public static String rsaSign(String content, String privateKey, public static String rsaSign(String content, String privateKey,
String charset) throws SopSignException { String charset) throws SopSignException {
try { try {
PrivateKey priKey = getPrivateKeyFromPKCS8(SIGN_TYPE_RSA, PrivateKey priKey = getPrivateKeyFromPKCS8(RSA,
new ByteArrayInputStream(privateKey.getBytes())); new ByteArrayInputStream(privateKey.getBytes()));
java.security.Signature signature = java.security.Signature java.security.Signature signature = java.security.Signature
.getInstance(SIGN_ALGORITHMS); .getInstance(SHA1_WITH_RSA);
signature.initSign(priKey); signature.initSign(priKey);
@@ -237,11 +240,11 @@ public class SignUtil {
} }
public static boolean rsaCheckV1(Map<String, String> params, String publicKey, public static boolean rsaCheckV1(Map<String, String> params, String publicKey,
String charset,String signType) throws SopSignException { String charset, String signType) throws SopSignException {
String sign = params.get("sign"); String sign = params.get("sign");
String content = getSignCheckContentV1(params); String content = getSignCheckContentV1(params);
return rsaCheck(content, sign, publicKey, charset,signType); return rsaCheck(content, sign, publicKey, charset, signType);
} }
public static boolean rsaCheckV2(Map<String, String> params, String publicKey, public static boolean rsaCheckV2(Map<String, String> params, String publicKey,
@@ -253,21 +256,21 @@ public class SignUtil {
} }
public static boolean rsaCheckV2(Map<String, ?> params, String publicKey, public static boolean rsaCheckV2(Map<String, ?> params, String publicKey,
String charset,String signType) throws SopSignException { String charset, String signType) throws SopSignException {
String sign = String.valueOf(params.get("sign")); String sign = String.valueOf(params.get("sign"));
String content = getSignCheckContentV2(params); String content = getSignCheckContentV2(params);
return rsaCheck(content, sign, publicKey, charset,signType); return rsaCheck(content, sign, publicKey, charset, signType);
} }
public static boolean rsaCheck(String content, String sign, String publicKey, String charset, public static boolean rsaCheck(String content, String sign, String publicKey, String charset,
String signType) throws SopSignException { String signType) throws SopSignException {
if (SIGN_TYPE_RSA.equals(signType)) { if (RSA.equals(signType)) {
return rsaCheckContent(content, sign, publicKey, charset); return rsaCheckContent(content, sign, publicKey, charset);
} else if (SIGN_TYPE_RSA2.equals(signType)) { } else if (RSA2.equals(signType)) {
return rsa256CheckContent(content, sign, publicKey, charset); return rsa256CheckContent(content, sign, publicKey, charset);
@@ -282,10 +285,10 @@ public class SignUtil {
String charset) throws SopSignException { String charset) throws SopSignException {
try { try {
PublicKey pubKey = getPublicKeyFromX509("RSA", PublicKey pubKey = getPublicKeyFromX509("RSA",
new ByteArrayInputStream(publicKey.getBytes())); new ByteArrayInputStream(publicKey.getBytes()));
java.security.Signature signature = java.security.Signature java.security.Signature signature = java.security.Signature
.getInstance(SIGN_SHA256RSA_ALGORITHMS); .getInstance(SHA256_WITH_RSA);
signature.initVerify(pubKey); signature.initVerify(pubKey);
@@ -295,10 +298,10 @@ public class SignUtil {
signature.update(content.getBytes(charset)); signature.update(content.getBytes(charset));
} }
return signature.verify(Base64Util.decodeBase64(sign.getBytes())); return signature.verify(java.util.Base64.getDecoder().decode(sign));
} catch (Exception e) { } catch (Exception e) {
throw new SopSignException( throw new SopSignException(
"RSAcontent = " + content + ",sign=" + sign + ",charset = " + charset, e); "RSAcontent = " + content + ",sign=" + sign + ",charset = " + charset, e);
} }
} }
@@ -306,10 +309,10 @@ public class SignUtil {
String charset) throws SopSignException { String charset) throws SopSignException {
try { try {
PublicKey pubKey = getPublicKeyFromX509("RSA", PublicKey pubKey = getPublicKeyFromX509("RSA",
new ByteArrayInputStream(publicKey.getBytes())); new ByteArrayInputStream(publicKey.getBytes()));
java.security.Signature signature = java.security.Signature java.security.Signature signature = java.security.Signature
.getInstance(SIGN_ALGORITHMS); .getInstance(SHA1_WITH_RSA);
signature.initVerify(pubKey); signature.initVerify(pubKey);
@@ -319,10 +322,10 @@ public class SignUtil {
signature.update(content.getBytes(charset)); signature.update(content.getBytes(charset));
} }
return signature.verify(Base64Util.decodeBase64(sign.getBytes())); return signature.verify(java.util.Base64.getDecoder().decode(sign));
} catch (Exception e) { } catch (Exception e) {
throw new SopSignException( throw new SopSignException(
"RSAcontent = " + content + ",sign=" + sign + ",charset = " + charset, e); "RSAcontent = " + content + ",sign=" + sign + ",charset = " + charset, e);
} }
} }
@@ -346,12 +349,13 @@ public class SignUtil {
* <b>目前适用于公众号</b><br> * <b>目前适用于公众号</b><br>
* params参数示例 * params参数示例
* <br>{ * <br>{
* <br>biz_content=M0qGiGz+8kIpxe8aF4geWJdBn0aBTuJRQItLHo9R7o5JGhpic/MIUjvXo2BLB++BbkSq2OsJCEQFDZ0zK5AJYwvBgeRX30gvEj6eXqXRt16/IkB9HzAccEqKmRHrZJ7PjQWE0KfvDAHsJqFIeMvEYk1Zei2QkwSQPlso7K0oheo/iT+HYE8aTATnkqD/ByD9iNDtGg38pCa2xnnns63abKsKoV8h0DfHWgPH62urGY7Pye3r9FCOXA2Ykm8X4/Bl1bWFN/PFCEJHWe/HXj8KJKjWMO6ttsoV0xRGfeyUO8agu6t587Dl5ux5zD/s8Lbg5QXygaOwo3Fz1G8EqmGhi4+soEIQb8DBYanQOS3X+m46tVqBGMw8Oe+hsyIMpsjwF4HaPKMr37zpW3fe7xOMuimbZ0wq53YP/jhQv6XWodjT3mL0H5ACqcsSn727B5ztquzCPiwrqyjUHjJQQefFTzOse8snaWNQTUsQS7aLsHq0FveGpSBYORyA90qPdiTjXIkVP7mAiYiAIWW9pCEC7F3XtViKTZ8FRMM9ySicfuAlf3jtap6v2KPMtQv70X+hlmzO/IXB6W0Ep8DovkF5rB4r/BJYJLw/6AS0LZM9w5JfnAZhfGM2rKzpfNsgpOgEZS1WleG4I2hoQC0nxg9IcP0Hs+nWIPkEUcYNaiXqeBc=, * <br>biz_content=M0qGiGz+8kIpxe8aF4geWJdBn0aBTuJRQItLHo9R7o5JGhpic/MIUjvXo2BLB++BbkSq2OsJCEQFDZ0zK5AJYwvBgeRX30gvEj6eXqXRt16/IkB9HzAccEqKmRHrZJ7PjQWE0KfvDAHsJqFIeMvEYk1Zei2QkwSQPlso7K0oheo/iT+HYE8aTATnkqD/ByD9iNDtGg38pCa2xnnns63abKsKoV8h0DfHWgPH62urGY7Pye3r9FCOXA2Ykm8X4/Bl1bWFN/PFCEJHWe/HXj8KJKjWMO6ttsoV0xRGfeyUO8agu6t587Dl5ux5zD/s8Lbg5QXygaOwo3Fz1G8EqmGhi4+soEIQb8DBYanQOS3X+m46tVqBGMw8Oe+hsyIMpsjwF4HaPKMr37zpW3fe7xOMuimbZ0wq53YP/jhQv6XWodjT3mL0H5ACqcsSn727B5ztquzCPiwrqyjUHjJQQefFTzOse8snaWNQTUsQS7aLsHq0FveGpSBYORyA90qPdiTjXIkVP7mAiYiAIWW9pCEC7F3XtViKTZ8FRMM9ySicfuAlf3jtap6v2KPMtQv70X+hlmzO/IXB6W0Ep8DovkF5rB4r/BJYJLw/6AS0LZM9w5JfnAZhfGM2rKzpfNsgpOgEZS1WleG4I2hoQC0nxg9IcP0Hs+nWIPkEUcYNaiXqeBc=,
* <br>sign=rlqgA8O+RzHBVYLyHmrbODVSANWPXf3pSrr82OCO/bm3upZiXSYrX5fZr6UBmG6BZRAydEyTIguEW6VRuAKjnaO/sOiR9BsSrOdXbD5Rhos/Xt7/mGUWbTOt/F+3W0/XLuDNmuYg1yIC/6hzkg44kgtdSTsQbOC9gWM7ayB4J4c=, * <br>sign=rlqgA8O+RzHBVYLyHmrbODVSANWPXf3pSrr82OCO/bm3upZiXSYrX5fZr6UBmG6BZRAydEyTIguEW6VRuAKjnaO/sOiR9BsSrOdXbD5Rhos/Xt7/mGUWbTOt/F+3W0/XLuDNmuYg1yIC/6hzkg44kgtdSTsQbOC9gWM7ayB4J4c=,
* sign_type=RSA, * sign_type=RSA,
* <br>charset=UTF-8 * <br>charset=UTF-8
* <br>} * <br>}
* </p> * </p>
*
* @param params * @param params
* @param alipayPublicKey 支付宝公钥 * @param alipayPublicKey 支付宝公钥
* @param cusPrivateKey 商户私钥 * @param cusPrivateKey 商户私钥
@@ -384,12 +388,13 @@ public class SignUtil {
* <b>目前适用于公众号</b><br> * <b>目前适用于公众号</b><br>
* params参数示例 * params参数示例
* <br>{ * <br>{
* <br>biz_content=M0qGiGz+8kIpxe8aF4geWJdBn0aBTuJRQItLHo9R7o5JGhpic/MIUjvXo2BLB++BbkSq2OsJCEQFDZ0zK5AJYwvBgeRX30gvEj6eXqXRt16/IkB9HzAccEqKmRHrZJ7PjQWE0KfvDAHsJqFIeMvEYk1Zei2QkwSQPlso7K0oheo/iT+HYE8aTATnkqD/ByD9iNDtGg38pCa2xnnns63abKsKoV8h0DfHWgPH62urGY7Pye3r9FCOXA2Ykm8X4/Bl1bWFN/PFCEJHWe/HXj8KJKjWMO6ttsoV0xRGfeyUO8agu6t587Dl5ux5zD/s8Lbg5QXygaOwo3Fz1G8EqmGhi4+soEIQb8DBYanQOS3X+m46tVqBGMw8Oe+hsyIMpsjwF4HaPKMr37zpW3fe7xOMuimbZ0wq53YP/jhQv6XWodjT3mL0H5ACqcsSn727B5ztquzCPiwrqyjUHjJQQefFTzOse8snaWNQTUsQS7aLsHq0FveGpSBYORyA90qPdiTjXIkVP7mAiYiAIWW9pCEC7F3XtViKTZ8FRMM9ySicfuAlf3jtap6v2KPMtQv70X+hlmzO/IXB6W0Ep8DovkF5rB4r/BJYJLw/6AS0LZM9w5JfnAZhfGM2rKzpfNsgpOgEZS1WleG4I2hoQC0nxg9IcP0Hs+nWIPkEUcYNaiXqeBc=, * <br>biz_content=M0qGiGz+8kIpxe8aF4geWJdBn0aBTuJRQItLHo9R7o5JGhpic/MIUjvXo2BLB++BbkSq2OsJCEQFDZ0zK5AJYwvBgeRX30gvEj6eXqXRt16/IkB9HzAccEqKmRHrZJ7PjQWE0KfvDAHsJqFIeMvEYk1Zei2QkwSQPlso7K0oheo/iT+HYE8aTATnkqD/ByD9iNDtGg38pCa2xnnns63abKsKoV8h0DfHWgPH62urGY7Pye3r9FCOXA2Ykm8X4/Bl1bWFN/PFCEJHWe/HXj8KJKjWMO6ttsoV0xRGfeyUO8agu6t587Dl5ux5zD/s8Lbg5QXygaOwo3Fz1G8EqmGhi4+soEIQb8DBYanQOS3X+m46tVqBGMw8Oe+hsyIMpsjwF4HaPKMr37zpW3fe7xOMuimbZ0wq53YP/jhQv6XWodjT3mL0H5ACqcsSn727B5ztquzCPiwrqyjUHjJQQefFTzOse8snaWNQTUsQS7aLsHq0FveGpSBYORyA90qPdiTjXIkVP7mAiYiAIWW9pCEC7F3XtViKTZ8FRMM9ySicfuAlf3jtap6v2KPMtQv70X+hlmzO/IXB6W0Ep8DovkF5rB4r/BJYJLw/6AS0LZM9w5JfnAZhfGM2rKzpfNsgpOgEZS1WleG4I2hoQC0nxg9IcP0Hs+nWIPkEUcYNaiXqeBc=,
* <br>sign=rlqgA8O+RzHBVYLyHmrbODVSANWPXf3pSrr82OCO/bm3upZiXSYrX5fZr6UBmG6BZRAydEyTIguEW6VRuAKjnaO/sOiR9BsSrOdXbD5Rhos/Xt7/mGUWbTOt/F+3W0/XLuDNmuYg1yIC/6hzkg44kgtdSTsQbOC9gWM7ayB4J4c=, * <br>sign=rlqgA8O+RzHBVYLyHmrbODVSANWPXf3pSrr82OCO/bm3upZiXSYrX5fZr6UBmG6BZRAydEyTIguEW6VRuAKjnaO/sOiR9BsSrOdXbD5Rhos/Xt7/mGUWbTOt/F+3W0/XLuDNmuYg1yIC/6hzkg44kgtdSTsQbOC9gWM7ayB4J4c=,
* sign_type=RSA, * sign_type=RSA,
* <br>charset=UTF-8 * <br>charset=UTF-8
* <br>} * <br>}
* </p> * </p>
*
* @param params * @param params
* @param alipayPublicKey 支付宝公钥 * @param alipayPublicKey 支付宝公钥
* @param cusPrivateKey 商户私钥 * @param cusPrivateKey 商户私钥
@@ -404,7 +409,7 @@ public class SignUtil {
String charset = params.get("charset"); String charset = params.get("charset");
String bizContent = params.get("biz_content"); String bizContent = params.get("biz_content");
if (isCheckSign) { if (isCheckSign) {
if (!rsaCheckV2(params, alipayPublicKey, charset,signType)) { if (!rsaCheckV2(params, alipayPublicKey, charset, signType)) {
throw new SopSignException("rsaCheck failure:rsaParams=" + params); throw new SopSignException("rsaCheck failure:rsaParams=" + params);
} }
} }
@@ -419,6 +424,7 @@ public class SignUtil {
/** /**
* 加密并签名<br> * 加密并签名<br>
* <b>目前适用于公众号</b> * <b>目前适用于公众号</b>
*
* @param bizContent 待加密、签名内容 * @param bizContent 待加密、签名内容
* @param alipayPublicKey 支付宝公钥 * @param alipayPublicKey 支付宝公钥
* @param cusPrivateKey 商户私钥 * @param cusPrivateKey 商户私钥
@@ -429,10 +435,10 @@ public class SignUtil {
* <p> * <p>
* 返回示例: * 返回示例:
* <alipay> * <alipay>
* <response>密文</response> * <response>密文</response>
* <encryption_type>RSA</encryption_type> * <encryption_type>RSA</encryption_type>
* <sign>sign</sign> * <sign>sign</sign>
* <sign_type>RSA</sign_type> * <sign_type>RSA</sign_type>
* </alipay> * </alipay>
* </p> * </p>
* @throws SopSignException * @throws SopSignException
@@ -472,6 +478,7 @@ public class SignUtil {
/** /**
* 加密并签名<br> * 加密并签名<br>
* <b>目前适用于公众号</b> * <b>目前适用于公众号</b>
*
* @param bizContent 待加密、签名内容 * @param bizContent 待加密、签名内容
* @param alipayPublicKey 支付宝公钥 * @param alipayPublicKey 支付宝公钥
* @param cusPrivateKey 商户私钥 * @param cusPrivateKey 商户私钥
@@ -482,17 +489,17 @@ public class SignUtil {
* <p> * <p>
* 返回示例: * 返回示例:
* <alipay> * <alipay>
* <response>密文</response> * <response>密文</response>
* <encryption_type>RSA</encryption_type> * <encryption_type>RSA</encryption_type>
* <sign>sign</sign> * <sign>sign</sign>
* <sign_type>RSA</sign_type> * <sign_type>RSA</sign_type>
* </alipay> * </alipay>
* </p> * </p>
* @throws SopSignException * @throws SopSignException
*/ */
public static String encryptAndSign(String bizContent, String alipayPublicKey, public static String encryptAndSign(String bizContent, String alipayPublicKey,
String cusPrivateKey, String charset, boolean isEncrypt, String cusPrivateKey, String charset, boolean isEncrypt,
boolean isSign,String signType) throws SopSignException { boolean isSign, String signType) throws SopSignException {
StringBuilder sb = new StringBuilder(); StringBuilder sb = new StringBuilder();
if (StringUtils.isEmpty(charset)) { if (StringUtils.isEmpty(charset)) {
charset = CHARSET_GBK; charset = CHARSET_GBK;
@@ -538,12 +545,12 @@ public class SignUtil {
public static String rsaEncrypt(String content, String publicKey, public static String rsaEncrypt(String content, String publicKey,
String charset) throws SopSignException { String charset) throws SopSignException {
try { try {
PublicKey pubKey = getPublicKeyFromX509(SIGN_TYPE_RSA, PublicKey pubKey = getPublicKeyFromX509(RSA,
new ByteArrayInputStream(publicKey.getBytes())); new ByteArrayInputStream(publicKey.getBytes()));
Cipher cipher = Cipher.getInstance(SIGN_TYPE_RSA); Cipher cipher = Cipher.getInstance(RSA);
cipher.init(Cipher.ENCRYPT_MODE, pubKey); cipher.init(Cipher.ENCRYPT_MODE, pubKey);
byte[] data = StringUtils.isEmpty(charset) ? content.getBytes() byte[] data = StringUtils.isEmpty(charset) ? content.getBytes()
: content.getBytes(charset); : content.getBytes(charset);
int inputLen = data.length; int inputLen = data.length;
ByteArrayOutputStream out = new ByteArrayOutputStream(); ByteArrayOutputStream out = new ByteArrayOutputStream();
int offSet = 0; int offSet = 0;
@@ -564,10 +571,10 @@ public class SignUtil {
out.close(); out.close();
return StringUtils.isEmpty(charset) ? new String(encryptedData) return StringUtils.isEmpty(charset) ? new String(encryptedData)
: new String(encryptedData, charset); : new String(encryptedData, charset);
} catch (Exception e) { } catch (Exception e) {
throw new SopSignException("EncryptContent = " + content + ",charset = " + charset, throw new SopSignException("EncryptContent = " + content + ",charset = " + charset,
e); e);
} }
} }
@@ -583,13 +590,13 @@ public class SignUtil {
public static String rsaDecrypt(String content, String privateKey, public static String rsaDecrypt(String content, String privateKey,
String charset) throws SopSignException { String charset) throws SopSignException {
try { try {
PrivateKey priKey = getPrivateKeyFromPKCS8(SIGN_TYPE_RSA, PrivateKey priKey = getPrivateKeyFromPKCS8(RSA,
new ByteArrayInputStream(privateKey.getBytes())); new ByteArrayInputStream(privateKey.getBytes()));
Cipher cipher = Cipher.getInstance(SIGN_TYPE_RSA); Cipher cipher = Cipher.getInstance(RSA);
cipher.init(Cipher.DECRYPT_MODE, priKey); cipher.init(Cipher.DECRYPT_MODE, priKey);
byte[] encryptedData = StringUtils.isEmpty(charset) byte[] encryptedData = StringUtils.isEmpty(charset)
? Base64Util.decodeBase64(content.getBytes()) ? Base64Util.decodeBase64(content.getBytes())
: Base64Util.decodeBase64(content.getBytes(charset)); : Base64Util.decodeBase64(content.getBytes(charset));
int inputLen = encryptedData.length; int inputLen = encryptedData.length;
ByteArrayOutputStream out = new ByteArrayOutputStream(); ByteArrayOutputStream out = new ByteArrayOutputStream();
int offSet = 0; int offSet = 0;
@@ -610,7 +617,7 @@ public class SignUtil {
out.close(); out.close();
return StringUtils.isEmpty(charset) ? new String(decryptedData) return StringUtils.isEmpty(charset) ? new String(decryptedData)
: new String(decryptedData, charset); : new String(decryptedData, charset);
} catch (Exception e) { } catch (Exception e) {
throw new SopSignException("EncodeContent = " + content + ",charset = " + charset, e); throw new SopSignException("EncodeContent = " + content + ",charset = " + charset, e);
} }

1
sop-test/src/test/java/com/gitee/sop/test/AlipayClientPostTest.java
View File

@@ -33,7 +33,6 @@ public class AlipayClientPostTest extends TestBase {
app_auth_token String 否 40 详见应用授权概述 app_auth_token String 否 40 详见应用授权概述
biz_content String 是 请求参数的集合,最大长度不限,除公共参数外所有请求参数都必须放在这个参数中传递,具体参照各产品快速接入文档 biz_content String 是 请求参数的集合,最大长度不限,除公共参数外所有请求参数都必须放在这个参数中传递,具体参照各产品快速接入文档
*/ */
// 这个请求会路由到story服务
@Test @Test
public void testGet() throws Exception { public void testGet() throws Exception {