通知签名说明
通知签名
签名字段
- 时间戳(timstamp): 从异步通知请求头(header)中获取
- 请求方式(requestMethod): 固定值 POST
- 请求路径(requestPath): 商户下单时上传的 callbackUrl ,只需要路径,去掉域名
- 请求参数(requestBody): 请求参数
(1)请求参数排序:依据参数名使⽤字典顺序排序,去掉空值,去掉 signature、newSignature
(2)生成待签名字符串,固定顺序:timstamp+requestMethod+requestPath+requestBody
生成签名
public class SignCheck {
public static String signCheck(String content, String secretkey) throws NoSuchAlgorithmException, InvalidKeyException {
Base64.Encoder base = Base64.getEncoder();
String signVal = base.encodeToString(sha256(content.getBytes(StandardCharsets.UTF_8), secretkey.getBytes(StandardCharsets.UTF_8)));
return signVal;
}
public static byte[] sha256(byte[] message, byte[] secret) throws NoSuchAlgorithmException, InvalidKeyException {
Mac sha256_HMAC = Mac.getInstance("HmacSha256");
SecretKeySpec secretKey = new SecretKeySpec(secret, "HmacSha256");
sha256_HMAC.init(secretKey);
return sha256_HMAC.doFinal(message);
}
public static void main(String[] args) throws Exception {
String content = "1700549311596POST/onRamp/callback{"amount":"112.00000000","orderNo":"10000000000000006","address":"0xdc8123456780b8c55be419675c2eec5","crypto":"USDC","network":"MATIC","payType":"CREDIT_CARD","cryptoQuantity":"123","appId":"jcudotl1hwyvxhdp","fiat":"EUR","email":"[email protected]","signature":"ffaa29ee7f75cb52598fe460295caafa3ebcb549","status":"PAY_SUCCESS"}";
String secretkey = "XXXXX";
String sign = signCheck(content, secretkey);
System.out.println(sign);
}
}
Updated 14 days ago