关于签名

简介

🚧

用于生成API请求输入参数签名的秘钥应由商户安全地管理,不得向他人披露。

生成签名字符串的步骤如下:

  1. 把所有需要验证的参数,放入一个数组中。
  2. 按参数名称按照ASCII升序对数组进行排序。只按照参数名称进行排序,而非参数中的值。
  3. 在生成签名之前,从数组中排除 'sign' 参数本身。

示例

{  
    "appId": "TEST000001",  
    "sign": "TEST000001",  
    "merchantOrderNo": "11126",  
    "userId": "[email protected]",  
    "orderAmount": "1000",  
    "payCurrency": "USD",  
    "paymentTokens": "USDT,ETH",  
    "paymentExchange": "16f021b0-f220-4bbb-aa3b-82d423301957,9226e5c2-ebc3-4fdd-94f6-ed52cdce1420"  
}

准备签名串的拼接,将格式转换为 parameter_name=parameter_value,用 '&' 连接起来,最后附加密钥(secret)。结果如下所示:

appId=TEST000001&merchantOrderNo=11126&orderAmount=1000&payCurrency=USD&paymentExchange=16f021b0-f220-4bbb-aa3b-82d423301957,9226e5c2-ebc3-4fdd-94f6-ed52cdce1420&paymentTokens=USDT,ETH&[email protected]&key=ixdFyEZzZo7m95dr7qWAjKBaEj4qSMMdeSmW0b5nCak

从准备好的签名字符串继续操作,使用SHA-512算法生成最终的签名,并将其改为大写字母。签名的结果如下:

 3962E8FF2ABD24B806D744C6630B95A05855A2AB86944CCF52009D6E2582787EB0F34CFF323843DDA55B148D770390598AF335DDBECC61D702AA1A87EE93D

生成签名的Java代码示例

    import java.util.Map;
    import com.alibaba.fastjson.JSONObject;

    public class SignTest {
        public static void main(String[] args) {
            String jsonData="{\n" +
                    "    \"appId\": \"TEST000001\",\n" +
                    "    \"sign\": \"TEST000001\",\n" +
                    "    \"merchantOrderNo\": \"11126\",\n" +
                    "    \"userId\": \"[email protected]\",\n" +
                    "    \"orderAmount\": \"1000\",\n" +
                    "    \"payCurrency\": \"USD\",\n" +
                    "    \"paymentTokens\": \"USDT,ETH\",\n" +
                    "    \"paymentExchange\": \"16f021b0-f220-4bbb-aa3b-82d423301957,9226e5c2-ebc3-4fdd-94f6-ed52cdce1420\"\n" +
                    "}\n";
            //Sign the data
            TreeMap resultMap=JSONObject.parseObject(jsonData, TreeMap.class);
            String result=SHA512Utils.SHAEncrypt(resultMap,"ixdFyEZzZo7m95dr7qWAjKEj4qSMMdeSmW0b5nCak");
            System.out.println(result);

            //Data is signed, true = verification successful
            resultMap.put("sign","3962E8FF2ABD24B806D744C6630B95A05855A2AB86944CCF52009D6E2582787EB0F34CFF323843DDA55B148D770390598AF335DDBECC61D702AA1A87EE93D1E0");
            System.out.println(SHA512Utils.verifySHA(resultMap,"ixdFyEZzZo7m95dr7qWAjKBaqSMMdeSmW0b5nCak"));
        }
    }