私钥签名,公钥验证签名.
业务平台(信息传送端):私钥 用于对传送数据进行签名(sign)
支付平台(信息接收端):公钥 用于验证签名
业务平台:
// 参数生成
String jsonString = "需传递的数据,请求数据";
String paySign = RSA.sign(jsonString, "私钥" ,"utf-8");
paySign = URLEncoder.encode(paySign,"utf-8");
respStr =URLUtil.doGet(PropertiesUtil.getUrl() + "/testApply/apply?"+URLEncoder.encode(jsonString,"utf-8")+"&sign="+paySign+"&signType=" + "RSA" +"&inputCharset=" + "utf-8");
支付平台:
//进行签名验证(paySign不需要decode,verify方法里面有做)
if(!RSA.verify(jsonString, paySign ,"公钥", "utf-8")){
logger.info("签名验证不通过");
model.setCode(-1);
model.setDesc("签名验证不通过");
return model;
}
get请求方法如下:
import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.HttpException;
import org.apache.commons.httpclient.NameValuePair;
import org.apache.commons.httpclient.methods.PostMethod;
import org.apache.commons.httpclient.protocol.Protocol;
import org.apache.commons.lang.StringUtils;
import org.apache.http.HttpResponse;
import org.apache.http.HttpStatus;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.util.EntityUtils;
/**
* 发送http请求,以get方式
*
* @param url 请求url
* @return
* @throws IOException
* @throws HttpException
*/
public static String doGet(String url) throws IOException, HttpException {
try {
HttpGet httpGet = new HttpGet(url);
DefaultHttpClient httpClient = new DefaultHttpClient();
HttpResponse res = httpClient.execute(httpGet);
if (res.getStatusLine().getStatusCode() == HttpStatus.SC_OK) {
return EntityUtils.toString(res.getEntity());
}
} catch (Exception e) {
}
return "";
}
此文算法签名和验证签名工具类:点击打开链接下载
有问题请指正,共同探讨,感谢........