import java.security.MessageDigest;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
import java.util.Set;
public class SignatureUtil {
private static final String CHARSET = "UTF-8";
private static final String SIGN_TYPE = "MD5";
/**
* 判断签名是否正确,必须包含sign字段,否则返回false。
*
* @param data Map类型数据
* @param key 加密密钥
* @param signField 传签的字段
* @return 签名是否正确
* @throws Exception
*/
public static boolean check(Map<String, String> data, String key, String signField){
if (!data.containsKey(signField)) {
return false;
}
String sign = data.get(signField);
return sign(data, key, signField).equalsIgnoreCase(sign);
}
/**
* 生成签名. 注意,若含有sign_type字段,必须和signType参数保持一致。
*
* @param data 待签名数据
* @param key 加密密钥
* @param signField 传签的字段
* @return 签名
*/
public static String sign(final Map<String, String> data, String key, String signField) {
Set<String> keySet = data.keySet();
String[] keyArray = keySet.toArray(new String[keySet.size()]);
Arrays.sort(keyArray);
StringBuilder sb = new StringBuilder();
for (String k : keyArray) {
if (k.equals(signField)) {
continue;
}
// 参数值为空,则不参与签名
if (data.get(k).trim().length() > 0) {
sb.append(k).append("=").append(data.get(k).trim()).append("&");
}
}
sb.append("key=").append(key);
System.out.println("验签封装的串为:"+sb);
String result=MD5(sb.toString()).toUpperCase();
System.out.println("生成的签名为:"+result);
return result;
}
/**
* 生成 MD5
*
* @param data 待处理数据
* @return MD5结果
*/
private static String MD5(String data) {
try {
MessageDigest md = MessageDigest.getInstance(SIGN_TYPE);
byte[] array = md.digest(data.getBytes(CHARSET));
StringBuilder sb = new StringBuilder();
for (byte item : array) {
sb.append(Integer.toHexString((item & 0xFF) | 0x100).substring(1, 3));
}
return sb.toString().toUpperCase();
}
catch (Exception e){
throw new RuntimeException(e);
}
}
public static void main(String[] args) {
Map<String,String> rmap = new HashMap<>();
rmap.put("aaa","我是谁");
rmap.put("bbb","我在哪");
rmap.put("ccc","woyaoqu gan ma");
String sign = SignatureUtil.sign(rmap, "123", "sign");
rmap.put("sign",sign);
boolean check = SignatureUtil.check(rmap, "123", "sign");
System.out.println(check);
}
}
参考博客:java签名工具类