diff --git a/src/main/java/com/yxt/ss/gateway/api/utils/SignatureUtil.java b/src/main/java/com/yxt/ss/gateway/api/utils/SignatureUtil.java index 9c33289..dafe914 100644 --- a/src/main/java/com/yxt/ss/gateway/api/utils/SignatureUtil.java +++ b/src/main/java/com/yxt/ss/gateway/api/utils/SignatureUtil.java @@ -11,21 +11,56 @@ import java.util.Map; import java.util.TreeMap; /** - * @description: 生成签名 + * @description: 签名工具 * @author: dimengzhe * @date: 2024/11/28 **/ public class SignatureUtil { + /** + * 验证签名是否正确 + * + * @param parameters 请求参数 + * @param secret 私钥,生成签名时使用,不允许在请求参数中出现 + * @return 是否验证通过 + */ + public static ResultBean validateSignature(Map parameters, String secret) { + ResultBean rb = ResultBean.fireFail(); + boolean valid = false; + //原签名 + String _sign = parameters.get("_sign"); + //3、检验签名,成功则继续调用接口,失败返回失败信息。 + parameters.remove("_sign"); + try { + // 3.1. 重新生成签名 + String calculatedSignature = SignatureUtil.generateSignature(parameters, secret); + + // 3.2. 使用固定时间比较方式验证签名 + valid = MessageDigest.isEqual( + calculatedSignature.getBytes("UTF-8"), + _sign.getBytes("UTF-8") + ); + if (!valid) { + return rb.setMsg("签名不正确"); + } + } catch (UnsupportedEncodingException e) { + return rb.setMsg("Encoding error: " + e.getMessage()); + } catch (NoSuchAlgorithmException e) { + return rb.setMsg("Algorithm error: " + e.getMessage()); + } catch (Exception e) { + return rb.setMsg("Unexpected error: " + e.getMessage()); + } + return rb.success().setData(valid); + } /** - * 生成请求签名 + * 生成签名 * * @param parameters 请求参数 - * @param secret 密钥 - * @return 签名 + * @param secret 私钥 + * @return 签名字符串 */ - public static String generateSignature(Map parameters, String secret) throws UnsupportedEncodingException, NoSuchAlgorithmException { + private static String generateSignature(Map parameters, String secret) throws UnsupportedEncodingException, NoSuchAlgorithmException { //1.对参数进行排序 Map treeMap = new TreeMap<>(parameters); // 2. 拼接参数字符串 @@ -44,7 +79,7 @@ public class SignatureUtil { * @param tree 排序后的参数 * @return 拼接后的参数字符串 */ - public static String joinParameters(Map tree) throws UnsupportedEncodingException { + private static String joinParameters(Map tree) throws UnsupportedEncodingException { StringBuilder builder = new StringBuilder(); for (Map.Entry entry : tree.entrySet()) { if (builder.length() > 0) { @@ -57,12 +92,12 @@ public class SignatureUtil { } /** - * 计算 MD5 + * MD5加密 * * @param content 要计算 MD5 的字符串 * @return MD5 值 */ - public static String md5(String content) throws NoSuchAlgorithmException { + private static String md5(String content) throws NoSuchAlgorithmException { MessageDigest md = MessageDigest.getInstance("MD5"); byte[] bytes = md.digest(content.getBytes()); StringBuilder sb = new StringBuilder(); @@ -72,40 +107,5 @@ public class SignatureUtil { return sb.toString(); } - /** - * 验证签名是否正确 - * - * @param parameters 请求参数 - * @param secret 密钥 - * @return 是否验证通过 - */ - public static ResultBean validateSignature(Map parameters, String secret) { - ResultBean rb = ResultBean.fireFail(); - boolean valid = false; - //原签名 - String _sign = parameters.get("_sign"); - //3、检验签名,成功则继续调用接口,失败返回失败信息。 - parameters.remove("_sign"); - try { - // 3.1. 重新生成签名 - String calculatedSignature = SignatureUtil.generateSignature(parameters, secret); - - // 3.2. 使用固定时间比较方式验证签名 - valid = MessageDigest.isEqual( - calculatedSignature.getBytes("UTF-8"), - _sign.getBytes("UTF-8") - ); - if (!valid) { - return rb.setMsg("签名不正确"); - } - } catch (UnsupportedEncodingException e) { - return rb.setMsg("Encoding error: " + e.getMessage()); - } catch (NoSuchAlgorithmException e) { - return rb.setMsg("Algorithm error: " + e.getMessage()); - } catch (Exception e) { - return rb.setMsg("Unexpected error: " + e.getMessage()); - } - return rb.success().setData(valid); - } }