方案类API
1.文档说明
1.1版本说明
1.2协议规则
1.3安全规范
2.方案API
2.1协同收银
2.2分账服务
3.2以旧换新一键接入API
3.附录
3.1接口返回码retcode说明
3.2交易返回码trxstatus说明
通联核心产品文档中心
-
+
首页
1.3安全规范
## 一.RSA(SHA1WithRSA)签名逻辑 A.签名字符串为除了sign之外的其他非空字段组成键值对 B.所有参与签名的字段,按字段名的ASCII码从小到大排序后,使用URL的键值对的格式(即key1=value1&key2=value2)拼接成字符串string 如appid=00000051 cusid=990581007426001 randomstr=82712208 signtype=RSA trxid=112094120001088317 version=11 排序后的字符串: string=”appid=00000051&cusid=990581007426001&randomstr=82712208&signtype=RSA&trxid=112094120001088317&version=11”; C.用商户的RSA私钥进行签名 sign=SybUtil.rsaSign(string,cusRsaPrivateKey,”utf-8”); 如测试私钥 cusRsaPrivateKey=”MIICdQIBADANBgkqhkiG9w0BAQEFAASCAl8wggJbAgEAAoGBAJgHMGYsspghvP+yCbjLG43CkZuQ3YJyDcmEKxvmgblITfmiTPx2b9Y2iwDT9gnLGExTDm1BL2A8VzMobjaHfiCmTbDctu680MLmpDDkVXmJOqdlXh0tcLjhN4+iDA2KkRqiHxsDpiaKT6MMBuecXQbJtPlVc1XjVhoUlzUgPCrvAgMBAAECgYAV9saYTGbfsdLOF5kYo0dve1JxaO7dFMCcgkV+z2ujKtNmeHtU54DlhZXJiytQY5Dhc10cjb6xfFDrftuFcfKCaLiy6h5ETR8jyv5He6KH/+X6qkcGTkJBYG1XvyyFO3PxoszQAs0mrLCqq0UItlCDn0G72MR9/NuvdYabGHSzEQJBAMXB1/DUvBTHHH4LiKDiaREruBb3QtP72JQS1ATVXA2v6xJzGPMWMBGQDvRfPvuCPVmbHENX+lRxMLp39OvIn6kCQQDEzYpPcuHW/7h3TYHYc+T0O6z1VKQT2Mxv92Lj35g1XqV4Oi9xrTj2DtMeV1lMx6n/3icobkCQtuvTI+AcqfTXAkB6bCz9NwUUK8sUsJktV9xJN/JnrTxetOr3h8xfDaJGCuCQdFY+rj6lsLPBTnFUC+Vk4mQVwJIE0mmjFf22NWW5AkAmsVaRGkAmui41Xoq52MdZ8WWm8lY0BLrlBJlvveU6EPqtcZskWW9KiU2euIO5IcRdpvrB6zNMgHpLD9GfMRcPAkBUWOV/dH13v8V2Y/Fzuag/y5k3/oXi/WQnIxdYbltad2xjmofJ7DbB7MJqiZZD8jlr8PCZPwRNzc5ntDStc959”, 则上面字符串加密后的 sign=”ce6EAOj4rhoBMJM5MJCNG4qQ/CVMTWkoRuSGpSzRAnD3U3V5QyHkQUEej2eZXRaa+qSbw2/IJJSPV0sPuAia1+ccb7OnvxyZqkV9wQyimX6qAMz0K+UWFhQ5McCcQ/XsFhhezoVd5QgL7PtdvuK1AtjuzA3J9yzNmwuPssPnKnc=”; D.请求接口成功后通联系统返回JSON字符串数据,把除sign之外的其他所有非空字段组成键值对,进行同样的排序和组装处理,并用通联的公钥进行验签 通联RSA测试公钥: MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDYXfu4b7xgDSmEGQpQ8Sn3RzFgl5CE4gL4TbYrND4FtCYOrvbgLijkdFgIrVVWi2hUW4K0PwBsmlYhXcbR+JSmqv9zviVXZiym0lK3glJGVCN86r9EPvNTusZZPm40TOEKMVENSYaUjCxZ7JzeZDfQ4WCeQQr2xirqn6LdJjpZ5wIDAQAB 通联RSA生产公钥: MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCm9OV6zH5DYH/ZnAVYHscEELdCNfNTHGuBv1nYYEY9FrOzE0/4kLl9f7Y9dkWHlc2ocDwbrFSm0Vqz0q2rJPxXUYBCQl5yW3jzuKSXif7q1yOwkFVtJXvuhf5WRy+1X5FOFoMvS7538No0RpnLzmNi3ktmiqmhpcY/1pmt20FHQQIDAQAB 通联RSA2测试公钥: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtL+QFEiZGkCtI9GSoGNNpCY1zIRSZyS3CA7UCULFYC27/tJZcsfVxapiC7QSFkSMCvJ+GCd0DpmamIHINkOYV+xUYGAM9Jz85X9tSgeihFiP0IrkU1sBiJNxsRj1giCSbTbw5IgBlAwNbnElu4tgDwnFpSRv2VcdzU9BvObXkFGO7eZKS7FFqV/q6NYoLKZ1MZE/EitFLh0EjooUo189u4veb5SXp0OIz13pqEhklpXrZdT7h6CI9NIiHFWurjQ2Z1tAIypPtyCtZATlseBTu+bqPNrjAQieMTOi83O9JkHv4POHyrwo2yQnxu3NKXXyJVFNDuHmygsTzDmfZCJfvwIDAQAB 通联RSA2生产公钥: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Ll8kJJqjwzz9IoSZ2QBup3WqoV5uuJ0A4cB3Led9AiB2SBFT6hwVowPQ8g+l+8OqBzgcAi8SARr6IdkBb5GTx96zSIiCNHEr/Xc63oBqAVgOs6+0WuwccTApRhUg6nvn++au9EFT6MODO50GRdpudHcpO3YomriKLWojhSOCjKawPF81eW6s1eyL0KtnKrgLZx32G0cAJDv3NOkVazgh3eSJrwdE2bH5j74Fu38Q7mlF/nhckqklCnTbyd6ia8i+40yocMe1+IYHeBz5t8RRXeon9f+gXXshpjbiqsPAp0XQ6MJdLpLZu89NBWLJyOrPXe1UYQ82rgxDVDHrboUQwIDAQAB ## 二.SM2国密签名逻辑 A.签名字符串为除了sign之外的其他非空字段组成键值对 B.所有参与签名的字段,按字段名的ASCII码从小到大排序后,使用URL的键值对的格式(即key1=value1&key2=value2)拼接成字符串string 如appid=00000051 cusid=990581007426001 randomstr=75016315 signtype=SM2 trxid=112094120001088317 version=11 排序后的字符串: string=”appid=00000051&cusid=990581007426001&randomstr=75016315&signtype=SM2&trxid=112094120001088317&version=11”; C.用商户的SM2私钥进行签名 先获取私钥明文PrivateKey privkey = SmUtil.privKeySM2FromBase64Str(SM2PPRIVATEKEY); sign=SmUtil.signSM3SM2RetBase64(privkey,appid, string.getBytes("UTF-8"));//签名; 如测试私钥 SM2PPRIVATEKEY=”MIGTAgEAMBMGByqGSM49AgEGCCqBHM9VAYItBHkwdwIBAQQgNqz1EieIP8QVzV7vEmx5e8f7XN7/MIzoeXgEinxcG0agCgYIKoEcz1UBgi2hRANCAAQNfkEgaCQ4cdZ4aD2LWMcnkk5LALQfL05oY8x8XQDIyUM44N15YcTwtFNvHYgyeNRa93vlEUutp935n6rp4yuf”, 则上面字符串加密后的 sign=”m4ki0xZ+19LtqjuyG8Qb0ytD3Q8B166mboCeg+6Ar1Z4XmQB14LrcfddkM121EbroDDnJ17bbJAH/S+8jus9iQ==”; D.请求接口成功后通联系统返回JSON字符串数据,把除sign之外的其他所有非空字段组成键值对,进行同样的排序和组装处理,并用通联的公钥进行验签 通联测试公钥: MFkwEwYHKoZIzj0CAQYIKoEcz1UBgi0DQgAE/BnA8BawehBtH0ksPyayo4pmzL/u1FQ2sZcqwOp6bjVqQX4tjo930QAvHZPJ2eez8sCz/RYghcqv4LvMq+kloQ== 通联生产公钥: MFkwEwYHKoZIzj0CAQYIKoEcz1UBgi0DQgAEBQicgWm0KAMqhO3bdqMUEDrKQvYg8cCXHhdGwq7CGE6oJDzJ1P/94HpuVdBf1KidmPxr7HOH+0DAnpeCcx9TcQ== 附:详细签名及验签可参考对应java开发demo的SybUtil.unionSign及SybUtil.validSign统一签名及统一验签工具方法。
yinjr
2024年11月3日 21:22
转发文档
收藏文档
上一篇
下一篇
手机扫码
复制链接
手机扫一扫转发分享
复制链接
Markdown文件
Word文件
PDF文档
PDF文档(打印)
分享
链接
类型
密码
更新密码
有效期