Security signature

Security signature method (required method)

The generation step

The first step

Let all the data sent or received be the set M, and sort the parameters of the non-empty parameter values in the set M according to the parameter name ASCII code from small to large (dictionary order), using the format of the URL key-value pair (key1=value1&key2) =value2... ) spliced into a string stringSignTemp

Pay special attention to the following important rules::

  • The parameter name ASCII code sorted from small to large (dictionary order)
  • If the value of the parameter is null, it does not participate in the signature.
  • The parameter names are case-sensitive
  • The set M cannot contain the sign parameter. If it is, please remove this parameter and sign it.

The second step

Get the stringSignTemp string by app_secret at the end of stringSignTemp

The third step

Perform MD5 operation on stringSignOrigin, and convert all the obtained strings to lowercase to get the sign value.

For example

If the parameters transmitted are as follows::

  1. app_key: 00000000
  2. channel: 1
  3. platform: 2
  4. money: 1
  5. client_ip:
  6. subject: my_subject

Suppose app_secret is: your_app_secret

The first step

Get stringSignTemp

  1. stringSignTemp = "app_key=00000000&channel=1&client_ip="

The second step

Get stringSignOrigin

  1. stringSignOrigin = stringSignTemp + "&app_secret=your_app_secret"


The third step

Get the signature

  1. signTemp = md5(stringSignOrigin)
  2. sign = signTemp.toLowerCase()

That is:

  1. md5("app_key=00000000&channel=1&client_ip=").toLowerCase()

The resulting signatures are as follows

  1. 1af39b08e44a9016a359aebd42e97b07