/**

*支付宝支付

* @param orderId 订单编号

* @param actualPay 实际支付金额

* @return

*/

private String getOrderInfoByAliPay(String orderId,float actualPay) {

//回调页面

String ali_call_back_url = propertiesService.ALI_CALL_BACK_URL;

String seller_id = propertiesService.SELLER_ID;//商户编号

String[] parameters={

"service=\"mobile.securitypay.pay\"",//固定值（手机快捷支付）

"partner=\"2088421544444\"",//合作身份者ID（16位）

"_input_charset=\"utf-8\"",

"notify_url=\""+ali_call_back_url+"\"",//通知地址

"out_trade_no=\""+orderId+"\"",//商户内部订单号

"subject=\"测试\"",//测试

"payment_type=\"1\"",//固定值

"seller_id=\""+seller_id+"\"",//账户邮箱

"total_fee=\""+"0.01"+"\"",//支付金额（元）

"body=\"订单说明\"",//订单说明

"it_b_pay=\"30m\""（订单过期时间 30分钟过期无效）

};

String signOrderUrl = signAllString(parameters);

return signOrderUrl;

}

/**

* 支付宝签名

* @param array

* @return

*/

private String signAllString(String [] array){

StringBuffer sb = new StringBuffer("");

for (int i = 0; i < array.length; i++) {

if(i==(array.length-1)){

sb.append(array[i]);

}else{

sb.append(array[i]+"&");

}

}

System.out.println(sb.toString());

String sign = "";

try {

sign = URLEncoder.encode(RSA.sign(sb.toString(), AlipayConfig.private_key, "utf-8"), "utf-8");//private_key私钥

} catch (UnsupportedEncodingException e) {

e.printStackTrace();

}

sb.append("&sign=\""+sign+"\"&");

sb.append("sign_type=\"RSA\"");

return sb.toString();

}

package com.alipay.sign;

import javax.crypto.Cipher;

import java.io.ByteArrayInputStream;

import java.io.ByteArrayOutputStream;

import java.io.InputStream;

import java.security.KeyFactory;

import java.security.PrivateKey;

import java.security.PublicKey;

import java.security.spec.PKCS8EncodedKeySpec;

import java.security.spec.X509EncodedKeySpec;

public class RSA{

public static final String  SIGN_ALGORITHMS = "SHA1WithRSA";

/**

* RSA签名

* @param content 待签名数据

* @param privateKey 商户私钥

* @param input_charset 编码格式

* @return 签名值

*/

public static String sign(String content, String privateKey, String input_charset)

{

try

{

byte[] decode = Base64.decode(privateKey);

PKCS8EncodedKeySpec priPKCS8  = new PKCS8EncodedKeySpec(decode );

KeyFactory keyf= KeyFactory.getInstance("RSA");

PrivateKey priKey= keyf.generatePrivate(priPKCS8);

java.security.Signature signature = java.security.Signature.getInstance(SIGN_ALGORITHMS);

signature.initSign(priKey);

signature.update( content.getBytes(input_charset) );

byte[] signed = signature.sign();

return Base64.encode(signed);

}

catch (Exception e)

{

e.printStackTrace();

}

return null;

}

/**

* RSA验签名检查

* @param content 待签名数据

* @param sign 签名值

* @param ali_public_key 支付宝公钥

* @param input_charset 编码格式

* @return 布尔值

*/

public static boolean verify(String content, String sign, String ali_public_key, String input_charset)

{

try

{

KeyFactory keyFactory = KeyFactory.getInstance("RSA");

byte[] encodedKey = Base64.decode(ali_public_key);

PublicKey pubKey = keyFactory.generatePublic(new X509EncodedKeySpec(encodedKey));

java.security.Signature signature = java.security.Signature

.getInstance(SIGN_ALGORITHMS);

signature.initVerify(pubKey);

signature.update( content.getBytes(input_charset) );

boolean bverify = signature.verify( Base64.decode(sign) );

return bverify;

}

catch (Exception e)

{

e.printStackTrace();

}

return false;

}

/**

* 解密

* @param content 密文

* @param private_key 商户私钥

* @param input_charset 编码格式

* @return 解密后的字符串

*/

public static String decrypt(String content, String private_key, String input_charset) throws Exception {

PrivateKey prikey = getPrivateKey(private_key);

Cipher cipher = Cipher.getInstance("RSA");

cipher.init(Cipher.DECRYPT_MODE, prikey);

InputStream ins = new ByteArrayInputStream(Base64.decode(content));

ByteArrayOutputStream writer = new ByteArrayOutputStream();

//rsa解密的字节大小最多是128，将需要解密的内容，按128位拆开解密

byte[] buf = new byte[128];

int bufl;

while ((bufl = ins.read(buf)) != -1) {

byte[] block = null;

if (buf.length == bufl) {

block = buf;

} else {

block = new byte[bufl];

for (int i = 0; i < bufl; i++) {

block[i] = buf[i];

}

}

writer.write(cipher.doFinal(block));

}

return new String(writer.toByteArray(), input_charset);

}

/**

* 得到私钥

* @param key 密钥字符串（经过base64编码）

* @throws Exception

*/

public static PrivateKey getPrivateKey(String key) throws Exception {

byte[] keyBytes;

keyBytes = Base64.decode(key);

PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(keyBytes);

KeyFactory keyFactory = KeyFactory.getInstance("RSA");

PrivateKey privateKey = keyFactory.generatePrivate(keySpec);

return privateKey;

}

}

支付宝参数里面为什么要进行转义？主要是因为返回给移动的参数结果是springmvc进行返回的给移动端时，会认为"为结束，所以需要\"进行转义！

链接：http://www.cnblogs.com/xu-xiang/p/5797643.html