public static void SignByCertInfo(Dictionary <string, string> resData, Encoding encoding, ref string errorMessage) { try { //Dictionary<string, string> resData_Sign = resData; string signMethod = resData["signMethod"]; string certPath = Application.StartupPath + "\\Certificate\\" + "TestSign.pfx"; string certPwd = "00000000"; if ("01".Equals(signMethod)) { //resData["certId"] = CertUtil.GetSignCertId(certPath, certPwd); //将Dictionary信息转换成key1=value1&key2=value2的形式 string stringData = SDKUtil.CreateLinkString(resData, true, false, encoding); byte[] signDigest = SecurityUtil.Sha256(stringData, encoding); string stringSignDigest = SDKUtil.ByteArray2HexString(signDigest); byte[] byteSign = SecurityUtil.SignSha256WithRsa(CertUtil.GetSignKeyFromPfx(certPath, certPwd), encoding.GetBytes(stringSignDigest)); string stringSign = Convert.ToBase64String(byteSign); //设置签名域值 resData["signature"] = stringSign; return; } else { return; //log.Error("Error signMethod [" + signMethod + "] in SignByCertInfo. "); } } catch (Exception e) { errorMessage += e.Message; } }
public static string GetPrintResult(string url, Dictionary <string, string> req, Dictionary <string, string> resp) { string result = "=============<br>\n"; result = result + "地址:" + url + "<br>\n"; result = result + "请求:" + System.Web.HttpContext.Current.Server.HtmlEncode(SDKUtil.CreateLinkString(req, false, true, System.Text.Encoding.UTF8)).Replace("\n", "<br>\n") + "<br>\n"; result = result + "应答:" + System.Web.HttpContext.Current.Server.HtmlEncode(SDKUtil.CreateLinkString(resp, false, false, System.Text.Encoding.UTF8)).Replace("\n", "<br>\n") + "<br>\n"; result = result + "=============<br>\n"; return(result); }
static public bool ValidateSign(Dictionary <string, string> recData, Encoding encoding, ref string errorMessage) { Dictionary <string, string> reqData = new Dictionary <string, string>(recData); if (!reqData.ContainsKey("signMethod") || !reqData.ContainsKey("signature") || !reqData.ContainsKey("version")) { errorMessage += "signMethod或signature或version为空,无法验证签名。" + "\r\n"; return(false); } string signMethod = reqData["signMethod"]; string version = reqData["version"]; bool result = false; if ("01".Equals(signMethod)) { if ("5.0.0".Equals(version)) { string signValue = reqData["signature"]; byte[] signByte = Convert.FromBase64String(signValue); reqData.Remove("signature"); string stringData = SDKUtil.CreateLinkString(reqData, true, false, encoding); byte[] signDigest = SecurityUtil.Sha1(stringData, encoding); string stringSignDigest = SDKUtil.ByteArray2HexString(signDigest); AsymmetricKeyParameter key = CertUtil.GetValidateKeyFromPath(reqData["certId"]); if (null == key) { errorMessage = "未找到证书,无法验签,验签失败。"; return(false); } result = SecurityUtil.ValidateSha1WithRsa(key, signByte, encoding.GetBytes(stringSignDigest)); } else { string signValue = reqData["signature"]; byte[] signByte = Convert.FromBase64String(signValue); reqData.Remove("signature"); string stringData = SDKUtil.CreateLinkString(reqData, true, false, encoding); byte[] signDigest = SecurityUtil.Sha256(stringData, encoding); string stringSignDigest = SDKUtil.ByteArray2HexString(signDigest); //string signPubKeyCert = reqData["signPubKeyCert"]; //X509Certificate x509Cert = CertUtil.VerifyAndGetPubKey(signPubKeyCert); string filepath = Application.StartupPath + "\\Certificate\\" + "商户898310173990680证书.pfx"; X509Certificate x509Cert = CertUtil.ReadCertFromFile(filepath, "690085"); if (x509Cert == null) { errorMessage += "获取验签证书失败,无法验签,验签失败。" + "\r\n"; return(false); } result = SecurityUtil.ValidateSha256WithRsa(x509Cert.GetPublicKey(), signByte, encoding.GetBytes(stringSignDigest)); } } else if ("11".Equals(signMethod) || "12".Equals(signMethod)) { errorMessage += "不支持此种算法" + "\r\n"; return(false); } else { errorMessage += "Error signMethod [" + signMethod + "] in Validate. " + "\r\n"; return(false); } if (!result) { errorMessage += "验签失败" + "\r\n"; } return(result); }
protected void Page_Load(object sender, EventArgs e) { log4net.ILog log = log4net.LogManager.GetLogger(this.GetType()); // **************演示后台接收银联返回报文交易结果展示*********************** if (Request.HttpMethod == "POST") { // 使用Dictionary保存参数 Dictionary <string, string> resData = new Dictionary <string, string>(); NameValueCollection coll = Request.Form; string[] requestItem = coll.AllKeys; for (int i = 0; i < requestItem.Length; i++) { resData.Add(requestItem[i], Request.Form[requestItem[i]]); } //商户端根据返回报文内容处理自己的业务逻辑 ,DEMO此处只输出报文结果 StringBuilder builder = new StringBuilder(); log.Info("receive back notify: " + SDKUtil.CreateLinkString(resData, false, true, System.Text.Encoding.UTF8)); builder.Append("<tr><td align=\"center\" colspan=\"2\"><b>商户端接收银联返回报文并按照表格形式输出结果</b></td></tr>"); for (int i = 0; i < requestItem.Length; i++) { builder.Append("<tr><td width=\"30%\" align=\"right\">" + requestItem[i] + "</td><td style='word-break:break-all'>" + Request.Form[requestItem[i]] + "</td></tr>"); } if (AcpService.Validate(resData, System.Text.Encoding.UTF8)) { builder.Append("<tr><td width=\"30%\" align=\"right\">商户端验证银联返回报文结果</td><td>验证签名成功.</td></tr>"); string respcode = resData["respCode"]; //00、A6为成功,其余为失败。其他字段也可按此方式获取。 //如果卡号我们业务配了会返回且配了需要加密的话,请按此方法解密 //if(resData.ContainsKey("accNo")) //{ // string accNo = SecurityUtil.DecryptData(resData["accNo"], System.Text.Encoding.UTF8); //} //customerInfo子域的获取 if (resData.ContainsKey("customerInfo")) { Dictionary <string, string> customerInfo = AcpService.ParseCustomerInfo(resData["customerInfo"], System.Text.Encoding.UTF8); if (customerInfo.ContainsKey("phoneNo")) { string phoneNo = customerInfo["phoneNo"]; //customerInfo其他子域均可参考此方式获取 } foreach (KeyValuePair <string, string> pair in customerInfo) { builder.Append(pair.Key + "=" + pair.Value + "<br>\n"); } } } else { builder.Append("<tr><td width=\"30%\" align=\"right\">商户端验证银联返回报文结果</td><td>验证签名失败.</td></tr>"); } html = builder.ToString(); } }