/// <summary> /// 检查签名 /// </summary> /// <param name="xml"></param> /// <param name="key"></param> /// <returns></returns> public static bool CheckSign(string xml, string key) { XElement root = XElement.Parse(xml); var eles = root.Elements(); string sign = null; AsciiSortedDictionary <string> keyValues = new AsciiSortedDictionary <string>(); foreach (var item in eles) { if (!"sign".Equals(item.Name.LocalName, StringComparison.OrdinalIgnoreCase) && !string.IsNullOrEmpty(item.Value)) { keyValues.Add(item.Name.LocalName, item.Value); } else if ("sign".Equals(item.Name.LocalName, StringComparison.OrdinalIgnoreCase)) { sign = item.Value; } } StringBuilder builder = new StringBuilder(); keyValues.Aggregate(builder, (b, kv) => b.Append(kv.Key).Append("=").Append(kv.Value).Append("&")); builder.Append("key=").Append(key); Debug.WriteLine(builder.ToString()); string mSign = MD5.Encode(builder.ToString()); return(mSign.Equals(sign, StringComparison.OrdinalIgnoreCase)); }
public IGatawayResult Wrap(string bizResult, string code, string message) { code = string.IsNullOrEmpty(code) ? "0000" : code; if (string.IsNullOrEmpty(message) && code != "0000") { message = "系统错误"; } else if (string.IsNullOrEmpty(message) && code == "0000") { message = null; } Dictionary <string, object> data = new Dictionary <string, object>(); data.Add("retCode", string.IsNullOrEmpty(code) ? (string.IsNullOrEmpty(bizResult) ? "0001" : "0000") : code); data.Add("retMsg", message); data.Add("timestamp", (long)(new TimeStamp().Seconds)); data.Add("data", bizResult); string cipher = null, sign = null; if (!string.IsNullOrEmpty(bizResult)) { cipher = Merchant.Encrypt(bizResult); StringBuilder builder = new StringBuilder(); AsciiSortedDictionary <object> signDictionary = new AsciiSortedDictionary <object>(); data.Aggregate(signDictionary, (d, kv) => { if (kv.Value != null && !string.IsNullOrEmpty(kv.Value.ToString())) { d.Add(kv.Key, kv.Value); } return(d); }); signDictionary.Aggregate(builder, (b, kv) => b.Append(kv.Key).Append("=").Append(kv.Value).Append("&")); sign = Merchant.SignData(builder.Remove(builder.Length - 1, 1).ToString()); } data["data"] = cipher; data.Add("sign", sign); string json = JsonSerializer.JsonSerialize(data); return(new GatewayResult(json, "application/json")); }
public FuncResult VerifySignature() { IMerchant merchant = GetMerchant(); if (merchant == null) { return(FuncResult.FailResult("无效商户号", 400)); } AsciiSortedDictionary <object> dic = JsonSerializer.Deserializer <AsciiSortedDictionary <object> >(GetRequestOriginalString()); dic.Remove(item => item.Key.Equals("sign", StringComparison.OrdinalIgnoreCase) || item.Value == null || string.IsNullOrEmpty(item.Value.ToString())); StringBuilder builder = new StringBuilder(); dic.Aggregate(builder, (b, kv) => b.Append(kv.Key).Append("=").Append(kv.Value).Append("&")); builder.Remove(builder.Length - 1, 1); bool res = merchant.VerifySignature(builder.ToString(), GetRequestSignature()); return(new FuncResult { Success = res, Message = "签名验证不正确", StatusCode = 2 }); }