private async Task CheckNotifySignAsync(WeChatPayHeaders headers, string body, WeChatPayOptions options) { if (string.IsNullOrEmpty(headers.Serial)) { throw new WeChatPayException($"sign check fail: {nameof(headers.Serial)} is empty!"); } if (string.IsNullOrEmpty(headers.Signature)) { throw new WeChatPayException($"sign check fail: {nameof(headers.Signature)} is empty!"); } if (string.IsNullOrEmpty(body)) { throw new WeChatPayException("sign check fail: body is empty!"); } var cert = await _platformCertificateManager.LoadCertificateAsync(_client, options, headers.Serial); var signSourceData = WeChatPayUtility.BuildSignatureSourceData(headers.Timestamp, headers.Nonce, body); var signCheck = SHA256WithRSA.Verify(cert.Certificate.GetRSAPublicKey(), signSourceData, headers.Signature); if (!signCheck) { throw new WeChatPayException("sign check fail: check Sign and Data Fail!"); } }
public static bool RSACheckContent(string data, string sign, string publicKey, string signType) { var key = RSAUtilities.GetRSAParametersFormPublicKey(publicKey); switch (signType) { case "RSA2": return(SHA256WithRSA.Verify(data, sign, key)); default: return(SHA1WithRSA.Verify(data, sign, key)); } }
public static bool RSACheckContent(string data, string sign, string publicKey, string signType) { switch (signType) { case "RSA1": return(SHA1WithRSA.Verify(data, sign, publicKey)); case "RSA2": return(SHA256WithRSA.Verify(data, sign, publicKey)); default: return(SHA1WithRSA.Verify(data, sign, publicKey)); } }
private async Task CheckV3ResponseSignAsync(WeChatPayHeaders headers, string body, WeChatPayOptions options) { if (string.IsNullOrEmpty(headers.Serial)) { throw new WeChatPayException($"sign check fail: {nameof(headers.Serial)} is empty!"); } if (string.IsNullOrEmpty(headers.Signature)) { throw new WeChatPayException($"sign check fail: {nameof(headers.Signature)} is empty!"); } var cert = await LoadPlatformCertificateAsync(headers.Serial, options); var signatureSourceData = BuildSignatureSourceData(headers.Timestamp, headers.Nonce, body); if (!SHA256WithRSA.Verify(cert.GetRSAPublicKey(), signatureSourceData, headers.Signature)) { throw new WeChatPayException("sign check fail: check Sign and Data Fail!"); } }