Example #1
0
        public static bool ValidateAppResponse(string jsonData, Encoding encoding)
        {
            Log.Info("控件返回报文验签:[" + jsonData + "]");
            //获取签名
            Dictionary <string, object> data = SDKUtil.JsonToDictionary(jsonData);

            string stringData = (string)data["data"];
            string signValue  = (string)data["sign"];
            Dictionary <string, string> dataMap = SDKUtil.ParseQString(stringData, encoding);

            byte[] signByte         = Convert.FromBase64String(signValue);
            byte[] signDigest       = SecurityUtil.Sha1(stringData, encoding);
            string stringSignDigest = BitConverter.ToString(signDigest).Replace("-", "").ToLower();

            Log.Debug("sha1结果:[" + stringSignDigest + "]");
            AsymmetricKeyParameter key = CertUtil.GetValidateKeyFromPath(dataMap["cert_id"]);

            if (null == key)
            {
                Log.Error("未找到证书,无法验签,验签失败。");
                return(false);
            }
            bool result = SecurityUtil.ValidateSha1WithRsa(key, signByte, encoding.GetBytes(stringSignDigest));

            if (result)
            {
                Log.Info("验签成功");
            }
            else
            {
                Log.Info("验签失败");
            }
            return(result);
        }
Example #2
0
        /// <summary>
        /// 验证签名
        /// </summary>
        /// <param name="rspData"></param>
        /// <param name="encoder"></param>
        /// <returns></returns>
        public static bool Validate(Dictionary <string, string> rspData, Encoding encoding)
        {
            if (!rspData.ContainsKey("signMethod") || !rspData.ContainsKey("signature") || !rspData.ContainsKey("version"))
            {
                Log.Error("signMethod或signature或version为空,无法验证签名。");
                return(false);
            }
            string signMethod = rspData["signMethod"];
            string version    = rspData["version"];
            bool   result     = false;

            if ("01".Equals(signMethod))
            {
                Log.Info("验签处理开始");
                if ("5.0.0".Equals(version))
                {
                    string signValue = rspData["signature"];
                    Log.Info("签名原文:[" + signValue + "]");
                    byte[] signByte = Convert.FromBase64String(signValue);
                    rspData.Remove("signature");
                    string stringData = SDKUtil.CreateLinkString(rspData, true, false, encoding);
                    Log.Info("排序串:[" + stringData + "]");
                    byte[] signDigest       = SecurityUtil.Sha1(stringData, encoding);
                    string stringSignDigest = SDKUtil.ByteArray2HexString(signDigest);
                    Log.Debug("sha1结果:[" + stringSignDigest + "]");
                    AsymmetricKeyParameter key = CertUtil.GetValidateKeyFromPath(rspData["certId"]);
                    if (null == key)
                    {
                        Log.Error("未找到证书,无法验签,验签失败。");
                        return(false);
                    }
                    result = SecurityUtil.ValidateSha1WithRsa(key, signByte, encoding.GetBytes(stringSignDigest));
                }
                else
                {
                    string signValue = rspData["signature"];
                    Log.Info("签名原文:[" + signValue + "]");
                    byte[] signByte = Convert.FromBase64String(signValue);
                    rspData.Remove("signature");
                    string stringData = SDKUtil.CreateLinkString(rspData, true, false, encoding);
                    Log.Info("排序串:[" + stringData + "]");
                    byte[] signDigest       = SecurityUtil.Sha256(stringData, encoding);
                    string stringSignDigest = SDKUtil.ByteArray2HexString(signDigest);
                    Log.Debug("sha256结果:[" + stringSignDigest + "]");

                    string          signPubKeyCert = rspData["signPubKeyCert"];
                    X509Certificate x509Cert       = CertUtil.VerifyAndGetPubKey(signPubKeyCert);
                    if (x509Cert == null)
                    {
                        Log.Error("获取验签证书失败,无法验签,验签失败。");
                        return(false);
                    }
                    result = SecurityUtil.ValidateSha256WithRsa(x509Cert.GetPublicKey(), signByte, encoding.GetBytes(stringSignDigest));
                }
            }
            else if ("11".Equals(signMethod) || "12".Equals(signMethod))
            {
                return(ValidateBySecureKey(rspData, SdkConfig.SecureKey, encoding));
            }
            else
            {
                Log.Error("Error signMethod [" + signMethod + "] in Validate. ");
                return(false);
            }
            if (result)
            {
                Log.Info("验签成功");
            }
            else
            {
                Log.Info("验签失败");
            }
            return(result);
        }