Exemple #1
0
        /// <summary>
        /// 验证签名
        /// </summary>
        /// <param name="rspData"></param>
        /// <param name="encoder"></param>
        /// <returns></returns>
        public static bool Validate(Dictionary <string, string> rspData, Encoding encoding)
        {
            //获取签名
            string signValue = rspData["signature"];

            log.Info("签名原文:[" + signValue + "]");
            byte[] signByte = Convert.FromBase64String(signValue);
            rspData.Remove("signature");
            string stringData = SDKUtil.CreateLinkString(rspData, true, false);

            log.Info("排序串:[" + stringData + "]");
            byte[] signDigest       = SecurityUtil.Sha1X16(stringData, encoding);
            string stringSignDigest = BitConverter.ToString(signDigest).Replace("-", "").ToLower();

            log.Debug("sha1结果:[" + stringSignDigest + "]");
            AsymmetricKeyParameter key = CertUtil.GetValidateKeyFromPath(rspData["certId"]);

            if (null == key)
            {
                log.Error("未找到证书,无法验签,验签失败。");
                return(false);
            }
            bool result = SecurityUtil.ValidateBySoft(key, signByte, encoding.GetBytes(stringSignDigest));

            if (result)
            {
                log.Info("验签成功");
            }
            else
            {
                log.Info("验签失败");
            }
            return(result);
        }
Exemple #2
0
        /// <summary>
        /// 对控件支付成功返回的结果信息中data域进行验签(控件端获取的应答信息)
        /// </summary>
        /// <param name="jsonData">json格式数据,例如:{"sign" : "J6rPLClQ64szrdXCOtV1ccOMzUmpiOKllp9cseBuRqJ71pBKPPkZ1FallzW18gyP7CvKh1RxfNNJ66AyXNMFJi1OSOsteAAFjF5GZp0Xsfm3LeHaN3j/N7p86k3B1GrSPvSnSw1LqnYuIBmebBkC1OD0Qi7qaYUJosyA1E8Ld8oGRZT5RR2gLGBoiAVraDiz9sci5zwQcLtmfpT5KFk/eTy4+W9SsC0M/2sVj43R9ePENlEvF8UpmZBqakyg5FO8+JMBz3kZ4fwnutI5pWPdYIWdVrloBpOa+N4pzhVRKD4eWJ0CoiD+joMS7+C0aPIEymYFLBNYQCjM0KV7N726LA==",  "data" : "pay_result=success&tn=201602141008032671528&cert_id=68759585097"}</param>
        /// <param name="encoding"></param>
        /// <returns></returns>
        public static bool ValidateAppResponse(string jsonData, Encoding encoding)
        {
            log.Info("控件返回报文验签:[" + jsonData + "]");
            //获取签名
            Dictionary <string, object> data = SDKUtil.JsonToDictionary(jsonData);

            string stringData = (string)data["data"];
            string signValue  = (string)data["sign"];
            Dictionary <string, string> dataMap = SDKUtil.parseQString(stringData, encoding);

            byte[] signByte         = Convert.FromBase64String(signValue);
            byte[] signDigest       = SecurityUtil.Sha1X16(stringData, encoding);
            string stringSignDigest = BitConverter.ToString(signDigest).Replace("-", "").ToLower();

            log.Debug("sha1结果:[" + stringSignDigest + "]");
            AsymmetricKeyParameter key = CertUtil.GetValidateKeyFromPath(dataMap["cert_id"]);

            if (null == key)
            {
                log.Error("未找到证书,无法验签,验签失败。");
                return(false);
            }
            bool result = SecurityUtil.ValidateBySoft(key, signByte, encoding.GetBytes(stringSignDigest));

            if (result)
            {
                log.Info("验签成功");
            }
            else
            {
                log.Info("验签失败");
            }
            return(result);
        }