/// <summary>
/// 获取返回时的签名验证结果
/// </summary>
/// <param name="inputPara">通知返回参数数组</param>
/// <param name="sign">对比的签名结果</param>
/// <returns>签名验证结果</returns>
private bool GetSignVeryfy(SortedDictionary <string, string> inputPara, string sign)
{
//过滤空值、sign与sign_type参数
var sPara = AlipayCore.FilterPara(inputPara);
//获取待签名字符串
string preSignStr = AlipayCore.CreateLinkString(sPara);
//获得签名验证结果
bool isSgin = false;
if (string.IsNullOrWhiteSpace(sign) == false)
{
switch (_config.SignType)
{
case "RSA":
isSgin = RSAFromPkcs8.Verify(preSignStr, sign, _config.PublicKey, _config.InputCharset);
break;
case "MD5":
isSgin = VerifyByMd5(preSignStr, sign, _config.PublicKey, _config.InputCharset);
break;
case "0001":
isSgin = RSAFromPkcs8.Verify(preSignStr, sign, _config.PublicKey, _config.InputCharset);
break;
default:
break;
}
}
return(isSgin);
}
internal static bool GetSignVeryfy(AlipayConfig config, Dictionary <string, string> inputPara, string sign, bool isSort)
{
Dictionary <string, string> sPara = new Dictionary <string, string>();
//过滤空值、sign与sign_type参数
sPara = FilterPara(inputPara);
if (isSort)
{
//根据字母a到z的顺序把参数排序
sPara = SortPara(sPara);
}
else
{
sPara = SortNotifyPara(sPara);
}
//获取待签名字符串
string preSignStr = CreateLinkString(sPara);
//获得签名验证结果
bool isSgin = false;
if (string.IsNullOrEmpty(sign) == false)
{
switch (config.SignType)
{
case "MD5":
isSgin = SignByMd5(preSignStr, config.SecurityKey, config.InputCharset) == sign;
break;
case "RSA":
isSgin = RSAFromPkcs8.Verify(preSignStr, sign, config.PublicKey, config.InputCharset);
break;
case "0001":
isSgin = RSAFromPkcs8.Verify(preSignStr, sign, config.PublicKey, config.InputCharset);
break;
default:
break;
}
}
return(isSgin);
}
/// <summary>
/// 创建支付宝支付的加密数据
/// </summary>
/// <param name="orderSn">订单号</param>
/// <param name="body">订单商品描述</param>
/// <param name="totalFee">订单金额</param>
/// <param name="subject"></param>
/// <param name="platform">客户端名称</param>
/// <param name="version">客户端版本</param>
/// <returns></returns>
public static string CreateAlipay(string orderSn, string body, decimal totalFee, string subject, string platform, string version)
{
// 外部交易号 这里取当前时间,商户可根据自己的情况修改此参数,但保证唯一性
string outTradeNo = orderSn.ToString(CultureInfo.InvariantCulture);
AlipayConfig config = AlipayConfig.Default;
string appenv = $"system={platform}^version={version}";
//获取待签名字符串
string content = AlipayManager.GetAlipayString(config.Partner, outTradeNo, body, totalFee, subject, version, appenv);
//生成签名
string mysign = RSAFromPkcs8.Sign(content, config.PrivateKey, config.InputCharset);
//返回参数格式
string strReturn = content + "&sign=\"" + HttpUtility.UrlEncode(mysign + "", Encoding.UTF8) + "\"&sign_type=\"RSA\"";
return(strReturn);
}
/// <summary>
/// 支付宝手机回调校验方法
/// </summary>
/// <param name="config"></param>
/// <param name="parameter"></param>
/// <param name="sign"></param>
/// <returns></returns>
public static async Task <bool> VerifyMobileNotify(AlipayConfig config, Dictionary <string, string> parameter, string sign)
{
if (config.SignType == "00001")
{
parameter["notify_data"] = RSAFromPkcs8.DecryptData(parameter["notify_data"], config.PublicKey, config.InputCharset);
}
string responseTxt = "true";
try
{
//XML解析notify_data数据,获取notify_id
string notifyId = "";
XmlDocument xmlDoc = new XmlDocument();
xmlDoc.LoadXml(parameter["notify_data"]);
notifyId = xmlDoc.SelectSingleNode("/notify/notify_id")?.InnerText;
if (notifyId != "")
{
string veryfyUrl = config.VerifyUrl + "partner=" + config.Partner + "¬ify_id=" + notifyId;
using (WebClient client = new WebClient())
{
responseTxt = await client.DownloadStringTaskAsync(veryfyUrl);
}
}
}
catch (Exception e)
{
responseTxt = e.ToString();
}
//获取返回时的签名验证结果
bool isSign = GetSignVeryfy(config, parameter, sign, false);
return(responseTxt == "true" && isSign);
}
