コード例 #1
0
        /// <summary>
        /// 验签
        /// </summary>
        /// <param name="sign"></param>
        /// <returns></returns>
        public static string CheckSign(string message)
        {
            //获取非业务参数header对象的长度
            HeadersInfo headersInfo = new HeadersInfo();

            PropertyInfo[] propertyInfo = headersInfo.GetType().GetProperties(BindingFlags.Public | BindingFlags.Instance);

            //截取第一个下划线'_'前的文本为消息头,最后一个下划线'_'后的文本为签名
            string[] list = message.Split('_');
            //判断长度是否合法
            if (list.Length < propertyInfo.Length)
            {
                return(UtilityEnum.InspectionResult.Invalid.ToString());
            }

            string messageHeader = list[0];
            string timestamp     = list[1];
            //要验证的签名数据
            string signature = list[list.Length - 1];

            byte[] hashByteSignature = Convert.FromBase64String(signature);

            //查看消息头是否正确
            if (messageHeader != ConfigurationManager.AppSettings["messageHeader"])
            {
                return(UtilityEnum.InspectionResult.Invalid.ToString());
            }

            //文本截取签名(含下划线'_')后,是已签名的数据
            string buffer = message.Substring(0, message.Length - signature.Length - 1);

            byte[] fromBase64Buffer = Encoding.Unicode.GetBytes(buffer);

            //加载发送方的公钥进行验签
            var rsa          = new RSACryptoServiceProvider();
            var publicXmlKey = File.ReadAllText(Path.Combine(ConfigurationManager.AppSettings["basePathToStoreClientKeys"], "ClientRSA.Pub"));

            rsa.FromXmlString(publicXmlKey);

            //MD5 mD5 = new MD5CryptoServiceProvider();
            //rsa.VerifyData(hashByteSignature, mD5, Convert.FromBase64String(buffer));
            //rsa.VerifyData(hashByteSignature, CryptoConfig.MapNameToOID("MD5"), Convert.FromBase64String(buffer));

            //哈希算法:SHA1(160bit)、SHA256(256bit)、MD5(128bit)
            if (rsa.VerifyData(fromBase64Buffer, CryptoConfig.MapNameToOID("SHA1"), hashByteSignature))
            {
                //判断timestamp是否超时
                if (UtilityHelper.IsTimestampValidity(timestamp))
                {
                    return(UtilityEnum.InspectionResult.Timeout.ToString());
                }
            }
            else
            {
                return(UtilityEnum.InspectionResult.Invalid.ToString());
            }

            return(UtilityEnum.InspectionResult.Validity.ToString());
        }
コード例 #2
0
        public RESTJson GetClientEncryptionKey([FromBody] LoginInfo loginInfo)
        {
            RESTJson result = new RESTJson();

            //非业务参数(如:时间戳等)
            HeadersInfo headersInfo = new HeadersInfo();

            //根据非业务参数和业务参数拼接字符串并按照首字母排序
            Dictionary <string, object> dic = new Dictionary <string, object>();

            dic = SignHelper <HeadersInfo> .ObjConvertDic(dic, headersInfo);

            dic = SignHelper <LoginInfo> .ObjConvertDic(dic, loginInfo);

            string str = SignHelper <string> .DicSortToString(dic);

            //使用请求方的私钥进行加密生成签名
            string sign = ClientEncryptionHelper.privateToSign(str);

            //判空
            if (string.IsNullOrEmpty(sign))
            {
                result.ErrMsg = "生成报文失败";
                return(result);
            }

            //使用接收方的公钥进行加密生成加密报文
            string message = ServerEncryptionHelper.PubKeyEncryption(str += '_' + sign);

            if (!string.IsNullOrEmpty(message))
            {
                result.ErrCode = 1;
                result.ErrMsg  = "生成报文成功";
                result.Data    = message;
            }

            return(result);
        }