/// <summary> /// 获取返回时的签名验证结果 /// </summary> /// <param name="inputPara">通知返回参数数组</param> /// <param name="sign">对比的签名结果</param> /// <returns>签名验证结果</returns> private bool GetSignVeryfy(SortedDictionary <string, string> inputPara, string sign) { //过滤空值、sign与sign_type参数 var sPara = AlipayCore.FilterPara(inputPara); //获取待签名字符串 string preSignStr = AlipayCore.CreateLinkString(sPara); //获得签名验证结果 bool isSgin = false; if (string.IsNullOrWhiteSpace(sign) == false) { switch (_config.SignType) { case "RSA": isSgin = RSAFromPkcs8.Verify(preSignStr, sign, _config.PublicKey, _config.InputCharset); break; case "MD5": isSgin = VerifyByMd5(preSignStr, sign, _config.PublicKey, _config.InputCharset); break; case "0001": isSgin = RSAFromPkcs8.Verify(preSignStr, sign, _config.PublicKey, _config.InputCharset); break; default: break; } } return(isSgin); }
internal static bool GetSignVeryfy(AlipayConfig config, Dictionary <string, string> inputPara, string sign, bool isSort) { Dictionary <string, string> sPara = new Dictionary <string, string>(); //过滤空值、sign与sign_type参数 sPara = FilterPara(inputPara); if (isSort) { //根据字母a到z的顺序把参数排序 sPara = SortPara(sPara); } else { sPara = SortNotifyPara(sPara); } //获取待签名字符串 string preSignStr = CreateLinkString(sPara); //获得签名验证结果 bool isSgin = false; if (string.IsNullOrEmpty(sign) == false) { switch (config.SignType) { case "MD5": isSgin = SignByMd5(preSignStr, config.SecurityKey, config.InputCharset) == sign; break; case "RSA": isSgin = RSAFromPkcs8.Verify(preSignStr, sign, config.PublicKey, config.InputCharset); break; case "0001": isSgin = RSAFromPkcs8.Verify(preSignStr, sign, config.PublicKey, config.InputCharset); break; default: break; } } return(isSgin); }
/// <summary> /// 创建支付宝支付的加密数据 /// </summary> /// <param name="orderSn">订单号</param> /// <param name="body">订单商品描述</param> /// <param name="totalFee">订单金额</param> /// <param name="subject"></param> /// <param name="platform">客户端名称</param> /// <param name="version">客户端版本</param> /// <returns></returns> public static string CreateAlipay(string orderSn, string body, decimal totalFee, string subject, string platform, string version) { // 外部交易号 这里取当前时间,商户可根据自己的情况修改此参数,但保证唯一性 string outTradeNo = orderSn.ToString(CultureInfo.InvariantCulture); AlipayConfig config = AlipayConfig.Default; string appenv = $"system={platform}^version={version}"; //获取待签名字符串 string content = AlipayManager.GetAlipayString(config.Partner, outTradeNo, body, totalFee, subject, version, appenv); //生成签名 string mysign = RSAFromPkcs8.Sign(content, config.PrivateKey, config.InputCharset); //返回参数格式 string strReturn = content + "&sign=\"" + HttpUtility.UrlEncode(mysign + "", Encoding.UTF8) + "\"&sign_type=\"RSA\""; return(strReturn); }
/// <summary> /// 支付宝手机回调校验方法 /// </summary> /// <param name="config"></param> /// <param name="parameter"></param> /// <param name="sign"></param> /// <returns></returns> public static async Task <bool> VerifyMobileNotify(AlipayConfig config, Dictionary <string, string> parameter, string sign) { if (config.SignType == "00001") { parameter["notify_data"] = RSAFromPkcs8.DecryptData(parameter["notify_data"], config.PublicKey, config.InputCharset); } string responseTxt = "true"; try { //XML解析notify_data数据,获取notify_id string notifyId = ""; XmlDocument xmlDoc = new XmlDocument(); xmlDoc.LoadXml(parameter["notify_data"]); notifyId = xmlDoc.SelectSingleNode("/notify/notify_id")?.InnerText; if (notifyId != "") { string veryfyUrl = config.VerifyUrl + "partner=" + config.Partner + "¬ify_id=" + notifyId; using (WebClient client = new WebClient()) { responseTxt = await client.DownloadStringTaskAsync(veryfyUrl); } } } catch (Exception e) { responseTxt = e.ToString(); } //获取返回时的签名验证结果 bool isSign = GetSignVeryfy(config, parameter, sign, false); return(responseTxt == "true" && isSign); }