/** * * 检测签名是否正确 * 正确返回true,错误抛异常 */ public bool CheckSign() { X509Certificate2 c3 = SafeUtil.GetCertFromCerFile(System.AppDomain.CurrentDomain.BaseDirectory + Resource.CER_PATH); String pukey = c3.PublicKey.Key.ToXmlString(false); //如果没有设置签名,则跳过检测 if (!IsSet("sign")) { Log.Error(this.GetType().ToString(), "PayCenterData签名不存在!"); throw new PayCenterException("PayCenterData签名不存在!"); } //如果设置了签名但是签名为空,则抛异常 else if (GetValue("sign") == null || GetValue("sign").ToString() == "") { Log.Error(this.GetType().ToString(), "PayCenterData签名存在但不合法!"); throw new PayCenterException("PayCenterData签名存在但不合法!"); } //获取接收到的签名 string return_sign = GetValue("sign").ToString(); string str = ToUrl(); if (SafeUtil.VerifySignedHash(str, return_sign, pukey)) { return(true); } Log.Error(this.GetType().ToString(), "PayCenterData签名验证错误!"); throw new PayCenterException("PayCenterData签名验证错误!"); }
/** * @生成签名,详见签名生成算法 * @return 签名, sign字段不参加签名 */ public string MakeSign() { X509Certificate2 c3 = SafeUtil.GetCertificateFromPfxFile(System.AppDomain.CurrentDomain.BaseDirectory + Resource.PFX_PATH, Resource.PRIVATEKEY_PASSWORD); string keyPublic3 = c3.PublicKey.Key.ToXmlString(false); // 公钥 string keyPrivate3 = c3.PrivateKey.ToXmlString(true); // 私钥 PrivateKeyInfo info = SafeUtil.getJavaPrivateKeyFromXml(keyPrivate3); //BigInteger certId = new BigInteger(1, c3.GetSerialNumber()); Org.BouncyCastle.X509.X509Certificate certificate = DotNetUtilities.FromX509Certificate(c3); //Asn1Sequence asq = (Asn1Sequence)Asn1Object.FromByteArray(info.ParsePrivateKey().GetDerEncoded()); String certId = certificate.SerialNumber.ToString(); this.SetValue("certId", certId.ToString()); //转url格式 string str = ToUrl(); //在string后加入API KEY //str += "&key=" + Resource.KEY; //SHA256加密 //var sb = SHA256Encrypt(str); Log.Info(this.GetType().ToString(), "计算签名串:" + str); str = SafeUtil.HashAndSign(str, keyPrivate3); Log.Info(this.GetType().ToString(), "签名:" + str); //所有字符转为小写 return(str.ToString()); }