Exemplo n.º 1
0
        public static void SignByCertInfo(Dictionary <string, string> resData, Encoding encoding, ref string errorMessage)
        {
            try
            {
                //Dictionary<string, string> resData_Sign = resData;
                string signMethod = resData["signMethod"];
                string certPath   = Application.StartupPath + "\\Certificate\\" + "TestSign.pfx";
                string certPwd    = "00000000";


                if ("01".Equals(signMethod))
                {
                    //resData["certId"] = CertUtil.GetSignCertId(certPath, certPwd);

                    //将Dictionary信息转换成key1=value1&key2=value2的形式
                    string stringData = SDKUtil.CreateLinkString(resData, true, false, encoding);

                    byte[] signDigest = SecurityUtil.Sha256(stringData, encoding);

                    string stringSignDigest = SDKUtil.ByteArray2HexString(signDigest);



                    byte[] byteSign = SecurityUtil.SignSha256WithRsa(CertUtil.GetSignKeyFromPfx(certPath, certPwd), encoding.GetBytes(stringSignDigest));

                    string stringSign = Convert.ToBase64String(byteSign);


                    //设置签名域值
                    resData["signature"] = stringSign;

                    return;
                }
                else
                {
                    return; //log.Error("Error signMethod [" + signMethod + "] in SignByCertInfo. ");
                }
            }
            catch (Exception e)
            {
                errorMessage += e.Message;
            }
        }
Exemplo n.º 2
0
        static public bool ValidateSign(Dictionary <string, string> recData, Encoding encoding, ref string errorMessage)
        {
            Dictionary <string, string> reqData = new Dictionary <string, string>(recData);

            if (!reqData.ContainsKey("signMethod") || !reqData.ContainsKey("signature") || !reqData.ContainsKey("version"))
            {
                errorMessage += "signMethod或signature或version为空,无法验证签名。" + "\r\n";
                return(false);
            }
            string signMethod = reqData["signMethod"];
            string version    = reqData["version"];
            bool   result     = false;

            if ("01".Equals(signMethod))
            {
                if ("5.0.0".Equals(version))
                {
                    string signValue = reqData["signature"];
                    byte[] signByte  = Convert.FromBase64String(signValue);
                    reqData.Remove("signature");
                    string stringData = SDKUtil.CreateLinkString(reqData, true, false, encoding);

                    byte[] signDigest          = SecurityUtil.Sha1(stringData, encoding);
                    string stringSignDigest    = SDKUtil.ByteArray2HexString(signDigest);
                    AsymmetricKeyParameter key = CertUtil.GetValidateKeyFromPath(reqData["certId"]);
                    if (null == key)
                    {
                        errorMessage = "未找到证书,无法验签,验签失败。";
                        return(false);
                    }
                    result = SecurityUtil.ValidateSha1WithRsa(key, signByte, encoding.GetBytes(stringSignDigest));
                }
                else
                {
                    string signValue = reqData["signature"];

                    byte[] signByte = Convert.FromBase64String(signValue);
                    reqData.Remove("signature");
                    string stringData       = SDKUtil.CreateLinkString(reqData, true, false, encoding);
                    byte[] signDigest       = SecurityUtil.Sha256(stringData, encoding);
                    string stringSignDigest = SDKUtil.ByteArray2HexString(signDigest);
                    //string signPubKeyCert = reqData["signPubKeyCert"];
                    //X509Certificate x509Cert = CertUtil.VerifyAndGetPubKey(signPubKeyCert);
                    string          filepath = Application.StartupPath + "\\Certificate\\" + "商户898310173990680证书.pfx";
                    X509Certificate x509Cert = CertUtil.ReadCertFromFile(filepath, "690085");

                    if (x509Cert == null)
                    {
                        errorMessage += "获取验签证书失败,无法验签,验签失败。" + "\r\n";
                        return(false);
                    }
                    result = SecurityUtil.ValidateSha256WithRsa(x509Cert.GetPublicKey(), signByte, encoding.GetBytes(stringSignDigest));
                }
            }
            else if ("11".Equals(signMethod) || "12".Equals(signMethod))
            {
                errorMessage += "不支持此种算法" + "\r\n";
                return(false);
            }
            else
            {
                errorMessage += "Error signMethod [" + signMethod + "] in Validate. " + "\r\n";
                return(false);
            }
            if (!result)
            {
                errorMessage += "验签失败" + "\r\n";
            }


            return(result);
        }