/**
*
* 检测签名是否正确
* 正确返回true,错误抛异常
*/
public bool CheckSign()
{
X509Certificate2 c3 = SafeUtil.GetCertFromCerFile(System.AppDomain.CurrentDomain.BaseDirectory + Resource.CER_PATH);
String pukey = c3.PublicKey.Key.ToXmlString(false);
//如果没有设置签名,则跳过检测
if (!IsSet("sign"))
{
Log.Error(this.GetType().ToString(), "PayCenterData签名不存在!");
throw new PayCenterException("PayCenterData签名不存在!");
}
//如果设置了签名但是签名为空,则抛异常
else if (GetValue("sign") == null || GetValue("sign").ToString() == "")
{
Log.Error(this.GetType().ToString(), "PayCenterData签名存在但不合法!");
throw new PayCenterException("PayCenterData签名存在但不合法!");
}
//获取接收到的签名
string return_sign = GetValue("sign").ToString();
string str = ToUrl();
if (SafeUtil.VerifySignedHash(str, return_sign, pukey))
{
return(true);
}
Log.Error(this.GetType().ToString(), "PayCenterData签名验证错误!");
throw new PayCenterException("PayCenterData签名验证错误!");
}
/**
* @生成签名,详见签名生成算法
* @return 签名, sign字段不参加签名
*/
public string MakeSign()
{
X509Certificate2 c3 = SafeUtil.GetCertificateFromPfxFile(System.AppDomain.CurrentDomain.BaseDirectory + Resource.PFX_PATH, Resource.PRIVATEKEY_PASSWORD);
string keyPublic3 = c3.PublicKey.Key.ToXmlString(false); // 公钥
string keyPrivate3 = c3.PrivateKey.ToXmlString(true); // 私钥
PrivateKeyInfo info = SafeUtil.getJavaPrivateKeyFromXml(keyPrivate3);
//BigInteger certId = new BigInteger(1, c3.GetSerialNumber());
Org.BouncyCastle.X509.X509Certificate certificate = DotNetUtilities.FromX509Certificate(c3);
//Asn1Sequence asq = (Asn1Sequence)Asn1Object.FromByteArray(info.ParsePrivateKey().GetDerEncoded());
String certId = certificate.SerialNumber.ToString();
this.SetValue("certId", certId.ToString());
//转url格式
string str = ToUrl();
//在string后加入API KEY
//str += "&key=" + Resource.KEY;
//SHA256加密
//var sb = SHA256Encrypt(str);
Log.Info(this.GetType().ToString(), "计算签名串:" + str);
str = SafeUtil.HashAndSign(str, keyPrivate3);
Log.Info(this.GetType().ToString(), "签名:" + str);
//所有字符转为小写
return(str.ToString());
}
