/// <summary>
/// 获取应答报文中的加密公钥证书,并存储到本地,并备份原始证书。
/// 更新成功则返回1,无更新返回0,失败异常返回-1。
/// </summary>
/// <param name="dic">Dictionary数据</param>
/// <param name="encoding">编码</param>
/// <returns>成功返回1,无更新返回0,失败异常返回-1</returns>
public static int UpdateEncryptCert(Dictionary <string, string> dic, Encoding encoding)
{
if (!dic.ContainsKey("encryptPubKeyCert") || !dic.ContainsKey("certType"))
{
log.Error("encryptPubKeyCert or certType is null.");
return(-1);
}
string strCert = dic["encryptPubKeyCert"];
string certType = dic["certType"];
X509Certificate x509Cert = CertUtil.GetPubKeyCert(strCert);
if (x509Cert == null)
{
log.Error("从encryptPubKeyCert获取证书内容失败。");
return(-1);
}
if ("01".Equals(certType))
{
if (!CertUtil.GetEncryptCertId().Equals(x509Cert.SerialNumber.ToString()))
{
// ID不同时进行本地证书更新操作
string localCertPath = SDKConfig.EncryptCert;
string newLocalCertPath = SDKUtil.GenBackupName(localCertPath);
// 1.将本地证书进行备份存储
try
{
System.IO.File.Copy(localCertPath, newLocalCertPath, true);
}
catch (Exception e)
{
log.Error("备份旧加密证书失败:", e);
return(-1);
}
// 2.备份成功,进行新证书的存储
FileStream fs = null;
try
{
fs = File.OpenWrite(localCertPath);
Byte[] info = encoding.GetBytes(strCert);
fs.Write(info, 0, info.Length);
}
catch (Exception e)
{
log.Error("写入新加密证书失败:", e);
return(-1);
}
finally
{
if (fs != null)
{
fs.Close();
}
}
log.Info("save new encryptPubKeyCert success");
CertUtil.resetEncryptCertPublicKey();
return(1);
}
else
{
log.Info("加密公钥无更新。");
return(0);
}
}
else if ("02".Equals(certType))
{
log.Info("加密公钥无更新。");
return(0);
}
else
{
log.Error("unknown cerType:" + certType);
return(-1);
}
}
//获取敏感信息加密证书的物理序列号
public static String GetEncryptCertId()
{
return(CertUtil.GetEncryptCertId());
}