Página inicial Explorar Ajuda
Entrar
365wy
/
wycore
2
0
Fork 0
Arquivos Issues 0 Pull Requests 0 Wiki
Branch: master
Branches Tags
wycore
/
PMS.NetCore
/
Utils
/
SignatureAndVerification.cs

SignatureAndVerification.cs 8.1 KB
Link permanente Histórico Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211 
  1. using Newtonsoft.Json;
    2. 

  2. using System;
    3. 

  3. using System.Collections.Generic;
    4. 

  4. using System.IO;
    5. 

  5. using System.Security.Cryptography;
    6. 

  6. using System.Security.Cryptography.X509Certificates;
    7. 

  7. using System.Text;
    8. 

  8. 

  9. namespace Utils
    10. 

  10. {
    11. 

  11.     public class SignatureAndVerification
    12. 

  12.     {
    13. 

  13.         /// <summary>
    14. 

  14.         /// nlog日志
    15. 

  15.         /// </summary>
    16. 

  16.         private static NLog.Logger logger = NLog.LogManager.GetCurrentClassLogger();
    17. 

  17. 

  18.         public static string keystore_password = AppSettingsHelper.Configuration["NHBridge:keystore_password"];
    19. 

  19.         public static string PrivateKeyPath = AppSettingsHelper.Configuration["NHBridge:PrivateKeyPath"];
    20. 

  20.         public static string PublicKeyPath = AppSettingsHelper.Configuration["NHBridge:PublicKeyPath"];
    21. 

  21. 

  22. 

  23.         /// <summary>
    24. 

  24.         /// 接收报文返回requsetBody和使用base64解析后的requsetBody以及缴费中心传送的签名
    25. 

  25.         /// </summary>
    26. 

  26.         /// <param name="request">请求报文</param>
    27. 

  27.         /// <returns></returns>
    28. 

  28.         public Dictionary<string, string> requestBodyOfBase64(string request)
    29. 

  29.         {
    30. 

  30.             logger.Info($"收到的报文:{request}");
    31. 

  31. 

  32.             Dictionary<string, string> requestMap = new Dictionary<string, string>
    33. 

  33.             {
    34. 

  34.                 //使用base64解析完成后的requsetBody
    35. 

  35.                 { "requsetBodyOfDecoded", "" },
    36. 

  36.                 //解析前的requsetBody
    37. 

  37.                 { "requsetBody", "" },
    38. 

  38.                 //获取缴费中心传送过来的签名
    39. 

  39.                 { "signatureString", "" }
    40. 

  40.             };
    41. 

  41. 

  42.             try
    43. 

  43.             {
    44. 

  44.                 string signatureString = request.Substring(0, request.IndexOf("||"));
    45. 

  45.                 string requsetBody = request.Substring(signatureString.Length + 2);
    46. 

  46.                 string requsetBodyOfDecoded = Base64Util.DecodeData(requsetBody);
    47. 

  47.                 logger.Info($"加签串:{signatureString},base64加密报文:{requsetBody},解密的报文:{requsetBodyOfDecoded}");
    48. 

  48. 

  49.                 if (!string.IsNullOrWhiteSpace(signatureString) && !string.IsNullOrWhiteSpace(requsetBody) && !string.IsNullOrWhiteSpace(requsetBodyOfDecoded))
    50. 

  50.                 {
    51. 

  51.                     requestMap["requsetBodyOfDecoded"] = requsetBodyOfDecoded;
    52. 

  52.                     requestMap["requsetBody"] = requsetBody;
    53. 

  53.                     requestMap["signatureString"] = signatureString;
    54. 

  54.                 }
    55. 

  55.                 else
    56. 

  56.                 {
    57. 

  57.                     logger.Error("非正常格式请求报文,请检查报文并联系发送方。");
    58. 

  58.                 }
    59. 

  59.             }
    60. 

  60.             catch (Exception e)
    61. 

  61.             {
    62. 

  62.                 logger.Error($"解析报文信息异常,报错信息:{e.Message},报错堆栈:{e.StackTrace}");
    63. 

  63.             }
    64. 

  64. 

  65.             return requestMap;
    66. 

  66.         }
    67. 

  67. 

  68.         /// <summary>
    69. 

  69.         /// 解析报文,验证签名
    70. 

  70.         /// </summary>
    71. 

  71.         /// <param name="requestMap"></param>
    72. 

  72.         /// <returns></returns>
    73. 

  73.         public string verify_sign(Dictionary<string, string> requestMap)
    74. 

  74.         {
    75. 

  75. 

  76.             //使用base64解析完成后的requsetBody
    77. 

  77.             string requsetBodyOfDecoded = requestMap["requsetBodyOfDecoded"];
    78. 

  78.             //解析前的requsetBody
    79. 

  79.             string requsetBody = requestMap["requsetBody"];
    80. 

  80.             //获取缴费中心传送过来的签名
    81. 

  81.             string signatureString = requestMap["signatureString"];
    82. 

  82. 

  83.             //报文解析错误处理
    84. 

  84.             if (string.IsNullOrWhiteSpace(signatureString))
    85. 

  85.             {
    86. 

  86.                 logger.Error("解析报文出错");
    87. 

  87.                 return "";
    88. 

  88.             }
    89. 

  89. 

  90.             //验签
    91. 

  91.             bool sign = read_cer_and_verify_sign(requsetBody, signatureString);
    92. 

  92.             //如果验签失败,处理
    93. 

  93.             //if (!sign) {                 
    94. 

  94.             //}
    95. 

  95.             return requsetBodyOfDecoded;
    96. 

  96.         }
    97. 

  97. 

  98.         /// <summary>
    99. 

  99.         /// 读取cer并验证公钥签名
    100. 

  100.         /// </summary>
    101. 

  101.         /// <param name="requsetBody">json报文数据</param>
    102. 

  102.         /// <param name="signature">加签标识</param>
    103. 

  103.         /// <returns>成功:true,失败:false</returns>
    104. 

  104.         public bool read_cer_and_verify_sign(string requsetBody, string signature)
    105. 

  105.         {
    106. 

  106.             bool result = false;
    107. 

  107.             try
    108. 

  108.             {
    109. 

  109.                 byte[] orgin = Encoding.UTF8.GetBytes((requsetBody));//json报文数据获得字节数据
    110. 

  110.                 byte[] singedBase64 = Convert.FromBase64String((signature));//对加签部分进行base64解密操作
    111. 

  111.                 RSACryptoServiceProvider tMerchantKey = GetPublicKey();//读取证书
    112. 

  112.                 result = tMerchantKey.VerifyData(orgin, "SHA1", singedBase64);
    113. 

  113.                 logger.Info($"验证签名的加签串:{signature},签名验证结果:{result}");
    114. 

  114.                 return result;
    115. 

  115.             }
    116. 

  116.             catch (Exception ex)
    117. 

  117.             {
    118. 

  118.                 logger.Error(ex, "验签失败!");
    119. 

  119.                 return result;
    120. 

  120.             }
    121. 

  121.         }
    122. 

  122. 

  123.         /// <summary>
    124. 

  124.         /// 加签名
    125. 

  125.         /// </summary>
    126. 

  126.         /// <param name="contentForSign">需加标签的字符串</param>
    127. 

  127.         /// <returns></returns>
    128. 

  128.         public string signWhithsha1withrsa(string contentForSign)
    129. 

  129.         {
    130. 

  130.             string result = "";
    131. 

  131.             try
    132. 

  132.             {
    133. 

  133.                 //string filePath = rootPath + PFXPATH;
    134. 

  134.                 //获取私钥
    135. 

  135.                 RSACryptoServiceProvider tMerchantKey = GetPrivateKey();
    136. 

  136.                 SHA1Managed tHash = new SHA1Managed();
    137. 

  137.                 //将传递需要加签的字符串进行base64操作
    138. 

  138.                 byte[] base64 = Encoding.UTF8.GetBytes(Convert.ToBase64String(Encoding.UTF8.GetBytes(contentForSign)));
    139. 

  139.                 byte[] tHashedData = tHash.ComputeHash(base64);
    140. 

  140.                 //对其进行加签名
    141. 

  141.                 byte[] tSigned = tMerchantKey.SignHash(tHashedData, "SHA1");
    142. 

  142.                 result = Convert.ToBase64String(tSigned);
    143. 

  143.                 return result;
    144. 

  144.             }
    145. 

  145.             catch (Exception ex)
    146. 

  146.             {
    147. 

  147.                 logger.Error(ex, "加签失败!");
    148. 

  148.                 return result;
    149. 

  149.             }
    150. 

  150.         }
    151. 

  151. 

  152.         /// <summary>
    153. 

  153.         /// 获取返回报文数据,加签名及加密
    154. 

  154.         /// </summary>
    155. 

  155.         /// <param name="json"></param>
    156. 

  156.         /// <returns></returns>
    157. 

  157.         public string GetResponseJson(string json)
    158. 

  158.         {
    159. 

  159. 

  160.             logger.Info("查询结果原始报文数据:" + json);
    161. 

  161.             // 加签名以及加密
    162. 

  162.             string signatrue = signWhithsha1withrsa(json);
    163. 

  163.             string responseJson = signatrue + "||" + Base64Util.EncodeData(json);
    164. 

  164.             logger.Info("查询结果返回报文数据(报文加签且base64加密后):" + responseJson);
    165. 

  165. 

  166.             return responseJson;
    167. 

  167.         }
    168. 

  168. 

  169.         /// <summary>
    170. 

  170.         /// 获取私钥
    171. 

  171.         /// </summary>
    172. 

  172.         /// <returns></returns>
    173. 

  173.         private static RSACryptoServiceProvider GetPrivateKey()
    174. 

  174.         {
    175. 

  175.             try
    176. 

  176.             {
    177. 

  177.                 //以读取路径的方式读取文件 path为存放证书路径
    178. 

  178.                 var cer = new X509Certificate2(File.ReadAllBytes(PrivateKeyPath), keystore_password, X509KeyStorageFlags.Exportable | X509KeyStorageFlags.MachineKeySet);
    179. 

  179. 

  180. 

  181. 

  182.                 //byte[] rawData = Resource._103881104410001;
    183. 

  183.                 //byte[]  rawData = returnbyte("d://103881104410001.pfx");
    184. 

  184.                 //string file = "d://103881104410001.pfx";
    185. 

  185.                 //var cer = new X509Certificate2(rawData, Resource.keystore_password, X509KeyStorageFlags.Exportable | X509KeyStorageFlags.MachineKeySet);
    186. 

  186.                 return (RSACryptoServiceProvider)cer.PrivateKey;
    187. 

  187.             }
    188. 

  188.             catch { throw; }
    189. 

  189.         }
    190. 

  190. 

  191.         /// <summary>
    192. 

  192.         /// 获取公钥
    193. 

  193.         /// </summary>
    194. 

  194.         /// <returns></returns>
    195. 

  195.         private static RSACryptoServiceProvider GetPublicKey()
    196. 

  196.         {
    197. 

  197.             try
    198. 

  198.             {
    199. 

  199.                 //以读取路径的方式读取文件 path为存放证书路径
    200. 

  200.                 var cer = new X509Certificate2(File.ReadAllBytes(PublicKeyPath));
    201. 

  201. 

  202. 

  203.                 //var cer = new X509Certificate2(Resource.TrustPayTest);
    204. 

  204.                 return (RSACryptoServiceProvider)cer.PublicKey.Key;
    205. 

  205.             }
    206. 

  206.             catch { throw; }
    207. 

  207.         }
    208. 

  208. 

  209. 

  210.     }
    211. 

  211. }
    212.