RSA签名

my6521 · Sep 15, 2023 · dbcd554 · dbcd554
1 parent 6fc051e
commit dbcd554
Show file tree

Hide file tree

Showing 13 changed files with 105 additions and 83 deletions.
diff --git a/src/WWB.Paylink.BaoFooPay/BaoFooPayClient.cs b/src/WWB.Paylink.BaoFooPay/BaoFooPayClient.cs
@@ -76,7 +76,7 @@ private static void CheckResponseSign(BaseResponse response, BaoFooPayOptions op
 
             var signContent = ToolHelper.GetSignContent(parameters, options.Key, Consts.SIGN);
 
-            if (!RSASignature.Verify(options.CerCertificate, signContent, sign))
+            if (!RSAUtil.VerifyByCer(options.CerCertificate, signContent, sign))
             {
                 throw new BaoFooPayException("sign check fail: check Sign and Data Fail!");
             }

diff --git a/src/WWB.Paylink.BaoFooPay/BaoFooPayNotifyClient.cs b/src/WWB.Paylink.BaoFooPay/BaoFooPayNotifyClient.cs
@@ -93,7 +93,7 @@ private static void CheckNotifySign(BaseNotify notify, BaoFooPayOptions options)
 
             var signContent = ToolHelper.GetSignContent(parameters, options.Key, Consts.SIGN);
 
-            if (!RSASignature.Verify(options.CerCertificate, signContent, sign))
+            if (!RSAUtil.VerifyByCer(options.CerCertificate, signContent, sign))
             {
                 throw new BaoFooPayException("sign check fail: check Sign and Data Fail!");
             }

diff --git a/src/WWB.Paylink.BaoFooPay/Request/AbstractRequest.cs b/src/WWB.Paylink.BaoFooPay/Request/AbstractRequest.cs
@@ -40,7 +40,7 @@ public IDictionary<string, string> PrimaryHandler<T>(T data, BaoFooPayOptions op
         };
 
             var signContent = ToolHelper.GetSignContent(parameters, options.Key);
-            var sign = RSASignature.Sign(signContent, options.PfxCertificate, options.Password);
+            var sign = RSAUtil.SignByPfx(signContent, options.PfxCertificate, options.Password);
 
             parameters.Add(Consts.SIGN, sign);
 

diff --git a/src/WWB.Paylink.BaoFooPay/WWB.Paylink.BaoFooPay.csproj b/src/WWB.Paylink.BaoFooPay/WWB.Paylink.BaoFooPay.csproj
@@ -3,7 +3,7 @@
   <PropertyGroup>
       <TargetFramework>netcoreapp3.1</TargetFramework>
 	  <PackageId>WWB.Paylink.BaoFooPay</PackageId>
-	  <Version>1.0.2</Version>
+	  <Version>1.0.3</Version>
 	  <Authors>my6521</Authors>
 	  <Description>惠收钱SDK。</Description>
 	  <PackageLicenseExpression>MIT</PackageLicenseExpression>

diff --git a/src/WWB.Paylink.BaoFooTransfer/BaoFooTransClient.cs b/src/WWB.Paylink.BaoFooTransfer/BaoFooTransClient.cs
@@ -35,7 +35,7 @@ public async Task<T> ExecuteAsync<T>(IBaoFooTransRequest<T> request, BaoFooTrans
             var client = _httpClientFactory.CreateClient(Name);
             var (body, isSuccessStatusCode) = await client.PostAsync(url, contentType, txtParams);
             //解密
-            var realContent = RSA.DecryptByCer(body, options.CerCertificate);
+            var realContent = RSAUtil.DecryptByCer(body, options.CerCertificate);
             //反序列化
             var parser = new ResponseJsonParser<T>();
             var response = parser.Parse(realContent);

diff --git a/src/WWB.Paylink.BaoFooTransfer/Notify/TransferNotify.cs b/src/WWB.Paylink.BaoFooTransfer/Notify/TransferNotify.cs
@@ -52,7 +52,7 @@ internal override void Execute(BaoFooTransOptions options)
             if (string.IsNullOrWhiteSpace(DataContent)) return;
 
             //解密data_content
-            DataContent = RSA.DecryptByCer(DataContent, options.CerCertificate);
+            DataContent = RSAUtil.DecryptByCer(DataContent, options.CerCertificate);
 
             //xml反序列化
             var serializer = new XmlSerializer(typeof(TransContent<TransNotifyData>));

diff --git a/src/WWB.Paylink.BaoFooTransfer/Request/AbstractRequest.cs b/src/WWB.Paylink.BaoFooTransfer/Request/AbstractRequest.cs
@@ -24,7 +24,7 @@ public IDictionary<string, string> PrimaryHandler<T>(T data, BaoFooTransOptions
             };
             var encryptStr = JsonConvert.SerializeObject(data);
 
-            parameters.Add(Consts.SIGN_CONTENT, RSA.EncryptByPfx(encryptStr, options.PfxCertificate, options.Password));
+            parameters.Add(Consts.SIGN_CONTENT, RSAUtil.EncryptByPfx(encryptStr, options.PfxCertificate, options.Password));
 
             return parameters;
         }

diff --git a/src/WWB.Paylink.BaoFooTransfer/WWB.Paylink.BaoFooTransfer.csproj b/src/WWB.Paylink.BaoFooTransfer/WWB.Paylink.BaoFooTransfer.csproj
@@ -5,7 +5,7 @@
         <ImplicitUsings>disable</ImplicitUsings>
         <Nullable>enable</Nullable>
 		<PackageId>WWB.Paylink.BaoFooTransfer</PackageId>
-		<Version>1.0.2</Version>
+		<Version>1.0.3</Version>
 		<Authors>my6521</Authors>
 		<Description>宝付代付SDK。</Description>
 		<PackageLicenseExpression>MIT</PackageLicenseExpression>

diff --git a/src/WWB.Paylink.JoinPay/WWB.Paylink.JoinPay.csproj b/src/WWB.Paylink.JoinPay/WWB.Paylink.JoinPay.csproj
@@ -3,7 +3,7 @@
   <PropertyGroup>
     <TargetFramework>netcoreapp3.1</TargetFramework>
 	  <PackageId>WWB.Paylink.JoinPay</PackageId>
-	  <Version>1.0.2</Version>
+	  <Version>1.0.3</Version>
 	  <Authors>my6521</Authors>
 	  <Description>汇聚支付SDK</Description>
 	  <PackageLicenseExpression>MIT</PackageLicenseExpression>

diff --git a/src/WWB.Paylink.Utility/Security/RSASignature.cs b/src/WWB.Paylink.Utility/Security/RSASignature.cs
diff --git a/src/WWB.Paylink.Utility/Security/RSA.cs → src/WWB.Paylink.Utility/Security/RSAUtil.cs b/src/WWB.Paylink.Utility/Security/RSA.cs → src/WWB.Paylink.Utility/Security/RSAUtil.cs
@@ -7,7 +7,7 @@
 
 namespace WWB.Paylink.Utility.Security
 {
-    public static class RSA
+    public static class RSAUtil
     {
         #region 加密
 
@@ -21,7 +21,7 @@ public static string EncryptByCer(string data, string path)
         {
             try
             {
-                var publicKey = CertificateHelper.GetPublicKeyFromFile(path); //读取公钥
+                var publicKey = RsaReadUtil.GetPublicKeyFromFile(path); //读取公钥
                 var string64 = Base64.Encode(Encoding.UTF8.GetBytes(data)); //Base64编码  字符编码UF8
                 var hex = Hex.ToHexString(RSAEDCore(string64, publicKey, true)); //加密并转成十六进制
                 return hex;
@@ -43,7 +43,7 @@ public static string EncryptByPfx(string data, string path, string passwd)
         {
             try
             {
-                var privateKey = CertificateHelper.GetPrivateKeyFromFile(path, passwd); //读取私钥
+                var privateKey = RsaReadUtil.GetPrivateKeyFromFile(path, passwd); //读取私钥
                 var string64 = Base64.Encode(Encoding.UTF8.GetBytes(data)); //Base64编码  字符编码UF8
                 var hex = Hex.ToHexString(RSAEDCore(string64, privateKey, true)); //加密并转成十六进制
                 return hex;
@@ -69,7 +69,7 @@ public static string DecryptByPfx(string data, string path, string passwd)
         {
             try
             {
-                var publicKey = CertificateHelper.GetPrivateKeyFromFile(path, passwd); //读取私钥
+                var publicKey = RsaReadUtil.GetPrivateKeyFromFile(path, passwd); //读取私钥
                 var hexByte = Hex.Decode(data);
                 var decryString = RSAEDCore(hexByte, publicKey, false);
                 return Encoding.UTF8.GetString(Base64.Decode(decryString));
@@ -90,7 +90,7 @@ public static string DecryptByCer(string data, string path)
         {
             try
             {
-                var publicKey = CertificateHelper.GetPublicKeyFromFile(path); //读取公钥
+                var publicKey = RsaReadUtil.GetPublicKeyFromFile(path); //读取公钥
                 var hexByte = Hex.Decode(data);
                 var decryString = RSAEDCore(hexByte, publicKey, false);
                 return Encoding.UTF8.GetString(Base64.Decode(decryString));
@@ -103,6 +103,64 @@ public static string DecryptByCer(string data, string path)
 
         #endregion 解密
 
+        #region 加签
+
+        /// <summary>
+        /// 私钥加签
+        /// </summary>
+        /// <param name="encryptStr"></param>
+        /// <param name="pfxPath"></param>
+        /// <param name="priKeyPass"></param>
+        /// <returns></returns>
+        public static string SignByPfx(string encryptStr, string pfxPath, string priKeyPass)
+        {
+            var privateKey = RsaReadUtil.GetPrivateKeyFromFile(pfxPath, priKeyPass);
+            return Sign(Encoding.UTF8.GetBytes(encryptStr), privateKey);
+        }
+
+
+        /// <summary>
+        /// 公钥加签
+        /// </summary>
+        /// <param name="encryptStr"></param>
+        /// <param name="pubCerPath"></param>
+        /// <returns></returns>
+        public static string SignByCer(string encryptStr, string pubCerPath)
+        {
+            var publicKey = RsaReadUtil.GetPublicKeyFromFile(pubCerPath);
+            return Sign(Encoding.UTF8.GetBytes(encryptStr), publicKey);
+        }
+        #endregion
+
+        #region 验签
+        /// <summary>
+        /// 公钥验签
+        /// </summary>
+        /// <param name="pubCerPath"></param>
+        /// <param name="encryptStr"></param>
+        /// <param name="signature"></param>
+        /// <returns></returns>
+        public static bool VerifyByCer(string pubCerPath, string encryptStr, string signature)
+        {
+            var publicKey = RsaReadUtil.GetPublicKeyFromFile(pubCerPath);
+            return Verify(Encoding.UTF8.GetBytes(encryptStr), publicKey, signature);
+        }
+
+        /// <summary>
+        /// 私钥验签
+        /// </summary>
+        /// <param name="pfxPath"></param>
+        /// <param name="priKeyPass"></param>
+        /// <param name="encryptStr"></param>
+        /// <param name="signature"></param>
+        /// <returns></returns>
+        public static bool VerifyByPfx(string pfxPath, string priKeyPass, string encryptStr, string signature)
+        {
+            var publicKey = RsaReadUtil.GetPrivateKeyFromFile(pfxPath, priKeyPass);
+            return Verify(Encoding.UTF8.GetBytes(encryptStr), publicKey, signature);
+        }
+        #endregion
+
         #region Private Methods
 
         /// <summary>
@@ -190,6 +248,37 @@ private static byte[] Clone(byte[] array)
             return (byte[])array.Clone();
         }
 
+        /// <summary>
+        /// 用私钥对信息生成数字签名
+        /// 私钥加签
+        /// </summary>
+        /// <param name="data"></param>
+        /// <param name="parameters"></param>
+        /// <returns></returns>
+        private static string Sign(byte[] data, ICipherParameters parameters)
+        {
+            var signature = SignerUtilities.GetSigner("SHA256withRSA");
+            signature.Init(true, parameters);
+            signature.BlockUpdate(data, 0, data.Length);
+            return Hex.ToHexString(signature.GenerateSignature());
+        }
+
+        /// <summary>
+        /// 校验数字签名
+        /// 公钥验签
+        /// </summary>
+        /// <param name="data"></param>
+        /// <param name="parameters"></param>
+        /// <param name="sign"></param>
+        /// <returns></returns>
+        private static bool Verify(byte[] data, ICipherParameters parameters, string sign)
+        {
+            var signature = SignerUtilities.GetSigner("SHA256withRSA");
+            signature.Init(false, parameters);
+            signature.BlockUpdate(data, 0, data.Length);
+            return signature.VerifySignature(Hex.Decode(sign));
+        }
+
         #endregion Private Methods
     }
 }
diff --git a/...ink.Utility/Security/CertificateHelper.cs → ...B.Paylink.Utility/Security/RsaReadUtil.cs b/...ink.Utility/Security/CertificateHelper.cs → ...B.Paylink.Utility/Security/RsaReadUtil.cs
@@ -8,7 +8,7 @@
 
 namespace WWB.Paylink.Utility.Security
 {
-    public static class CertificateHelper
+    public static class RsaReadUtil
     {
         /// <summary>
         /// 读取私钥

diff --git a/src/WWB.Paylink.Utility/WWB.Paylink.Utility.csproj b/src/WWB.Paylink.Utility/WWB.Paylink.Utility.csproj
@@ -3,7 +3,7 @@
   <PropertyGroup>
 	  <TargetFramework>netstandard2.0</TargetFramework>
 	  <PackageId>WWB.Paylink.Utility</PackageId>
-	  <Version>1.0.2</Version>
+	  <Version>1.0.3</Version>
 	  <Authors>my6521</Authors>
 	  <Description>支付帮助类。</Description>
 	  <PackageLicenseExpression>MIT</PackageLicenseExpression>