在做支付宝APP支付接口的后台功能时,发现按DEMO代码统一下单时根本就走不同,DEMO代码如下:
IAopClient client = new DefaultAopClient("https://openapi.alipay.com/gateway.do", "app_id", "merchant_private_key", "json", "1.0", "RSA2", "alipay_public_key", "GBK", false);
AlipayTradeAppPayRequest request= new AlipayTradeAppPayRequest() ;
request.BizContent="{" +
"\"timeout_express\":\"90m\"," +
"\"total_amount\":\"9.00\"," +
"\"product_code\":\"QUICK_MSECURITY_PAY\"," +
"\"body\":\"Iphone6 16G\"," +
"\"subject\":\"大乐透\"," +
"\"out_trade_no\":\"70501111111S001111119\"," +
"\"time_expire\":\"2016-12-31 10:05\"," +
"\"goods_type\":\"0\"," +
"\"promo_params\":\"{\\\"storeIdType\\\":\\\"1\\\"}\"," +
"\"passback_params\":\"merchantBizType%3d3C%26merchantBizNo%3d2016010101111\"," +
"\"extend_params\":{" +
"\"sys_service_provider_id\":\"2088511833207846\"," +
"\"hb_fq_num\":\"3\"," +
"\"hb_fq_seller_percent\":\"100\"," +
"\"industry_reflux_info\":\"{\\\\\\\"scene_code\\\\\\\":\\\\\\\"metro_tradeorder\\\\\\\",\\\\\\\"channel\\\\\\\":\\\\\\\"xxxx\\\\\\\",\\\\\\\"scene_data\\\\\\\":{\\\\\\\"asset_name\\\\\\\":\\\\\\\"ALIPAY\\\\\\\"}}\"," +
"\"card_type\":\"S0JP0000\"" +
" }," +
"\"merchant_order_no\":\"20161008001\"," +
"\"enable_pay_channels\":\"pcredit,moneyFund,debitCardExpress\"," +
"\"store_id\":\"NJ_001\"," +
"\"specified_channel\":\"pcredit\"," +
"\"disable_pay_channels\":\"pcredit,moneyFund,debitCardExpress\"," +
" \"goods_detail\":[{" +
" \"goods_id\":\"apple-01\"," +
"\"alipay_goods_id\":\"20010001\"," +
"\"goods_name\":\"ipad\"," +
"\"quantity\":1," +
"\"price\":2000," +
"\"goods_category\":\"34543238\"," +
"\"categories_tree\":\"124868003|126232002|126252004\"," +
"\"body\":\"特价手机\"," +
"\"show_url\":\"http://www.alipay.com/xxx.jpg\"" +
" }]," +
"\"ext_user_info\":{" +
"\"name\":\"李明\"," +
"\"mobile\":\"16587658765\"," +
"\"cert_type\":\"IDENTITY_CARD\"," +
"\"cert_no\":\"362334768769238881\"," +
"\"min_age\":\"18\"," +
"\"fix_buyer\":\"F\"," +
"\"need_check_info\":\"F\"" +
" }," +
"\"business_params\":\"{\\\"data\\\":\\\"123\\\"}\"," +
"\"agreement_sign_params\":{" +
"\"personal_product_code\":\"CYCLE_PAY_AUTH_P\"," +
"\"sign_scene\":\"INDUSTRY|DIGITAL_MEDIA\"," +
"\"external_agreement_no\":\"test20190701\"," +
"\"external_logon_id\":\"13852852877\"," +
"\"access_params\":{" +
"\"channel\":\"ALIPAYAPP\"" +
" }," +
"\"sub_merchant\":{" +
"\"sub_merchant_id\":\"2088123412341234\"," +
"\"sub_merchant_name\":\"滴滴出行\"," +
"\"sub_merchant_service_name\":\"滴滴出行免密支付\"," +
"\"sub_merchant_service_description\":\"免密付车费,单次最高500\"" +
" }," +
"\"period_rule_params\":{" +
"\"period_type\":\"DAY\"," +
"\"period\":3," +
"\"execute_time\":\"2019-01-23\"," +
"\"single_amount\":10.99," +
"\"total_amount\":600," +
"\"total_payments\":12" +
" }" +
" }" +
" }";
AlipayTradeAppPayResponse response=client.sdkExecute(request);
Console.WriteLine(response.Body);
重点代码:AlipayTradeAppPayResponse response=client.sdkExecute(request);
查看DefaultAopClient代码发现竟然只是把参数给你签好名然后再直接用参数初始化一个响应对象,根本就没有发送HTTP请求,其中代码如下:
public T SdkExecute<T>(IAopRequest<T> request, string appAuthToken) where T : AopResponse
{
// 构造请求参数
AopDictionary requestParams = buildRequestParams(request, null, appAuthToken);
// 字典排序
IDictionary<string, string> sortedParams = new SortedDictionary<String, String>(requestParams, StringComparer.Ordinal);
AopDictionary sortedAopDic = new AopDictionary(sortedParams);
// 参数签名
String charset = String.IsNullOrEmpty(this.charset) ? "utf-8" : this.charset;
String signResult = AopUtils.SignAopRequest(sortedAopDic, privateKeyPem, charset, this.keyFromFile, this.signType);
// 添加签名结果参数
sortedAopDic.Add(SIGN, signResult);
// 参数拼接
String signedResult = WebUtils.BuildQuery(sortedAopDic, charset);
// 构造结果
T rsp = (T) Activator.CreateInstance(typeof(T));
rsp.Body = signedResult;
return rsp;
}
其中关键代码:T rsp = (T) Activator.CreateInstance(typeof(T));
此处他根本没有发送请求,而是直接调用默认构造函数初始化了一个 T 类的实例(此处的 T 为 AlipayTradeAppPayRequest 类带过来的,具体为:AlipayTradeAppPayResponse)。
无奈,只能自己写代码来实现了,,之后的各种看文档,,接着,,神奇的事发生了。。。。关键如下:
此处需要公钥证书的SN以及根证书的SN,文档说要根据AntCertificationUtil.getRootCertSN以及AlipaySignature.getCertSN方法来实现,但是找遍SDK的代码也没发现有这两个方法啊。。。
最后无奈又一遍一遍看其他的SDK看有没得这两个方法也没发现(此时还没看JAVA得SDK,因为官网提供的Maven项目依赖地址根本就进不去),最后实在没办法了,只好百度找下alipay-sdk-java关键字,结果发现有github的java版本SDK,然后查看发现有AlipaySignature.getCertSN方法,方法如下:
/**
* 从公钥证书中提取公钥序列号
*
* @param certPath 公钥证书存放路径,例如:/home/admin/cert.crt
* @return 公钥证书序列号
* @throws AlipayApiException
*/
public static String getCertSN(String certPath) throws AlipayApiException {
InputStream inputStream = null;
try {
inputStream = new FileInputStream(certPath);
CertificateFactory cf = CertificateFactory.getInstance("X.509");
X509Certificate cert = (X509Certificate) cf.generateCertificate(inputStream);
MessageDigest md = MessageDigest.getInstance("MD5");
md.update((cert.getIssuerX500Principal().getName() + cert.getSerialNumber()).getBytes());
String certSN = new BigInteger(1, md.digest()).toString(16);
//BigInteger会把0省略掉,需补全至32位
certSN = fillMD5(certSN);
return certSN;
} catch (NoSuchAlgorithmException e) {
throw new AlipayApiException(e);
} catch (IOException e) {
throw new AlipayApiException(e);
} catch (CertificateException e) {
throw new AlipayApiException(e);
} finally {
try {
if (inputStream != null) {
inputStream.close();
}
} catch (IOException e) {
throw new AlipayApiException(e);
}
}
}
单独提取出来,稍加修改如下:
编译并运行:
接下来一步一步写出C#版本,说出我写C#版本遇到的问题:
1、cert.IssuerName.Name得到的签发机构名称中的各个属性用英文,分隔,但是英文,符号之后会有空格,根据上方图片得到的信息,java获取到的签发机构名称的属性分隔符之间是没有空格的;
2、C#中cert.SerialNumber获取到的内置序列号是16进制的字符串,根据上方图片得到的信息,java得到的是10进制的字符串,后来找了好久没发现C#怎么把大数据16进制转换成10进制的方法(从来没做过大数据类型转换的业务,所以不知道),后来灵机一动发现java有BigInteger大整数类,C#应该也有的,然后引入System.Numerics.dll顺利解决问题。
最终写出C#代码如下(此处MD5Encrypt函数没有提供):
/// <summary>
/// 获取指定CRT证书文件的序列号。
/// </summary>
/// <param name="certPath">证书路径。</param>
/// <returns>返回该证书序列号。</returns>
public static string GetCertSN(String certPath)
{
X509Certificate2 cert = new X509Certificate2(certPath);
string issuerName = new Regex(@"\, +C=").Replace(new Regex(@"\, +O=").Replace(new Regex(@"\, +OU=").Replace(cert.IssuerName.Name, ",OU="), ",O="), ",C=");
return MD5Encrypt(issuerName + BigInteger.Parse(string.Format("0{0}", cert.SerialNumber), System.Globalization.NumberStyles.AllowHexSpecifier), Encoding.UTF8, null).ToLower();
}
同样的,找到java sdk的AntCertificationUtil.getRootCertSN函数,代码如下:
/**
* 获取根证书序列号
*
* @param rootCertContent
* @return
*/
public static String getRootCertSN(String rootCertContent) {
String rootCertSN = null;
try {
X509Certificate[] x509Certificates = readPemCertChain(rootCertContent);
MessageDigest md = MessageDigest.getInstance("MD5");
for (X509Certificate c : x509Certificates) {
if (c.getSigAlgOID().startsWith("1.2.840.113549.1.1")) {
md.update((c.getIssuerX500Principal().getName() + c.getSerialNumber()).getBytes());
String certSN = new BigInteger(1, md.digest()).toString(16);
//BigInteger会把0省略掉,需补全至32位
certSN = fillMD5(certSN);
if (StringUtils.isEmpty(rootCertSN)) {
rootCertSN = certSN;
} else {
rootCertSN = rootCertSN + "_" + certSN;
}
}
}
} catch (Exception e) {
AlipayLogger.logBizError(("提取根证书失败"));
}
return rootCertSN;
}
发现X509Certificate[] x509Certificates = readPemCertChain(rootCertContent);代码,其中他自己写了个readPemCertChain函数,查看如下:
private static X509Certificate[] readPemCertChain(String cert) throws CertificateException {
ByteArrayInputStream inputStream = new ByteArrayInputStream(cert.getBytes());
CertificateFactory factory = CertificateFactory.getInstance("X.509", provider);
Collection<? extends Certificate> certificates = factory.generateCertificates(inputStream);
return (X509Certificate[]) certificates.toArray(new X509Certificate[certificates.size()]);
}
然后C#找了各种函数没有发现对应的方法,无奈只能百度找资料了,其中发现该处文章:https://blog.csdn.net/xiangguiwang/article/details/76400805
关键点如下:
于是乎用记事本打开了阿里云的alipayRootCert.crt查看了一下,发现内部是这样的:
根据百度查到的资料,得出结论:阿里云的CRT根证书就是ASCII编码的PEM证书,只是其中包含了很多个PEM证书(不知道这样描述对不对,本人对证书内部原理一点不知道)
然后再根据java里面的代码得出结论:首先读取根证书内部所有的证书内容,然后循环获取内部的每一个SN号,然后用_拼接
最终写出C#代码如下:
/// <summary>
/// 获取指定CRT根证书的序列号。
/// </summary>
/// <param name="rootCertPath">根证书路径。</param>
/// <returns>返回该根证书序列号。</returns>
public static string GetRootCertSN(string rootCertPath)
{
List<List<byte>> allCertByte = new List<List<byte>>();
string beginText = "-----BEGIN CERTIFICATE-----";
string endText = "-----END CERTIFICATE-----";
Encoding encoding = Encoding.UTF8;
using (StreamReader streamRead = new StreamReader(rootCertPath, encoding))
{
List<byte> bytes = null;
while (!streamRead.EndOfStream)
{
string lineText = streamRead.ReadLine();
if (lineText.StartsWith(beginText))
{
bytes = new List<byte>();
allCertByte.Add(bytes);
if (lineText.Length > beginText.Length)
bytes.AddRange(encoding.GetBytes(lineText.Replace(beginText, "").Trim()));
}
else if (!lineText.StartsWith(endText))
{
bytes.AddRange(encoding.GetBytes(lineText.Trim()));
}
}
}
StringBuilder resultSN = new StringBuilder();
int index = 0;
foreach (List<byte> item in allCertByte)
{
X509Certificate2 certificate = new X509Certificate2(item.ToArray());
if (certificate.SignatureAlgorithm.Value.StartsWith("1.2.840.113549.1.1"))
{
if (index > 0)
resultSN.Append("_");
resultSN.Append(GetCertSN(certificate));
index++;
}
}
return resultSN.ToString();
}
完整的Helper.cs代码:
using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Net;
using System.Net.Security;
using System.Numerics;
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;
using System.Text;
using System.Text.RegularExpressions;
using System.Xml;
namespace Qcnt.ThreeParty.Payment
{
/// <summary>
/// 三方支付相关的静态帮助类。
/// </summary>
public static class Helper
{
/// <summary>
/// 获取系统当前时间的时间戳。
/// </summary>
public static string Timestamp
{
get
{
TimeSpan ts = DateTime.UtcNow - new DateTime(1970, 1, 1, 0, 0, 0, 0);
return Convert.ToInt64(ts.TotalSeconds).ToString();
}
}
/// <summary>
/// 获取指定长度的随机字符串。
/// </summary>
/// <param name="length">待生成的随机字符串长度。</param>
/// <returns>返回生成好的随机字符串。</returns>
public static string GetRandomString(int length)
{
string str = "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
StringBuilder result = new StringBuilder();
Random rd = new Random();
while (length > 0)
{
result.Append(str[rd.Next(str.Length)]);
length--;
}
return result.ToString();
}
/// <summary>
/// 对字符串进行MD5加密。
/// </summary>
/// <param name="str">需要加密的字符串。</param>
/// <param name="encoding">字符串使用的编码集。</param>
/// <param name="delimiter">分隔符。</param>
/// <returns>返回加密后的字符串。</returns>
public static string MD5Encrypt(string str, Encoding encoding, char? delimiter)
{
if (string.IsNullOrEmpty(str))
return null;
byte[] result = encoding.GetBytes(str);
MD5 md5 = new MD5CryptoServiceProvider();
byte[] output = md5.ComputeHash(result);
if (delimiter != null && delimiter.HasValue)
return BitConverter.ToString(output).ToUpper().Replace('-', delimiter.Value);
return BitConverter.ToString(output).ToUpper().Replace("-", "");
}
/// <summary>
/// 模拟发送HTTP POST请求。
/// </summary>
/// <param name="url">需要请求的URL地址。</param>
/// <param name="data">请求参数字符串。</param>
/// <param name="encoding">请求所使用的字符串编码集。</param>
/// <returns>返回请求结果。</returns>
public static string HttpPost(string url, string data, Encoding encoding)
{
return HttpPost(url, data, null, null, encoding);
}
/// <summary>
/// 模拟发送HTTP POST请求。
/// </summary>
/// <param name="url">需要请求的URL地址。</param>
/// <param name="data">请求参数字符串。</param>
/// <param name="certPath">附加的证书路径(使用前先双击安装该证书)。</param>
/// <param name="certPassword">附加的证书密码。</param>
/// <param name="encoding">请求所使用的字符串编码集。</param>
/// <returns>返回请求结果。</returns>
public static string HttpPost(string url, string data, string certPath, string certPassword, Encoding encoding)
{
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(url);
request.Timeout = 10000;
request.Method = "POST";
request.ContentType = "application/x-www-form-urlencoded";
if (!string.IsNullOrWhiteSpace(certPath) && !string.IsNullOrWhiteSpace(certPassword) && File.Exists(certPath))
{
ServicePointManager.ServerCertificateValidationCallback = new RemoteCertificateValidationCallback((sender, certificate, chain, errors) =>
{
if (errors == SslPolicyErrors.None)
return true;
return false;
});
request.ClientCertificates.Add(new X509Certificate2(certPath, certPassword, X509KeyStorageFlags.MachineKeySet | X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.Exportable));
}
if (!string.IsNullOrWhiteSpace(data))
{
byte[] dataBytes = encoding.GetBytes(data);
request.ContentLength = dataBytes.Length;
using (Stream stream = request.GetRequestStream())
{
stream.Write(dataBytes, 0, dataBytes.Length);
}
}
using (HttpWebResponse response = (HttpWebResponse)request.GetResponse())
{
using (Stream responseStream = response.GetResponseStream())
{
using (StreamReader streamReader = new StreamReader(responseStream, Encoding.GetEncoding("gb2312")))
{
return streamReader.ReadToEnd();
}
}
}
}
/// <summary>
/// 获取根据XmlNode名称匹配到第一个XmlNode的InnerText值。
/// </summary>
/// <param name="node">匹配XmlNode的根XmlNode。</param>
/// <param name="nodeName">要获取InnerText值的XmlNode名称。</param>
/// <returns>若找到指定的XmlNode则返回该XmlNode的InnerText值,否则返回null。</returns>
public static string GetNodeInnerText(this XmlNode node, string nodeName)
{
if (node == null)
return null;
XmlNode resultNode = node.SelectSingleNode(nodeName);
if (resultNode == null)
return null;
return resultNode.InnerText;
}
/// <summary>
/// 使用指定的参数集生成MD5签名。
/// </summary>
/// <param name="pars">生成签名所用到的参数集合。</param>
/// <param name="key">生成签名所用到的Key。</param>
/// <returns>返回生成好的签名字符串。</returns>
public static string CreateMD5Sign(Dictionary<string, string> pars, string key)
{
List<string> sortedKey = new List<string>(pars.Keys);
sortedKey.Sort();
StringBuilder parsString = new StringBuilder();
foreach (string itemKey in sortedKey)
{
parsString.AppendFormat("{0}={1}&", itemKey, pars[itemKey]);
}
parsString.AppendFormat("key={0}", key);
return MD5Encrypt(parsString.ToString(), Encoding.UTF8, null);
}
/// <summary>
/// 使用指定的参数集生成RSA2签名。
/// </summary>
/// <param name="pars">生成签名所用到的参数集合。</param>
/// <param name="privateKey">生成签名所用到的私有秘钥。</param>
/// <returns>返回生成好的签名字符串。</returns>
public static string CreateRSA2Sign(Dictionary<string, string> pars, string privateKey)
{
List<string> sortedKey = new List<string>(pars.Keys);
sortedKey.Sort();
StringBuilder parsString = new StringBuilder();
int i = 0;
foreach (string key in sortedKey)
{
if (i > 0)
parsString.Append("&");
parsString.AppendFormat("{0}={1}", key, pars[key]);
i++;
}
return RSA2Encrypt(parsString.ToString(), privateKey);
}
/// <summary>
/// 将指定的Xml字符串转换成<see cref="Dictionary{TKey, TValue}"/>类型的参数集。
/// </summary>
/// <param name="xmlString">待转换的Xml字符串。</param>
/// <returns>若转换成功则返回转换后的参数集。</returns>
public static Dictionary<string, string> XmlToParameters(string xmlString)
{
if (string.IsNullOrWhiteSpace(xmlString))
return null;
XmlDocument xml = new XmlDocument();
xml.LoadXml(xmlString);
XmlNode xmlRoot = xml.DocumentElement;
Dictionary<string, string> result = new Dictionary<string, string>();
foreach (XmlNode childNode in xmlRoot.ChildNodes)
{
result.Add(childNode.Name, childNode.InnerText);
}
return result;
}
/// <summary>
/// 将指定的参数集转换成Xml格式的字符串。
/// </summary>
/// <param name="pars">待转换的参数集。</param>
/// <returns>返回转换后的Xml字符串。</returns>
public static string ParametersToXmlString(Dictionary<string, string> pars)
{
StringBuilder parsString = new StringBuilder("<xml>");
foreach (string key in pars.Keys)
{
parsString.AppendFormat("<{0}>{1}</{0}>", key, pars[key].Replace("<", "<").Replace(">", ">").Replace("&", "&").Replace("\"", """));
}
parsString.Append("</xml>");
return parsString.ToString();
}
/// <summary>
/// 将指定的参数集转换成POST数据字符串。
/// </summary>
/// <param name="pars">待转换的参数集。</param>
/// <returns>返回转换后的POST数据字符串。</returns>
public static string ParametersToPostDataString(Dictionary<string, string> pars)
{
StringBuilder postDataString = new StringBuilder();
int i = 0;
foreach (string key in pars.Keys)
{
if (i > 0)
postDataString.Append("&");
postDataString.AppendFormat("{0}={1}", key, System.Web.HttpUtility.UrlEncode(pars[key]));
i++;
}
return postDataString.ToString();
}
/// <summary>
/// 对AES加密字符串方向进行AES解密操作。
/// </summary>
/// <param name="decryptStr">待解密字符串。</param>
/// <param name="key">AES解密Key。</param>
/// <returns>返回解密后的字符串。</returns>
public static string AESDecrypt(string decryptStr, string key)
{
byte[] keyByte = Encoding.UTF8.GetBytes(key);
byte[] encryptByte = Convert.FromBase64String(decryptStr);
RijndaelManaged rijndaelManaged = new RijndaelManaged();
rijndaelManaged.Key = keyByte;
rijndaelManaged.Mode = CipherMode.ECB;
rijndaelManaged.Padding = PaddingMode.PKCS7;
ICryptoTransform cryptoTransform = rijndaelManaged.CreateDecryptor();
byte[] resultByte = cryptoTransform.TransformFinalBlock(encryptByte, 0, encryptByte.Length);
return Encoding.UTF8.GetString(resultByte);
}
/// <summary>
/// 使用RSA2加密算法加密字符串。
/// </summary>
/// <param name="str">待加密字符串。</param>
/// <param name="privateKey">加密私有秘钥。</param>
/// <returns>获取成功则返回该CRT证书的序列号,否则返回null。</returns>
private static string RSA2Encrypt(string str, string privateKey)
{
RSACryptoServiceProvider rsaCrypto = GetRSACryptoFromPrivateKey(privateKey);
return Convert.ToBase64String(rsaCrypto.SignData(Encoding.UTF8.GetBytes(str), "SHA256"));
}
/// <summary>
/// 从RSA私有秘钥字符串获取一个RSA加密对象。
/// </summary>
/// <param name="privateKey">私有秘钥字符串。</param>
/// <returns>返回获取到的RSA加密对象。</returns>
private static RSACryptoServiceProvider GetRSACryptoFromPrivateKey(string privateKey)
{
byte[] modulus, exponent, d, p, q, dp, dq, inverseQ;
MemoryStream memoryStream = new MemoryStream(Convert.FromBase64String(privateKey));
BinaryReader binaryReader = new BinaryReader(memoryStream);
switch (binaryReader.ReadUInt16())
{
case 0x8130:
binaryReader.ReadByte();
break;
case 0x8230:
binaryReader.ReadInt16();
break;
}
if (binaryReader.ReadUInt16() != 0x0102)
return null;
if (binaryReader.ReadByte() != 0x00)
return null;
int elementCount = GetIntegerSize(binaryReader);
modulus = binaryReader.ReadBytes(elementCount);
elementCount = GetIntegerSize(binaryReader);
exponent = binaryReader.ReadBytes(elementCount);
elementCount = GetIntegerSize(binaryReader);
d = binaryReader.ReadBytes(elementCount);
elementCount = GetIntegerSize(binaryReader);
p = binaryReader.ReadBytes(elementCount);
elementCount = GetIntegerSize(binaryReader);
q = binaryReader.ReadBytes(elementCount);
elementCount = GetIntegerSize(binaryReader);
dp = binaryReader.ReadBytes(elementCount);
elementCount = GetIntegerSize(binaryReader);
dq = binaryReader.ReadBytes(elementCount);
elementCount = GetIntegerSize(binaryReader);
inverseQ = binaryReader.ReadBytes(elementCount);
CspParameters cspParameters = new CspParameters();
cspParameters.Flags = CspProviderFlags.UseMachineKeyStore;
RSACryptoServiceProvider rsaCrypto = new RSACryptoServiceProvider(2048, cspParameters);
RSAParameters rsaParams = new RSAParameters();
rsaParams.Modulus = modulus;
rsaParams.Exponent = exponent;
rsaParams.D = d;
rsaParams.P = p;
rsaParams.Q = q;
rsaParams.DP = dp;
rsaParams.DQ = dq;
rsaParams.InverseQ = inverseQ;
rsaCrypto.ImportParameters(rsaParams);
return rsaCrypto;
}
/// <summary>
/// 获取下一个基本部分的字节长度。
/// </summary>
/// <param name="binaryReader">二进制读取器。</param>
/// <returns>返回下一个基本部分的字节长度。</returns>
private static int GetIntegerSize(BinaryReader binaryReader)
{
byte byteValue = 0;
byte lowByte = 0x00;
byte highByte = 0x00;
int count = 0;
byteValue = binaryReader.ReadByte();
if (byteValue != 0x02)
return 0;
byteValue = binaryReader.ReadByte();
if (byteValue == 0x81)
{
count = binaryReader.ReadByte();
}
else
{
if (byteValue == 0x82)
{
highByte = binaryReader.ReadByte();
lowByte = binaryReader.ReadByte();
byte[] modelInt = { lowByte, highByte, 0x00, 0x00 };
count = BitConverter.ToInt32(modelInt, 0);
}
else
{
count = byteValue;
}
}
while (binaryReader.ReadByte() == 0x00)
{
count -= 1;
}
binaryReader.BaseStream.Seek(-1, SeekOrigin.Current);
return count;
}
/// <summary>
/// 获取指定CRT根证书的序列号。
/// </summary>
/// <param name="rootCertPath">根证书路径。</param>
/// <returns>返回该根证书序列号。</returns>
public static string GetRootCertSN(string rootCertPath)
{
List<List<byte>> allCertByte = new List<List<byte>>();
string beginText = "-----BEGIN CERTIFICATE-----";
string endText = "-----END CERTIFICATE-----";
Encoding encoding = Encoding.UTF8;
using (StreamReader streamRead = new StreamReader(rootCertPath, encoding))
{
List<byte> bytes = null;
while (!streamRead.EndOfStream)
{
string lineText = streamRead.ReadLine();
if (lineText.StartsWith(beginText))
{
bytes = new List<byte>();
allCertByte.Add(bytes);
if (lineText.Length > beginText.Length)
bytes.AddRange(encoding.GetBytes(lineText.Replace(beginText, "").Trim()));
}
else if (!lineText.StartsWith(endText))
{
bytes.AddRange(encoding.GetBytes(lineText.Trim()));
}
}
}
StringBuilder resultSN = new StringBuilder();
int index = 0;
foreach (List<byte> item in allCertByte)
{
X509Certificate2 certificate = new X509Certificate2(item.ToArray());
if (certificate.SignatureAlgorithm.Value.StartsWith("1.2.840.113549.1.1"))
{
if (index > 0)
resultSN.Append("_");
resultSN.Append(GetCertSN(certificate));
index++;
}
}
return resultSN.ToString();
}
/// <summary>
/// 获取指定CRT证书文件的序列号。
/// </summary>
/// <param name="certPath">证书路径。</param>
/// <returns>返回该证书序列号。</returns>
public static string GetCertSN(string certPath)
{
return GetCertSN(new X509Certificate2(certPath));
}
/// <summary>
/// 获取指定CRT证书的序列号。
/// </summary>
/// <param name="cert">证书对象。</param>
/// <returns>返回该证书序列号。</returns>
private static string GetCertSN(X509Certificate2 cert)
{
string issuerName = new Regex(@"\, +C=").Replace(new Regex(@"\, +O=").Replace(new Regex(@"\, +OU=").Replace(cert.IssuerName.Name, ",OU="), ",O="), ",C=");
return MD5Encrypt(issuerName + BigInteger.Parse(string.Format("0{0}", cert.SerialNumber), System.Globalization.NumberStyles.AllowHexSpecifier), Encoding.UTF8, null).ToLower();
}
}
}
有需要的朋友可以直接拿去使用,SDK还未完全写出来,所以本处的代码不保证完全正确。写出来之后再把微信和支付宝做一个集成的SDK发出来吧。。先把遇到最大的问题给写出来。