移除GBK编码支持

samples/WebApplicationSample/Controllers/AlipayNotifyController.cs

@@ -1,9 +1,7 @@
 using System;
 using System.Threading.Tasks;
-using System.Xml;
 using Essensoft.AspNetCore.Payment.Alipay;
 using Essensoft.AspNetCore.Payment.Alipay.Notify;
-using Essensoft.AspNetCore.Payment.Alipay.Utility;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.Extensions.Options;
 
@@ -31,31 +29,6 @@ namespace WebApplicationSample.Controllers
         {
             try
             {
-                var service = Request.Form["service"].ToString();
-                switch (service)
-                {
-                    // 激活开发者模式
-                    case "alipay.service.check":
-                        {
-                            var options = _optionsAccessor.Value;
-
-                            // 获取参数
-                            var parameters = _client.GetParameters(Request);
-                            var sign = parameters["sign"];
-                            parameters.Remove("sign");
-
-                            var signContent = AlipaySignature.GetSignContent(parameters);
-
-                            // 验签
-                            var isSuccess = AlipaySignature.RSACheckContent(signContent, sign, options.AlipayPublicKey, "GBK", options.SignType);
-
-                            // 组XML响应内容
-                            var response = MakeVerifyGWResponse(isSuccess, options.AlipayPublicKey, options.AppPrivateKey, "GBK", options.SignType);
-
-                            return Content(response, "text/xml");
-                        }
-                }
-
                 var msg_method = Request.Form["msg_method"].ToString();
                 switch (msg_method)
                 {
@@ -236,49 +209,5 @@ namespace WebApplicationSample.Controllers
                 return NoContent();
             }
         }
-
-        private string MakeVerifyGWResponse(bool isSuccess, string certPublicKey, string appPrivateKey, string charset, string signType)
-        {
-            var xmlDoc = new XmlDocument(); //创建实例
-            var xmldecl = xmlDoc.CreateXmlDeclaration("1.0", "GBK", null);
-            xmlDoc.AppendChild(xmldecl);
-
-            var xmlElem = xmlDoc.CreateElement("alipay"); //新建元素
-            xmlDoc.AppendChild(xmlElem); //添加元素
-
-            var alipay = xmlDoc.SelectSingleNode("alipay");
-
-            var response = xmlDoc.CreateElement("response");
-            var success = xmlDoc.CreateElement("success");
-            if (isSuccess)
-            {
-                success.InnerText = "true";//设置文本节点 
-                response.AppendChild(success);//添加到<Node>节点中 
-            }
-            else
-            {
-                success.InnerText = "false";//设置文本节点 
-                response.AppendChild(success);//添加到<Node>节点中 
-                var err = xmlDoc.CreateElement("error_code");
-                err.InnerText = "VERIFY_FAILED";
-                response.AppendChild(err);
-            }
-
-            var biz_content = xmlDoc.CreateElement("biz_content");
-            biz_content.InnerText = certPublicKey;
-            response.AppendChild(biz_content);
-
-            alipay.AppendChild(response);
-
-            var sign = xmlDoc.CreateElement("sign");
-            sign.InnerText = AlipaySignature.RSASignContent(response.InnerXml, appPrivateKey, charset, signType);
-            alipay.AppendChild(sign);
-
-            var sign_type = xmlDoc.CreateElement("sign_type");
-            sign_type.InnerText = signType;
-            alipay.AppendChild(sign_type);
-
-            return xmlDoc.InnerXml;
-        }
     }
 }

src/Essensoft.AspNetCore.Payment.Alipay/AlipayClient.cs

@@ -95,7 +95,7 @@ namespace Essensoft.AspNetCore.Payment.Alipay
 
             // 添加签名参数
             var signContent = AlipaySignature.GetSignContent(txtParams);
-            txtParams.Add(AlipayConstants.SIGN, AlipaySignature.RSASignContent(signContent, options.AppPrivateKey, options.Charset, options.SignType));
+            txtParams.Add(AlipayConstants.SIGN, AlipaySignature.RSASignContent(signContent, options.AppPrivateKey, options.SignType));
 
             string body;
 
@@ -127,7 +127,7 @@ namespace Essensoft.AspNetCore.Payment.Alipay
                 }
                 else
                 {
-                    body = BuildHtmlRequest(txtParams, options.ServerUrl, options.Charset, reqMethod);
+                    body = BuildHtmlRequest(txtParams, options.ServerUrl, reqMethod);
                 }
             }
 
@@ -249,7 +249,7 @@ namespace Essensoft.AspNetCore.Payment.Alipay
 
             // 添加签名参数
             var signContent = AlipaySignature.GetSignContent(txtParams);
-            txtParams.Add(AlipayConstants.SIGN, AlipaySignature.RSASignContent(signContent, options.AppPrivateKey, options.Charset, options.SignType));
+            txtParams.Add(AlipayConstants.SIGN, AlipaySignature.RSASignContent(signContent, options.AppPrivateKey, options.SignType));
 
             string body;
             var client = _httpClientFactory.CreateClient(nameof(AlipayClient));
@@ -285,13 +285,13 @@ namespace Essensoft.AspNetCore.Payment.Alipay
 
             if (!isError || isError && !string.IsNullOrEmpty(signItem.Sign))
             {
-                var rsaCheckContent = AlipaySignature.RSACheckContent(signItem.SignSourceData, signItem.Sign, options.AlipayPublicKey, options.Charset, options.SignType);
+                var rsaCheckContent = AlipaySignature.RSACheckContent(signItem.SignSourceData, signItem.Sign, options.AlipayPublicKey, options.SignType);
                 if (!rsaCheckContent)
                 {
                     if (!string.IsNullOrEmpty(signItem.SignSourceData) && signItem.SignSourceData.Contains("\\/"))
                     {
                         var srouceData = signItem.SignSourceData.Replace("\\/", "/");
-                        var jsonCheck = AlipaySignature.RSACheckContent(srouceData, signItem.Sign, options.AlipayPublicKey, options.Charset, options.SignType);
+                        var jsonCheck = AlipaySignature.RSACheckContent(srouceData, signItem.Sign, options.AlipayPublicKey, options.SignType);
                         if (!jsonCheck)
                         {
                             throw new AlipayException("sign check fail: check Sign and Data Fail JSON also");
@@ -429,7 +429,7 @@ namespace Essensoft.AspNetCore.Payment.Alipay
 
             // 添加签名参数
             var signContent = AlipaySignature.GetSignContent(txtParams);
-            txtParams.Add(AlipayConstants.SIGN, AlipaySignature.RSASignContent(signContent, options.AppPrivateKey, options.Charset, options.SignType));
+            txtParams.Add(AlipayConstants.SIGN, AlipaySignature.RSASignContent(signContent, options.AppPrivateKey, options.SignType));
 
             string body;
             var client = _httpClientFactory.CreateClient(nameof(AlipayClient));
@@ -471,13 +471,13 @@ namespace Essensoft.AspNetCore.Payment.Alipay
             if (!isError || isError && !string.IsNullOrEmpty(certItem.Sign))
             {
                 var currentAlipayPublicKey = await LoadAlipayPublicKeyAsync(certItem, options);
-                var rsaCheckContent = AlipaySignature.RSACheckContent(certItem.SignSourceData, certItem.Sign, currentAlipayPublicKey, options.Charset, options.SignType);
+                var rsaCheckContent = AlipaySignature.RSACheckContent(certItem.SignSourceData, certItem.Sign, currentAlipayPublicKey, options.SignType);
                 if (!rsaCheckContent)
                 {
                     if (!string.IsNullOrEmpty(certItem.SignSourceData) && certItem.SignSourceData.Contains("\\/"))
                     {
                         var srouceData = certItem.SignSourceData.Replace("\\/", "/");
-                        var jsonCheck = AlipaySignature.RSACheckContent(srouceData, certItem.Sign, currentAlipayPublicKey, options.Charset, options.SignType);
+                        var jsonCheck = AlipaySignature.RSACheckContent(srouceData, certItem.Sign, currentAlipayPublicKey, options.SignType);
                         if (!jsonCheck)
                         {
                             throw new AlipayException("cert check fail: check Cert and Data Fail JSON also");
@@ -557,10 +557,10 @@ namespace Essensoft.AspNetCore.Payment.Alipay
             };
         }
 
-        private string BuildHtmlRequest(IDictionary<string, string> dictionary, string serverUrl, string charset, string strMethod)
+        private string BuildHtmlRequest(IDictionary<string, string> dictionary, string serverUrl, string strMethod)
         {
             var sb = new StringBuilder();
-            sb.Append($"<form id='submit' name='submit' action='{serverUrl}?charset={charset}' method='{strMethod}' style='display:none;'>");
+            sb.Append($"<form id='submit' name='submit' action='{serverUrl}' method='{strMethod}' accept-charset='UTF-8' style='display:none;'>");
             foreach (var iter in dictionary)
             {
                 sb.Append("<input  name='" + iter.Key + "' value='" + iter.Value + "'/>");
@@ -669,7 +669,7 @@ namespace Essensoft.AspNetCore.Payment.Alipay
 
             // 参数签名
             var signContent = AlipaySignature.GetSignContent(sortedDic);
-            var signResult = AlipaySignature.RSASignContent(signContent, options.AppPrivateKey, options.Charset, options.SignType);
+            var signResult = AlipaySignature.RSASignContent(signContent, options.AppPrivateKey, options.SignType);
 
             // 添加签名结果参数
             sortedDic.Add(AlipayConstants.SIGN, signResult);

src/Essensoft.AspNetCore.Payment.Alipay/AlipayNotifyClient.cs

@@ -132,8 +132,8 @@ namespace Essensoft.AspNetCore.Payment.Alipay
 
             dictionary.Remove(AlipayConstants.SIGN);
             dictionary.Remove(AlipayConstants.SIGN_TYPE);
-            var prestr = AlipaySignature.GetSignContent(dictionary);
-            if (!AlipaySignature.RSACheckContent(prestr, sign, options.AlipayPublicKey, options.Charset, options.SignType))
+            var content = AlipaySignature.GetSignContent(dictionary);
+            if (!AlipaySignature.RSACheckContent(content, sign, options.AlipayPublicKey, options.SignType))
             {
                 throw new AlipayException("sign check fail: check Sign Data Fail!");
             }

src/Essensoft.AspNetCore.Payment.Alipay/Utility/AlipaySignature.cs

@@ -29,23 +29,23 @@ namespace Essensoft.AspNetCore.Payment.Alipay.Utility
             return sb.Remove(sb.Length - 1, 1).ToString();
         }
 
-        public static string RSASignContent(string data, string privateKey, string charset, string signType)
+        public static string RSASignContent(string data, string privateKey, string signType)
         {
             return signType switch
             {
-                "RSA1" => SHA1WithRSA.Sign(data, privateKey, charset),
-                "RSA2" => SHA256WithRSA.Sign(data, privateKey, charset),
-                _ => SHA1WithRSA.Sign(data, privateKey, charset),
+                "RSA1" => SHA1WithRSA.Sign(data, privateKey),
+                "RSA2" => SHA256WithRSA.Sign(data, privateKey),
+                _ => SHA1WithRSA.Sign(data, privateKey),
             };
         }
 
-        public static bool RSACheckContent(string data, string sign, string publicKey, string charset, string signType)
+        public static bool RSACheckContent(string data, string sign, string publicKey, string signType)
         {
             return signType switch
             {
-                "RSA1" => SHA1WithRSA.Verify(data, sign, publicKey, charset),
-                "RSA2" => SHA256WithRSA.Verify(data, sign, publicKey, charset),
-                _ => SHA1WithRSA.Verify(data, sign, publicKey, charset),
+                "RSA1" => SHA1WithRSA.Verify(data, sign, publicKey),
+                "RSA2" => SHA256WithRSA.Verify(data, sign, publicKey),
+                _ => SHA1WithRSA.Verify(data, sign, publicKey),
             };
         }
 

src/Essensoft.AspNetCore.Payment.Security/Essensoft.AspNetCore.Payment.Security.csproj

@@ -5,9 +5,5 @@
     <PackageId>Essensoft.AspNetCore.Payment.Security</PackageId>
     <PackageTags>Essensoft;Payment;Security</PackageTags>
   </PropertyGroup>
-
-  <ItemGroup>
-    <PackageReference Include="System.Text.Encoding.CodePages" Version="4.7.1" />
-  </ItemGroup>
-
+  
 </Project>

src/Essensoft.AspNetCore.Payment.Security/InternalEncoding.cs

@@ -1,22 +0,0 @@
-using System.Text;
-
-namespace Essensoft.AspNetCore.Payment.Security
-{
-    internal static class InternalEncoding
-    {
-        static InternalEncoding()
-        {
-            Encoding.RegisterProvider(CodePagesEncodingProvider.Instance);
-        }
-
-        public static Encoding GetEncoding(string name)
-        {
-            return Encoding.GetEncoding(name);
-        }
-
-        public static Encoding GetEncoding(int codepage)
-        {
-            return Encoding.GetEncoding(codepage);
-        }
-    }
-}

src/Essensoft.AspNetCore.Payment.Security/SHA1WithRSA.cs

@@ -1,11 +1,12 @@
 using System;
 using System.Security.Cryptography;
+using System.Text;
 
 namespace Essensoft.AspNetCore.Payment.Security
 {
     public static class SHA1WithRSA
     {
-        public static string Sign(string data, string privateKey, string charset)
+        public static string Sign(string data, string privateKey)
         {
             if (string.IsNullOrEmpty(data))
             {
@@ -17,19 +18,14 @@ namespace Essensoft.AspNetCore.Payment.Security
                 throw new ArgumentNullException(nameof(privateKey));
             }
 
-            if (string.IsNullOrEmpty(charset))
-            {
-                throw new ArgumentNullException(nameof(charset));
-            }
-
             using (var rsa = RSA.Create())
             {
                 rsa.ImportRSAPrivateKey(Convert.FromBase64String(privateKey), out var _);
-                return Convert.ToBase64String(rsa.SignData(InternalEncoding.GetEncoding(charset).GetBytes(data), HashAlgorithmName.SHA1, RSASignaturePadding.Pkcs1));
+                return Convert.ToBase64String(rsa.SignData(Encoding.UTF8.GetBytes(data), HashAlgorithmName.SHA1, RSASignaturePadding.Pkcs1));
             }
         }
 
-        public static bool Verify(string data, string sign, string publicKey, string charset)
+        public static bool Verify(string data, string sign, string publicKey)
         {
             if (string.IsNullOrEmpty(data))
             {
@@ -46,15 +42,10 @@ namespace Essensoft.AspNetCore.Payment.Security
                 throw new ArgumentNullException(nameof(publicKey));
             }
 
-            if (string.IsNullOrEmpty(charset))
-            {
-                throw new ArgumentNullException(nameof(charset));
-            }
-
             using (var rsa = RSA.Create())
             {
                 rsa.ImportSubjectPublicKeyInfo(Convert.FromBase64String(publicKey), out var _);
-                return rsa.VerifyData(InternalEncoding.GetEncoding(charset).GetBytes(data), Convert.FromBase64String(sign), HashAlgorithmName.SHA1, RSASignaturePadding.Pkcs1);
+                return rsa.VerifyData(Encoding.UTF8.GetBytes(data), Convert.FromBase64String(sign), HashAlgorithmName.SHA1, RSASignaturePadding.Pkcs1);
             }
         }
     }

src/Essensoft.AspNetCore.Payment.Security/SHA256WithRSA.cs

@@ -6,7 +6,7 @@ namespace Essensoft.AspNetCore.Payment.Security
 {
     public static class SHA256WithRSA
     {
-        public static string Sign(string data, string privateKey, string charset)
+        public static string Sign(string data, string privateKey)
         {
             if (string.IsNullOrEmpty(data))
             {
@@ -18,19 +18,14 @@ namespace Essensoft.AspNetCore.Payment.Security
                 throw new ArgumentNullException(nameof(privateKey));
             }
 
-            if (string.IsNullOrEmpty(charset))
-            {
-                throw new ArgumentNullException(nameof(charset));
-            }
-
             using (var rsa = RSA.Create())
             {
                 rsa.ImportRSAPrivateKey(Convert.FromBase64String(privateKey), out var _);
-                return Convert.ToBase64String(rsa.SignData(InternalEncoding.GetEncoding(charset).GetBytes(data), HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1));
+                return Convert.ToBase64String(rsa.SignData(Encoding.UTF8.GetBytes(data), HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1));
             }
         }
 
-        public static bool Verify(string data, string sign, string publicKey, string charset)
+        public static bool Verify(string data, string sign, string publicKey)
         {
             if (string.IsNullOrEmpty(data))
             {
@@ -47,20 +42,20 @@ namespace Essensoft.AspNetCore.Payment.Security
                 throw new ArgumentNullException(nameof(publicKey));
             }
 
-            if (string.IsNullOrEmpty(charset))
-            {
-                throw new ArgumentNullException(nameof(charset));
-            }
-
             using (var rsa = RSA.Create())
             {
                 rsa.ImportSubjectPublicKeyInfo(Convert.FromBase64String(publicKey), out var _);
-                return rsa.VerifyData(InternalEncoding.GetEncoding(charset).GetBytes(data), Convert.FromBase64String(sign), HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
+                return rsa.VerifyData(Encoding.UTF8.GetBytes(data), Convert.FromBase64String(sign), HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
             }
         }
 
-        public static string Sign(this RSA rsa, string data)
+        public static string Sign(RSA rsa, string data)
         {
+            if (rsa == null)
+            {
+                throw new ArgumentNullException(nameof(rsa));
+            }
+
             if (string.IsNullOrEmpty(data))
             {
                 throw new ArgumentNullException(nameof(data));
@@ -69,8 +64,13 @@ namespace Essensoft.AspNetCore.Payment.Security
             return Convert.ToBase64String(rsa.SignData(Encoding.UTF8.GetBytes(data), HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1));
         }
 
-        public static bool Verify(this RSA rsa, string data, string sign)
+        public static bool Verify(RSA rsa, string data, string sign)
         {
+            if (rsa == null)
+            {
+                throw new ArgumentNullException(nameof(rsa));
+            }
+
             if (string.IsNullOrEmpty(data))
             {
                 throw new ArgumentNullException(nameof(data));

src/Essensoft.AspNetCore.Payment.WeChatPay/Extensions/HttpClientExtensions.cs

@@ -154,7 +154,7 @@ namespace Essensoft.AspNetCore.Payment.WeChatPay.Extensions
             var timestamp = WeChatPayUtility.GetTimeStamp();
             var nonce = WeChatPayUtility.GenerateNonceStr();
             var message = BuildMessage(method, uri, timestamp, nonce, body);
-            var signature = options.CertificateRSAPrivateKey.Sign(message);
+            var signature = SHA256WithRSA.Sign(options.CertificateRSAPrivateKey, message);
 
             return $"mchid=\"{options.MchId}\",nonce_str=\"{nonce}\",timestamp=\"{timestamp}\",serial_no=\"{options.CertificateSerialNo}\",signature=\"{signature}\"";
         }

src/Essensoft.AspNetCore.Payment.WeChatPay/V3/Request/WeChatPayAppSdkRequest.cs

@@ -53,7 +53,7 @@ namespace Essensoft.AspNetCore.Payment.WeChatPay.V3.Request
             sortedTxtParams.Add(WeChatPayConsts.timestamp, WeChatPayUtility.GetTimeStamp());
 
             var signatureSourceData = BuildSignatureSourceData(sortedTxtParams);
-            sortedTxtParams.Add(WeChatPayConsts.sign, options.CertificateRSAPrivateKey.Sign(signatureSourceData));
+            sortedTxtParams.Add(WeChatPayConsts.sign, SHA256WithRSA.Sign(options.CertificateRSAPrivateKey, signatureSourceData));
         }
 
         private static string BuildSignatureSourceData(WeChatPayDictionary sortedTxtParams)

src/Essensoft.AspNetCore.Payment.WeChatPay/V3/Request/WeChatPayJsApiSdkRequest.cs

@@ -42,7 +42,7 @@ namespace Essensoft.AspNetCore.Payment.WeChatPay.V3.Request
             sortedTxtParams.Add(WeChatPayConsts.signType, WeChatPayConsts.RSA);
 
             var signatureSourceData = BuildSignatureSourceData(sortedTxtParams);
-            sortedTxtParams.Add(WeChatPayConsts.paySign, options.CertificateRSAPrivateKey.Sign(signatureSourceData));
+            sortedTxtParams.Add(WeChatPayConsts.paySign, SHA256WithRSA.Sign(options.CertificateRSAPrivateKey, signatureSourceData));
         }
 
         private static string BuildSignatureSourceData(WeChatPayDictionary sortedTxtParams)

src/Essensoft.AspNetCore.Payment.WeChatPay/V3/Request/WeChatPayMiniProgramSdkRequest.cs

@@ -42,7 +42,7 @@ namespace Essensoft.AspNetCore.Payment.WeChatPay.V3.Request
             sortedTxtParams.Add(WeChatPayConsts.signType, WeChatPayConsts.RSA);
 
             var signatureSourceData = BuildSignatureSourceData(sortedTxtParams);
-            sortedTxtParams.Add(WeChatPayConsts.paySign, options.CertificateRSAPrivateKey.Sign(signatureSourceData));
+            sortedTxtParams.Add(WeChatPayConsts.paySign, SHA256WithRSA.Sign(options.CertificateRSAPrivateKey, signatureSourceData));
         }
 
         private static string BuildSignatureSourceData(WeChatPayDictionary sortedTxtParams)

src/Essensoft.AspNetCore.Payment.WeChatPay/WeChatPayClient.cs

@@ -361,7 +361,7 @@ namespace Essensoft.AspNetCore.Payment.WeChatPay
             var cert = await LoadPlatformCertificateAsync(serial, options);
             var signatureSourceData = BuildSignatureSourceData(timestamp, nonce, body);
 
-            if (!cert.GetRSAPublicKey().Verify(signatureSourceData, signature))
+            if (!SHA256WithRSA.Verify(cert.GetRSAPublicKey(), signatureSourceData, signature))
             {
                 throw new WeChatPayException("sign check fail: check Sign and Data Fail!");
             }

src/Essensoft.AspNetCore.Payment.WeChatPay/WeChatPayNotifyClient.cs

@@ -204,7 +204,7 @@ namespace Essensoft.AspNetCore.Payment.WeChatPay
             var cert = await LoadPlatformCertificateAsync(serial, options);
             var signatureSourceData = BuildSignatureSourceData(timestamp, nonce, body);
 
-            if (!cert.GetRSAPublicKey().Verify(signatureSourceData, signature))
+            if (!SHA256WithRSA.Verify(cert.GetRSAPublicKey(), signatureSourceData, signature))
             {
                 throw new WeChatPayException("sign check fail: check Sign and Data Fail!");
             }