Home Explore Help
Register Sign In
Apq
/
paylink
mirror of https://github.com/essensoft/paylink.git
1
0
Fork 0
Files Issues 0 Wiki
Tree: 65a0e8dc32
Branches Tags
paylink
/
src
/
Essensoft.AspNetCore.Payment.LianLianPay
/
Utility
/
LianLianPaySecurity.cs

LianLianPaySecurity.cs 4.0 KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798 
  1. using System;
    2. 

  2. using System.Collections.Generic;
    3. 

  3. using System.Text;
    4. 

  4. using Essensoft.AspNetCore.Payment.Security;
    5. 

  5. using Org.BouncyCastle.Crypto;
    6. 

  6. 

  7. namespace Essensoft.AspNetCore.Payment.LianLianPay.Utility
    8. 

  8. {
    9. 

  9.     public class LianLianPaySecurity
    10. 

  10.     {
    11. 

  11.         public static string GetSignContent(LianLianPayDictionary para, List<string> exclude = null)
    12. 

  12.         {
    13. 

  13.             if (para == null || para.Count == 0)
    14. 

  14.             {
    15. 

  15.                 return string.Empty;
    16. 

  16.             }
    17. 

  17. 

  18.             var sb = new StringBuilder();
    19. 

  19.             foreach (var iter in para)
    20. 

  20.             {
    21. 

  21.                 if (exclude != null && exclude.Contains(iter.Key))
    22. 

  22.                 {
    23. 

  23.                     continue;
    24. 

  24.                 }
    25. 

  25. 

  26.                 if (!string.IsNullOrEmpty(iter.Value) && "sign" != iter.Key)
    27. 

  27.                 {
    28. 

  28.                     sb.Append(iter.Key).Append("=").Append(iter.Value).Append("&");
    29. 

  29.                 }
    30. 

  30.             }
    31. 

  31. 

  32.             return sb.Remove(sb.Length - 1, 1).ToString();
    33. 

  33.         }
    34. 

  34. 

  35.         public static string Encrypt(string plaintext, AsymmetricKeyParameter public_key)
    36. 

  36.         {
    37. 

  37.             var hmack_key = Guid.NewGuid().ToString("N");
    38. 

  38.             var version = "lianpay1_0_1";
    39. 

  39.             var aes_key = Guid.NewGuid().ToString("N");
    40. 

  40.             var nonce = Guid.NewGuid().ToString("N").Substring(0, 8);
    41. 

  41.             return LianlianpayEncrypt(plaintext, public_key, hmack_key, version, aes_key, nonce);
    42. 

  42.         }
    43. 

  43. 

  44.         public static string Decrypt(string ciphertext, AsymmetricKeyParameter private_key)
    45. 

  45.         {
    46. 

  46.             if (!string.IsNullOrEmpty(ciphertext))
    47. 

  47.             {
    48. 

  48.                 var ciphertextArry = ciphertext.Split('$');
    49. 

  49.                 var base64_encrypted_aes_key = ciphertextArry.Length > 2 ? ciphertextArry[2] : string.Empty;
    50. 

  50.                 var base64_nonce = ciphertextArry.Length > 3 ? ciphertextArry[3] : string.Empty;
    51. 

  51.                 var base64_ciphertext = ciphertextArry.Length > 4 ? ciphertextArry[4] : string.Empty;
    52. 

  52.                 return LianlianpayDecrypt(base64_ciphertext, base64_encrypted_aes_key, base64_nonce, private_key);
    53. 

  53.             }
    54. 

  54.             else
    55. 

  55.             {
    56. 

  56.                 return string.Empty;
    57. 

  57.             }
    58. 

  58.         }
    59. 

  59. 

  60.         private static string LianlianpayEncrypt(string req, AsymmetricKeyParameter public_key, string hmack_key, string version, string aes_key, string nonce)
    61. 

  61.         {
    62. 

  62.             var b64Hmack_key = RSA_ECB_OAEPWithSHA1AndMGF1Padding.Encrypt(hmack_key, public_key);
    63. 

  63.             var b64Aes_key = RSA_ECB_OAEPWithSHA1AndMGF1Padding.Encrypt(aes_key, public_key);
    64. 

  64.             var b64Nonce = Convert.ToBase64String(Encoding.UTF8.GetBytes(nonce));
    65. 

  65.             var iv = CreateCtrIv(Encoding.UTF8.GetBytes(nonce));
    66. 

  66.             var encry = AES_CTR_NoPadding.Encrypt(req, aes_key, iv);
    67. 

  67.             var message = b64Nonce + "$" + encry;
    68. 

  68.             var sign = HMACSHA256.Compute(Encoding.UTF8.GetBytes(message), Encoding.UTF8.GetBytes(hmack_key));
    69. 

  69.             var b64Sign = Convert.ToBase64String(sign);
    70. 

  70.             return version + "$" + b64Hmack_key + "$" + b64Aes_key + "$" + b64Nonce + "$" + encry + "$" + b64Sign;
    71. 

  71.         }
    72. 

  72. 

  73.         private static string LianlianpayDecrypt(string base64_ciphertext, string base64_encrypted_aes_key, string base64_nonce, AsymmetricKeyParameter trader_pri_key)
    74. 

  74.         {
    75. 

  75.             var key = RSA_ECB_OAEPWithSHA1AndMGF1Padding.Decrypt(base64_encrypted_aes_key, trader_pri_key);
    76. 

  76.             var nonce = Convert.FromBase64String(base64_nonce);
    77. 

  77.             var iv = CreateCtrIv(nonce);
    78. 

  78.             return AES_CTR_NoPadding.Decrypt(base64_ciphertext, key, iv);
    79. 

  79.         }
    80. 

  80. 

  81.         private static byte[] CreateCtrIv(byte[] nonce)
    82. 

  82.         {
    83. 

  83.             var counter = new byte[] { 0, 0, 0, 0, 0, 0, 0, 1 };
    84. 

  84.             var output = new byte[nonce.Length + counter.Length];
    85. 

  85. 

  86.             for (var i = 0; i < nonce.Length; ++i)
    87. 

  87.             {
    88. 

  88.                 output[i] = nonce[i];
    89. 

  89.             }
    90. 

  90.             for (var i = 0; i < counter.Length; ++i)
    91. 

  91.             {
    92. 

  92.                 output[i + nonce.Length] = counter[i];
    93. 

  93.             }
    94. 

  94. 

  95.             return output;
    96. 

  96.         }
    97. 

  97.     }
    98. 

  98. }
    99.