//用于高德调用商家,数据已经替换敏感数据,所以运行会验证失败
//请拿实际参数代入
private static String getSignContent(Dictionary<String, String> paramMap) { StringBuilder content = new StringBuilder(); List<String> keys = new List<string>(paramMap.Keys); // 将参数集合排序 //Collections.sort(); keys.Sort(); for (int i = 0; i < keys.Count; i++) { String key = keys[i]; //排除不需要参与签名的公共参数 if ("sign_type"==(key) || "sign" == (key) || "need_encrypt" == (key)) { continue; } String value = paramMap[key]; // 拼装所有非空参数 if ( !string.IsNullOrWhiteSpace(key) && !string.IsNullOrWhiteSpace(value) ) { content.Append(i == 0 ? "" : "&").Append(key).Append("=").Append(value); } } return content.ToString(); } public static void VerifyData() { Dictionary<String, String> params1 = new Dictionary<String, String>(); params1.Add("utc_timestamp", "1689818159186");//1 params1.Add("version", "1.0");//1 params1.Add("charset", "UTF-8");//1 params1.Add("sign_type", "RSA2");//1 params1.Add("method", "amap.brand.vip.getInfo");//1 params1.Add("sign", "lh+PBMhVxwdhNXsICd4u+JcMIZA6Gu1ly8cGuCijihs7oFtVcSBMAC6l2PSNPdniDRIjct8Tt+SzIHeNp0mFwZgjZMf1Q6JzZX6x2Ig/UnCl7IO4tMCUDJI6H/4GvEsYGNg+6CW/MgvwFrFlpij9aRs1uCDh8ghh68MW2GIwWjPR0VYEc1qOvb7Dx37RrirPDz44+PPl6T5WVcMCYMCgfhvK3lUrwAWMSA5GCdunZQ9hh6TiTHxv4bN5QK7C1zesUYs2NhsUXS4P52UdQ5L3zkiafQIoCfnT2Lf2ps/HTLd8jeyYX9Nreae3lyxBVl/wkhQim8Ez6Cqu7emq3TlAiA=="); //1 params1.Add("app_id", "保密,请从高德控制台获取");//1 params1.Add("biz_content", "{\"channel\":\"amap\",\"mobile\":\"18881341816\",\"requestId\":\"amap-168981815918497509168272711\",\"storeNo\":\"HHHL220008\",\"vipId\":\"\"}");//1 var sigeStr = getSignContent(params1); var publicKey = LoadPublicKey(@"C:\public.pem"); byte[] messageAsByte = Encoding.GetEncoding("UTF-8").GetBytes(sigeStr) ; byte[] sig256 = Convert.FromBase64String(params1["sign"]); var verify256 = publicKey.VerifyData(messageAsByte, CryptoConfig.MapNameToOID("SHA256"), sig256); //var verify512 = publicKey.VerifyData(messageAsByte, CryptoConfig.MapNameToOID("SHA512"), sig512); Console.WriteLine("Signature verify 256: " + verify256); //Console.WriteLine("Signature verify 512: " + verify512); Console.ReadKey(); } public static RSACryptoServiceProvider LoadPublicKey(String path) { System.IO.StreamReader fileStream = File.OpenText(path); PemReader pemReader = new PemReader(fileStream); AsymmetricKeyParameter KeyParameter = (AsymmetricKeyParameter)pemReader.ReadObject(); RSAParameters rsaParams = DotNetUtilities.ToRSAParameters((RsaKeyParameters)KeyParameter); RSACryptoServiceProvider csp = new RSACryptoServiceProvider();// cspParams); csp.ImportParameters(rsaParams); return csp; }
public.pem文件为 :
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpYnE+cLvHzTgv5KE******************************iKG3gjXD2lMW0SARwzq1sV4+aMz3vhYnMdD9igfkJI4EXtJFsOmzfNezdmP7D9jSgkXcrVEDDEPnqMP+fRLFT01O4JCQyJ9u02fIcVpBEQShOVDZZtTYM/6lMOKpPYcHh93at++XhqJc19j8btw+UJOWvf9MajYsT5CAcHX0gJbGtbIepW9Lqr+XkCMzg3HHQ5ZLoHfkLqt7Z6/klN/D1oNMfKVpLzyktPBzFfO9nmeWq11DPeIYmFtp+CBFJ0uRDSrQAclZs178ZbyonYkIhlf628F1MEaOVkSW7t3WbJkb9MQb/xwIDAQAB
-----END PUBLIC KEY-----
参考链接:
https://stackoverflow.com/questions/59722926/fail-to-match-sha256withrsa-signature-from-java-on-net-c-sharp