前言:公司项目对接了一个对数据保密性要求较高的java公司。api接口逻辑是这样的:他们提供 SHA1私钥 与 AES的秘钥。我们需要将 传递查询参数 通过SHA1 私钥加密再转换成 十六进制 字符串。传递查询参数 再通过 AES秘钥 加密转换成十六进制 字符串。
查询结果 也是一个十六进制字符串 需要转换成 byte 数组 再通过AES秘钥解密成 返回数据。
后面转换接口都需要十六进制字符串与byte数组 相互转换。这个具体得看开发者自己的接口要求了。我这边的项目要求 就是数据传递用十六进制字符串比较多。
1.十六进制字符串转换成byte数组
/// <summary>
/// 十六进制字符串换成byte数组转
/// </summary>
/// <param name="byteArray"></param>
/// <returns></returns>
private static byte[] HexStringToByteArray(string s)
{
s = s.Replace(" ", "");
byte[] buffer = new byte[s.Length / 2];
for (int i = 0; i < s.Length; i += 2)
{
buffer[i / 2] = (byte)Convert.ToByte(s.Substring(i, 2), 16);
}
return buffer;
}
2.byte数组转换成十六进制字符串
/// <summary>
/// byte数组转换成十六进制字符串
/// </summary>
/// <param name="byteArray"></param>
/// <returns></returns>
private string bytesToHexStr(byte[] byteArray)
{
StringBuilder sb = new StringBuilder();
foreach (byte b in byteArray)
{
sb.Append(b.ToString("X2"));
}
return sb.ToString();
}
一、privateKey私钥转换成xml
.net的RSA仅仅支持 xml格式。第一步需要将java那边提供的SHA1私钥转换成xml格式
/// <summary>
/// 私钥=>十六进制字符串转换成xml
/// </summary>
/// <param name="privateKey"></param>
/// <returns></returns>
private static string RSAPrivateKeyJava2DotNet(string privateKey)
{
RsaPrivateCrtKeyParameters privateKeyParam = (RsaPrivateCrtKeyParameters)PrivateKeyFactory.CreateKey(HexStringToByteArray(privateKey));
return string.Format("<RSAKeyValue><Modulus>{0}</Modulus><Exponent>{1}</Exponent><P>{2}</P><Q>{3}</Q><DP>{4}</DP><DQ>{5}</DQ><InverseQ>{6}</InverseQ><D>{7}</D></RSAKeyValue>",
Convert.ToBase64String(privateKeyParam.Modulus.ToByteArrayUnsigned()),
Convert.ToBase64String(privateKeyParam.PublicExponent.ToByteArrayUnsigned()),
Convert.ToBase64String(privateKeyParam.P.ToByteArrayUnsigned()),
Convert.ToBase64String(privateKeyParam.Q.ToByteArrayUnsigned()),
Convert.ToBase64String(privateKeyParam.DP.ToByteArrayUnsigned()),
Convert.ToBase64String(privateKeyParam.DQ.ToByteArrayUnsigned()),
Convert.ToBase64String(privateKeyParam.QInv.ToByteArrayUnsigned()),
Convert.ToBase64String(privateKeyParam.Exponent.ToByteArrayUnsigned()));
}
二、c#SHA1加密
数据转换过程中 套有一个md5加密MD5Encrypt(都是按照乙方java的加密规则写的 我也觉得很繁琐)
/// <summary>
/// ASYMMETRY_ALGORITHM 加密类 SHA1
/// </summary>
/// <param name="signaturePrivateKey"></param>
/// <param name="signatureData">请求参数</param>
/// <returns></returns>
private string signature(string signaturePrivateKey, string signatureData)
{
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
var privateJavaKey = signaturePrivateKey;
var privateCSharpKey = RSAPrivateKeyJava2DotNet(privateJavaKey);
rsa.FromXmlString(privateCSharpKey);
var md5 = MD5Encrypt(signatureData);
byte[] signatureBytes = rsa.SignData(Encoding.UTF8.GetBytes(md5), "SHA1");
var hexStr = bytesToHexStr(signatureBytes);
return hexStr;
}
MD5Encrypt
/// <summary>
/// 用MD5加密字符串
/// </summary>
/// <param name="jsonData">待加密的字符串</param>
/// <returns></returns>
public string MD5Encrypt(string jsonData)
{
MD5CryptoServiceProvider md5Hasher = new MD5CryptoServiceProvider();
byte[] hashedDataBytes;
hashedDataBytes = md5Hasher.ComputeHash(Encoding.GetEncoding("gb2312").GetBytes(jsonData));
StringBuilder tmp = new StringBuilder();
foreach (byte i in hashedDataBytes)
{
tmp.Append(i.ToString("x2"));
}
return tmp.ToString();
}
三、AES加密
/// <summary>
/// AES解密
/// </summary>
/// <param name="signaturePrivateKey"></param>
/// <param name="signatureData"></param>
/// <returns></returns>
private string decrypt(string key, string str)
{
if (string.IsNullOrEmpty(str)) return null;
Byte[] toEncryptArray = HexStringToByteArray(str); RijndaelManaged rm = new RijndaelManaged
{
Key = HexStringToByteArray(key),
Mode = CipherMode.ECB,
Padding = PaddingMode.PKCS7
}; ICryptoTransform cTransform = rm.CreateDecryptor();
Byte[] resultArray = cTransform.TransformFinalBlock(toEncryptArray, 0, toEncryptArray.Length); return Encoding.UTF8.GetString(resultArray);
}
四、请求接口获取返回数据
public objcet callIntegrateService()
{
var date = DateTime.Now;
var startTime = Convert.ToDateTime(date.ToString("yyyy-MM-dd") + " 00:00:00");
var endTime = date;
var logstart = ConvertDateTimeInt(startTime);//datetime转换成时间戳Unix
var logend = ConvertDateTimeInt(endTime);
//var jsonData = "{}";
var jsonData ="{ startTime: \"" + logstart + "\",endTime:\"" + logend + "\" }";
var url = base_url + "/getProjectAttendanceDetail";
string signature = getSignatrue(jsonData);
string encryptData = encrypt(secretKey, jsonData);
var param = "{ clientSerial:\""+ clientSerial + "\",projectId:\"" + projectId + "\",jsonData:\"" + encryptData + "\",signature:\"" + signature + "\" }";
var result= webPost(url, param);
var objresult = JsonConvert.DeserializeObject<request>(result);
var response = objresult.response;
var data = decrypt(secretKey, response);
var objdata = JsonConvert.DeserializeObject(data);
return objdata;
}
五、解密返回数据
AES解密
/// <summary>
/// AES解密
/// </summary>
/// <param name="signaturePrivateKey"></param>
/// <param name="signatureData"></param>
/// <returns></returns>
private string decrypt(string key, string str)
{
if (string.IsNullOrEmpty(str)) return null;
Byte[] toEncryptArray = HexStringToByteArray(str); RijndaelManaged rm = new RijndaelManaged
{
Key = HexStringToByteArray(key),
Mode = CipherMode.ECB,
Padding = PaddingMode.PKCS7
}; ICryptoTransform cTransform = rm.CreateDecryptor();
Byte[] resultArray = cTransform.TransformFinalBlock(toEncryptArray, 0, toEncryptArray.Length); return Encoding.UTF8.GetString(resultArray);
}