由于项目要上架华为云saas,特此记录开发中遇到的问题
1,验证authToken
根据官方的说明
Dictionary<string, string> paramsMap = new Dictionary<string, string>();//需要字典排序,用字典接受数据 if (!string.IsNullOrEmpty(activity)) { paramsMap.Add("activity", activity); }
......
对数据进行解析
//解析出url内容 string timeStamp = paramsMap["timeStamp"];//下面要用 string authToken = paramsMap["authToken"]; //对剩下的参数进行排序,拼接成加密内容 SortedDictionary<string, string> sortedMap = new SortedDictionary<string, string>(paramsMap); sortedMap.Remove("authToken");//去除token, StringBuilder strBuffer = new StringBuilder();//拼接数据 foreach (KeyValuePair<string, string> kvp in sortedMap) { strBuffer.Append("&").Append(kvp.Key).Append("=").Append(kvp.Value); } string macKey=key+timeStamp ;//商家中心的key加上时间 //修正消息体,去除第一个参数前面的 string reqParams = strBuffer.ToString().Substring(1); byte[] keyByte = Encoding.Default.GetBytes(macKey); byte[] messageBytes = Encoding.UTF8.GetBytes(reqParams ); string signature="";//解析后的值 using (var hmacsha256 = new HMACSHA256(keyByte)) { byte[] hashmessage = hmacsha256.ComputeHash(messageBytes); signature= Convert.ToBase64String(hashmessage) } //判断authToken == signature是否相同,相同就代表token正确
解析手机号 之类的的 加密信息
accesskey的值不是你在商家信息里面的key了,是
encryptAESCBC后的key,
1,先根据华为云在线java代码生成key,然后拿这个key再加解密,【不要用卖家中心的key】
1) 在Application.java 里的main方法里添加
import com.examples.util.IsvProduceAPI;//引入
IsvProduceAPI.encryptContent("阿吧阿吧", "华为云卖家中心key", 1);执行
2)在IsvProduceAP.java 里encryptAESCBC方法里打印key,在SecretKey key = keyGenerator.generateKey();后面加上两行代码
byte[] enCodeFormat=key.getEncoded();
System.out.println(base_64(enCodeFormat));
3)运行在线java代码 打印出JavaKeyGenCode,之后拿这个key进行加解密
解析华为传过来的结果
首先是16位数的iv值, 比如我传入的值是text
那么
string iv = text.Substring(0, 16);
string JavaKeyGenCode = "操作后的key"; RijndaelManaged rijndaelCipher = new RijndaelManaged(); rijndaelCipher.Mode = CipherMode.CBC; rijndaelCipher.Padding = PaddingMode.PKCS7; rijndaelCipher.KeySize = keySize; byte[] encryptedData = Convert.FromBase64String(text.Substring(16)); byte[] keyBytes = Convert.FromBase64String(JavaKeyGenCode); rijndaelCipher.Key = keyBytes; byte[] ivBytes = Encoding.UTF8.GetBytes(iv); rijndaelCipher.IV = ivBytes; ICryptoTransform transform = rijndaelCipher.CreateDecryptor(rijndaelCipher.Key, rijndaelCipher.IV); byte[] plainText = transform.TransformFinalBlock(encryptedData, 0, encryptedData.Length); string aa= Encoding.UTF8.GetString(plainText);//这个就是结果
返回给华为云的数据,
要加密
string iv = Guid.NewGuid().ToString().Replace("-", "").Substring(0, 16);//自定义iv
key = "运行之后的key"; RijndaelManaged rijndaelCipher = new RijndaelManaged(); rijndaelCipher.Mode = CipherMode.CBC; rijndaelCipher.Padding = PaddingMode.PKCS7; rijndaelCipher.KeySize = 256; byte[] pwdBytes = Convert.FromBase64String(key); rijndaelCipher.Key = pwdBytes; byte[] ivBytes = Encoding.UTF8.GetBytes(iv); rijndaelCipher.IV = ivBytes; ICryptoTransform transform = rijndaelCipher.CreateEncryptor(); byte[] plainText = Encoding.UTF8.GetBytes(text); byte[] cipherBytes = transform.TransformFinalBlock(plainText, 0, plainText.Length); return Convert.ToBase64String(cipherBytes);