更新敏感数据解密密钥

修复商户进件签约成功，保存商户Id问题

AppStart/Helper/AlipayPayBackService.cs

@@ -33,29 +33,42 @@ namespace MySystem
                 string content = RedisDbconn.Instance.RPop<string>("PayCallBack");
                 if (!string.IsNullOrEmpty(content))
                 {
-                    JsonData jsonObj = JsonMapper.ToObject(content);
-                    string OrderNo = jsonObj["out_trade_no"].ToString();
-                    string TradeNo = jsonObj["transaction_id"].ToString();
-                    decimal TotalFee = decimal.Parse(function.CheckNum(jsonObj["total_fee"].ToString()));
-                    WebCMSEntities db = new WebCMSEntities();
-                    ConsumerOrderForNo forNo = db.ConsumerOrderForNo.FirstOrDefault(m => m.OrderNo == OrderNo);
-                    if (forNo != null)
+                    bool pass = true;
+                    string[] datalist = content.Split(new string[] { "#cut#" }, StringSplitOptions.None);
+                    JsonData jsonObj = JsonMapper.ToObject(datalist[1]);
+                    string OrderNo = "";
+                    if(datalist[0] == "wechat")
                     {
-                        ConsumerOrders order = db.ConsumerOrders.FirstOrDefault(m => m.Id == forNo.OrderIds && m.Status == 0);
-                        if (order != null)
+                        if(jsonObj["event_type"].ToString() != "TRANSACTION.SUCCESS")
                         {
-                            order.Status = 1;
-                            order.UpdateDate = DateTime.Now;
-                            order.PayMoney = order.PayMoney;
-                            order.MaxDivi = order.MaxDivi;
-                            db.SaveChanges();
-                            RedisDbconn.Instance.AddList("ConsumerOrdersStat", order.Id);
-                            RedisDbconn.Instance.AddList("ConsumerOrders:Divi:List", order.Id.ToString());
-                            RedisDbconn.Instance.AddRightList("ConsumerOrders:Divi:" + order.MerchantId, order);
-                            // ConsumerOrdersStatService.Instance.Stat(order);
+                            pass = false;
                         }
+                        string ciphertext = jsonObj["resource"]["ciphertext"].ToString();
+                        
+                        OrderNo = "";
+                    }
+                    if(pass)
+                    {
+                        WebCMSEntities db = new WebCMSEntities();
+                        ConsumerOrderForNo forNo = db.ConsumerOrderForNo.FirstOrDefault(m => m.OrderNo == OrderNo);
+                        if (forNo != null)
+                        {
+                            ConsumerOrders order = db.ConsumerOrders.FirstOrDefault(m => m.Id == forNo.OrderIds && m.Status == 0);
+                            if (order != null)
+                            {
+                                order.Status = 1;
+                                order.UpdateDate = DateTime.Now;
+                                order.PayMoney = order.PayMoney;
+                                order.MaxDivi = order.MaxDivi;
+                                db.SaveChanges();
+                                RedisDbconn.Instance.AddList("ConsumerOrdersStat", order.Id);
+                                RedisDbconn.Instance.AddList("ConsumerOrders:Divi:List", order.Id.ToString());
+                                RedisDbconn.Instance.AddRightList("ConsumerOrders:Divi:" + order.MerchantId, order);
+                                // ConsumerOrdersStatService.Instance.Stat(order);
+                            }
+                        }
+                        db.Dispose();
                     }
-                    db.Dispose();
                 }
                 else
                 {

AppStart/Helper/CheckWeChatSignService.cs

@@ -57,6 +57,7 @@ namespace MySystem
                     if (merchantadd != null)
                     {
                         merchantadd.Status = 1;
+                        merchantadd.SubMchid = dic["sub_mchid"].ToString();
                         string SignUrlList = function.CheckNull(merchantadd.SeoKeyword);
                         if (string.IsNullOrEmpty(SignUrlList))
                         {
@@ -82,6 +83,7 @@ namespace MySystem
                     if (merchantadd != null)
                     {
                         merchantadd.Status = 2;
+                        merchantadd.SubMchid = dic["sub_mchid"].ToString();
                         RedisDbconn.Instance.Set("MerchantAddInfo:" + sign.MerchantAddInfoId, merchantadd);
                         PxcModels.MerchantInfo merchant = db.MerchantInfo.FirstOrDefault(m => m.Id == sign.MerchantAddInfoId);
                         if (merchantadd.Status == 2 && merchantadd.QueryCount == 2)

AppStart/Helper/WeChatPayBackService.cs

@@ -95,13 +95,12 @@ namespace MySystem
         private string ALGORITHM = "AES/GCM/NoPadding";
         private int TAG_LENGTH_BIT = 128;
         private int NONCE_LENGTH_BYTE = 12;
-        private string AES_KEY = "VyULlqfAW2gBfCNfLdupcL7zlha7d93F";//你的v3秘钥
 
         public string AesGcmDecrypt(string associatedData, string nonce, string ciphertext)
         {
             GcmBlockCipher gcmBlockCipher = new GcmBlockCipher(new AesEngine());
             AeadParameters aeadParameters = new AeadParameters(
-                new KeyParameter(Encoding.UTF8.GetBytes(AES_KEY)),
+                new KeyParameter(Encoding.UTF8.GetBytes(AppConfig.WeChatParam.AesGemKey)),
                 128,
                 Encoding.UTF8.GetBytes(nonce),
                 Encoding.UTF8.GetBytes(associatedData));

AppStart/WeChatFunction.cs

@@ -9,6 +9,9 @@ using System.Text;
 using System.IO;
 using System.Net;
 using MySystem.PxcModels;
+using Org.BouncyCastle.Crypto.Modes;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Engines;
 
 namespace MySystem
 {
@@ -322,6 +325,47 @@ namespace MySystem
                 }
             }
         }
+        // public string RSADecrypt(string text)
+        // {
+        //     // byte[] key = Encoding.UTF8.GetBytes(AppConfig.WeChatParam.AesGemKey);
+        //     // byte[] nonce = Encoding.UTF8.GetBytes("1234567890ab");
+        //     // byte[] ciphertext = Convert.FromBase64String(text);
+
+        //     // AesGcm aes = new AesGcm(key);
+        //     // byte[] plaintext = new byte[ciphertext.Length];
+        //     // aes.Decrypt(nonce, ciphertext, plaintext, null);
+        //     // return Encoding.UTF8.GetString(plaintext);
+        // }
+        public string AesGcmDecrypt(string associatedData, string nonce, string ciphertext)
+        {
+            // GcmBlockCipher gcmBlockCipher = new GcmBlockCipher(new AesEngine());
+            // AeadParameters aeadParameters = new AeadParameters(
+            //     new KeyParameter(Encoding.UTF8.GetBytes(AppConfig.WeChatParam.AesGemKey)), 
+            //     128, 
+            //     Encoding.UTF8.GetBytes(nonce), 
+            //     Encoding.UTF8.GetBytes(associatedData));
+            // gcmBlockCipher.Init(false, aeadParameters);
+    
+            // byte[] data = Convert.FromBase64String(ciphertext);
+            // byte[] plaintext = new byte[gcmBlockCipher.GetOutputSize(data.Length)];
+            // int length = gcmBlockCipher.ProcessBytes(data, 0, data.Length, plaintext, 0);
+            // gcmBlockCipher.DoFinal(plaintext, length);
+            // return Encoding.UTF8.GetString(plaintext);
+
+            byte[] key = Encoding.UTF8.GetBytes(AppConfig.WeChatParam.AesGemKey); // 256-bit key
+            byte[] nonceByte = Encoding.UTF8.GetBytes(nonce); // 96-bit nonce
+            byte[] cipherByte = Convert.FromBase64String(ciphertext);
+            byte[] associatedByte = Encoding.UTF8.GetBytes(associatedData);
+
+            GcmBlockCipher cipher = new GcmBlockCipher(new AesEngine());
+            AeadParameters parameters = new AeadParameters(new KeyParameter(key), 128, nonceByte, associatedByte);
+            cipher.Init(false, parameters);
+
+            byte[] plaintext = new byte[cipher.GetOutputSize(cipherByte.Length)];
+            int len = cipher.ProcessBytes(cipherByte, 0, cipherByte.Length, plaintext, 0);
+            cipher.DoFinal(plaintext, len);
+            return Encoding.UTF8.GetString(plaintext);
+        }
         public string postJson(string url, string postData, string privateKey, string merchantId, string serialNo, string method = "POST")
         {
             HttpWebRequest request = (HttpWebRequest)WebRequest.Create(url);

Config/WeChatParam.cs

@@ -0,0 +1,10 @@
+using System.Collections.Generic;
+using Library;
+
+namespace AppConfig
+{
+    public class WeChatParam
+    {
+        public static string AesGemKey = "Vs64HGFxAjN7Nc3MYvNEDRDUx3MEQCvt";
+    }
+}

Controllers/HomeController.cs

@@ -47,6 +47,13 @@ namespace MySystem.Controllers
             }
             return View();
         }
+
+        public string test()
+        {
+            string content = "4fGrZ4FwfDEeWp7nPtemBu+FDX81kmHC8nUTb5br0DuctbJSV02UkXkWIylMCEIAGPvE8aprqa0uq2smcHR7YGKv2y8rG/7Gl9QQope2HIZwqtTA4Mgqcl5OfHeDBWAg6QJpL+YmV4Kt9APoZGB/f2iFev+OIUhWAFJS17ev04TPRwlqZ8baAzdIDy31YlDXLd/HlkIj3JdsxlcUwwDtKYGex3412CsyYxjUp7G2W18QEej0WQAnoQxxkP1zA98BQrmTIf4Mwnv5gCe+Wjxk1Ypprh23jHPvWsNesxwMCJSjAylqNLLlXvfJ/F86noL33A9NcavVUXEmbqdVipI5Y9BTXL0OiPCLCDkGvpTFWD8D9VbDjVu9mouMYSWmllWOyz4g6OUKbxE+mUS1J5wLTtiCWn+K7Q37gdIYQheAMj0a4g5SXxOAVFgg0GSFxGeEOpgsd0nXb3OfmU2GKWv1urXP7MPGVg/9QCMyi4YrHE5pSbbCrTybLncf7dNn4SLd3qHpd+sMugRWEjKYe7LD2Wz9Zul5UYg5o+Oz71vIRWCGHNNZEKSD2yjLfyZoBc3RB6pZY0B9HlykNkzfb6t5KpMWj+hxvTyVxYJm12eS06OSS+dAi4VUd50gkG3yo23qsNoZiOlag/hR4Q==";
+            string txt = new WeChatFunction().AesGcmDecrypt("transaction", "5QQ7PFFvBmmY", content);
+            return txt;
+        }
     
     }
 }

Startup.cs

@@ -171,9 +171,9 @@ namespace MySystem
             });
 
             //必须打开的
-            MerchantConfirmService.Instance.Start();
-            CheckWeChatSignService.Instance.Start();
-            ProfitHelper.Instance.StartListenTrade();
+            // MerchantConfirmService.Instance.Start();
+            // CheckWeChatSignService.Instance.Start();
+            // ProfitHelper.Instance.StartListenTrade();
             //必须打开的
         }
     }