.net core 使用X509 私钥加密请求

1.获取证书路径

            var basePath = _environment.ContentRootPath;
            //商户私钥证书，用于对请求报文进行签名
            var tempSignCert = new X509Certificate2(basePath + @"\Cert\test.p12", "111111");

2.数据加密

.net core 中使用gbk encoding需要调用Encoding.RegisterProvider(CodePagesEncodingProvider.Instance);

nuget包中使用System.Text.Encoding.CodePages

  Encoding.RegisterProvider(CodePagesEncodingProvider.Instance);
  var sha1 = SHA1.Create();
            var msg = sha1.ComputeHash(Encoding.GetEncoding("GBK").GetBytes(signeText));
            var signature = tempSignCert.GetRSAPrivateKey().SignHash(msg, HashAlgorithmName.SHA1, RSASignaturePadding.Pkcs1);
            signeText = ToHex(signature);
            //todo 字段加密拼装
            var data= Encoding.GetEncoding("GBK").GetBytes(str);

private static string ToHex(byte[] ba)
        {
            if (ba == null) return "";
            var buf = new char[ba.Length * 2];

            var p = 0;
            foreach (var b in ba)
            {
                buf[p++] = HexChars[b >> 4];
                buf[p++] = HexChars[b & 0x0f];
            }
            return new string(buf);
        }

3.HttpClient请求，在handler里添加X509Certificate2 证书，数据data是byte[]类型，所以需要使用ByteArrayContent传入。

var handler = new HttpClientHandler
{
    ClientCertificateOptions = ClientCertificateOption.Manual,
    SslProtocols = SslProtocols.Tls12
};
handler.ClientCertificates.Add(tempSignCert);
handler.SslProtocols = SslProtocols.Tls12 | SslProtocols.Tls11 | SslProtocols.Tls;
handler.ServerCertificateCustomValidationCallback = (message, cert, chain, errors) => true;

using (var client = new HttpClient(handler))
{
    var httpContent = new ByteArrayContent(data);               
    var response = await client.PostAsync(url, httpContent);
    var str = await response.Content.ReadAsStringAsync();
    //todo 处理数据
}   

以上。：）