/// <summary>
/// 数据传到Hub之前进行数据解密
/// </summary>
/// <param name="context"></param>
/// <returns></returns>
protected override bool OnBeforeIncoming(IHubIncomingInvokerContext context)
{
//_canCrypto = CanCrypto(context.Hub.Context);
//if (!_canCrypto)
//{
// return base.OnBeforeIncoming(context);
//}
//数据解密
string facePublicKey = context.Hub.Context.Headers.Get(HttpHeaderNames.MesClientPublicKey);
if (string.IsNullOrEmpty(facePublicKey))
{
return(false);
}
_cryptor = new CommunicationCryptor(_ownPrivateKey, facePublicKey, _hashType);
if (context.Args.Count == 1)
{
string encrypt = (string)context.Args[0];
string json = _cryptor.DecryptAndVerifyData(encrypt);
IList <object> args = JsonConvert.DeserializeObject <IList <object> >(json);
context.Args.Clear();
IList <object> values = context.MethodDescriptor.Parameters.Zip(args, (desc, arg) => ResolveParameter(desc, arg)).ToList();
foreach (object arg in values)
{
context.Args.Add(arg);
}
}
return(base.OnBeforeIncoming(context));
}
private HttpResponseMessage DecryptResponse(HttpResponseMessage response)
{
if (!response.IsSuccessStatusCode)
{
return(response);
}
string data = response.Content.ReadAsStringAsync().Result;
if (string.IsNullOrEmpty(data))
{
return(response);
}
try
{
data = CommunicationCryptor.DecryptAndVerifyData(data, _clientPrivateKey, _hashType, _publicKey);
if (data == null)
{
throw new OBearException(Resources.Http_Security_Client_VerifyResponse_Failt);
}
HttpContent content = new StringContent(data);
content.Headers.ContentType = response.Content.Headers.ContentType;
response.Content = content;
return(response);
}
catch (Exception ex)
{
//HttpError error = new HttpError(Resources.Http_Seciruty_Client_DecryptResponse_Failt);
response = response.RequestMessage.CreateErrorResponse(HttpStatusCode.InternalServerError, Resources.Http_Seciruty_Client_DecryptResponse_Failt);
return(response);
}
}
/// <summary>
/// 数据传到Hub之前进行数据解密
/// </summary>
/// <param name="context"></param>
/// <returns></returns>
protected override bool OnBeforeIncoming(IHubIncomingInvokerContext context)
{
_canCrypto = CanCrypto(context.Hub.Context);
if (!_canCrypto)
{
return(base.OnBeforeIncoming(context));
}
//数据解密
string facePublicKey = context.Hub.Context.Headers.Get(HttpHeaderNames.OSharpClientPublicKey);
if (string.IsNullOrEmpty(facePublicKey))
{
return(false);
}
_cryptor = new CommunicationCryptor(_ownPrivateKey, facePublicKey, _hashType);
if (context.Args.Count == 1)
{
string encrypt = (string)context.Args[0];
string json = _cryptor.DecryptAndVerifyData(encrypt);
IList <object> args = JsonConvert.DeserializeObject <IList <object> >(json);
context.Args.Clear();
foreach (object arg in args)
{
context.Args.Add(arg);
}
}
return(base.OnBeforeIncoming(context));
}
private HttpResponseMessage EncryptResponse(HttpResponseMessage response)
{
if (!response.IsSuccessStatusCode)
{
return(response);
}
if (response.Content == null)
{
return(response);
}
string data = response.Content.ReadAsStringAsync().Result;
try
{
data = CommunicationCryptor.EncryptData(data, _privateKey, _publicKey, _hashType);
HttpContent content = new StringContent(data);
content.Headers.ContentType = response.Content.Headers.ContentType;
response.Content = content;
return(response);
}
catch (Exception)
{
HttpError error = new HttpError(Resources.Http_Security_Host_EncryptResponse_Failt);
return(response.RequestMessage.CreateErrorResponse(HttpStatusCode.BadRequest, error));
}
}
/// <summary>
/// 加密初始化
/// </summary>
/// <param name="facePublicKey">对方公钥</param>
/// <param name="hashType">摘要哈希方式,值必须为MD5或SHA1</param>
public void CryptoInitialize(string facePublicKey, string hashType)
{
if (_cryptor == null)
{
RsaHelper ownRsa = new RsaHelper();
Headers.Add(HttpHeaderNames.OSkyClientPublicKey, ownRsa.PublicKey);
_cryptor = new CommunicationCryptor(ownRsa.PrivateKey, facePublicKey, hashType);
}
}
/// <summary>
/// 使用服务端公钥初始化<see cref="ClientCryptoDelegatingHandler"/>类的新实例
/// </summary>
/// <param name="publicKey">服务端公钥</param>
/// <param name="hashType">签名哈希类型,必须为MD5或SHA1</param>
public ClientCryptoDelegatingHandler(string publicKey, string hashType = "MD5")
{
publicKey.CheckNotNullOrEmpty("publicKey");
hashType.CheckNotNullOrEmpty("hashType");
hashType = hashType.ToUpper();
hashType.Required(str => hashType == "MD5" || hashType == "SHA1", Resources.Http_Security_RSA_Sign_HashType);
RsaHelper rsa = new RsaHelper();
_cryptor = new CommunicationCryptor(rsa.PrivateKey, publicKey, hashType);
_clientPublicKey = rsa.PublicKey;
}
private Task <HttpResponseMessage> DecryptRequest(HttpRequestMessage request)
{
if (!request.Headers.Contains(HttpHeaderNames.TomNetClientPublicKey))
{
return(CreateResponseTask(request, HttpStatusCode.BadRequest, "在请求头中客户端公钥信息无法找到。"));
}
string publicKey = request.Headers.GetValues(HttpHeaderNames.TomNetClientPublicKey).First();
_cryptor = new CommunicationCryptor(_privateKey, publicKey, _hashType);
if (request.Content == null)
{
return(null);
}
string data = request.Content.ReadAsStringAsync().Result;
if (string.IsNullOrEmpty(data))
{
return(null);
}
try
{
if (_cryptor != null)
{
data = _cryptor.DecryptAndVerifyData(data);
}
if (data == null)
{
throw new TomNetException("服务器解析请求数据时发生异常。");
}
HttpContent content = new StringContent(data);
content.Headers.ContentType = request.Content.Headers.ContentType;
request.Content = content;
return(null);
}
catch (CryptographicException ex)
{
const string message = "服务器解析传输数据时发生异常。";
Logger.Error(message, ex);
return(CreateResponseTask(request, HttpStatusCode.BadRequest, message, ex));
}
catch (Exception ex)
{
Logger.Error(Resources.Http_Security_Host_DecryptRequest_Failt, ex);
return(CreateResponseTask(request, HttpStatusCode.BadRequest, Resources.Http_Security_Host_DecryptRequest_Failt, ex));
}
}
private Task <HttpResponseMessage> CreateResponseTask(HttpRequestMessage request,
HttpStatusCode statusCode,
string message,
Exception ex = null)
{
return(Task <HttpResponseMessage> .Factory.StartNew(() =>
{
if (statusCode >= HttpStatusCode.OK && statusCode <= (HttpStatusCode)299)
{
if (_publicKey != null)
{
message = CommunicationCryptor.EncryptData(message, _privateKey, _publicKey, _hashType);
return request.CreateResponse(statusCode, message);
}
}
HttpResponseMessage response = request.CreateErrorResponse(statusCode, ex == null ? new HttpError(message) : new HttpError(ex, false));
return response;
}));
}
private Task <HttpResponseMessage> EncryptRequest(HttpRequestMessage request)
{
request.Headers.Add(HttpHeaderNames.OBearClientPublicKey, _clientPublicKey);
if (request.Method == HttpMethod.Get || request.Content == null)
{
return(null);
}
string data = request.Content.ReadAsStringAsync().Result;
try
{
data = CommunicationCryptor.EncryptData(data, _clientPrivateKey, _publicKey, _hashType);
HttpContent content = new StringContent(data);
content.Headers.ContentType = request.Content.Headers.ContentType;
request.Content = content;
return(null);
}
catch (Exception ex)
{
return(CreateResponseTask(request, HttpStatusCode.BadRequest, Resources.Http_Security_Client_EncryptRequest_Failt, ex));
}
}
