/// <summary>
/// 解密(每个用户单独分配秘钥)
/// </summary>
/// <param name="data">
/// 密文数据 手机号码格式:$手机号码前3位明文$base64(encrypt(phone后8位))$111$
/// simple格式:~base64(encrypt(nick))~111~
/// </param>
/// <param name="type">解密字段类型(例如:simple\phone)</param>
/// <param name="session">用户身份,用户级加密必填</param>
/// <returns></returns>
public string Decrypt(string data, string type, string session)
{
if (string.IsNullOrEmpty(data) || data.Length < 4)
{
return(data);
}
// 获取分隔符
Nullable <char> charValue = null;
SecurityBiz.GetSeparatorCharMap().TryGetValue(type, out charValue);
if (charValue == null)
{
throw new SecretException("type error");
}
// 校验
char separator = charValue.Value;
if (!(data[0] == separator && data[data.Length - 1] == separator))
{
return(data);
}
SecretData secretDataDO = null;
if (data[data.Length - 2] == separator)
{
secretDataDO = SecurityBiz.GetIndexSecretData(data, separator);
}
else
{
secretDataDO = SecurityBiz.GetSecretData(data, separator);
}
// 非法密文
if (secretDataDO == null)
{
return(data);
}
// 如果密文数据的版本号小于0代表公共秘钥
if (secretDataDO.SecretVersion < 0)
{
secretDataDO.SecretVersion = Math.Abs(secretDataDO.SecretVersion.Value);
session = null;
}
securityCounter.AddDecryptCount(type, session);// 计数器
SecretContext secretContextDO = secretCore.GetSecret(session, secretDataDO.SecretVersion);
string decryptValue = SecurityUtil.AESDecrypt(secretDataDO.OriginalBase64Value, secretContextDO.Secret);
if (PHONE.Equals(type) && !secretDataDO.Search)
{
// 加上手机号前3位,手机号只加密了后8位
return(secretDataDO.OriginalValue + decryptValue);
}
return(decryptValue);
}
/// <summary>
/// 获取秘钥版本、加密原始数据(支持密文检索)
/// </summary>
/// <param name="data"></param>
/// <param name="separatorChar"></param>
/// <returns></returns>
public static SecretData GetIndexSecretData(string data, char separatorChar)
{
SecretData secretData = null;
if (PHONE_SEPARATOR_CHAR == separatorChar)
{
string[] dataArray = StringUtil.Split(data, separatorChar);
if (dataArray.Length != 3)
{
return(null);
}
string version = dataArray[2];
if (StringUtil.IsDigits(version) && Convert.ToInt64(version) > 0)
{
secretData = new SecretData();
secretData.OriginalValue = dataArray[0];// H-MAC(手机号码后4位)
secretData.OriginalBase64Value = dataArray[1];
secretData.SecretVersion = Convert.ToInt64(version);
}
}
else
{
string[] dataArray = StringUtil.Split(data, separatorChar);
if (dataArray.Length != 3)
{
return(null);
}
string version = dataArray[2];
if (StringUtil.IsDigits(version) && Convert.ToInt64(version) > 0)
{
secretData = new SecretData();
secretData.OriginalBase64Value = dataArray[0];
secretData.OriginalValue = dataArray[1];// H-MAC value
secretData.SecretVersion = Convert.ToInt64(version);
}
}
if (secretData == null)
{
return(secretData);
}
secretData.Search = true;
return(secretData);
}
/// <summary>
/// 获取秘钥版本、加密原始数据
/// </summary>
/// <param name="data"></param>
/// <param name="separatorChar"></param>
/// <returns></returns>
public static SecretData GetSecretData(string data, char separatorChar)
{
SecretData secretData = null;
if (PHONE_SEPARATOR_CHAR == separatorChar)
{
string[] dataArray = StringUtil.Split(data, separatorChar);
if (dataArray.Length != 3)
{
return(null);
}
string version = dataArray[2];
if (StringUtil.IsNumeric(version))
{
secretData = new SecretData();
secretData.OriginalValue = dataArray[0];;// 手机号码前缀
secretData.OriginalBase64Value = dataArray[1];
secretData.SecretVersion = Convert.ToInt64(version);
}
}
else
{
string[] dataArray = StringUtil.Split(data, separatorChar);
if (dataArray.Length != 2)
{
return(null);
}
string version = dataArray[1];
if (StringUtil.IsNumeric(version))
{
secretData = new SecretData();
secretData.OriginalBase64Value = dataArray[0];
secretData.SecretVersion = Convert.ToInt64(version);
}
}
return(secretData);
}
