/// <summary>
/// 解密(每个用户单独分配秘钥)
/// </summary>
/// <param name="data">
/// 密文数据 手机号码格式:$手机号码前3位明文$base64(encrypt(phone后8位))$111$
/// simple格式:~base64(encrypt(nick))~111~
/// </param>
/// <param name="type">解密字段类型(例如:simple\phone)</param>
/// <param name="session">用户身份,用户级加密必填</param>
/// <returns></returns>
public string Decrypt(string data, string type, string session)
{
if (string.IsNullOrEmpty(data) || data.Length < 4)
{
return(data);
}
// 获取分隔符
Nullable <char> charValue = null;
SecurityBiz.GetSeparatorCharMap().TryGetValue(type, out charValue);
if (charValue == null)
{
throw new SecretException("type error");
}
// 校验
char separator = charValue.Value;
if (!(data[0] == separator && data[data.Length - 1] == separator))
{
return(data);
}
SecretData secretDataDO = null;
if (data[data.Length - 2] == separator)
{
secretDataDO = SecurityBiz.GetIndexSecretData(data, separator);
}
else
{
secretDataDO = SecurityBiz.GetSecretData(data, separator);
}
// 非法密文
if (secretDataDO == null)
{
return(data);
}
// 如果密文数据的版本号小于0代表公共秘钥
if (secretDataDO.SecretVersion < 0)
{
secretDataDO.SecretVersion = Math.Abs(secretDataDO.SecretVersion.Value);
session = null;
}
securityCounter.AddDecryptCount(type, session);// 计数器
SecretContext secretContextDO = secretCore.GetSecret(session, secretDataDO.SecretVersion);
string decryptValue = SecurityUtil.AESDecrypt(secretDataDO.OriginalBase64Value, secretContextDO.Secret);
if (PHONE.Equals(type) && !secretDataDO.Search)
{
// 加上手机号前3位,手机号只加密了后8位
return(secretDataDO.OriginalValue + decryptValue);
}
return(decryptValue);
}
/// <summary>
/// 加密之后格式。 手机号码格式:$手机号码前3位明文$base64(encrypt(phone后8位))$111$
/// nick格式:~base64(encrypt(nick))~111~
/// </summary>
/// <param name="data">明文数据</param>
/// <param name="type">加密字段类型(例如:nick\phone)</param>
/// <param name="session">用户身份,用户级加密必填</param>
/// <param name="version">秘钥历史版本</param>
/// <returns></returns>
private string Encrypt(string data, string type, string session, Nullable <Int64> version)
{
if (string.IsNullOrEmpty(data))
{
return(data);
}
SecretContext secretContext = secretCore.GetSecret(session, version);
if (secretContext == null)
{
throw new SecretException("secretKey is null");
}
if (secretContext.Secret == null)
{
return(data);
}
string separator = null;
SecurityBiz.GetSeparatorMap().TryGetValue(type, out separator);
if (separator == null)
{
throw new SecretException("type error");
}
SecurityCounter.AddEncryptCount(type);// 计数器
bool isEncryptIndex = secretCore.IsIndexEncrypt(type, version);
// 支持密文检索
if (isEncryptIndex)
{
if (PHONE.Equals(type))
{
return(SecurityBiz.EncryptPhoneIndex(data, separator, secretContext));
}
else
{
int compressLen = secretCore.GetCompressLen();
int slideSize = secretCore.GetSlideSize();
return(SecurityBiz.EncryptNormalIndex(data, compressLen, slideSize, separator, secretContext));
}
}
else
{
if (PHONE.Equals(type))
{
return(SecurityBiz.EncryptPhone(data, separator, secretContext));
}
else
{
return(SecurityBiz.EncryptNormal(data, separator, secretContext));
}
}
}
/// <summary>
/// 密文检索。 手机号码格式:$base64(H-MAC(phone后4位))$ simple格式:base64(H-MAC(滑窗))
/// </summary>
/// <param name="data">明文数据</param>
/// <param name="type">加密字段类型(例如:simple\phone)</param>
/// <param name="session">用户身份,用户级加密必填</param>
/// <param name="version">秘钥历史版本</param>
/// <returns></returns>
private string Search(string data, string type, string session, Nullable <Int64> version)
{
if (string.IsNullOrEmpty(data))
{
return(data);
}
SecretContext secretContext = secretCore.GetSecret(session, version);
if (secretContext == null)
{
throw new SecretException("secretKey is null");
}
if (secretContext.Secret == null)
{
return(data);
}
string separator = null;
SecurityBiz.GetSeparatorMap().TryGetValue(type, out separator);
if (separator == null)
{
throw new SecretException("type error");
}
// 公共秘钥版本号用负数区分
if (session == null)
{
SecretContext publicSecretContext = new SecretContext();
publicSecretContext.Secret = secretContext.Secret;
publicSecretContext.SecretVersion = -secretContext.SecretVersion;
secretContext = publicSecretContext;
}
securityCounter.AddSearchCount(type, session);// 计数器
if (PHONE.Equals(type))
{
return(SecurityBiz.SearchPhoneIndex(data, separator, secretContext));
}
else
{
int compressLen = secretCore.GetCompressLen();
int slideSize = secretCore.GetSlideSize();
return(SecurityBiz.SearchNormalIndex(data, compressLen, slideSize, secretContext));
}
}
/// <summary>
/// 判断是否密文数据
/// </summary>
/// <param name="data"></param>
/// <param name="type">加密字段类型(例如:simple\phone)</param>
/// <returns></returns>
public static bool IsEncryptData(string data, string type)
{
return(SecurityBiz.IsEncryptData(data, type));
}
