private string DecryptPrivateKey(string privateKey) { var setting = new SettingComponent().GetSetting(); if (setting.Encrypt) { if (!string.IsNullOrWhiteSpace(_cache.Get <string>("WalletPassphrase"))) { try { return(AES128.Decrypt(privateKey, _cache.Get <string>("WalletPassphrase"))); } catch { throw new CommonException(ErrorCode.Service.Transaction.WALLET_DECRYPT_FAIL); } } else { //是否需要调用解密的逻辑 throw new CommonException(ErrorCode.Service.Transaction.WALLET_DECRYPT_FAIL); } } else { return(privateKey); } }
public void SetPin(string pin, UserAccount user, string deviceNumber) { if (!string.IsNullOrEmpty(user.Pin)) { throw new ApplicationException(MessageResources.PINHasSet); } var _pin = AES128.Decrypt(pin, AES128.DefaultKey); using (var scope = new TransactionScope()) { new UserAccountDAC().SetPinById(user.Id, PasswordHasher.HashPassword(_pin)); if (new UserDeviceDAC().GetUserDeviceByAccountId(user.Id) .All(item => item.DeviceNumber != deviceNumber)) { new UserDeviceDAC().Insert(new UserDevice() { DeviceNumber = deviceNumber, LastActiveTime = DateTime.UtcNow, Name = " ", UserAccountId = user.Id }); } new UserAccountDAC().UpdateIsBindingDevice(user.Id); scope.Complete(); } }
private T LoadFile <T>(string filePath, string salt) { if (!File.Exists(filePath)) { throw new CommonException(ErrorCode.Engine.Wallet.IO.FILE_NOT_FOUND); } string fileString = string.Empty; try { fileString = FileHelper.LoadFileString(filePath); } catch (Exception ex) { throw new CommonException(ErrorCode.Engine.Wallet.IO.FILE_DATA_INVALID, ex); } try { if (!string.IsNullOrEmpty(salt)) { fileString = AES128.Decrypt(fileString, salt); } } catch (Exception ex) { throw new CommonException(ErrorCode.Engine.Wallet.DECRYPT_DATA_ERROR, ex); } return(JsonConvert.DeserializeObject <T>(fileString)); }
public void ChangePassword(string oldPassword, string newPassword) { SettingComponent sComponent = new SettingComponent(); var setting = sComponent.GetSetting(); if (MD5Helper.EncryptTo32(oldPassword) == setting.PassCiphertext) { var aclist = AccountDac.Default.SelectAll(); foreach (var item in aclist) { item.PrivateKey = AES128.Decrypt(item.PrivateKey, oldPassword); item.PrivateKey = AES128.Encrypt(item.PrivateKey, newPassword); } try { AccountDac.Default.UpdatePrivateKeyAr(aclist); setting = sComponent.GetSetting(); setting.Encrypt = true; setting.PassCiphertext = MD5Helper.EncryptTo32(newPassword); sComponent.SaveSetting(setting); } catch (Exception ex) { throw new CommonException(ErrorCode.Engine.Wallet.DB.EXECUTE_SQL_ERROR, ex); } } else { throw new CommonException(ErrorCode.Engine.Wallet.CHECK_PASSWORD_ERROR); } }
public static void Verify(FixValueVerifier verifier, SystemPlatform plateForm, string uniqueKey, string hashedCode, string toCheckCode, bool needDecrypt = true) { var errorCountKey = verifier.GetErrorCountKey(plateForm, uniqueKey); int errorCount = CheckErrorCount(verifier, errorCountKey); bool result = true; if (needDecrypt) { try { toCheckCode = AES128.Decrypt(toCheckCode, AES128.DefaultKey); } catch { result = false; } } result = result && verifier.Verify(plateForm, uniqueKey, hashedCode, toCheckCode); if (result) { if (errorCount > 0) { DeleteErrorCount(errorCountKey); } } else { IncreaseErrorCount(verifier, errorCountKey); } }
/// <summary>Asynchronously authenticates the request.</summary> /// <returns>The task that completes the authentication.</returns> /// <param name="context">The authentication context.</param> /// <param name="cancellationToken">The cancellation token.</param> public Task AuthenticateAsync(HttpAuthenticationContext context, CancellationToken cancellationToken) { if (context == null) { throw new ArgumentNullException(nameof(context)); } var request = context.Request; if (request == null) { throw new InvalidOperationException("Request must not be null"); } if (context.Request.Headers.Authorization == null) { return(Task.FromResult(0)); } try { var authHeader = request.Headers.Authorization.Parameter; var clientKey = ConfigurationManager.AppSettings["ClientKey"]; var secretKey = ConfigurationManager.AppSettings["SecretKey"]; try { var decryptedPIN = AES128.Decrypt(authHeader, secretKey); if (decryptedPIN.Length > 14) { var date = decryptedPIN.Substring(0, 14); var timestamp = DateTime.ParseExact(date, "yyyyMMddHHmmss", CultureInfo.InvariantCulture); //Payment PIN submission must be within accepted time. //This is to prevent hacker copy the encrypted string and use it to authorize victim payment PIN without the need //to know the exact PIN if (timestamp.AddMinutes(5) >= DateTime.UtcNow && timestamp.AddMinutes(-5) <= DateTime.UtcNow) { var actualPIN = decryptedPIN.Substring(14); if (actualPIN == clientKey) { SetSecurityPrincipal(ref context, "1", "FiiiPay", ""); } } } } catch (Exception) { //DANGER: Need to write log here } } catch (Exception) { //DANGER: Need to write log here } return(Task.FromResult(0)); }
public void ModifyPIN(InvestorAccount investor, string oldPIN, string newPIN) { string plainNewPIN = AES128.Decrypt(newPIN, AES128.DefaultKey); if (PasswordHasher.VerifyHashedPassword(investor.PIN, plainNewPIN)) { throw new CommonException(ReasonCode.PIN_MUST_BE_DIFFERENT, R.新旧Pin码不能一致); } VerifyPIN(investor, oldPIN); new InvestorAccountDAC().UpdatePIN(investor.Id, PasswordHasher.HashPassword(plainNewPIN)); new InvestorAccountDAC().UpdatePINStatus(investor.Id, 1); }
public void TestBytes() { byte[] key = Enumerable.Range(100, 16).Select(val => (byte)val).ToArray(); byte[] IV = Enumerable.Range(128, 16).Select(val => (byte)val).ToArray(); byte[] testData = Enumerable.Range(0, 256).Select(val => (byte)val).ToArray(); var encData = AES128.Encrypt(testData, key, IV); var decodeData = AES128.Decrypt(encData, key, IV); Assert.IsTrue(testData.SequenceEqual(decodeData)); }
public void ModifyPassword(InvestorAccount investor, string oldPassword, string newPassword) { string plainNewPassword = AES128.Decrypt(newPassword, AES128.DefaultKey); string plainOldPassword = AES128.Decrypt(oldPassword, AES128.DefaultKey); if (!PasswordHasher.VerifyHashedPassword(investor.Password, plainOldPassword)) { throw new CommonException(ReasonCode.WRONG_OLD_PASSWORD_ENTERRED, R.原密码不正确); } if (PasswordHasher.VerifyHashedPassword(investor.Password, plainNewPassword)) { throw new CommonException(ReasonCode.WRONG_OLD_PASSWORD_ENTERRED, R.新旧密码不能一致); } new InvestorAccountDAC().UpdatePassword(investor.Id, PasswordHasher.HashPassword(plainNewPassword)); new InvestorAccountDAC().UpdatePasswordStatus(investor.Id, 1); }
public void UpdatePin(UserAccount user, string oldPin, string newPin) { SecurityVerify.Verify <UpdatePinVerify>(new CustomVerifier("UpdatePin"), SystemPlatform.FiiiPay, user.Id.ToString(), (model) => { return(model.PinVerified && model.CombinedVerified); }); newPin = AES128.Decrypt(newPin, AES128.DefaultKey); var _oldPin = AES128.Decrypt(oldPin, AES128.DefaultKey); if (_oldPin.Equals(newPin)) { throw new CommonException(ReasonCode.PIN_MUST_BE_DIFFERENT, MessageResources.NewPINOldPINDifferent); } new UserAccountDAC().SetPinById(user.Id, PasswordHasher.HashPassword(newPin)); }
public static bool TryParse(string cipherPin, out string pinText) { try { pinText = AES128.Decrypt(cipherPin, AES128.DefaultKey); } catch (Exception) { pinText = null; return(false); } var reg = new Regex("^\\d{6}$"); return(reg.IsMatch(pinText) && !ContinuousNumber.Contains(pinText)); }
/// <summary> /// decrypt access token /// </summary> /// <param name="token"></param> /// <typeparam name="T"></typeparam> /// <returns></returns> public static T DecryptToken <T>(string token) where T : AccessToken { return(JsonConvert.DeserializeObject <T>(AES128.Decrypt(token, DefaultKey))); }
public static string GetDecryptString(string enStr) { return(AES128.Decrypt(enStr, DefaultKey)); }
public LoginOM NewDeviceLoginBySMSCode(NewDeviceLoginBySMSCodeIM im, string deviceNumber) { var user = CheckUser(im.CountryId, im.Cellphone); var prevVerifier = new LoginCellphoneVerifier(); var customVerifier = new CustomVerifier("NewDeviceLogin"); var hadOpenedGoogleAuth = ValidationFlagComponent.CheckSecurityOpened(user.ValidationFlag, ValidationFlag.GooogleAuthenticator); SecurityVerify.Verify <LoginBySMSVerify>(customVerifier, SystemPlatform.FiiiPay, user.Id.ToString(), (model) => { bool result = model.CellphoneVerified; if (user.L1VerifyStatus == VerifyStatus.Certified) { var identityNo = new UserProfileComponent().PreVerifyLv1(user).IdentityDocNo; result = result && new IDNumberVerifier().Verify(SystemPlatform.FiiiPay, user.Id.ToString(), identityNo, im.IdentityDocNo); if (!result) { var errorCountKey = customVerifier.GetErrorCountKey(SystemPlatform.FiiiPay, user.Id.ToString()); var errorCount = SecurityVerify.CheckErrorCount(customVerifier, errorCountKey); new IDNumberVerifier().VerifyFaild(Constant.VIRIFY_FAILD_TIMES_LIMIT - errorCount - 1); } } if (!string.IsNullOrEmpty(user.Pin)) { result = result && new PinVerifier().Verify(SystemPlatform.FiiiPay, user.Id.ToString(), user.Pin, AES128.Decrypt(im.Pin, AES128.DefaultKey)); if (!result) { var errorCountKey = customVerifier.GetErrorCountKey(SystemPlatform.FiiiPay, user.Id.ToString()); var errorCount = SecurityVerify.CheckErrorCount(customVerifier, errorCountKey); new PinVerifier().VerifyFaild(Constant.VIRIFY_FAILD_TIMES_LIMIT - errorCount - 1); } } if (SecurityVerify.CheckSecurityOpened(user.ValidationFlag, ValidationFlag.GooogleAuthenticator)) { var googleVerifier = new GoogleVerifier(); if (string.IsNullOrEmpty(im.GoogleCode)) { result = false; } result = result && SecurityVerify.CheckCodeValid(googleVerifier, SystemPlatform.FiiiPay, user.Id.ToString(), im.GoogleCode); result = result && googleVerifier.Verify(user.AuthSecretKey, im.GoogleCode); if (!result) { var errorCountKey = customVerifier.GetErrorCountKey(SystemPlatform.FiiiPay, user.Id.ToString()); var errorCount = SecurityVerify.CheckErrorCount(customVerifier, errorCountKey); googleVerifier.VerifyFaild(Constant.VIRIFY_FAILD_TIMES_LIMIT - errorCount - 1); } } return(result); }); new UserDeviceDAC().Insert(new UserDevice() { DeviceNumber = deviceNumber, Name = " ", UserAccountId = user.Id, LastActiveTime = DateTime.UtcNow }); var loginOm = IssueAccessToken(user); return(loginOm); }