public async Task <bool> VerifyDataSign(DataSignDTO dataSignDTO) { var data = dataSignDTO.SignData.GetBytes().ByteArrayToBase64(); var cer = dataSignDTO.Certificate; var sign = dataSignDTO.Sign; var result = await this.signatureService.rawVerify(data, sign, "", true, cer, "010001"); return(result); }
public async Task <IActionResult> DeleteNote(string token, string noteRepositoryId, string noteId, string dataSignJson) { var user = tokenSerivce.GetUserByToken(token); var re = new ApiRe(); if (user == null) { return(LeanoteJson(re)); } var verify = false; if (this.config.SecurityConfig.ForceDigitalSignature) { //验证签名 var dataSign = DataSignDTO.FromJSON(dataSignJson); verify = await this.ePassService.VerifyDataSign(dataSign); if (!verify) { return(LeanoteJson(re)); } verify = dataSign.SignData.Operate.Equals("/api/Note/DeleteNote"); if (!verify) { re.Msg = "Operate is not Equals "; return(LeanoteJson(re)); } //签名存证 this.dataSignService.AddDataSign(dataSign, "DeleteNote"); } var note = noteService.GetNoteById(noteId.ToLongByHex()); var repositoryId = note.NotesRepositoryId; if (repositoryId != noteRepositoryId.ToLongByHex()) { return(LeanoteJson(re)); } verify = noteRepositoryService.Verify(repositoryId, user.UserId, RepositoryAuthorityEnum.Write); if (!verify) { return(LeanoteJson(re)); } var usn = noteRepositoryService.IncrUsn(repositoryId); var noteDelte = noteService.DeleteNote(noteId.ToLongByHex(), usn); re.Ok = true; re.Data = noteDelte; return(LeanoteJson(re)); }
public void AddDataSign(DataSignDTO dataSignDTO, string tag) { var dataSignLogging = new DataSignLogging() { Id = idGenerator.NextId(), Tag = tag, DataSignJson = dataSignDTO.ToJson() }; this.dataContext.DataSignLogging.Add(dataSignLogging); this.dataContext.SaveChanges(); }
public async Task <IActionResult> GetRealNameInformation(string token, string digitalEnvelopeJson, string dataSignJson) { var re = new ApiRe(); DigitalEnvelope digitalEnvelope = null; var verify = false; //数字信封 if (this.config.SecurityConfig.ForceDigitalEnvelope) { digitalEnvelope = DigitalEnvelope.FromJSON(digitalEnvelopeJson); } if (this.config.SecurityConfig.ForceDigitalSignature) { //验证签名 var dataSign = DataSignDTO.FromJSON(dataSignJson); verify = await this.ePassService.VerifyDataSign(dataSign); if (!verify) { return(LeanoteJson(re)); } verify = dataSign.SignData.Operate.Equals("/api/User/GetRealNameInformation"); if (!verify) { re.Msg = "Operate is not Equals "; return(LeanoteJson(re)); } //签字签名和数字信封数据 //签名存证 this.dataSignService.AddDataSign(dataSign, "GetRealNameInformation"); } User user = tokenSerivce.GetUserByToken(token); if (user == null) { ApiRe apiRe = new ApiRe() { Ok = false, Msg = "NOTLOGIN", }; return(Json(apiRe, MyJsonConvert.GetLeanoteOptions())); } var realName = this.realNameService.GetRealNameInformationByUserId(user.UserId); re.Ok = true; re.Data = realName; return(LeanoteJson(re)); }
public async Task <IActionResult> SetRealNameInformation(string token, string sfz, string digitalEnvelopeJson, string dataSignJson) { var re = new ApiRe(); DigitalEnvelope digitalEnvelope = null; var verify = false; //数字信封 if (this.config.SecurityConfig.ForceDigitalEnvelope) { digitalEnvelope = DigitalEnvelope.FromJSON(digitalEnvelopeJson); var data = digitalEnvelope.GetPayLoadValue(this.gMService, this.config.SecurityConfig.PrivateKey); if (data == null) { throw new Exception("数字信封解密失败"); } //赋予解密的数字信封 sfz = data; } if (this.config.SecurityConfig.ForceDigitalSignature) { //验证签名 var dataSign = DataSignDTO.FromJSON(dataSignJson); verify = await this.ePassService.VerifyDataSign(dataSign); if (!verify) { return(LeanoteJson(re)); } verify = dataSign.SignData.Operate.Equals("/api/User/SetRealNameInformation"); if (!verify) { re.Msg = "Operate is not Equals "; return(LeanoteJson(re)); } //签字签名和数字信封数据 if (dataSign != null) { var dataSM3 = gMService.SM3(sfz); var signSM3 = dataSign.SignData.Hash; if (!dataSM3.ToUpper().Equals(signSM3.ToUpper())) { re.Msg = "SM3 is error"; re.Ok = false; return(LeanoteJson(re)); } } //签名存证 this.dataSignService.AddDataSign(dataSign, "SetRealNameInformation"); } User user = tokenSerivce.GetUserByToken(token); if (user == null) { ApiRe apiRe = new ApiRe() { Ok = false, Msg = "NOTLOGIN", }; return(Json(apiRe, MyJsonConvert.GetLeanoteOptions())); } this.realNameService.SetRealName(user.UserId, sfz); re.Ok = true; return(LeanoteJson(re)); }
public async Task <IActionResult> CreateNoteRepository(string token, string data, string dataSignJson) { var re = new ApiRe() { Ok = false, Data = null }; var verify = false; if (this.config.SecurityConfig.ForceDigitalSignature) { //验证签名 var dataSign = DataSignDTO.FromJSON(dataSignJson); verify = await this.ePassService.VerifyDataSign(dataSign); if (!verify) { return(LeanoteJson(re)); } verify = dataSign.SignData.Operate.Equals("/api/NotesRepository/CreateNoteRepository"); if (!verify) { re.Msg = "Operate is not Equals "; return(LeanoteJson(re)); } //签名存证 this.dataSignService.AddDataSign(dataSign, "CreateNoteRepository"); } var user = tokenSerivce.GetUserByToken(token); var notesRepository = JsonSerializer.Deserialize <NotesRepository>(data, MyJsonConvert.GetLeanoteOptions()); if (notesRepository.RepositoryOwnerType == RepositoryOwnerType.Organization) { var orgId = notesRepository.OwnerId; verify = organizationService.Verify(orgId, user.UserId, OrganizationAuthorityEnum.AddRepository); if (verify == false) { re.Msg = "您没有权限创建这个仓库"; return(LeanoteJson(re)); } } if (notesRepository.RepositoryOwnerType == RepositoryOwnerType.Personal) { if (notesRepository.OwnerId != user.UserId) { re.Msg = "您没有权限创建这个仓库"; return(LeanoteJson(re)); } } //if (!MyStringUtil.IsNumAndEnCh(notesRepository.Name)) //{ // apiRe.Msg = "仓库路径仅允许使用英文大小写、数字,不允许特殊符号"; // return LeanoteJson(apiRe); //} if (noteRepositoryService.ExistNoteRepositoryByName(notesRepository.OwnerId, notesRepository.Name)) { re.Msg = "仓库名称冲突"; return(LeanoteJson(re)); } var result = noteRepositoryService.CreateNoteRepository(notesRepository); var list = new List <string>(4) { "life", "study", "work", "tutorial" }; foreach (var item in list) { // 添加笔记本, 生活, 学习, 工作 var userId = user.UserId; var notebook = new Notebook() { NotebookId = idGenerator.NextId(), NotesRepositoryId = result.Id, Seq = 0, UserId = userId, CreatedTime = DateTime.Now, Title = item, ParentNotebookId = null, }; notebookService.AddNotebook(notebook); } if (result == null) { re.Msg = "数据库创建仓库失败"; return(LeanoteJson(re)); } re.Ok = true; re.Data = result; return(LeanoteJson(re)); }
public async Task <IActionResult> UpdateNoteTitleAndContent(string token, string noteId, string noteTitle, string content, string dataSignJson, string digitalEnvelopeJson) { var user = tokenSerivce.GetUserByToken(token); var re = new ApiRe(); if (user == null) { return(LeanoteJson(re)); } DigitalEnvelope digitalEnvelope = null; var verify = false; if (this.config.SecurityConfig.ForceDigitalEnvelope) { //数字信封 if (this.config.SecurityConfig.ForceDigitalEnvelope) { digitalEnvelope = DigitalEnvelope.FromJSON(digitalEnvelopeJson); var data = digitalEnvelope.GetPayLoadValue(this.gMService, this.config.SecurityConfig.PrivateKey); if (data == null) { throw new Exception("数字信封解密失败"); } //赋予解密的数字信封 content = data; } } if (this.config.SecurityConfig.ForceDigitalSignature) { //验证签名 var dataSign = DataSignDTO.FromJSON(dataSignJson); verify = await this.ePassService.VerifyDataSign(dataSign); if (!verify) { return(LeanoteJson(re)); } verify = dataSign.SignData.Operate.Equals("/api/Note/UpdateNoteTitleAndContent"); if (!verify) { re.Msg = "Operate is not Equals "; return(LeanoteJson(re)); } //签字签名和数字信封数据 if (dataSign != null) { var dataSM3 = gMService.SM3(noteId + noteTitle + content); var signSM3 = dataSign.SignData.Hash; if (!dataSM3.ToUpper().Equals(signSM3.ToUpper())) { re.Msg = "SM3 is error"; re.Ok = false; return(LeanoteJson(re)); } } //签名存证 this.dataSignService.AddDataSign(dataSign, "UpdateNoteTitleAndContent"); } //-------------校验参数合法性 if (user == null) { re.Msg = "NOlogin"; re.Ok = false; return(Json(re, MyJsonConvert.GetSimpleOptions())); } // 先判断USN的问题, 因为很可能添加完附件后, 会有USN冲突, 这时附件就添错了 var note = noteService.GetNote(noteId.ToLongByHex(), user.UserId); verify = noteRepositoryService.Verify(note.NotesRepositoryId, user.UserId, RepositoryAuthorityEnum.Write); if (!verify) { return(LeanoteJson(re)); } if (note == null || note.NoteId == 0) { re.Msg = "notExists"; re.Ok = false; return(Json(re, MyJsonConvert.GetSimpleOptions())); } var des = MyHtmlHelper.SubHTMLToRaw(content, 200); var noteContentId = idGenerator.NextId(); NoteContent noteContent = new NoteContent() { NoteContentId = noteContentId, Abstract = content, Content = content, UserId = user.UserId, NoteId = note.NoteId, CreatedTime = DateTime.Now, UpdatedTime = DateTime.Now, UpdatedUserId = user.UserId }; if (this.config.SecurityConfig.DataBaseEncryption) { noteContent.Abstract = "DataBaseEncryption"; } noteContentService.UpdateNoteContent(note.NoteId, noteContent); noteService.UpdateNoteTitle(note.NoteId, noteTitle); var usn = noteRepositoryService.IncrUsn(note.NotesRepositoryId); noteService.UpdateUsn(note.NoteId, usn); re.Ok = true; re.Data = note; if (this.config.SecurityConfig.ForceDigitalEnvelope) { var key = digitalEnvelope.getSM4Key(this.gMService, this.config.SecurityConfig.PrivateKey); var json = note.ToJson(); var payLoad = new PayLoadDTO(); payLoad.SetData(json); var payLoadJson = payLoad.ToJson(); var jsonHex = Common.Utils.HexUtil.ByteArrayToString(Encoding.UTF8.GetBytes(payLoadJson)); var enc = gMService.SM4_Encrypt_CBC(jsonHex, key, digitalEnvelope.IV, true); re.Data = enc; re.Encryption = true; } return(LeanoteJson(re)); }
public async Task <IActionResult> CreateNote(string token, string noteTitle, string notebookId, bool isMarkdown, string dataSignJson) { if (string.IsNullOrEmpty(noteTitle)) { noteTitle = "未命名"; } var re = new ApiRe(); var verify = false; var user = tokenSerivce.GetUserByToken(token); var notebook = notebookService.GetNotebookById(notebookId.ToLongByHex()); if (user == null || notebook == null) { return(LeanoteJson(re)); } if (this.config.SecurityConfig.ForceDigitalSignature) { //验证签名 var dataSign = DataSignDTO.FromJSON(dataSignJson); verify = await this.ePassService.VerifyDataSign(dataSign); if (!verify) { return(LeanoteJson(re)); } verify = dataSign.SignData.Operate.Equals("/api/Note/CreateNote"); if (!verify) { re.Msg = "Operate is not Equals "; return(LeanoteJson(re)); } //签名存证 this.dataSignService.AddDataSign(dataSign, "CreateNote"); } var repositoryId = notebook.NotesRepositoryId; verify = noteRepositoryService.Verify(repositoryId, user.UserId, RepositoryAuthorityEnum.Write); if (!verify) { return(LeanoteJson(re)); } var noteId = idGenerator.NextId(); var noteContentId = idGenerator.NextId(); var content = isMarkdown ? "欢迎使用markdown文档 power by vditor" : "欢迎使用富文本文档 power by textbus"; var usn = noteRepositoryService.IncrUsn(repositoryId); NoteContent noteContent = new NoteContent() { NoteContentId = noteContentId, Abstract = content, Content = content, UserId = user.UserId, NoteId = noteId, CreatedTime = DateTime.Now, UpdatedTime = DateTime.Now, UpdatedUserId = user.UserId }; noteContentService.AddNoteContent(noteContent); var note = new Note() { NotebookId = notebook.NotebookId, NoteId = noteId, ContentId = noteContentId, Title = noteTitle, UrlTitle = noteTitle, NotesRepositoryId = repositoryId, IsMarkdown = isMarkdown, CreatedTime = DateTime.Now, UserId = user.UserId, CreatedUserId = user.UserId, Desc = string.Empty, Usn = usn, Tags = Array.Empty <string>() }; noteService.AddNote(note); re.Ok = true; re.Data = note; return(LeanoteJson(re)); }
public async Task <IActionResult> CreateNoteBook(string token, string noteRepositoryId, string notebookTitle, string parentNotebookId, string dataSignJson) { var re = new ApiRe(); var user = tokenSerivce.GetUserByToken(token); long?parentId = null; bool verify = false; long?repositoryId = null; //验证签名 if (this.config.SecurityConfig.ForceDigitalSignature) { var dataSign = DataSignDTO.FromJSON(dataSignJson); verify = await this.ePassService.VerifyDataSign(dataSign); if (!verify) { return(LeanoteJson(re)); } verify = dataSign.SignData.Operate.Equals("/api/Notebook/CreateNoteBook"); if (!verify) { re.Msg = "Operate is not Equals "; return(LeanoteJson(re)); } //签名存证 this.dataSignService.AddDataSign(dataSign, "CreateNoteBook"); } if (string.IsNullOrEmpty(noteRepositoryId)) { return(LeanoteJson(re)); } if (string.IsNullOrEmpty(parentNotebookId)) { verify = noteRepositoryService.Verify(noteRepositoryId.ToLongByHex(), user.UserId, RepositoryAuthorityEnum.Write); repositoryId = noteRepositoryId.ToLongByHex(); } else { var parentNotebook = notebookService.GetNotebookById(parentNotebookId.ToLongByHex()); if (user == null || parentNotebook == null) { return(LeanoteJson(re)); } repositoryId = parentNotebook.NotesRepositoryId; if (repositoryId != noteRepositoryId.ToLongByHex()) { return(LeanoteJson(re)); } verify = noteRepositoryService.Verify(repositoryId, user.UserId, RepositoryAuthorityEnum.Write); parentId = parentNotebook.NotebookId; } if (!verify) { return(LeanoteJson(re)); } var notebook = new Notebook() { NotebookId = idGenerator.NextId(), NotesRepositoryId = repositoryId, Seq = 0, UserId = user.UserId, CreatedTime = DateTime.Now, Title = notebookTitle, ParentNotebookId = parentId, }; notebookService.AddNotebook(notebook); re.Ok = true; re.Data = notebook; return(LeanoteJson(re)); }
public async Task <IActionResult> DeleteNotebook(string token, string noteRepositoryId, string notebookId, bool recursively, bool force, string dataSignJson) { User user = tokenSerivce.GetUserByToken(token); var verify = false; ApiRe re = new ApiRe() { Ok = false, Msg = "NOTLOGIN", }; if (user == null) { re.Msg = "NOTLOGIN"; return(LeanoteJson(re)); } if (this.config.SecurityConfig.ForceDigitalSignature) { //验证签名 var dataSign = DataSignDTO.FromJSON(dataSignJson); verify = await this.ePassService.VerifyDataSign(dataSign); if (!verify) { return(LeanoteJson(re)); } verify = dataSign.SignData.Operate.Equals("/api/Notebook/DeleteNotebook"); if (!verify) { re.Msg = "Operate is not Equals "; return(LeanoteJson(re)); } //签名存证 this.dataSignService.AddDataSign(dataSign, "DeleteNotebook"); } var message = ""; var notebook = notebookService.GetNotebookById(notebookId.ToLongByHex()); var repositoryId = notebook.NotesRepositoryId; if (repositoryId != noteRepositoryId.ToLongByHex()) { return(LeanoteJson(re)); } //鉴别用户是否有权限 verify = noteRepositoryService.Verify(repositoryId, user.UserId, RepositoryAuthorityEnum.Write); if (verify == false) { return(LeanoteJson(re)); } //增加usn var usn = noteRepositoryService.IncrUsn(repositoryId); if (recursively) { re.Ok = notebookService.DeleteNotebookRecursively(notebookId.ToLongByHex(), usn); } else { re.Ok = notebookService.DeleteNotebook(notebookId.ToLongByHex(), usn); } return(LeanoteJson(re)); }