Exemple #1
0
        public async Task <IActionResult> GetRealNameInformation(string token, string digitalEnvelopeJson, string dataSignJson)
        {
            var             re = new ApiRe();
            DigitalEnvelope digitalEnvelope = null;
            var             verify          = false;

            //数字信封
            if (this.config.SecurityConfig.ForceDigitalEnvelope)
            {
                digitalEnvelope = DigitalEnvelope.FromJSON(digitalEnvelopeJson);
            }
            if (this.config.SecurityConfig.ForceDigitalSignature)
            {
                //验证签名
                var dataSign = DataSignDTO.FromJSON(dataSignJson);
                verify = await this.ePassService.VerifyDataSign(dataSign);

                if (!verify)
                {
                    return(LeanoteJson(re));
                }
                verify = dataSign.SignData.Operate.Equals("/api/User/GetRealNameInformation");
                if (!verify)
                {
                    re.Msg = "Operate is not Equals ";
                    return(LeanoteJson(re));
                }
                //签字签名和数字信封数据

                //签名存证
                this.dataSignService.AddDataSign(dataSign, "GetRealNameInformation");
            }


            User user = tokenSerivce.GetUserByToken(token);

            if (user == null)
            {
                ApiRe apiRe = new ApiRe()
                {
                    Ok  = false,
                    Msg = "NOTLOGIN",
                };
                return(Json(apiRe, MyJsonConvert.GetLeanoteOptions()));
            }
            var realName = this.realNameService.GetRealNameInformationByUserId(user.UserId);

            re.Ok   = true;
            re.Data = realName;
            return(LeanoteJson(re));
        }
Exemple #2
0
        public async Task <IActionResult> SetRealNameInformation(string token, string sfz, string digitalEnvelopeJson, string dataSignJson)
        {
            var             re = new ApiRe();
            DigitalEnvelope digitalEnvelope = null;

            var verify = false;

            //数字信封
            if (this.config.SecurityConfig.ForceDigitalEnvelope)
            {
                digitalEnvelope = DigitalEnvelope.FromJSON(digitalEnvelopeJson);
                var data = digitalEnvelope.GetPayLoadValue(this.gMService, this.config.SecurityConfig.PrivateKey);
                if (data == null)
                {
                    throw new Exception("数字信封解密失败");
                }
                //赋予解密的数字信封
                sfz = data;
            }
            if (this.config.SecurityConfig.ForceDigitalSignature)
            {
                //验证签名
                var dataSign = DataSignDTO.FromJSON(dataSignJson);
                verify = await this.ePassService.VerifyDataSign(dataSign);

                if (!verify)
                {
                    return(LeanoteJson(re));
                }
                verify = dataSign.SignData.Operate.Equals("/api/User/SetRealNameInformation");
                if (!verify)
                {
                    re.Msg = "Operate is not Equals ";
                    return(LeanoteJson(re));
                }
                //签字签名和数字信封数据
                if (dataSign != null)
                {
                    var dataSM3 = gMService.SM3(sfz);
                    var signSM3 = dataSign.SignData.Hash;
                    if (!dataSM3.ToUpper().Equals(signSM3.ToUpper()))
                    {
                        re.Msg = "SM3 is error";
                        re.Ok  = false;
                        return(LeanoteJson(re));
                    }
                }

                //签名存证
                this.dataSignService.AddDataSign(dataSign, "SetRealNameInformation");
            }
            User user = tokenSerivce.GetUserByToken(token);

            if (user == null)
            {
                ApiRe apiRe = new ApiRe()
                {
                    Ok  = false,
                    Msg = "NOTLOGIN",
                };
                return(Json(apiRe, MyJsonConvert.GetLeanoteOptions()));
            }

            this.realNameService.SetRealName(user.UserId, sfz);
            re.Ok = true;
            return(LeanoteJson(re));
        }
Exemple #3
0
        public async Task <IActionResult> UpdateNoteTitleAndContent(string token, string noteId, string noteTitle, string content, string dataSignJson, string digitalEnvelopeJson)
        {
            var user = tokenSerivce.GetUserByToken(token);
            var re   = new ApiRe();

            if (user == null)
            {
                return(LeanoteJson(re));
            }
            DigitalEnvelope digitalEnvelope = null;
            var             verify          = false;

            if (this.config.SecurityConfig.ForceDigitalEnvelope)
            {
                //数字信封
                if (this.config.SecurityConfig.ForceDigitalEnvelope)
                {
                    digitalEnvelope = DigitalEnvelope.FromJSON(digitalEnvelopeJson);
                    var data = digitalEnvelope.GetPayLoadValue(this.gMService, this.config.SecurityConfig.PrivateKey);
                    if (data == null)
                    {
                        throw new Exception("数字信封解密失败");
                    }
                    //赋予解密的数字信封
                    content = data;
                }
            }

            if (this.config.SecurityConfig.ForceDigitalSignature)
            {
                //验证签名
                var dataSign = DataSignDTO.FromJSON(dataSignJson);
                verify = await this.ePassService.VerifyDataSign(dataSign);

                if (!verify)
                {
                    return(LeanoteJson(re));
                }
                verify = dataSign.SignData.Operate.Equals("/api/Note/UpdateNoteTitleAndContent");
                if (!verify)
                {
                    re.Msg = "Operate is not Equals ";
                    return(LeanoteJson(re));
                }
                //签字签名和数字信封数据
                if (dataSign != null)
                {
                    var dataSM3 = gMService.SM3(noteId + noteTitle + content);
                    var signSM3 = dataSign.SignData.Hash;
                    if (!dataSM3.ToUpper().Equals(signSM3.ToUpper()))
                    {
                        re.Msg = "SM3 is error";
                        re.Ok  = false;
                        return(LeanoteJson(re));
                    }
                }

                //签名存证
                this.dataSignService.AddDataSign(dataSign, "UpdateNoteTitleAndContent");
            }

            //-------------校验参数合法性
            if (user == null)
            {
                re.Msg = "NOlogin";
                re.Ok  = false;
                return(Json(re, MyJsonConvert.GetSimpleOptions()));
            }

            // 先判断USN的问题, 因为很可能添加完附件后, 会有USN冲突, 这时附件就添错了
            var note = noteService.GetNote(noteId.ToLongByHex(), user.UserId);

            verify = noteRepositoryService.Verify(note.NotesRepositoryId, user.UserId, RepositoryAuthorityEnum.Write);
            if (!verify)
            {
                return(LeanoteJson(re));
            }

            if (note == null || note.NoteId == 0)
            {
                re.Msg = "notExists";
                re.Ok  = false;
                return(Json(re, MyJsonConvert.GetSimpleOptions()));
            }
            var des = MyHtmlHelper.SubHTMLToRaw(content, 200);

            var noteContentId = idGenerator.NextId();

            NoteContent noteContent = new NoteContent()
            {
                NoteContentId = noteContentId,
                Abstract      = content,
                Content       = content,

                UserId        = user.UserId,
                NoteId        = note.NoteId,
                CreatedTime   = DateTime.Now,
                UpdatedTime   = DateTime.Now,
                UpdatedUserId = user.UserId
            };

            if (this.config.SecurityConfig.DataBaseEncryption)
            {
                noteContent.Abstract = "DataBaseEncryption";
            }

            noteContentService.UpdateNoteContent(note.NoteId, noteContent);

            noteService.UpdateNoteTitle(note.NoteId, noteTitle);

            var usn = noteRepositoryService.IncrUsn(note.NotesRepositoryId);

            noteService.UpdateUsn(note.NoteId, usn);
            re.Ok   = true;
            re.Data = note;
            if (this.config.SecurityConfig.ForceDigitalEnvelope)
            {
                var key  = digitalEnvelope.getSM4Key(this.gMService, this.config.SecurityConfig.PrivateKey);
                var json = note.ToJson();

                var payLoad = new PayLoadDTO();
                payLoad.SetData(json);

                var payLoadJson = payLoad.ToJson();

                var jsonHex = Common.Utils.HexUtil.ByteArrayToString(Encoding.UTF8.GetBytes(payLoadJson));

                var enc = gMService.SM4_Encrypt_CBC(jsonHex, key, digitalEnvelope.IV, true);
                re.Data       = enc;
                re.Encryption = true;
            }

            return(LeanoteJson(re));
        }