/// <summary> /// 验证主账号密码 /// </summary> /// <param name="password">主账号密码</param> /// <returns></returns> public bool VerifyAccountPwd(string password) { string passWordCertificate = CurPassWordBookModel.Account + password; if (CurPassWordBookModel.IsComputer) { string computer = getComputer(); computer = IEncryptAndDecodeServer.GetSha1(computer); passWordCertificate = IEncryptAndDecodeServer.GetHMacSha512(passWordCertificate, computer); } else { passWordCertificate = IEncryptAndDecodeServer.GetSha512(passWordCertificate); } passWordCertificate = IEncryptAndDecodeServer.GetMd532(passWordCertificate); if (passWordCertificate.Equals(CurPassWordBookModel.PassWordCertificate)) { //生成加密认证的密保 GetPassWordSecurity(password); return(true); } else { return(false); } }
/// <summary> /// 二次加密数据方式 /// </summary> /// <param name="secondpwd">二次加密密码</param> /// <param name="str">加密字符串</param> /// <returns></returns> private string SecondPwdEncryptionData(string secondpwd, string str, PassWordBookSaveType type) { string sencondMd5 = IEncryptAndDecodeServer.GetMd532(secondpwd); //使用密码做AES加密 str = IEncryptAndDecodeServer.AesEncryption(str, secondpwd); //拼接字符串 str = sencondMd5 + str + IEncryptAndDecodeServer.GetMd532(sencondMd5 + str); //拼接外部Json结构 JObject jtoken = new JObject(); jtoken["SecondAuthentication"] = type.ToString(); jtoken["Data"] = str; return(jtoken.ToString()); }
/// <summary> /// 生成密码凭证 /// </summary> /// <param name="isComputer">是否计算机加密</param> /// <param name="account">账号</param> /// <param name="passWord">密码</param> private string GetPassWordCertificate(string account, string passWord, bool isComputer) { string passWordCertificate = string.Empty; if (isComputer)//需要机器码 { string computerInfo = getComputer(); string sha1 = IEncryptAndDecodeServer.GetSha1(computerInfo); passWordCertificate = IEncryptAndDecodeServer.GetHMacSha512(account + passWord, sha1); } else { passWordCertificate = IEncryptAndDecodeServer.GetSha512(account + passWord); } return(IEncryptAndDecodeServer.GetMd532(passWordCertificate)); }
/// <summary> /// 保存账号密保 /// </summary> /// <param name="filePath"></param> public void SaveShield(string filePath, string password) { string account = CurPassWordBookModel.Account; string accountMd5 = IEncryptAndDecodeServer.GetMd532(account); //1、SHA512 account = IEncryptAndDecodeServer.GetSha512(account); //2、数组逆转 var oldArray = account.ToArray(); Char[] newArray = new Char[oldArray.Length]; for (int i = 0; i < oldArray.Length; i++) { newArray[oldArray.Length - 1] = oldArray[i]; } //3、获取MD5 account = IEncryptAndDecodeServer.GetMd532(new string(newArray)); if (CurPassWordBookModel.IsComputer) { string computerStr = getComputer(); string computerMd5 = IEncryptAndDecodeServer.GetMd532(computerStr); //1、机器码SHA computerStr = IEncryptAndDecodeServer.GetSha1(computerStr); //2、数组逆转 oldArray = computerStr.ToArray(); newArray = new Char[oldArray.Length]; for (int i = 0; i < oldArray.Length; i++) { newArray[oldArray.Length - 1] = oldArray[i]; } //3、获取MD5 computerStr = IEncryptAndDecodeServer.GetMd532(new string(newArray)); //4、加密AES密码 password = IEncryptAndDecodeServer.AesEncryption(password, computerStr); //5、验证数据拼接 password = computerMd5 + password + IEncryptAndDecodeServer.GetMd532((computerMd5 + password)); } else { string zero = "00000000000000000000000000000000"; password = zero + password + IEncryptAndDecodeServer.GetMd532((zero + password)); } account = IEncryptAndDecodeServer.AesEncryption(password, account); IFileServer.SaveFile(account, accountMd5, filePath); }
/// <summary> /// 生成加密密码凭证并缓存 /// </summary> /// <param name="passWord">密码</param> private void GetPassWordSecurity(string passWord) { string securityStr = CurPassWordBookModel.Account + passWord; //1、SHA512 securityStr = IEncryptAndDecodeServer.GetSha512(securityStr); //2、数组逆转 var oldArray = securityStr.ToArray(); Char[] newArray = new Char[oldArray.Length]; for (int i = 0; i < oldArray.Length; i++) { newArray[oldArray.Length - 1] = oldArray[i]; } //3、获取MD5 securityStr = IEncryptAndDecodeServer.GetMd532(new string(newArray)); CachePassWordSecurity.GetInstance().Security = securityStr; }
/// <summary> /// 忘记密码 /// </summary> /// <param name="filePath">密保文件</param> /// <returns></returns> public string FotgotPassWord(string filePath) { string result = string.Empty; string account = CurPassWordBookModel.Account; string accountMd5 = IEncryptAndDecodeServer.GetMd532(account); //1、SHA512 account = IEncryptAndDecodeServer.GetSha512(account); //2、数组逆转 var oldArray = account.ToArray(); Char[] newArray = new Char[oldArray.Length]; for (int i = 0; i < oldArray.Length; i++) { newArray[oldArray.Length - 1] = oldArray[i]; } //3、获取MD5 account = IEncryptAndDecodeServer.GetMd532(new string(newArray)); try { //1、获取密保文件。引发NullReferenceException异常则文件被修改或者选择错误 result = IFileServer.GetFileString(filePath, accountMd5); //2、账号解密 result = IEncryptAndDecodeServer.AesDecryption(result, account); //3、数据完整性检查 string computerCheck = result.Substring(0, 32); string db = result.Substring(0, result.Length - 32); string md5 = result.Replace(db, ""); if (md5 == IEncryptAndDecodeServer.GetMd532(db)) { result = db.Replace(computerCheck, ""); } else { return("数据文件被修改或者配置错误"); } //4、是否机器加密 string zero = "00000000000000000000000000000000"; if (computerCheck == zero)//非机器加密 { return(result); } else { string computerStr = getComputer(); string computerMd5 = IEncryptAndDecodeServer.GetMd532(computerStr); if (computerCheck != computerMd5) { return("密保文件记录的机器码和当前计算机不匹配"); } //1、机器码SHA computerStr = IEncryptAndDecodeServer.GetSha1(computerStr); //2、数组逆转 oldArray = computerStr.ToArray(); newArray = new Char[oldArray.Length]; for (int i = 0; i < oldArray.Length; i++) { newArray[oldArray.Length - 1] = oldArray[i]; } //3、获取MD5 computerStr = IEncryptAndDecodeServer.GetMd532(new string(newArray)); //4、加密AES密码 result = IEncryptAndDecodeServer.AesDecryption(result, computerStr); } } catch (NullReferenceException e) { return(e.Message); } return(result); }
/// <summary> /// 保存单个密码本 /// </summary> /// <param name="passwordbook">数据</param> /// <param name="type">密保类型</param> /// <param name="secondpwd">二次密码</param> /// <returns>物理认证加密后的密保文件</returns> public string SavePassWordBook(Model.PassWordBookModel passwordbook, PassWordBookSaveType type, string secondpwd) { if (!CachePassWordSecurity.GetInstance().IsCache) { throw new ExceptionSecurityTimeout("密码验证超时需要再次做密码验证"); } if (type == PassWordBookSaveType.AuthPassWord && string.IsNullOrEmpty(secondpwd)) { throw new Exception("使用二次密码认证,二次密码不能为空"); } string savePhysicsStr = string.Empty; //设置时间标记 passwordbook.CreateDate = DateTime.Now; Newtonsoft.Json.Linq.JToken jtoken = new JObject(); jtoken["SecondAuthentication"] = type.ToString(); jtoken["PassWord"] = passwordbook.PassWord; //移除密码显示存储。 passwordbook.PassWord = string.Empty; jtoken["Data"] = Newtonsoft.Json.JsonConvert.SerializeObject(passwordbook.Data); string saveStr = jtoken.ToString(); //针对不同类型进行不同的加密处置方式 switch (type) { case PassWordBookSaveType.Null: break; case PassWordBookSaveType.AuthEmailCode: break; case PassWordBookSaveType.AuthPhoneCode: break; case PassWordBookSaveType.AuthPassWord: saveStr = SecondPwdEncryptionData(secondpwd, saveStr, type); break; case PassWordBookSaveType.PhysicsCode: secondpwd = GetRandomPassWord(12); saveStr = SecondPwdEncryptionData(secondpwd, saveStr, type); //创建物理的密钥文件 savePhysicsStr = IEncryptAndDecodeServer.AesEncryption(secondpwd, CachePassWordSecurity.GetInstance().Security); break; default: break; } //使用密码证书做AES加密 saveStr = IEncryptAndDecodeServer.AesEncryption(saveStr, CachePassWordSecurity.GetInstance().Security); //保存密码本文件 IFileServer.SaveFile(saveStr, CurPassWordBookModel.PassWordCertificate, passwordbook.FilePath); CurPassWordBookModel.PassWordBooks.Add(passwordbook); SaveAccount(); return(savePhysicsStr); }