/// <summary>
/// 加密之后格式。 手机号码格式:$手机号码前3位明文$base64(encrypt(phone后8位))$111$
/// nick格式:~base64(encrypt(nick))~111~
/// </summary>
/// <param name="data">明文数据</param>
/// <param name="type">加密字段类型(例如:nick\phone)</param>
/// <param name="session">用户身份,用户级加密必填</param>
/// <param name="version">秘钥历史版本</param>
/// <returns></returns>
private string Encrypt(string data, string type, string session, Nullable <Int64> version)
{
if (string.IsNullOrEmpty(data))
{
return(data);
}
SecretContext secretContext = secretCore.GetSecret(session, version);
if (secretContext == null)
{
throw new SecretException("secretKey is null");
}
if (secretContext.Secret == null)
{
return(data);
}
string separator = null;
SecurityBiz.GetSeparatorMap().TryGetValue(type, out separator);
if (separator == null)
{
throw new SecretException("type error");
}
SecurityCounter.AddEncryptCount(type);// 计数器
bool isEncryptIndex = secretCore.IsIndexEncrypt(type, version);
// 支持密文检索
if (isEncryptIndex)
{
if (PHONE.Equals(type))
{
return(SecurityBiz.EncryptPhoneIndex(data, separator, secretContext));
}
else
{
int compressLen = secretCore.GetCompressLen();
int slideSize = secretCore.GetSlideSize();
return(SecurityBiz.EncryptNormalIndex(data, compressLen, slideSize, separator, secretContext));
}
}
else
{
if (PHONE.Equals(type))
{
return(SecurityBiz.EncryptPhone(data, separator, secretContext));
}
else
{
return(SecurityBiz.EncryptNormal(data, separator, secretContext));
}
}
}
/// <summary>
/// 解密(每个用户单独分配秘钥)
/// </summary>
/// <param name="data">
/// 密文数据 手机号码格式:$手机号码前3位明文$base64(encrypt(phone后8位))$111$
/// nick格式:~base64(encrypt(nick))~111~
/// </param>
/// <param name="type">解密字段类型(例如:nick\phone)</param>
/// <param name="session">用户身份,用户级加密必填</param>
/// <returns></returns>
public string Decrypt(string data, string type, string session)
{
if (string.IsNullOrEmpty(data) || data.Length < 4)
{
return(data);
}
// 获取分隔符
Nullable <char> charValue = null;
SecurityBiz.GetSeparatorCharMap().TryGetValue(type, out charValue);
if (charValue == null)
{
throw new SecretException("type error");
}
// 校验
char separator = charValue.Value;
if (!(data[0] == separator && data[data.Length - 1] == separator))
{
return(data);
}
SecretData secretDataDO = null;
if (data[data.Length - 2] == separator)
{
secretDataDO = SecurityBiz.GetIndexSecretData(data, separator);
}
else
{
secretDataDO = SecurityBiz.GetSecretData(data, separator);
}
// 非法密文
if (secretDataDO == null)
{
return(data);
}
SecurityCounter.AddDecryptCount(type);// 计数器
SecretContext secretContextDO = secretCore.GetSecret(session, secretDataDO.SecretVersion);
string decryptValue = SecurityUtil.AESDecrypt(secretDataDO.OriginalBase64Value, secretContextDO.Secret);
if (PHONE.Equals(type) && !secretDataDO.Search)
{
// 加上手机号前3位,手机号只加密了后8位
return(secretDataDO.OriginalValue + decryptValue);
}
return(decryptValue);
}
/// <summary>
/// 秘钥管理核心类
/// </summary>
/// <param name="topClientt"> serverUrl必须是https协议</param>
/// <param name="randomNum">伪随机码</param>
/// <param name="streetest">是否全链路压测</param>
public SecurityClient(DefaultTopClient topClient, string randomNum, bool streetest)
{
securityCounter = new SecurityCounter(topClient.appKey);
secretCore = new SecurityCore(topClient, randomNum, streetest);
}