Esempio n. 1
0
        /// <summary>
        /// 客户端申请AES密码
        /// </summary>
        /// <param name="DeviceCode">设备号</param>
        /// <param name="Modulus">RSA公钥模</param>
        /// <param name="Exponent">RSA公钥指数</param>
        /// <param name="CryptAESKey">ASE密钥(密文)</param>
        /// <param name="CryptAESIV">ASE向量(密文)</param>
        /// <returns>0:成功 -100:设备号未在可登录的列表中登记</returns>
        public static int ApplyAESEncryptKey(string DeviceCode, string Modulus, string Exponent, out string CryptAESKey, out string CryptAESIV)
        {
            LogWriter.WriteLog("UserLogin.ApplyAESEncryptKey:DeviceCode=" + DeviceCode + ",Modulus=" + Modulus + ",Exponent=" + Exponent);
            CryptAESKey = ""; CryptAESIV = "";
            if (ConfigHelper.GetConfigBool("CheckDeviceCode"))
            {
                //if (!DeviceCode.StartsWith("iOS"))
                {
                    if (User_RegisterMACBLL.GetModelList("MacAddr='" + DeviceCode + "'").Count() == 0)
                    {
                        LogWriter.WriteLog("UserLogin.ApplyAESEncryptKey Error! DeviceCode not in allow lists! DeviceCode=" + DeviceCode);
                        return(-1003);
                    }
                }
            }

            string         cachekey = "EBMIF_DeviceCryptKey-" + DeviceCode;
            DeviceCryptKey key      = null;

            #region 从数据库中加载保存的密钥
            if (key == null)
            {
                string _keystr = "";

                if (UserBLL.AppCryptKey_LoadKey(DeviceCode, out _keystr) == 0 && !string.IsNullOrEmpty(_keystr))
                {
                    try
                    { key = JsonConvert.DeserializeObject <DeviceCryptKey>(_keystr); }
                    catch { }
                }
            }
            #endregion

            if (key == null)
            {
                //生成AES加密密钥
                key = new DeviceCryptKey(DeviceCode, Modulus, Exponent);
                key.GenerateAESKey();
                DataCache.SetCache(cachekey, key, DateTime.Now.AddMinutes(5), System.Web.Caching.Cache.NoSlidingExpiration);

                //密钥保存至数据库
                UserBLL.AppCryptKey_SaveKey(DeviceCode, JsonConvert.SerializeObject(key));
            }

            //将密钥RSA加密
            RSAProvider.EncryptText(key.AESKey, Modulus, Exponent, out CryptAESKey);
            RSAProvider.EncryptText(key.AESIV, Modulus, Exponent, out CryptAESIV);

            if (ConfigHelper.GetConfigBool("DebugMode"))
            {
                LogWriter.WriteLog("UserLogin.ApplyAESEncryptKeyA:DeviceCode=" + DeviceCode + ",AESKey=" + key.AESKey + ",AESIV=" + key.AESIV);
            }
            LogWriter.WriteLog("UserLogin.ApplyAESEncryptKeyB:DeviceCode=" + DeviceCode + ",CryptAESKey=" + CryptAESKey + ",CryptAESIV=" + CryptAESIV);
            return(0);
        }
Esempio n. 2
0
        /// <summary>
        /// 用户登录
        /// </summary>
        /// <param name="UserName">用户名</param>
        /// <param name="EncryptPassword">加密后的登录密码</param>
        /// <param name="DeviceCode">设备识别号</param>
        /// <param name="AuthKey">输出:授权码</param>
        /// <param name="ExtParams">扩展登录参数Json格式,包括AppCode、AppVersion、DeviceModel、DeviceOS、OSVersion、NetworkType
        /// 如:{"AppCode":"YSLRMAPP","AppVersion":43,"DeviceModel":"SM-G7108V","DeviceOS":"Android","OSVersion":"4.3","NetworkType":"ChinaMobile TD-SCDMA"}
        /// </param>
        /// <returns>0:登录成功
        /// -1001:用户名或密码错误,登录失败
        /// -1002:未能获取到对称加密密钥
        /// -1003:设备号未在可登录的列表中登记
        /// -1004:当前用户不允许从该设备号登录
        /// -1005:登录失败
        /// -1009:APP版本过低必须更新
        /// </returns>
        public static int Login(string UserName, string EncryptPassword, string DeviceCode, string ExtParams, out string AuthKey)
        {
            LogWriter.WriteLog("UserLogin.LoginEx2:UserName="******",EncryptPassword="******",DeviceCode=" + DeviceCode + ",ExtParams=" + ExtParams);
            AuthKey = "";

            Hashtable hs = string.IsNullOrEmpty(ExtParams) ? new Hashtable() : JsonConvert.DeserializeObject <Hashtable>(ExtParams);

            #region 判断是否符合最新版本要求
            if (hs["AppCode"] != null)
            {
                int MinAppVersion = 0;
                if (hs["AppCode"].ToString() == "PBMSAPP")
                {
                    MinAppVersion = ConfigHelper.GetConfigInt("MinAppVersion");
                }
                else if (hs["AppCode"].ToString() == "PBMSAPP-iOS")
                {
                    MinAppVersion = ConfigHelper.GetConfigInt("MinAppVersion-iOS");
                }

                if (MinAppVersion > 0 && hs["AppVersion"] != null)
                {
                    int AppVersion = 0;
                    if (int.TryParse(hs["AppVersion"].ToString(), out AppVersion) && AppVersion < MinAppVersion)
                    {
                        LogWriter.WriteLog("UserLogin.LoginEx2: AppVersion too lower! UserName="******",DeviceCode=" + DeviceCode + ",AppVersion=" + AppVersion.ToString());
                        return(-1009);       //APP版本过低必须更新
                    }
                }
            }

            #endregion

            #region 组织登录扩展属性
            string ExtPropertys = "";
            try
            {
                IList <UD_TableList> tables = UD_TableListBLL.GetModelList("Name='MCS_SYS.dbo.User_Online'");
                if (tables.Count > 0)
                {
                    IList <UD_ModelFields> models = UD_ModelFieldsBLL.GetModelList("Tableid='" + tables[0].ID.ToString() + "' AND Flag='N'");
                    foreach (UD_ModelFields item in models.OrderBy(p => p.Position))
                    {
                        if (hs.ContainsKey(item.FieldName))
                        {
                            ExtPropertys += hs[item.FieldName].ToString();
                        }
                        ExtPropertys += "|";
                    }
                }
            }
            catch { }
            #endregion

            string         cachekey = "EBMIF_DeviceCryptKey-" + DeviceCode;
            DeviceCryptKey key      = null;

            #region 从数据库中加载保存的密钥
            if (key == null)
            {
                string _keystr = "";
                if (UserBLL.AppCryptKey_LoadKey(DeviceCode, out _keystr) == 0 && !string.IsNullOrEmpty(_keystr))
                {
                    try
                    {
                        key = JsonConvert.DeserializeObject <DeviceCryptKey>(_keystr);
                        if (key != null)
                        {
                            DataCache.SetCache(cachekey, key, DateTime.Now.AddMinutes(5), System.Web.Caching.Cache.NoSlidingExpiration);
                        }
                    }
                    catch { }
                }
            }
            #endregion

            int    ret      = 0;
            string Password = EncryptPassword;
            if (key == null)
            {
                LogWriter.WriteLog("UserLogin.LoginEx: Get DeviceCrytKey Null! UserName="******",DeviceCode=" + DeviceCode);
                return(-1002);  //未能获取到对称加密密钥
            }
            else
            {
                ret = AESProvider.DecryptText(EncryptPassword, key.AESKey, key.AESIV, out Password);
                if (ret < 0)
                {
                    LogWriter.WriteLog("UserLogin.LoginEx! AESProvider.DecryptText Ret=" + ret.ToString() + ",DeviceCode=" + DeviceCode +
                                       ",EncryptPassword="******",AESKey=" + key.AESKey + ",AESIV=" + key.AESIV);
                    return(-1002);
                }
            }

            ret = userlogin(UserName, Password, DeviceCode, ExtPropertys, out AuthKey);

            if (ConfigHelper.GetConfigBool("DebugMode") && key != null)
            {
                LogWriter.WriteLog("UserLogin.LoginEx:Login Return ret=" + ret.ToString() + ",DeviceCode=" + DeviceCode
                                   + ",AESKey=" + key.AESKey + ",AESIV=" + key.AESIV + ",AuthKey=" + AuthKey);
            }

            switch (ret)
            {
            case -1003:
                //设备号未在可登录的列表中登记
                return(-1003);

            case -3:
            case -5:
            case -10:
                //当前用户不允许从该设备号登录
                return(-1004);

            case -2:
            case -11:
            case -12:
            case -13:
                //用户名或密码错误,登录失败
                return(-1001);

            case 1:
                //登录成功
                return(0);

            default:
                //登录失败
                return(-1005);
            }
        }