public async Task <IActionResult> SetRealNameInformation(string token, string sfz, string digitalEnvelopeJson, string dataSignJson) { var re = new ApiRe(); DigitalEnvelope digitalEnvelope = null; var verify = false; //数字信封 if (this.config.SecurityConfig.ForceDigitalEnvelope) { digitalEnvelope = DigitalEnvelope.FromJSON(digitalEnvelopeJson); var data = digitalEnvelope.GetPayLoadValue(this.gMService, this.config.SecurityConfig.PrivateKey); if (data == null) { throw new Exception("数字信封解密失败"); } //赋予解密的数字信封 sfz = data; } if (this.config.SecurityConfig.ForceDigitalSignature) { //验证签名 var dataSign = DataSignDTO.FromJSON(dataSignJson); verify = await this.ePassService.VerifyDataSign(dataSign); if (!verify) { return(LeanoteJson(re)); } verify = dataSign.SignData.Operate.Equals("/api/User/SetRealNameInformation"); if (!verify) { re.Msg = "Operate is not Equals "; return(LeanoteJson(re)); } //签字签名和数字信封数据 if (dataSign != null) { var dataSM3 = gMService.SM3(sfz); var signSM3 = dataSign.SignData.Hash; if (!dataSM3.ToUpper().Equals(signSM3.ToUpper())) { re.Msg = "SM3 is error"; re.Ok = false; return(LeanoteJson(re)); } } //签名存证 this.dataSignService.AddDataSign(dataSign, "SetRealNameInformation"); } User user = tokenSerivce.GetUserByToken(token); if (user == null) { ApiRe apiRe = new ApiRe() { Ok = false, Msg = "NOTLOGIN", }; return(Json(apiRe, MyJsonConvert.GetLeanoteOptions())); } this.realNameService.SetRealName(user.UserId, sfz); re.Ok = true; return(LeanoteJson(re)); }
public async Task <IActionResult> UpdateNoteTitleAndContent(string token, string noteId, string noteTitle, string content, string dataSignJson, string digitalEnvelopeJson) { var user = tokenSerivce.GetUserByToken(token); var re = new ApiRe(); if (user == null) { return(LeanoteJson(re)); } DigitalEnvelope digitalEnvelope = null; var verify = false; if (this.config.SecurityConfig.ForceDigitalEnvelope) { //数字信封 if (this.config.SecurityConfig.ForceDigitalEnvelope) { digitalEnvelope = DigitalEnvelope.FromJSON(digitalEnvelopeJson); var data = digitalEnvelope.GetPayLoadValue(this.gMService, this.config.SecurityConfig.PrivateKey); if (data == null) { throw new Exception("数字信封解密失败"); } //赋予解密的数字信封 content = data; } } if (this.config.SecurityConfig.ForceDigitalSignature) { //验证签名 var dataSign = DataSignDTO.FromJSON(dataSignJson); verify = await this.ePassService.VerifyDataSign(dataSign); if (!verify) { return(LeanoteJson(re)); } verify = dataSign.SignData.Operate.Equals("/api/Note/UpdateNoteTitleAndContent"); if (!verify) { re.Msg = "Operate is not Equals "; return(LeanoteJson(re)); } //签字签名和数字信封数据 if (dataSign != null) { var dataSM3 = gMService.SM3(noteId + noteTitle + content); var signSM3 = dataSign.SignData.Hash; if (!dataSM3.ToUpper().Equals(signSM3.ToUpper())) { re.Msg = "SM3 is error"; re.Ok = false; return(LeanoteJson(re)); } } //签名存证 this.dataSignService.AddDataSign(dataSign, "UpdateNoteTitleAndContent"); } //-------------校验参数合法性 if (user == null) { re.Msg = "NOlogin"; re.Ok = false; return(Json(re, MyJsonConvert.GetSimpleOptions())); } // 先判断USN的问题, 因为很可能添加完附件后, 会有USN冲突, 这时附件就添错了 var note = noteService.GetNote(noteId.ToLongByHex(), user.UserId); verify = noteRepositoryService.Verify(note.NotesRepositoryId, user.UserId, RepositoryAuthorityEnum.Write); if (!verify) { return(LeanoteJson(re)); } if (note == null || note.NoteId == 0) { re.Msg = "notExists"; re.Ok = false; return(Json(re, MyJsonConvert.GetSimpleOptions())); } var des = MyHtmlHelper.SubHTMLToRaw(content, 200); var noteContentId = idGenerator.NextId(); NoteContent noteContent = new NoteContent() { NoteContentId = noteContentId, Abstract = content, Content = content, UserId = user.UserId, NoteId = note.NoteId, CreatedTime = DateTime.Now, UpdatedTime = DateTime.Now, UpdatedUserId = user.UserId }; if (this.config.SecurityConfig.DataBaseEncryption) { noteContent.Abstract = "DataBaseEncryption"; } noteContentService.UpdateNoteContent(note.NoteId, noteContent); noteService.UpdateNoteTitle(note.NoteId, noteTitle); var usn = noteRepositoryService.IncrUsn(note.NotesRepositoryId); noteService.UpdateUsn(note.NoteId, usn); re.Ok = true; re.Data = note; if (this.config.SecurityConfig.ForceDigitalEnvelope) { var key = digitalEnvelope.getSM4Key(this.gMService, this.config.SecurityConfig.PrivateKey); var json = note.ToJson(); var payLoad = new PayLoadDTO(); payLoad.SetData(json); var payLoadJson = payLoad.ToJson(); var jsonHex = Common.Utils.HexUtil.ByteArrayToString(Encoding.UTF8.GetBytes(payLoadJson)); var enc = gMService.SM4_Encrypt_CBC(jsonHex, key, digitalEnvelope.IV, true); re.Data = enc; re.Encryption = true; } return(LeanoteJson(re)); }