/// <summary>
/// 加密初始化
/// </summary>
/// <param name="facePublicKey">对方公钥</param>
/// <param name="hashType">摘要哈希方式,值必须为MD5或SHA1</param>
public void CryptoInitialize(string facePublicKey, string hashType)
{
if (_cryptor == null)
{
RsaHelper ownRsa = new RsaHelper();
Headers.Add(HttpHeaderNames.OSharpClientPublicKey, ownRsa.PublicKey);
_cryptor = new CommunicationCryptor(ownRsa.PrivateKey, facePublicKey, hashType);
}
}
/// <summary>
/// 使用服务端公钥初始化<see cref="ClientCryptoDelegatingHandler"/>类的新实例
/// </summary>
/// <param name="publicKey">服务端公钥</param>
/// <param name="hashType">签名哈希类型,必须为MD5或SHA1</param>
public ClientCryptoDelegatingHandler(string publicKey, string hashType = "MD5")
{
publicKey.CheckNotNullOrEmpty("publicKey");
hashType.CheckNotNullOrEmpty("hashType");
hashType = hashType.ToUpper();
hashType.Required(str => hashType == "MD5" || hashType == "SHA1", Resources.Http_Security_RSA_Sign_HashType);
RsaHelper rsa = new RsaHelper();
_cryptor = new CommunicationCryptor(rsa.PrivateKey, publicKey, hashType);
_clientPublicKey = rsa.PublicKey;
}
/// <summary>
/// 数据传到Hub之前进行数据解密
/// </summary>
/// <param name="context"></param>
/// <returns></returns>
protected override bool OnBeforeIncoming(IHubIncomingInvokerContext context)
{
//_canCrypto = CanCrypto(context.Hub.Context);
//if (!_canCrypto)
//{
// return base.OnBeforeIncoming(context);
//}
//数据解密
string facePublicKey = context.Hub.Context.Headers.Get(HttpHeaderNames.OSharpClientPublicKey);
if (string.IsNullOrEmpty(facePublicKey))
{
return false;
}
_cryptor = new CommunicationCryptor(_ownPrivateKey, facePublicKey, _hashType);
if (context.Args.Count == 1)
{
string encrypt = (string)context.Args[0];
string json = _cryptor.DecryptAndVerifyData(encrypt);
IList<object> args = JsonConvert.DeserializeObject<IList<object>>(json);
context.Args.Clear();
IList<object> values = context.MethodDescriptor.Parameters.Zip(args, (desc, arg) => ResolveParameter(desc, arg)).ToList();
foreach (object arg in values)
{
context.Args.Add(arg);
}
}
return base.OnBeforeIncoming(context);
}
private Task<HttpResponseMessage> DecryptRequest(HttpRequestMessage request)
{
if (!request.Headers.Contains(HttpHeaderNames.OSharpClientPublicKey))
{
return CreateResponseTask(request, HttpStatusCode.BadRequest, "在请求头中客户端公钥信息无法找到。");
}
string publicKey = request.Headers.GetValues(HttpHeaderNames.OSharpClientPublicKey).First();
_cryptor = new CommunicationCryptor(_privateKey, publicKey, _hashType);
if (request.Content == null)
{
return null;
}
string data = request.Content.ReadAsStringAsync().Result;
if (string.IsNullOrEmpty(data))
{
return null;
}
try
{
if (_cryptor != null)
{
data = _cryptor.DecryptAndVerifyData(data);
}
if (data == null)
{
throw new OSharpException("服务器解析请求数据时发生异常。");
}
HttpContent content = new StringContent(data);
content.Headers.ContentType = request.Content.Headers.ContentType;
request.Content = content;
return null;
}
catch (CryptographicException ex)
{
const string message = "服务器解析传输数据时发生异常。";
Logger.Error(message, ex);
return CreateResponseTask(request, HttpStatusCode.BadRequest, message, ex);
}
catch (Exception ex)
{
Logger.Error(Resources.Http_Security_Host_DecryptRequest_Failt, ex);
return CreateResponseTask(request, HttpStatusCode.BadRequest, Resources.Http_Security_Host_DecryptRequest_Failt, ex);
}
}