/// <summary>
/// 將使用者註冊資訊加密並簽章。
/// </summary>
/// <param name="regData"></param>
/// <returns></returns>
public string EncryptAndSign(UserRegData regData)
{
CspParameters cspParams = new CspParameters();
cspParams.Flags = CspProviderFlags.UseMachineKeyStore;
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(cspParams);
rsa.FromXmlString(m_PrivateKey);
/*
* Note: 若呼叫 FromXmlString 時出現找不到檔案的錯誤,可以檢查看看以下資料夾的存取權限:
* C:\Documents and Settings\All Users\Application data\Microsoft\Crypto\RSA\MachineKeys
* 或者 (Windows 7):
* c:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\
* 應用程式的執行帳戶(例如 NETWORK SERVICE)要能對此目錄有存取權限。
*/
string data = regData.ToString();
string encrypted = EncryptRegData(data, regData.IPAddr);
string signature = HashAndSign(data, m_PrivateKey);
ByteArray signatureData = new ByteArray(Convert.FromBase64String(signature));
rsa.FromXmlString(m_PublicKey);
bool ok = rsa.VerifyData(Encoding.Default.GetBytes(data), SHA1.Create(), signatureData.Bytes);
if (ok)
{
// 傳回公鑰、簽章、密文(包括密鑰、初始化向量、密文資料)。
return(m_PublicKey + ";" + signature + ";" + encrypted);
}
return("");
}
public static UserRegData Parse(string s)
{
UserRegData ur = new UserRegData();
string[] parts = s.Split(';');
ur.ProductID = parts[RegDataIndex.ProductID];
ur.LicenseKey = parts[RegDataIndex.LicenseKey];
ur.CustomerName = parts[RegDataIndex.CustomerName];
if (parts.Length <= 8) // 考慮舊版註冊檔的相容性所加的判斷
{
// Note: 舊版的註冊資料的欄位索引跟新版的不同,所以要用數字,不能用常數。
ur.Tel = parts[3];
ur.Address = parts[4];
ur.IPAddr = IPAddress.Parse(parts[5]);
if (parts.Length >= 7)
{
ur.VersionName = parts[6];
}
else
{
ur.VersionName = "";
}
if (parts.Length == 8) // 考慮舊版註冊檔的相容性所加的判斷
{
ur.ExpiredDate = DateTime.Parse(parts[7]);
}
else
{
ur.ExpiredDate = new DateTime(3000, 1, 1);
}
}
else
{
ur.ContactName = parts[RegDataIndex.ContactName];
ur.Email = parts[RegDataIndex.Email];
ur.Tel = parts[RegDataIndex.Tel];
ur.Address = parts[RegDataIndex.Address];
ur.IPAddr = IPAddress.Parse(parts[RegDataIndex.IPAddress]);
ur.VersionName = parts[RegDataIndex.Version];
ur.ExpiredDate = DateTime.Parse(parts[RegDataIndex.ExpiredDate]);
}
return(ur);
}
public UserRegData DecryptRegData(string regText)
{
string[] parts = regText.Split(';');
if (parts.Length < 5)
{
return(null);
}
// 0: Public key (XML)
// 1: 數位簽章 (Base64)
// 2: 對稱式加密金鑰 (Base64)
// 3: 初始化向量 (Base64)
// 4: 密文 (Base64)
// 解密
SymmetricCrypto crypto = new SymmetricCrypto(SymmetricCrypto.Provider.Rijndael, false);
byte[] key = Convert.FromBase64String(parts[2]);
crypto.IntializationVector = new ByteArray(Convert.FromBase64String(parts[3]));
byte[] decryptedData = crypto.Decrypt(Convert.FromBase64String(parts[4]), key);
// 驗證簽章
ByteArray signature = new ByteArray(Convert.FromBase64String(parts[1]));
CspParameters cspParams = new CspParameters();
cspParams.Flags = CspProviderFlags.UseMachineKeyStore;
var rsa = new RSACryptoServiceProvider(cspParams);
rsa.FromXmlString(parts[0]);
bool valid = rsa.VerifyData(decryptedData, SHA1.Create(), signature.Bytes);
if (!valid)
{
return(null);
}
string decryptedText = Encoding.Default.GetString(decryptedData);
UserRegData regData = UserRegData.Parse(decryptedText);
return(regData);
}