/// <summary> /// 解密(每个用户单独分配秘钥) /// </summary> /// <param name="data"> /// 密文数据 手机号码格式:$手机号码前3位明文$base64(encrypt(phone后8位))$111$ /// simple格式:~base64(encrypt(nick))~111~ /// </param> /// <param name="type">解密字段类型(例如:simple\phone)</param> /// <param name="session">用户身份,用户级加密必填</param> /// <returns></returns> public string Decrypt(string data, string type, string session) { if (string.IsNullOrEmpty(data) || data.Length < 4) { return(data); } // 获取分隔符 Nullable <char> charValue = null; SecurityBiz.GetSeparatorCharMap().TryGetValue(type, out charValue); if (charValue == null) { throw new SecretException("type error"); } // 校验 char separator = charValue.Value; if (!(data[0] == separator && data[data.Length - 1] == separator)) { return(data); } SecretData secretDataDO = null; if (data[data.Length - 2] == separator) { secretDataDO = SecurityBiz.GetIndexSecretData(data, separator); } else { secretDataDO = SecurityBiz.GetSecretData(data, separator); } // 非法密文 if (secretDataDO == null) { return(data); } // 如果密文数据的版本号小于0代表公共秘钥 if (secretDataDO.SecretVersion < 0) { secretDataDO.SecretVersion = Math.Abs(secretDataDO.SecretVersion.Value); session = null; } securityCounter.AddDecryptCount(type, session);// 计数器 SecretContext secretContextDO = secretCore.GetSecret(session, secretDataDO.SecretVersion); string decryptValue = SecurityUtil.AESDecrypt(secretDataDO.OriginalBase64Value, secretContextDO.Secret); if (PHONE.Equals(type) && !secretDataDO.Search) { // 加上手机号前3位,手机号只加密了后8位 return(secretDataDO.OriginalValue + decryptValue); } return(decryptValue); }
/// <summary> /// 加密之后格式。 手机号码格式:$手机号码前3位明文$base64(encrypt(phone后8位))$111$ /// nick格式:~base64(encrypt(nick))~111~ /// </summary> /// <param name="data">明文数据</param> /// <param name="type">加密字段类型(例如:nick\phone)</param> /// <param name="session">用户身份,用户级加密必填</param> /// <param name="version">秘钥历史版本</param> /// <returns></returns> private string Encrypt(string data, string type, string session, Nullable <Int64> version) { if (string.IsNullOrEmpty(data)) { return(data); } SecretContext secretContext = secretCore.GetSecret(session, version); if (secretContext == null) { throw new SecretException("secretKey is null"); } if (secretContext.Secret == null) { return(data); } string separator = null; SecurityBiz.GetSeparatorMap().TryGetValue(type, out separator); if (separator == null) { throw new SecretException("type error"); } SecurityCounter.AddEncryptCount(type);// 计数器 bool isEncryptIndex = secretCore.IsIndexEncrypt(type, version); // 支持密文检索 if (isEncryptIndex) { if (PHONE.Equals(type)) { return(SecurityBiz.EncryptPhoneIndex(data, separator, secretContext)); } else { int compressLen = secretCore.GetCompressLen(); int slideSize = secretCore.GetSlideSize(); return(SecurityBiz.EncryptNormalIndex(data, compressLen, slideSize, separator, secretContext)); } } else { if (PHONE.Equals(type)) { return(SecurityBiz.EncryptPhone(data, separator, secretContext)); } else { return(SecurityBiz.EncryptNormal(data, separator, secretContext)); } } }
/// <summary> /// 密文检索。 手机号码格式:$base64(H-MAC(phone后4位))$ simple格式:base64(H-MAC(滑窗)) /// </summary> /// <param name="data">明文数据</param> /// <param name="type">加密字段类型(例如:simple\phone)</param> /// <param name="session">用户身份,用户级加密必填</param> /// <param name="version">秘钥历史版本</param> /// <returns></returns> private string Search(string data, string type, string session, Nullable <Int64> version) { if (string.IsNullOrEmpty(data)) { return(data); } SecretContext secretContext = secretCore.GetSecret(session, version); if (secretContext == null) { throw new SecretException("secretKey is null"); } if (secretContext.Secret == null) { return(data); } string separator = null; SecurityBiz.GetSeparatorMap().TryGetValue(type, out separator); if (separator == null) { throw new SecretException("type error"); } // 公共秘钥版本号用负数区分 if (session == null) { SecretContext publicSecretContext = new SecretContext(); publicSecretContext.Secret = secretContext.Secret; publicSecretContext.SecretVersion = -secretContext.SecretVersion; secretContext = publicSecretContext; } securityCounter.AddSearchCount(type, session);// 计数器 if (PHONE.Equals(type)) { return(SecurityBiz.SearchPhoneIndex(data, separator, secretContext)); } else { int compressLen = secretCore.GetCompressLen(); int slideSize = secretCore.GetSlideSize(); return(SecurityBiz.SearchNormalIndex(data, compressLen, slideSize, secretContext)); } }
/// <summary> /// 判断是否密文数据 /// </summary> /// <param name="data"></param> /// <param name="type">加密字段类型(例如:simple\phone)</param> /// <returns></returns> public static bool IsEncryptData(string data, string type) { return(SecurityBiz.IsEncryptData(data, type)); }