public void SetSecuritySettings(SecuritySettingsInfo securitySettings)
{
SecuritySettings = null;
if (securitySettings.SecurityMode == SecurityMode.None)
{
securitySettings.Data = null;
var result = ConnectorExtension.SendData <SecuritySettingsInfo>(this, new Shared.Models.MethodCallInfo()
{
Guid = Guid.NewGuid().ToString(), ServiceName = "/SetSettings", Data = JsonConvert.SerializeObject(securitySettings)
});
}
else if (securitySettings.SecurityMode == SecurityMode.RSA_AESSecurity)
{
var keys = RSASecurity.GenerateRandomKey();
securitySettings.Data = new RSAAESEncryptionData()
{
RSAEncryptionKey = keys.PublicKey
};
var result = ConnectorExtension.SendData <SecuritySettingsInfo>(this, new Shared.Models.MethodCallInfo()
{
Guid = Guid.NewGuid().ToString(), ServiceName = "/SetSettings", Data = JsonConvert.SerializeObject(securitySettings)
});
SecuritySettings = new SecuritySettingsInfo()
{
Data = new RSAAESEncryptionData()
{
Key = RSASecurity.Decrypt(result.Data.Key, RSASecurity.StringToKey(keys.PrivateKey)), IV = RSASecurity.Decrypt(result.Data.IV, RSASecurity.StringToKey(keys.PrivateKey))
}, SecurityMode = securitySettings.SecurityMode
};
}
}
/// <summary>
/// return Key
/// </summary>
/// <returns></returns>
public ActionResult GetRsaKey()
{
var kp = new Dictionary <string, string>();
kp = RSASecurity.CreateRsaPair();
return(Json(new { status = "ok", publickey = kp["PUBLIC"].ToString() }, "text/html", JsonRequestBehavior.AllowGet));
}
public async void SetSecuritySettings(SecuritySettingsInfo securitySettings)
#endif
{
SecuritySettings = null;
if (securitySettings.SecurityMode == SecurityMode.None)
{
securitySettings.Data = null;
#if (NET40 || NET35)
SecuritySettingsInfo result = ConnectorExtensions.SendData <SecuritySettingsInfo>(this, new Shared.Models.MethodCallInfo()
{
Guid = Guid.NewGuid().ToString(), ServiceName = "/SetSettings", Data = JsonConvert.SerializeObject(securitySettings)
});
#else
SecuritySettingsInfo result = await ConnectorExtensions.SendData <SecuritySettingsInfo>(this, new Shared.Models.MethodCallInfo()
{
Guid = Guid.NewGuid().ToString(), ServiceName = "/SetSettings", Data = JsonConvert.SerializeObject(securitySettings)
});
#endif
}
else if (securitySettings.SecurityMode == SecurityMode.RSA_AESSecurity)
{
#if (!PORTABLE)
RSAKey keys = RSASecurity.GenerateRandomKey();
securitySettings.Data = new RSAAESEncryptionData()
{
RSAEncryptionKey = keys.PublicKey
};
#if (NET40 || NET35)
SecuritySettingsInfo result = ConnectorExtensions.SendData <SecuritySettingsInfo>(this, new Shared.Models.MethodCallInfo()
{
Guid = Guid.NewGuid().ToString(), ServiceName = "/SetSettings", Data = JsonConvert.SerializeObject(securitySettings)
});
#else
SecuritySettingsInfo result = await ConnectorExtensions.SendData <SecuritySettingsInfo>(this, new Shared.Models.MethodCallInfo()
{
Guid = Guid.NewGuid().ToString(), ServiceName = "/SetSettings", Data = JsonConvert.SerializeObject(securitySettings)
});
#endif
SecuritySettings = new SecuritySettingsInfo()
{
Data = new RSAAESEncryptionData()
{
Key = RSASecurity.Decrypt(result.Data.Key, RSASecurity.StringToKey(keys.PrivateKey)), IV = RSASecurity.Decrypt(result.Data.IV, RSASecurity.StringToKey(keys.PrivateKey))
}, SecurityMode = securitySettings.SecurityMode
};
#endif
}
}
public ActionResult Handler()
{
string username = Request["username"];
string enpass = Request["passpwd"];
string valicode = Request["validatecode"];
string validatecode = Session["gong_validate_code"].ToString();
if (validatecode.Equals(valicode))
{
string privatekeypath = AppDomain.CurrentDomain.BaseDirectory + WebConfigurationManager.AppSettings["RSAPrivateKey"];
string privatekey = System.IO.File.ReadAllText(privatekeypath);
string plainpwd = RSASecurity.DecryptRSA(enpass, privatekey);
if (!string.IsNullOrEmpty(privatekey))
{
Staff userinfo = (from u in seeiiexpertDB.Staffs where u.userName == username && u.passWord == plainpwd select u).FirstOrDefault();
if (userinfo != null)
{
Session["loginModel"] = userinfo;
Session["name"] = userinfo.name;
return(Json(new { status = "ok", msg = "登陆成功,欢迎回来!" }, "text/html", JsonRequestBehavior.AllowGet));
}
else
{
return(Json(new { status = "error", msg = "您输入的用户名或密码有误,请核对后重新输入!" }, "text/html", JsonRequestBehavior.AllowGet));
}
}
else
{
return(Json(new { status = "error", msg = "密钥错误或者不存在,请稍后再试!" }, "text/html", JsonRequestBehavior.AllowGet));
}
}
else
{
return(Json(new { status = "error", msg = "您输入的验证码有误,请核对后重新输入!" }, "text/html", JsonRequestBehavior.AllowGet));
}
}
/// <summary>
/// Xử lý RSA
/// </summary>
/// <param name="sourceText"></param>
/// <param name="type"></param>
/// <returns></returns>
public string ProcessRSA(string sourceText, RSAType type)
{
return(type == RSAType.Encrypt ? RSASecurity.Encrypt(sourceText) : RSASecurity.Decrypt(sourceText));
}