private void DCGenerateCertificateButton_Click(object sender, RoutedEventArgs e)
{
//Create a RSAWrapper object using the dropdown box selection.
RSAWrapper envelopeRsaAlgorithm = new RSAWrapper(DCEnvelopeRsaDropdown.SelectedItem.ToString());
//Create a CipherMode object using the dropdown box selection.
CipherMode cipherMode = HelperExtensions.StringToCipherMode(DCEnvelopeCipherDropdown.SelectedItem.ToString());
//Create a SymmetricAlgorithmWrapper object using the dropdown box selection and the CipherMode object.
SymmetricAlgorithmWrapper symmetricAlgorithmType = HelperExtensions.StringToSymAlg(DCEnvelopeSymDropdown.SelectedItem.ToString(), cipherMode, DCEnvelopeCipherDropdown.SelectedItem.ToString());
//Create a DigitalEnvelope object using the dropdown box selection, the SymmetricAlgorithmWrapper object and the RSAWrapper object.
DigitalEnvelope digitalEnvelope = new DigitalEnvelope(symmetricAlgorithmType, envelopeRsaAlgorithm, DCInputTextBox.Text);
//Decrypt the envelope.
DigitalEnvelopeEncrypted result = digitalEnvelope.CreateEnvelope();
//Create a HashAlgorithmName object using the dropdown box selection.
HashAlgorithmName hashAlgorithmName = HelperExtensions.StringToHashAlgorithm(DCSignatureHashDropdown.SelectedItem.ToString());
//Create a RSAWrapper object using the dropdown box selection and the HashAlgorithmName object.
RSAWrapper rsaAlgorithm = new RSAWrapper(DCSignatureRsaDropdown.SelectedItem.ToString(), hashAlgorithmName);
//Create a DigitalSignature object using the RSAWrapper object and the encrypted envelope data.
DigitalSignature digitalSignature = new DigitalSignature(rsaAlgorithm, result.EncryptedDataKeyPair());
//Create a signature for the encrypted envelope data.
digitalSignature.CreateSignature();
DCInputTextBlock.Text = "Certificate generated successfully!";
}
public static CertificateOutputViewModel GenerateCertificate(this CertificateInputViewModel vm)
{
var inputBytes = Encoding.ASCII.GetBytes(vm.InputText); // new byte[] { };
ISymmetricCryptoAlgorithm symmetric = GetSymmetricAlgorithm(vm.SelectedSymmetricAlgorithmName,
vm.SelectedSymmetricAlgorithmKey, vm.SelectedSymmetricAlgorithmMode);
IAsymmetricCryptoAlgorithm asymmetric =
GetAsymmetricAlgorithm(vm.SelectedAsymmetricAlgorithmName, vm.SelectedAsymmetricAlgorithmKey);
var envelope = new DigitalEnvelope(symmetric: symmetric, asymmetric: asymmetric);
IHashAlgorithm hash = GetHashAlgorithm(vm.SelectedHashAlgorithmName);
var signature = new Core.Signature.DigitalSignature(hash: hash, algorithm: asymmetric);
var certificate = new DigitalCertificate(
envelope: envelope,
signature: signature
);
byte[] _gen = certificate.Create(input: inputBytes);
(bool, byte[])_degen = certificate.Check();
var model = new CertificateOutputViewModel(_gen, envelope.Data, envelope.Key, hash.AlgorithmName,
vm.SelectedSymmetricAlgorithmName, vm.SelectedSymmetricAlgorithmKey,
vm.SelectedAsymmetricAlgorithmName, vm.SelectedAsymmetricAlgorithmKey,
file: Constants.File.Name.CERTIFICATE)
{
InputText = vm.InputText
};
return(model);
}
public static EnvelopeOutputViewModel GenerateEnvelope(this EnvelopeInputViewModel vm)
{
var inputBytes = Encoding.ASCII.GetBytes(vm.InputText); // new byte[] { };
ISymmetricCryptoAlgorithm symmetric = GetSymmetricAlgorithm(vm.SelectedSymmetricAlgorithmName,
vm.SelectedSymmetricAlgorithmKey, vm.SelectedSymmetricAlgorithmMode);
IAsymmetricCryptoAlgorithm asymmetric =
GetAsymmetricAlgorithm(vm.SelectedAsymmetricAlgorithmName, vm.SelectedAsymmetricAlgorithmKey);
var envelope = new DigitalEnvelope(symmetric: symmetric, asymmetric: asymmetric);
var _env = envelope.Encrypt(input: inputBytes);
var data = envelope.Decrypt();
var model = new EnvelopeOutputViewModel(_env.data, _env.cryptKey, vm.SelectedSymmetricAlgorithmName,
vm.SelectedSymmetricAlgorithmKey, vm.SelectedAsymmetricAlgorithmName,
vm.SelectedAsymmetricAlgorithmKey,
file: Constants.File.Name.ENVELOPE)
{
InputText = vm.InputText
};
return(model);
}
private void DEDecryptButton_Click(object sender, RoutedEventArgs e)
{
//Create a DigitalEnvelope object that will load all the necessary properties from saved files.
DigitalEnvelope digitalEnvelope = new DigitalEnvelope(DEInputEnvelopeTextBox.Text, DEInputPrivateKeyTextBox.Text);
byte[] result = digitalEnvelope.DecryptEnvelope();
//If the result of the decryption is null an error must have occurred.
DEInputTextBlock.Text = result != null?Encoding.Unicode.GetString(result) : "Envelope could not be decrypted!";
}
public async Task <IActionResult> GetRealNameInformation(string token, string digitalEnvelopeJson, string dataSignJson)
{
var re = new ApiRe();
DigitalEnvelope digitalEnvelope = null;
var verify = false;
//数字信封
if (this.config.SecurityConfig.ForceDigitalEnvelope)
{
digitalEnvelope = DigitalEnvelope.FromJSON(digitalEnvelopeJson);
}
if (this.config.SecurityConfig.ForceDigitalSignature)
{
//验证签名
var dataSign = DataSignDTO.FromJSON(dataSignJson);
verify = await this.ePassService.VerifyDataSign(dataSign);
if (!verify)
{
return(LeanoteJson(re));
}
verify = dataSign.SignData.Operate.Equals("/api/User/GetRealNameInformation");
if (!verify)
{
re.Msg = "Operate is not Equals ";
return(LeanoteJson(re));
}
//签字签名和数字信封数据
//签名存证
this.dataSignService.AddDataSign(dataSign, "GetRealNameInformation");
}
User user = tokenSerivce.GetUserByToken(token);
if (user == null)
{
ApiRe apiRe = new ApiRe()
{
Ok = false,
Msg = "NOTLOGIN",
};
return(Json(apiRe, MyJsonConvert.GetLeanoteOptions()));
}
var realName = this.realNameService.GetRealNameInformationByUserId(user.UserId);
re.Ok = true;
re.Data = realName;
return(LeanoteJson(re));
}
//Generate a digital envelope.
private void DEGenerateButton_Click(object sender, RoutedEventArgs e)
{
//Create a CipherMode object using the dropdown box selection.
CipherMode cipherMode = HelperExtensions.StringToCipherMode(DESymTypeDropdown.SelectedItem.ToString());
//Create a SymmetricAlgorithmWrapper object using the dropdown box selections and the CipherMode object.
SymmetricAlgorithmWrapper symmetricAlgorithmType = HelperExtensions.StringToSymAlg(DESymDropdown.SelectedItem.ToString(), cipherMode, DESymTypeDropdown.SelectedItem.ToString());
//Create a RSAWrapper object using the dropdown box selection.
RSAWrapper rsaAlgorithm = new RSAWrapper(DERsaDropdown.SelectedItem.ToString());
DigitalEnvelope digitalEnvelope = new DigitalEnvelope(symmetricAlgorithmType, rsaAlgorithm, DEInputTextBox.Text);
digitalEnvelope.CreateEnvelope();
DEInputTextBlock.Text = "Envelope generated successfully!";
}
private void DCAuthenticateCertificateButton_Click(object sender, RoutedEventArgs e)
{
//Create a DigitalEnvelope object that will load all the necessary properties from saved files.
DigitalEnvelope digitalEnvelope = new DigitalEnvelope(DCInputEnvelopeTextBox.Text, DCInputEnvelopePrivateKeyTextBox.Text);
//Create a DigitalSignature object that will load all the necessary properties from saved files and the DigitalEnvelope object.
DigitalSignature digitalSignature = new DigitalSignature(digitalEnvelope.DigitalEnvelopeEncrypted.EncryptedDataKeyPair(), DCInputSignatureTextBox.Text, DCInputSignaturePublicKeyTextBox.Text);
if (digitalSignature.AuthenticateSignature())
{
DCInputTextBlock.Text = "Signature valid!";
}
else
{
DCInputTextBlock.Text = "Signature invalid!";
return;
}
byte[] result = digitalEnvelope.DecryptEnvelope();
string decryptedEnvelope = result != null?Encoding.Unicode.GetString(result) : "Envelope could not be decrypted!";
DCInputTextBlock.Text += "\n\n-----------------------------------------------\n" + decryptedEnvelope;
}
public async Task <IActionResult> SetRealNameInformation(string token, string sfz, string digitalEnvelopeJson, string dataSignJson)
{
var re = new ApiRe();
DigitalEnvelope digitalEnvelope = null;
var verify = false;
//数字信封
if (this.config.SecurityConfig.ForceDigitalEnvelope)
{
digitalEnvelope = DigitalEnvelope.FromJSON(digitalEnvelopeJson);
var data = digitalEnvelope.GetPayLoadValue(this.gMService, this.config.SecurityConfig.PrivateKey);
if (data == null)
{
throw new Exception("数字信封解密失败");
}
//赋予解密的数字信封
sfz = data;
}
if (this.config.SecurityConfig.ForceDigitalSignature)
{
//验证签名
var dataSign = DataSignDTO.FromJSON(dataSignJson);
verify = await this.ePassService.VerifyDataSign(dataSign);
if (!verify)
{
return(LeanoteJson(re));
}
verify = dataSign.SignData.Operate.Equals("/api/User/SetRealNameInformation");
if (!verify)
{
re.Msg = "Operate is not Equals ";
return(LeanoteJson(re));
}
//签字签名和数字信封数据
if (dataSign != null)
{
var dataSM3 = gMService.SM3(sfz);
var signSM3 = dataSign.SignData.Hash;
if (!dataSM3.ToUpper().Equals(signSM3.ToUpper()))
{
re.Msg = "SM3 is error";
re.Ok = false;
return(LeanoteJson(re));
}
}
//签名存证
this.dataSignService.AddDataSign(dataSign, "SetRealNameInformation");
}
User user = tokenSerivce.GetUserByToken(token);
if (user == null)
{
ApiRe apiRe = new ApiRe()
{
Ok = false,
Msg = "NOTLOGIN",
};
return(Json(apiRe, MyJsonConvert.GetLeanoteOptions()));
}
this.realNameService.SetRealName(user.UserId, sfz);
re.Ok = true;
return(LeanoteJson(re));
}
public async Task <IActionResult> UpdateNoteTitleAndContent(string token, string noteId, string noteTitle, string content, string dataSignJson, string digitalEnvelopeJson)
{
var user = tokenSerivce.GetUserByToken(token);
var re = new ApiRe();
if (user == null)
{
return(LeanoteJson(re));
}
DigitalEnvelope digitalEnvelope = null;
var verify = false;
if (this.config.SecurityConfig.ForceDigitalEnvelope)
{
//数字信封
if (this.config.SecurityConfig.ForceDigitalEnvelope)
{
digitalEnvelope = DigitalEnvelope.FromJSON(digitalEnvelopeJson);
var data = digitalEnvelope.GetPayLoadValue(this.gMService, this.config.SecurityConfig.PrivateKey);
if (data == null)
{
throw new Exception("数字信封解密失败");
}
//赋予解密的数字信封
content = data;
}
}
if (this.config.SecurityConfig.ForceDigitalSignature)
{
//验证签名
var dataSign = DataSignDTO.FromJSON(dataSignJson);
verify = await this.ePassService.VerifyDataSign(dataSign);
if (!verify)
{
return(LeanoteJson(re));
}
verify = dataSign.SignData.Operate.Equals("/api/Note/UpdateNoteTitleAndContent");
if (!verify)
{
re.Msg = "Operate is not Equals ";
return(LeanoteJson(re));
}
//签字签名和数字信封数据
if (dataSign != null)
{
var dataSM3 = gMService.SM3(noteId + noteTitle + content);
var signSM3 = dataSign.SignData.Hash;
if (!dataSM3.ToUpper().Equals(signSM3.ToUpper()))
{
re.Msg = "SM3 is error";
re.Ok = false;
return(LeanoteJson(re));
}
}
//签名存证
this.dataSignService.AddDataSign(dataSign, "UpdateNoteTitleAndContent");
}
//-------------校验参数合法性
if (user == null)
{
re.Msg = "NOlogin";
re.Ok = false;
return(Json(re, MyJsonConvert.GetSimpleOptions()));
}
// 先判断USN的问题, 因为很可能添加完附件后, 会有USN冲突, 这时附件就添错了
var note = noteService.GetNote(noteId.ToLongByHex(), user.UserId);
verify = noteRepositoryService.Verify(note.NotesRepositoryId, user.UserId, RepositoryAuthorityEnum.Write);
if (!verify)
{
return(LeanoteJson(re));
}
if (note == null || note.NoteId == 0)
{
re.Msg = "notExists";
re.Ok = false;
return(Json(re, MyJsonConvert.GetSimpleOptions()));
}
var des = MyHtmlHelper.SubHTMLToRaw(content, 200);
var noteContentId = idGenerator.NextId();
NoteContent noteContent = new NoteContent()
{
NoteContentId = noteContentId,
Abstract = content,
Content = content,
UserId = user.UserId,
NoteId = note.NoteId,
CreatedTime = DateTime.Now,
UpdatedTime = DateTime.Now,
UpdatedUserId = user.UserId
};
if (this.config.SecurityConfig.DataBaseEncryption)
{
noteContent.Abstract = "DataBaseEncryption";
}
noteContentService.UpdateNoteContent(note.NoteId, noteContent);
noteService.UpdateNoteTitle(note.NoteId, noteTitle);
var usn = noteRepositoryService.IncrUsn(note.NotesRepositoryId);
noteService.UpdateUsn(note.NoteId, usn);
re.Ok = true;
re.Data = note;
if (this.config.SecurityConfig.ForceDigitalEnvelope)
{
var key = digitalEnvelope.getSM4Key(this.gMService, this.config.SecurityConfig.PrivateKey);
var json = note.ToJson();
var payLoad = new PayLoadDTO();
payLoad.SetData(json);
var payLoadJson = payLoad.ToJson();
var jsonHex = Common.Utils.HexUtil.ByteArrayToString(Encoding.UTF8.GetBytes(payLoadJson));
var enc = gMService.SM4_Encrypt_CBC(jsonHex, key, digitalEnvelope.IV, true);
re.Data = enc;
re.Encryption = true;
}
return(LeanoteJson(re));
}
