public string GetPayLoadSM3(GMService gMService, string priKey)
{
var payload = GetPayLoadDTO(gMService, priKey);
var dataHex = Common.Utils.HexUtil.ByteArrayToString(Encoding.UTF8.GetBytes(payload.Data));
var myHash = gMService.SM3(dataHex);
return myHash;
}
public void SetData(string data)
{
var gm = new GMService();
this.Data = data;
var hex = Common.Utils.HexUtil.ByteArrayToString(Encoding.UTF8.GetBytes(data));
this.Hash = gm.SM3(hex);
}
public string GetPayLoadValue(GMService gMService,string priKey)
{
var rawKey = gMService.SM2Decrypt("04"+this.Key, priKey,false);
var rawPayLod=gMService.SM4_Decrypt_CBC(this.PayLoad, rawKey, this.IV,false);
var rawPayLodObj= PayLoadDTO.FromJSON(rawPayLod);
var dataHex= Common.Utils.HexUtil.ByteArrayToString(Encoding.UTF8.GetBytes(rawPayLodObj.Data));
var myHash = gMService.SM3(dataHex);
if (!myHash.ToUpper().Equals(rawPayLodObj.Hash.ToUpper()))
{
return null;
}
return rawPayLodObj.Data;
}
public async Task <IActionResult> SetRealNameInformation(string token, string sfz, string digitalEnvelopeJson, string dataSignJson)
{
var re = new ApiRe();
DigitalEnvelope digitalEnvelope = null;
var verify = false;
//数字信封
if (this.config.SecurityConfig.ForceDigitalEnvelope)
{
digitalEnvelope = DigitalEnvelope.FromJSON(digitalEnvelopeJson);
var data = digitalEnvelope.GetPayLoadValue(this.gMService, this.config.SecurityConfig.PrivateKey);
if (data == null)
{
throw new Exception("数字信封解密失败");
}
//赋予解密的数字信封
sfz = data;
}
if (this.config.SecurityConfig.ForceDigitalSignature)
{
//验证签名
var dataSign = DataSignDTO.FromJSON(dataSignJson);
verify = await this.ePassService.VerifyDataSign(dataSign);
if (!verify)
{
return(LeanoteJson(re));
}
verify = dataSign.SignData.Operate.Equals("/api/User/SetRealNameInformation");
if (!verify)
{
re.Msg = "Operate is not Equals ";
return(LeanoteJson(re));
}
//签字签名和数字信封数据
if (dataSign != null)
{
var dataSM3 = gMService.SM3(sfz);
var signSM3 = dataSign.SignData.Hash;
if (!dataSM3.ToUpper().Equals(signSM3.ToUpper()))
{
re.Msg = "SM3 is error";
re.Ok = false;
return(LeanoteJson(re));
}
}
//签名存证
this.dataSignService.AddDataSign(dataSign, "SetRealNameInformation");
}
User user = tokenSerivce.GetUserByToken(token);
if (user == null)
{
ApiRe apiRe = new ApiRe()
{
Ok = false,
Msg = "NOTLOGIN",
};
return(Json(apiRe, MyJsonConvert.GetLeanoteOptions()));
}
this.realNameService.SetRealName(user.UserId, sfz);
re.Ok = true;
return(LeanoteJson(re));
}
public async Task <IActionResult> UpdateNoteTitleAndContent(string token, string noteId, string noteTitle, string content, string dataSignJson, string digitalEnvelopeJson)
{
var user = tokenSerivce.GetUserByToken(token);
var re = new ApiRe();
if (user == null)
{
return(LeanoteJson(re));
}
DigitalEnvelope digitalEnvelope = null;
var verify = false;
if (this.config.SecurityConfig.ForceDigitalEnvelope)
{
//数字信封
if (this.config.SecurityConfig.ForceDigitalEnvelope)
{
digitalEnvelope = DigitalEnvelope.FromJSON(digitalEnvelopeJson);
var data = digitalEnvelope.GetPayLoadValue(this.gMService, this.config.SecurityConfig.PrivateKey);
if (data == null)
{
throw new Exception("数字信封解密失败");
}
//赋予解密的数字信封
content = data;
}
}
if (this.config.SecurityConfig.ForceDigitalSignature)
{
//验证签名
var dataSign = DataSignDTO.FromJSON(dataSignJson);
verify = await this.ePassService.VerifyDataSign(dataSign);
if (!verify)
{
return(LeanoteJson(re));
}
verify = dataSign.SignData.Operate.Equals("/api/Note/UpdateNoteTitleAndContent");
if (!verify)
{
re.Msg = "Operate is not Equals ";
return(LeanoteJson(re));
}
//签字签名和数字信封数据
if (dataSign != null)
{
var dataSM3 = gMService.SM3(noteId + noteTitle + content);
var signSM3 = dataSign.SignData.Hash;
if (!dataSM3.ToUpper().Equals(signSM3.ToUpper()))
{
re.Msg = "SM3 is error";
re.Ok = false;
return(LeanoteJson(re));
}
}
//签名存证
this.dataSignService.AddDataSign(dataSign, "UpdateNoteTitleAndContent");
}
//-------------校验参数合法性
if (user == null)
{
re.Msg = "NOlogin";
re.Ok = false;
return(Json(re, MyJsonConvert.GetSimpleOptions()));
}
// 先判断USN的问题, 因为很可能添加完附件后, 会有USN冲突, 这时附件就添错了
var note = noteService.GetNote(noteId.ToLongByHex(), user.UserId);
verify = noteRepositoryService.Verify(note.NotesRepositoryId, user.UserId, RepositoryAuthorityEnum.Write);
if (!verify)
{
return(LeanoteJson(re));
}
if (note == null || note.NoteId == 0)
{
re.Msg = "notExists";
re.Ok = false;
return(Json(re, MyJsonConvert.GetSimpleOptions()));
}
var des = MyHtmlHelper.SubHTMLToRaw(content, 200);
var noteContentId = idGenerator.NextId();
NoteContent noteContent = new NoteContent()
{
NoteContentId = noteContentId,
Abstract = content,
Content = content,
UserId = user.UserId,
NoteId = note.NoteId,
CreatedTime = DateTime.Now,
UpdatedTime = DateTime.Now,
UpdatedUserId = user.UserId
};
if (this.config.SecurityConfig.DataBaseEncryption)
{
noteContent.Abstract = "DataBaseEncryption";
}
noteContentService.UpdateNoteContent(note.NoteId, noteContent);
noteService.UpdateNoteTitle(note.NoteId, noteTitle);
var usn = noteRepositoryService.IncrUsn(note.NotesRepositoryId);
noteService.UpdateUsn(note.NoteId, usn);
re.Ok = true;
re.Data = note;
if (this.config.SecurityConfig.ForceDigitalEnvelope)
{
var key = digitalEnvelope.getSM4Key(this.gMService, this.config.SecurityConfig.PrivateKey);
var json = note.ToJson();
var payLoad = new PayLoadDTO();
payLoad.SetData(json);
var payLoadJson = payLoad.ToJson();
var jsonHex = Common.Utils.HexUtil.ByteArrayToString(Encoding.UTF8.GetBytes(payLoadJson));
var enc = gMService.SM4_Encrypt_CBC(jsonHex, key, digitalEnvelope.IV, true);
re.Data = enc;
re.Encryption = true;
}
return(LeanoteJson(re));
}