/// <summary>
/// 验证主账号密码
/// </summary>
/// <param name="password">主账号密码</param>
/// <returns></returns>
public bool VerifyAccountPwd(string password)
{
string passWordCertificate = CurPassWordBookModel.Account + password;
if (CurPassWordBookModel.IsComputer)
{
string computer = getComputer();
computer = IEncryptAndDecodeServer.GetSha1(computer);
passWordCertificate = IEncryptAndDecodeServer.GetHMacSha512(passWordCertificate, computer);
}
else
{
passWordCertificate = IEncryptAndDecodeServer.GetSha512(passWordCertificate);
}
passWordCertificate = IEncryptAndDecodeServer.GetMd532(passWordCertificate);
if (passWordCertificate.Equals(CurPassWordBookModel.PassWordCertificate))
{
//生成加密认证的密保
GetPassWordSecurity(password);
return(true);
}
else
{
return(false);
}
}
/// <summary>
/// 二次加密数据方式
/// </summary>
/// <param name="secondpwd">二次加密密码</param>
/// <param name="str">加密字符串</param>
/// <returns></returns>
private string SecondPwdEncryptionData(string secondpwd, string str, PassWordBookSaveType type)
{
string sencondMd5 = IEncryptAndDecodeServer.GetMd532(secondpwd);
//使用密码做AES加密
str = IEncryptAndDecodeServer.AesEncryption(str, secondpwd);
//拼接字符串
str = sencondMd5 + str + IEncryptAndDecodeServer.GetMd532(sencondMd5 + str);
//拼接外部Json结构
JObject jtoken = new JObject();
jtoken["SecondAuthentication"] = type.ToString();
jtoken["Data"] = str;
return(jtoken.ToString());
}
/// <summary>
/// 生成密码凭证
/// </summary>
/// <param name="isComputer">是否计算机加密</param>
/// <param name="account">账号</param>
/// <param name="passWord">密码</param>
private string GetPassWordCertificate(string account, string passWord, bool isComputer)
{
string passWordCertificate = string.Empty;
if (isComputer)//需要机器码
{
string computerInfo = getComputer();
string sha1 = IEncryptAndDecodeServer.GetSha1(computerInfo);
passWordCertificate = IEncryptAndDecodeServer.GetHMacSha512(account + passWord, sha1);
}
else
{
passWordCertificate = IEncryptAndDecodeServer.GetSha512(account + passWord);
}
return(IEncryptAndDecodeServer.GetMd532(passWordCertificate));
}
/// <summary>
/// 保存账号密保
/// </summary>
/// <param name="filePath"></param>
public void SaveShield(string filePath, string password)
{
string account = CurPassWordBookModel.Account;
string accountMd5 = IEncryptAndDecodeServer.GetMd532(account);
//1、SHA512
account = IEncryptAndDecodeServer.GetSha512(account);
//2、数组逆转
var oldArray = account.ToArray();
Char[] newArray = new Char[oldArray.Length];
for (int i = 0; i < oldArray.Length; i++)
{
newArray[oldArray.Length - 1] = oldArray[i];
}
//3、获取MD5
account = IEncryptAndDecodeServer.GetMd532(new string(newArray));
if (CurPassWordBookModel.IsComputer)
{
string computerStr = getComputer();
string computerMd5 = IEncryptAndDecodeServer.GetMd532(computerStr);
//1、机器码SHA
computerStr = IEncryptAndDecodeServer.GetSha1(computerStr);
//2、数组逆转
oldArray = computerStr.ToArray();
newArray = new Char[oldArray.Length];
for (int i = 0; i < oldArray.Length; i++)
{
newArray[oldArray.Length - 1] = oldArray[i];
}
//3、获取MD5
computerStr = IEncryptAndDecodeServer.GetMd532(new string(newArray));
//4、加密AES密码
password = IEncryptAndDecodeServer.AesEncryption(password, computerStr);
//5、验证数据拼接
password = computerMd5 + password + IEncryptAndDecodeServer.GetMd532((computerMd5 + password));
}
else
{
string zero = "00000000000000000000000000000000";
password = zero + password + IEncryptAndDecodeServer.GetMd532((zero + password));
}
account = IEncryptAndDecodeServer.AesEncryption(password, account);
IFileServer.SaveFile(account, accountMd5, filePath);
}
/// <summary>
/// 生成加密密码凭证并缓存
/// </summary>
/// <param name="passWord">密码</param>
private void GetPassWordSecurity(string passWord)
{
string securityStr = CurPassWordBookModel.Account + passWord;
//1、SHA512
securityStr = IEncryptAndDecodeServer.GetSha512(securityStr);
//2、数组逆转
var oldArray = securityStr.ToArray();
Char[] newArray = new Char[oldArray.Length];
for (int i = 0; i < oldArray.Length; i++)
{
newArray[oldArray.Length - 1] = oldArray[i];
}
//3、获取MD5
securityStr = IEncryptAndDecodeServer.GetMd532(new string(newArray));
CachePassWordSecurity.GetInstance().Security = securityStr;
}
/// <summary>
/// 忘记密码
/// </summary>
/// <param name="filePath">密保文件</param>
/// <returns></returns>
public string FotgotPassWord(string filePath)
{
string result = string.Empty;
string account = CurPassWordBookModel.Account;
string accountMd5 = IEncryptAndDecodeServer.GetMd532(account);
//1、SHA512
account = IEncryptAndDecodeServer.GetSha512(account);
//2、数组逆转
var oldArray = account.ToArray();
Char[] newArray = new Char[oldArray.Length];
for (int i = 0; i < oldArray.Length; i++)
{
newArray[oldArray.Length - 1] = oldArray[i];
}
//3、获取MD5
account = IEncryptAndDecodeServer.GetMd532(new string(newArray));
try
{
//1、获取密保文件。引发NullReferenceException异常则文件被修改或者选择错误
result = IFileServer.GetFileString(filePath, accountMd5);
//2、账号解密
result = IEncryptAndDecodeServer.AesDecryption(result, account);
//3、数据完整性检查
string computerCheck = result.Substring(0, 32);
string db = result.Substring(0, result.Length - 32);
string md5 = result.Replace(db, "");
if (md5 == IEncryptAndDecodeServer.GetMd532(db))
{
result = db.Replace(computerCheck, "");
}
else
{
return("数据文件被修改或者配置错误");
}
//4、是否机器加密
string zero = "00000000000000000000000000000000";
if (computerCheck == zero)//非机器加密
{
return(result);
}
else
{
string computerStr = getComputer();
string computerMd5 = IEncryptAndDecodeServer.GetMd532(computerStr);
if (computerCheck != computerMd5)
{
return("密保文件记录的机器码和当前计算机不匹配");
}
//1、机器码SHA
computerStr = IEncryptAndDecodeServer.GetSha1(computerStr);
//2、数组逆转
oldArray = computerStr.ToArray();
newArray = new Char[oldArray.Length];
for (int i = 0; i < oldArray.Length; i++)
{
newArray[oldArray.Length - 1] = oldArray[i];
}
//3、获取MD5
computerStr = IEncryptAndDecodeServer.GetMd532(new string(newArray));
//4、加密AES密码
result = IEncryptAndDecodeServer.AesDecryption(result, computerStr);
}
}
catch (NullReferenceException e)
{
return(e.Message);
}
return(result);
}
/// <summary>
/// 保存单个密码本
/// </summary>
/// <param name="passwordbook">数据</param>
/// <param name="type">密保类型</param>
/// <param name="secondpwd">二次密码</param>
/// <returns>物理认证加密后的密保文件</returns>
public string SavePassWordBook(Model.PassWordBookModel passwordbook, PassWordBookSaveType type, string secondpwd)
{
if (!CachePassWordSecurity.GetInstance().IsCache)
{
throw new ExceptionSecurityTimeout("密码验证超时需要再次做密码验证");
}
if (type == PassWordBookSaveType.AuthPassWord && string.IsNullOrEmpty(secondpwd))
{
throw new Exception("使用二次密码认证,二次密码不能为空");
}
string savePhysicsStr = string.Empty;
//设置时间标记
passwordbook.CreateDate = DateTime.Now;
Newtonsoft.Json.Linq.JToken jtoken = new JObject();
jtoken["SecondAuthentication"] = type.ToString();
jtoken["PassWord"] = passwordbook.PassWord;
//移除密码显示存储。
passwordbook.PassWord = string.Empty;
jtoken["Data"] = Newtonsoft.Json.JsonConvert.SerializeObject(passwordbook.Data);
string saveStr = jtoken.ToString();
//针对不同类型进行不同的加密处置方式
switch (type)
{
case PassWordBookSaveType.Null:
break;
case PassWordBookSaveType.AuthEmailCode:
break;
case PassWordBookSaveType.AuthPhoneCode:
break;
case PassWordBookSaveType.AuthPassWord:
saveStr = SecondPwdEncryptionData(secondpwd, saveStr, type);
break;
case PassWordBookSaveType.PhysicsCode:
secondpwd = GetRandomPassWord(12);
saveStr = SecondPwdEncryptionData(secondpwd, saveStr, type);
//创建物理的密钥文件
savePhysicsStr = IEncryptAndDecodeServer.AesEncryption(secondpwd, CachePassWordSecurity.GetInstance().Security);
break;
default:
break;
}
//使用密码证书做AES加密
saveStr = IEncryptAndDecodeServer.AesEncryption(saveStr, CachePassWordSecurity.GetInstance().Security);
//保存密码本文件
IFileServer.SaveFile(saveStr, CurPassWordBookModel.PassWordCertificate, passwordbook.FilePath);
CurPassWordBookModel.PassWordBooks.Add(passwordbook);
SaveAccount();
return(savePhysicsStr);
}
