Пример #1
0
        /// <summary>
        /// 验证主账号密码
        /// </summary>
        /// <param name="password">主账号密码</param>
        /// <returns></returns>
        public bool VerifyAccountPwd(string password)
        {
            string passWordCertificate = CurPassWordBookModel.Account + password;

            if (CurPassWordBookModel.IsComputer)
            {
                string computer = getComputer();
                computer            = IEncryptAndDecodeServer.GetSha1(computer);
                passWordCertificate = IEncryptAndDecodeServer.GetHMacSha512(passWordCertificate, computer);
            }
            else
            {
                passWordCertificate = IEncryptAndDecodeServer.GetSha512(passWordCertificate);
            }
            passWordCertificate = IEncryptAndDecodeServer.GetMd532(passWordCertificate);
            if (passWordCertificate.Equals(CurPassWordBookModel.PassWordCertificate))
            {
                //生成加密认证的密保
                GetPassWordSecurity(password);
                return(true);
            }
            else
            {
                return(false);
            }
        }
Пример #2
0
        /// <summary>
        /// 生成密码凭证
        /// </summary>
        /// <param name="isComputer">是否计算机加密</param>
        /// <param name="account">账号</param>
        /// <param name="passWord">密码</param>
        private string GetPassWordCertificate(string account, string passWord, bool isComputer)
        {
            string passWordCertificate = string.Empty;

            if (isComputer)//需要机器码
            {
                string computerInfo = getComputer();
                string sha1         = IEncryptAndDecodeServer.GetSha1(computerInfo);
                passWordCertificate = IEncryptAndDecodeServer.GetHMacSha512(account + passWord, sha1);
            }
            else
            {
                passWordCertificate = IEncryptAndDecodeServer.GetSha512(account + passWord);
            }

            return(IEncryptAndDecodeServer.GetMd532(passWordCertificate));
        }
Пример #3
0
        /// <summary>
        /// 保存账号密保
        /// </summary>
        /// <param name="filePath"></param>
        public void SaveShield(string filePath, string password)
        {
            string account    = CurPassWordBookModel.Account;
            string accountMd5 = IEncryptAndDecodeServer.GetMd532(account);

            //1、SHA512
            account = IEncryptAndDecodeServer.GetSha512(account);
            //2、数组逆转
            var oldArray = account.ToArray();

            Char[] newArray = new Char[oldArray.Length];
            for (int i = 0; i < oldArray.Length; i++)
            {
                newArray[oldArray.Length - 1] = oldArray[i];
            }
            //3、获取MD5
            account = IEncryptAndDecodeServer.GetMd532(new string(newArray));

            if (CurPassWordBookModel.IsComputer)
            {
                string computerStr = getComputer();
                string computerMd5 = IEncryptAndDecodeServer.GetMd532(computerStr);
                //1、机器码SHA
                computerStr = IEncryptAndDecodeServer.GetSha1(computerStr);
                //2、数组逆转
                oldArray = computerStr.ToArray();
                newArray = new Char[oldArray.Length];
                for (int i = 0; i < oldArray.Length; i++)
                {
                    newArray[oldArray.Length - 1] = oldArray[i];
                }
                //3、获取MD5
                computerStr = IEncryptAndDecodeServer.GetMd532(new string(newArray));
                //4、加密AES密码
                password = IEncryptAndDecodeServer.AesEncryption(password, computerStr);
                //5、验证数据拼接
                password = computerMd5 + password + IEncryptAndDecodeServer.GetMd532((computerMd5 + password));
            }
            else
            {
                string zero = "00000000000000000000000000000000";
                password = zero + password + IEncryptAndDecodeServer.GetMd532((zero + password));
            }
            account = IEncryptAndDecodeServer.AesEncryption(password, account);
            IFileServer.SaveFile(account, accountMd5, filePath);
        }
Пример #4
0
        /// <summary>
        /// 生成加密密码凭证并缓存
        /// </summary>
        /// <param name="passWord">密码</param>
        private void GetPassWordSecurity(string passWord)
        {
            string securityStr = CurPassWordBookModel.Account + passWord;

            //1、SHA512
            securityStr = IEncryptAndDecodeServer.GetSha512(securityStr);
            //2、数组逆转
            var oldArray = securityStr.ToArray();

            Char[] newArray = new Char[oldArray.Length];
            for (int i = 0; i < oldArray.Length; i++)
            {
                newArray[oldArray.Length - 1] = oldArray[i];
            }
            //3、获取MD5
            securityStr = IEncryptAndDecodeServer.GetMd532(new string(newArray));

            CachePassWordSecurity.GetInstance().Security = securityStr;
        }
Пример #5
0
        /// <summary>
        /// 忘记密码
        /// </summary>
        /// <param name="filePath">密保文件</param>
        /// <returns></returns>
        public string FotgotPassWord(string filePath)
        {
            string result = string.Empty;

            string account    = CurPassWordBookModel.Account;
            string accountMd5 = IEncryptAndDecodeServer.GetMd532(account);

            //1、SHA512
            account = IEncryptAndDecodeServer.GetSha512(account);
            //2、数组逆转
            var oldArray = account.ToArray();

            Char[] newArray = new Char[oldArray.Length];
            for (int i = 0; i < oldArray.Length; i++)
            {
                newArray[oldArray.Length - 1] = oldArray[i];
            }
            //3、获取MD5
            account = IEncryptAndDecodeServer.GetMd532(new string(newArray));
            try
            {
                //1、获取密保文件。引发NullReferenceException异常则文件被修改或者选择错误
                result = IFileServer.GetFileString(filePath, accountMd5);
                //2、账号解密
                result = IEncryptAndDecodeServer.AesDecryption(result, account);
                //3、数据完整性检查
                string computerCheck = result.Substring(0, 32);
                string db            = result.Substring(0, result.Length - 32);
                string md5           = result.Replace(db, "");

                if (md5 == IEncryptAndDecodeServer.GetMd532(db))
                {
                    result = db.Replace(computerCheck, "");
                }
                else
                {
                    return("数据文件被修改或者配置错误");
                }
                //4、是否机器加密
                string zero = "00000000000000000000000000000000";
                if (computerCheck == zero)//非机器加密
                {
                    return(result);
                }
                else
                {
                    string computerStr = getComputer();
                    string computerMd5 = IEncryptAndDecodeServer.GetMd532(computerStr);
                    if (computerCheck != computerMd5)
                    {
                        return("密保文件记录的机器码和当前计算机不匹配");
                    }
                    //1、机器码SHA
                    computerStr = IEncryptAndDecodeServer.GetSha1(computerStr);
                    //2、数组逆转
                    oldArray = computerStr.ToArray();
                    newArray = new Char[oldArray.Length];
                    for (int i = 0; i < oldArray.Length; i++)
                    {
                        newArray[oldArray.Length - 1] = oldArray[i];
                    }
                    //3、获取MD5
                    computerStr = IEncryptAndDecodeServer.GetMd532(new string(newArray));
                    //4、加密AES密码
                    result = IEncryptAndDecodeServer.AesDecryption(result, computerStr);
                }
            }
            catch (NullReferenceException e)
            {
                return(e.Message);
            }
            return(result);
        }