示例#1
0
        private static string SignRequestParameter(IDictionary <string, IConvertible> dict, string apiKey)
        {
            if (dict == null)
            {
                throw new ArgumentNullException(nameof(dict));
            }

            dict = new SortedDictionary <string, IConvertible>(
                dict.Where(e =>
                           (e.Value != null) ||
                           (e.Value is string && !string.IsNullOrWhiteSpace(e.Value.ToString()))
                           )
                .ToDictionary(k => k.Key, v => v.Value),
                StringComparer.InvariantCultureIgnoreCase
                );

            if (dict.ContainsKey("sign"))
            {
                throw new ArgumentException("The parameters to be signed cannot contain a key named \"sign\".");
            }
            if (!dict.ContainsKey("sign_type"))
            {
                throw new ArgumentException("The parameters to be signed must contain a key named \"sign_type\".");
            }

            string stringSignTemp = string.Join("&", dict.Select(e => $"{e.Key}={e.Value}").ToArray());

            stringSignTemp += "&key=" + apiKey;

            switch (dict["sign_type"])
            {
            case "MD5":
            {
                string sign = ShaUtil.MD5Compute(stringSignTemp).ToUpper();
                return(sign);
            }

            case "HMAC-SHA256":
            {
                string sign = ShaUtil.HMacSHA256Compute(stringSignTemp, apiKey).ToUpper();
                return(sign);
            }

            default:
                throw new NotSupportedException();
            }
        }
示例#2
0
        public IHttpActionResult Post([FromBody] LoginRequest request)
        {
            var pass = ShaUtil.ComputeSha256Hash(request.Password);
            var user = db.UserTables.SingleOrDefault(u => u.Username == request.Username && u.PasswordHash == pass);

            if (user == null)
            {
                return(BadRequest("Wrong username or password"));
            }

            if (user.Type == "n")
            {
                return(BadRequest("User is not approved yet"));
            }

            user.PasswordHash = "";
            return(Ok(user));
        }
示例#3
0
        public IHttpActionResult PostUserTable(UserTable userTable)
        {
            if (!ModelState.IsValid)
            {
                return(BadRequest(ModelState));
            }

            if (db.UserTables.Any(user => user.Username == userTable.Username))
            {
                return(BadRequest("Username already exists"));
            }

            userTable.PasswordHash = ShaUtil.ComputeSha256Hash(userTable.PasswordHash);
            userTable.Type         = "n";

            db.UserTables.Add(userTable);
            db.SaveChanges();

            userTable.PasswordHash = "";

            return(CreatedAtRoute("DefaultApi", new { id = userTable.Id }, userTable));
        }
示例#4
0
        public void Sha512Test()
        {
            Assert.Equal("d02b25c6e56150b84089e388fc798437fb94fb0992d8b1566ec64da4bc14ded263c6046058734b302215636db46c05b4b9778692a56c0ed847b65123d74392b3", ShaUtil.SHA512Compute(STR_EN), ignoreCase: true);
            Assert.Equal("256f172697363907489bf3c4e189a1ed9d8cd69f18c46b14992b6106343344c318e486543b05654de7d0a6046eb73c3acc802ef69b3a2dfa979d895d685d76be", ShaUtil.HMacSHA512Compute(STR_EN, SECRET), ignoreCase: true);

            Assert.Equal("2c3cc4eca7aaf5063177b9390cffa511e6ab5345d03e38b50fc4dd09a46158dc8c749d45dac8ec0766d1a139705c78bd7a6ca98f3eee3e83715fa306c8e49dee", ShaUtil.SHA512Compute(STR_CH), ignoreCase: true);
            Assert.Equal("bedb9ad789a7086b6339543db3f88fabb25aadd213235a9e4a445ba9de437c4ad298f96145770f80190f9b65f53cd9dfdc0a2b3bfc85f046b21c519921be2bfc", ShaUtil.HMacSHA512Compute(STR_CH, SECRET), ignoreCase: true);
        }
示例#5
0
        public void Sha384Test()
        {
            /**
             * 注意:
             * 很多在线工具上的 HMAC-SHA384 结果是错误的,因为其使用的是旧版本 crypto.js(REF: https://code.google.com/archive/p/crypto-js/issues/84)。
             * 建议使用 https://www.freeformatter.com/hmac-generator.html#ad-output 做验证。
             */

            Assert.Equal("657b5174f2d0a9bafec4c447ab9dc32022714142dd9946f68591581d9595b80874e79535834e7e84e55a54da66fd9e0c", ShaUtil.SHA384Compute(STR_EN), ignoreCase: true);
            Assert.Equal("1cdf8bb3cf60f1fd2720a93bdb54ff0e125f1d81c226d88f68c71b3665b331658da3a0f99c94613ad56bc440933ca437", ShaUtil.HMacSHA384Compute(STR_EN, SECRET), ignoreCase: true);

            Assert.Equal("f2cd88016b3365d02f6d01818590815919accb2a203c19f505b4521b6fd754bb39e9b19a7c05f91fe7f859a8efdd7b1d", ShaUtil.SHA384Compute(STR_CH), ignoreCase: true);
            Assert.Equal("5d228abf802cdac2b81a46d369a6f9604258c4454be2e4d9866322f7113117cf2decf7acd9e8c8fc55bbf147583885a2", ShaUtil.HMacSHA384Compute(STR_CH, SECRET), ignoreCase: true);
        }
示例#6
0
        public void Sha256Test()
        {
            Assert.Equal("df4f2d5707fd85996a13aab607eb3f6b19d0e99d97281d5eae68a6c16317a329", ShaUtil.SHA256Compute(STR_EN), ignoreCase: true);
            Assert.Equal("4764056a43528aaa04aaedc7740bd450673836291488a802e5dcfdd869c29218", ShaUtil.HMacSHA256Compute(STR_EN, SECRET), ignoreCase: true);

            Assert.Equal("6ac5565122a5e33aa2289d893a24f2aafe9ab98a42f5128e736dbce6c6e6de8c", ShaUtil.SHA256Compute(STR_CH), ignoreCase: true);
            Assert.Equal("3d0a634e69bf1279c064c90bf1e75cdae5a0c60c58e7ba75f0dff8f7008ce6e6", ShaUtil.HMacSHA256Compute(STR_CH, SECRET), ignoreCase: true);
        }