|
|
|
|
|
using NPOI.POIFS.Crypt.Dsig;
|
|
|
|
|
|
using Org.BouncyCastle.Crypto.Signers;
|
|
|
|
|
|
using System;
|
|
|
|
|
|
using System.Buffers.Text;
|
|
|
|
|
|
using System.Collections.Generic;
|
|
|
|
|
|
using System.IO;
|
|
|
|
|
|
using System.Linq;
|
|
|
|
|
|
using System.Reactive;
|
|
|
|
|
|
using System.Security.Cryptography.X509Certificates;
|
|
|
|
|
|
using System.Text;
|
|
|
|
|
|
using System.Text.Unicode;
|
|
|
|
|
|
using System.Threading.Tasks;
|
|
|
|
|
|
|
|
|
|
|
|
namespace Infrastructure.Helpers
|
|
|
|
|
|
{
|
|
|
|
|
|
public class EncryptionHelper
|
|
|
|
|
|
{
|
|
|
|
|
|
String privateKey = "ABA4354EFAFE944C2F226A3981C7DC70F43BD6053EDA83F4DC274242BBB23CAA";
|
|
|
|
|
|
String publicKey = "04F1BF1BEFD63F16E5DB3BCD32CA5D9A8E8DF7ADD67D6C4F293FB23F7BDA74F52D31B8DDAD03D955D566505A15D8B7DBE83B42378B8E8749C0EB6E2FBC8675838B";
|
|
|
|
|
|
string publickey = "04D6974E2384ECE39F5ADF1473E4B9B60E0D438A6F701F667C0C88D25BE2F8508A3AAFF9D9500ECFFD8E79B2DE58C024B689B5C207486646EA08A352FBB0016D46";
|
|
|
|
|
|
byte[] sm4Key = null;
|
|
|
|
|
|
public EncryptionHelper()
|
|
|
|
|
|
{
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/// <summary>
|
|
|
|
|
|
/// 获取x-lc-secret
|
|
|
|
|
|
/// </summary>
|
|
|
|
|
|
/// <returns></returns>
|
|
|
|
|
|
public string getxseret()
|
|
|
|
|
|
{
|
|
|
|
|
|
if (sm4Key == null)
|
|
|
|
|
|
{
|
|
|
|
|
|
sm4Key = SM4CryptoHelper.GenerateSM4Key();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
//十六进制字符串 → 字节数组 publickey
|
|
|
|
|
|
byte[] publickeybyte = HexToBytes(publickey);
|
|
|
|
|
|
var encryptdatasm2 = SM2CryptoHelper.Encrypt(publickeybyte, sm4Key);
|
|
|
|
|
|
return Convert.ToBase64String(encryptdatasm2);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/// <summary>
|
|
|
|
|
|
/// 数据加密
|
|
|
|
|
|
/// </summary>
|
|
|
|
|
|
/// <param name="input"></param>
|
|
|
|
|
|
/// <returns></returns>
|
|
|
|
|
|
public string Encrypt(byte[] input)
|
|
|
|
|
|
{
|
|
|
|
|
|
if (sm4Key == null)
|
|
|
|
|
|
{
|
|
|
|
|
|
sm4Key = SM4CryptoHelper.GenerateSM4Key();
|
|
|
|
|
|
}
|
|
|
|
|
|
var encryptdatasm4 = SM4CryptoHelper.Encrypt(sm4Key, input);
|
|
|
|
|
|
return Convert.ToBase64String(encryptdatasm4);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/// <summary>
|
|
|
|
|
|
/// 数据解密
|
|
|
|
|
|
/// </summary>
|
|
|
|
|
|
/// <param name="x_lc_screte"></param>
|
|
|
|
|
|
/// <param name="output"></param>
|
|
|
|
|
|
/// <returns></returns>
|
|
|
|
|
|
public string Decrypt(byte[] x_lc_screte,byte[] output)
|
|
|
|
|
|
{
|
|
|
|
|
|
byte[] privatekeybyte = HexToBytes(privateKey);
|
|
|
|
|
|
byte[] sm4key = SM2CryptoHelper.Decrypt(privatekeybyte, x_lc_screte);
|
|
|
|
|
|
var decryptdata = SM4CryptoHelper.Decrypt(sm4key, output);
|
|
|
|
|
|
|
|
|
|
|
|
return Encoding.UTF8.GetString(decryptdata);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/// <summary>
|
|
|
|
|
|
/// 获取x-lc-token
|
|
|
|
|
|
/// </summary>
|
|
|
|
|
|
/// <param name="certCode"></param>
|
|
|
|
|
|
/// <returns></returns>
|
|
|
|
|
|
/// <exception cref="InvalidOperationException"></exception>
|
|
|
|
|
|
public string GetToken(string certCode)
|
|
|
|
|
|
{
|
|
|
|
|
|
// 获取毫秒级时间戳(.NET 中 Ticks 转换为毫秒)
|
|
|
|
|
|
long timestamp = DateTimeOffset.UtcNow.ToUnixTimeMilliseconds();
|
|
|
|
|
|
//long timestamp = 1751274197662;
|
|
|
|
|
|
|
|
|
|
|
|
// 拼接待签名数据
|
|
|
|
|
|
string needSignData = certCode + timestamp;
|
|
|
|
|
|
byte[] needSignDataByte = Encoding.UTF8.GetBytes(needSignData);
|
|
|
|
|
|
|
|
|
|
|
|
// 4. SM2签名
|
|
|
|
|
|
byte[] signData;
|
|
|
|
|
|
byte[] privatekeybyte = HexToBytes(privateKey);
|
|
|
|
|
|
try
|
|
|
|
|
|
{
|
|
|
|
|
|
signData = SM2CryptoHelper.Sign(privatekeybyte, needSignDataByte);
|
|
|
|
|
|
}
|
|
|
|
|
|
catch (Exception ex)
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new InvalidOperationException("SM2签名失败", ex);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// Base64 编码签名(直接使用 Convert)
|
|
|
|
|
|
string signDataBase64 = Convert.ToBase64String(signData);
|
|
|
|
|
|
|
|
|
|
|
|
// 生成 token
|
|
|
|
|
|
string token = $"{certCode}.{timestamp}.{signDataBase64}";
|
|
|
|
|
|
|
|
|
|
|
|
return token;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
public bool Verify(string str)
|
|
|
|
|
|
{
|
|
|
|
|
|
string signData = "";
|
|
|
|
|
|
// 拼接待签名数据
|
|
|
|
|
|
string needSignData = "";
|
|
|
|
|
|
|
|
|
|
|
|
if (!string.IsNullOrEmpty(str))
|
|
|
|
|
|
{
|
|
|
|
|
|
string[] tokenstr = str.Split(".");
|
|
|
|
|
|
signData=tokenstr[2];
|
|
|
|
|
|
needSignData = tokenstr[0] + tokenstr[1];
|
|
|
|
|
|
}
|
|
|
|
|
|
byte[] signbyte=Convert.FromBase64String(signData);
|
|
|
|
|
|
byte[] needSignDataByte = Encoding.UTF8.GetBytes(needSignData);
|
|
|
|
|
|
// 4. SM2验签 publickey
|
|
|
|
|
|
byte[] publickeybyte = HexToBytes(publickey);
|
|
|
|
|
|
try
|
|
|
|
|
|
{
|
|
|
|
|
|
return SM2CryptoHelper.Verify(publickeybyte, needSignDataByte, signbyte);
|
|
|
|
|
|
}
|
|
|
|
|
|
catch (Exception ex)
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new InvalidOperationException("SM2签名失败", ex);
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/// <summary>
|
|
|
|
|
|
/// 内部转byte方法
|
|
|
|
|
|
/// </summary>
|
|
|
|
|
|
/// <param name="hex"></param>
|
|
|
|
|
|
/// <returns></returns>
|
|
|
|
|
|
/// <exception cref="ArgumentNullException"></exception>
|
|
|
|
|
|
/// <exception cref="ArgumentException"></exception>
|
|
|
|
|
|
public static byte[] HexToBytes(string hex)
|
|
|
|
|
|
{
|
|
|
|
|
|
if (hex == null)
|
|
|
|
|
|
throw new ArgumentNullException(nameof(hex));
|
|
|
|
|
|
if (hex.Length % 2 != 0)
|
|
|
|
|
|
throw new ArgumentException("十六进制字符串长度必须是偶数");
|
|
|
|
|
|
|
|
|
|
|
|
byte[] bytes = new byte[hex.Length / 2];
|
|
|
|
|
|
for (int i = 0; i < bytes.Length; i++)
|
|
|
|
|
|
{
|
|
|
|
|
|
string byteStr = hex.Substring(i * 2, 2);
|
|
|
|
|
|
bytes[i] = Convert.ToByte(byteStr, 16);
|
|
|
|
|
|
}
|
|
|
|
|
|
return bytes;
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
