Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
IoTSharp
IoTSharp
提交
a88c39d2
IoTSharp
项目概览
IoTSharp
/
IoTSharp
12 个月 前同步成功
通知
15
Star
2
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
IoTSharp
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
a88c39d2
编写于
9月 18, 2022
作者:
麦壳饼
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Make sure this weak hash algorithm is not used in a sensitive context here.
上级
5966fd33
变更
3
隐藏空白更改
内联
并排
Showing
3 changed file
with
5 addition
and
189 deletion
+5
-189
IoTSharp.Extensions.AspNetCore/IdentityExtension.cs
IoTSharp.Extensions.AspNetCore/IdentityExtension.cs
+2
-2
IoTSharp.Extensions.BouncyCastle/RSAHelper.cs
IoTSharp.Extensions.BouncyCastle/RSAHelper.cs
+3
-158
IoTSharp.Extensions/StringExtension.cs
IoTSharp.Extensions/StringExtension.cs
+0
-29
未找到文件。
IoTSharp.Extensions.AspNetCore/IdentityExtension.cs
浏览文件 @
a88c39d2
...
...
@@ -12,10 +12,10 @@ namespace Microsoft.AspNetCore.Identity
{
string
email
=
user
.
Email
;
// Create a new instance of the MD5CryptoServiceProvider object.
MD5
md5Hasher
=
MD5
.
Create
();
var
_SHA512
=
SHA512
.
Create
();
// Convert the input string to a byte array and compute the hash.
byte
[]
data
=
md5Hasher
.
ComputeHash
(
Encoding
.
Default
.
GetBytes
(
email
));
byte
[]
data
=
_SHA512
.
ComputeHash
(
Encoding
.
Default
.
GetBytes
(
email
));
// Create a new Stringbuilder to collect the bytes
// and create a string.
...
...
IoTSharp.Extensions.BouncyCastle/RSAHelper.cs
浏览文件 @
a88c39d2
...
...
@@ -9,7 +9,7 @@ using System.Text;
namespace
IoTSharp.Extensions.BouncyCastle
{
/************************************************************
* 关于hashAlgorithm参数值有:
MD5、
SHA1、SHA256、SHA384、SHA512
* 关于hashAlgorithm参数值有:
SHA1、SHA256、SHA384、SHA512
* 重要的事情说三遍,不懂的自己恶补去。
* RSA加密解密:私钥解密,公钥加密。
* RSA数字签名-俗称加签验签:私钥加签,公钥验签。
...
...
@@ -41,16 +41,7 @@ namespace IoTSharp.Extensions.BouncyCastle
RSACryptoServiceProvider
rsa
=
new
RSACryptoServiceProvider
();
byte
[]
cipherbytes
;
rsa
.
FromPublicKeyJavaString
(
publicKeyJava
);
//☆☆☆☆.NET 4.6以后特有☆☆☆☆
//HashAlgorithmName hashName = new System.Security.Cryptography.HashAlgorithmName(hashAlgorithm);
//RSAEncryptionPadding padding = RSAEncryptionPadding.OaepSHA512;//RSAEncryptionPadding.CreateOaep(hashName);//.NET 4.6以后特有
//cipherbytes = rsa.Encrypt(Encoding.GetEncoding(encoding).GetBytes(data), padding);
//☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆
//☆☆☆☆.NET 4.6以前请用此段代码☆☆☆☆
cipherbytes
=
rsa
.
Encrypt
(
Encoding
.
GetEncoding
(
encoding
).
GetBytes
(
data
),
false
);
return
Convert
.
ToBase64String
(
cipherbytes
);
}
...
...
@@ -65,16 +56,7 @@ namespace IoTSharp.Extensions.BouncyCastle
RSACryptoServiceProvider
rsa
=
new
RSACryptoServiceProvider
();
byte
[]
cipherbytes
;
rsa
.
FromXmlString
(
publicKeyCSharp
);
//☆☆☆☆.NET 4.6以后特有☆☆☆☆
//HashAlgorithmName hashName = new System.Security.Cryptography.HashAlgorithmName(hashAlgorithm);
//RSAEncryptionPadding padding = RSAEncryptionPadding.OaepSHA512;//RSAEncryptionPadding.CreateOaep(hashName);//.NET 4.6以后特有
//cipherbytes = rsa.Encrypt(Encoding.GetEncoding(encoding).GetBytes(data), padding);
//☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆
//☆☆☆☆.NET 4.6以前请用此段代码☆☆☆☆
cipherbytes
=
rsa
.
Encrypt
(
Encoding
.
GetEncoding
(
encoding
).
GetBytes
(
data
),
false
);
return
Convert
.
ToBase64String
(
cipherbytes
);
}
...
...
@@ -89,16 +71,7 @@ namespace IoTSharp.Extensions.BouncyCastle
RSACryptoServiceProvider
rsa
=
new
RSACryptoServiceProvider
();
byte
[]
cipherbytes
;
rsa
.
LoadPublicKeyPEM
(
publicKeyPEM
);
//☆☆☆☆.NET 4.6以后特有☆☆☆☆
//HashAlgorithmName hashName = new System.Security.Cryptography.HashAlgorithmName(hashAlgorithm);
//RSAEncryptionPadding padding = RSAEncryptionPadding.OaepSHA512;//RSAEncryptionPadding.CreateOaep(hashName);//.NET 4.6以后特有
//cipherbytes = rsa.Encrypt(Encoding.GetEncoding(encoding).GetBytes(data), padding);
//☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆
//☆☆☆☆.NET 4.6以前请用此段代码☆☆☆☆
cipherbytes
=
rsa
.
Encrypt
(
Encoding
.
GetEncoding
(
encoding
).
GetBytes
(
data
),
false
);
return
Convert
.
ToBase64String
(
cipherbytes
);
}
...
...
@@ -117,14 +90,7 @@ namespace IoTSharp.Extensions.BouncyCastle
RSACryptoServiceProvider
rsa
=
new
RSACryptoServiceProvider
();
byte
[]
cipherbytes
;
rsa
.
FromPrivateKeyJavaString
(
privateKeyJava
);
//☆☆☆☆.NET 4.6以后特有☆☆☆☆
//RSAEncryptionPadding padding = RSAEncryptionPadding.CreateOaep(new System.Security.Cryptography.HashAlgorithmName(hashAlgorithm));//.NET 4.6以后特有
//cipherbytes = rsa.Decrypt(Encoding.GetEncoding(encoding).GetBytes(data), padding);
//☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆
//☆☆☆☆.NET 4.6以前请用此段代码☆☆☆☆
cipherbytes
=
rsa
.
Decrypt
(
Convert
.
FromBase64String
(
data
),
false
);
return
Encoding
.
GetEncoding
(
encoding
).
GetString
(
cipherbytes
);
}
...
...
@@ -139,14 +105,7 @@ namespace IoTSharp.Extensions.BouncyCastle
RSACryptoServiceProvider
rsa
=
new
RSACryptoServiceProvider
();
byte
[]
cipherbytes
;
rsa
.
FromXmlString
(
privateKeyCSharp
);
//☆☆☆☆.NET 4.6以后特有☆☆☆☆
//RSAEncryptionPadding padding = RSAEncryptionPadding.CreateOaep(new System.Security.Cryptography.HashAlgorithmName(hashAlgorithm));//.NET 4.6以后特有
//cipherbytes = rsa.Decrypt(Encoding.GetEncoding(encoding).GetBytes(data), padding);
//☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆
//☆☆☆☆.NET 4.6以前请用此段代码☆☆☆☆
cipherbytes
=
rsa
.
Decrypt
(
Convert
.
FromBase64String
(
data
),
false
);
return
Encoding
.
GetEncoding
(
encoding
).
GetString
(
cipherbytes
);
}
...
...
@@ -161,14 +120,7 @@ namespace IoTSharp.Extensions.BouncyCastle
RSACryptoServiceProvider
rsa
=
new
RSACryptoServiceProvider
();
byte
[]
cipherbytes
;
rsa
.
LoadPrivateKeyPEM
(
privateKeyPEM
);
//☆☆☆☆.NET 4.6以后特有☆☆☆☆
//RSAEncryptionPadding padding = RSAEncryptionPadding.CreateOaep(new System.Security.Cryptography.HashAlgorithmName(hashAlgorithm));//.NET 4.6以后特有
//cipherbytes = rsa.Decrypt(Encoding.GetEncoding(encoding).GetBytes(data), padding);
//☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆☆
//☆☆☆☆.NET 4.6以前请用此段代码☆☆☆☆
cipherbytes
=
rsa
.
Decrypt
(
Convert
.
FromBase64String
(
data
),
false
);
return
Encoding
.
GetEncoding
(
encoding
).
GetString
(
cipherbytes
);
}
...
...
@@ -186,23 +138,9 @@ namespace IoTSharp.Extensions.BouncyCastle
{
RSACryptoServiceProvider
rsa
=
new
RSACryptoServiceProvider
();
rsa
.
FromPrivateKeyJavaString
(
privateKeyJava
);
//加载私钥
//RSAPKCS1SignatureFormatter RSAFormatter = new RSAPKCS1SignatureFormatter(rsa);
////设置签名的算法为MD5 MD5withRSA 签名
//RSAFormatter.SetHashAlgorithm(hashAlgorithm);
var
dataBytes
=
Encoding
.
GetEncoding
(
encoding
).
GetBytes
(
data
);
var
HashbyteSignature
=
rsa
.
SignData
(
dataBytes
,
hashAlgorithm
);
return
Convert
.
ToBase64String
(
HashbyteSignature
);
//byte[] HashbyteSignature = ConvertToRgbHash(data, encoding);
//byte[] dataBytes =Encoding.GetEncoding(encoding).GetBytes(data);
//HashbyteSignature = rsa.SignData(dataBytes, hashAlgorithm);
//return Convert.ToBase64String(HashbyteSignature);
//执行签名
//EncryptedSignatureData = RSAFormatter.CreateSignature(HashbyteSignature);
//return Convert.ToBase64String(RSAFormatter.CreateSignature(HashbyteSignature));
//return result.Replace("=", String.Empty).Replace('+', '-').Replace('/', '_');
}
/// <summary>
...
...
@@ -256,12 +194,6 @@ namespace IoTSharp.Extensions.BouncyCastle
byte
[]
rgbSignature
=
Convert
.
FromBase64String
(
signature
);
return
rsa
.
VerifyData
(
Data
,
hashAlgorithm
,
rgbSignature
);
//return SignatureDeformatter(publicKeyJava, data, signature);
//return CheckSign(publicKeyJava, data, signature);
//return rsa.VerifyData(Encoding.GetEncoding(encoding).GetBytes(data), "MD5", Encoding.GetEncoding(encoding).GetBytes(signature));
}
/// <summary>
...
...
@@ -302,95 +234,11 @@ namespace IoTSharp.Extensions.BouncyCastle
return
rsa
.
VerifyData
(
Data
,
hashAlgorithm
,
rgbSignature
);
}
#
region
签名验证
-
方法二
/// <summary>
/// 签名验证
/// </summary>
/// <param name="publicKey">公钥</param>
/// <param name="p_strHashbyteDeformatter">待验证的用户名</param>
/// <param name="signature">注册码</param>
/// <returns>签名是否符合</returns>
public
static
bool
SignatureDeformatter
(
string
publicKey
,
string
data
,
string
signature
,
string
hashAlgorithm
=
"MD5"
)
{
try
{
byte
[]
rgbHash
=
ConvertToRgbHash
(
data
);
RSACryptoServiceProvider
rsa
=
new
RSACryptoServiceProvider
();
//导入公钥,准备验证签名
rsa
.
FromPublicKeyJavaString
(
publicKey
);
RSAPKCS1SignatureDeformatter
deformatter
=
new
RSAPKCS1SignatureDeformatter
(
rsa
);
deformatter
.
SetHashAlgorithm
(
"MD5"
);
byte
[]
rgbSignature
=
Convert
.
FromBase64String
(
signature
);
if
(
deformatter
.
VerifySignature
(
rgbHash
,
rgbSignature
))
{
return
true
;
}
return
false
;
}
catch
{
return
false
;
}
}
/// <summary>
/// 签名数据转化为RgbHash
/// </summary>
/// <param name="data"></param>
/// <param name="encoding"></param>
/// <returns></returns>
public
static
byte
[]
ConvertToRgbHash
(
string
data
,
string
encoding
=
"UTF-8"
)
{
using
(
MD5
md5
=
MD5
.
Create
())
{
byte
[]
bytes_md5_in
=
Encoding
.
GetEncoding
(
encoding
).
GetBytes
(
data
);
return
md5
.
ComputeHash
(
bytes_md5_in
);
}
}
#
endregion
签名验证
-
方法二
#
region
签名验证
-
方法三
/// <summary>
/// 验证签名
/// </summary>
/// <param name="data">原始数据</param>
/// <param name="sign">签名</param>
/// <returns></returns>
public
static
bool
CheckSign
(
string
publicKey
,
string
data
,
string
sign
,
string
encoding
=
"UTF-8"
)
{
RSACryptoServiceProvider
rsa
=
new
RSACryptoServiceProvider
();
rsa
.
FromPublicKeyJavaString
(
publicKey
);
MD5
md5
=
MD5
.
Create
();
byte
[]
Data
=
Encoding
.
GetEncoding
(
encoding
).
GetBytes
(
data
);
byte
[]
rgbSignature
=
Convert
.
FromBase64String
(
sign
);
if
(
rsa
.
VerifyData
(
Data
,
md5
,
rgbSignature
))
{
return
true
;
}
return
false
;
}
#
endregion
签名验证
-
方法三
#
endregion
验签
/*******************************************************
* 关于:此段代码专门针对“私钥加密,公钥解密。”
* 私钥加密,公钥解密。
* 私钥加密,公钥解密。
* 私钥加密,公钥解密。
* 公钥加密解密C#先天不支持。有些java的代码不按常理出牌。 *
* C#为什么不支持,问微软。(个人认为是安全性,公钥是谁都可以持有,私钥只有自己有)
* 这里使用BouncyCastle第三方开源库从java移植过来的,兼容性不是问题。
*
* gzy整理
*/
#
region
私钥加密
/// <summary>
...
...
@@ -449,7 +297,6 @@ namespace IoTSharp.Extensions.BouncyCastle
signer
.
Init
(
true
,
privateKeyParam
);
//参数为true验签,参数为false加签
var
dataByte
=
Encoding
.
GetEncoding
(
encoding
).
GetBytes
(
data
);
signer
.
BlockUpdate
(
dataByte
,
0
,
dataByte
.
Length
);
//return Encoding.GetEncoding(encoding).GetString(signer.GenerateSignature()); //签名结果 非Base64String
return
Convert
.
ToBase64String
(
signer
.
GenerateSignature
());
}
...
...
@@ -473,11 +320,9 @@ namespace IoTSharp.Extensions.BouncyCastle
signer
.
Init
(
false
,
publicKeyParam
);
byte
[]
dataByte
=
Encoding
.
GetEncoding
(
encoding
).
GetBytes
(
data
);
signer
.
BlockUpdate
(
dataByte
,
0
,
dataByte
.
Length
);
//byte[] signatureByte = Encoding.GetEncoding(encoding).GetBytes(signature);// 非Base64String
byte
[]
signatureByte
=
Convert
.
FromBase64String
(
signature
);
return
signer
.
VerifySignature
(
signatureByte
);
}
#
endregion
验签
}
}
\ No newline at end of file
IoTSharp.Extensions/StringExtension.cs
浏览文件 @
a88c39d2
...
...
@@ -343,7 +343,6 @@ namespace IoTSharp.Extensions
{
return
System
.
Threading
.
Thread
.
CurrentThread
.
CurrentCulture
.
TextInfo
.
ToTitleCase
(
str
.
ToLower
());
}
public
static
string
MD5Sum
(
this
string
text
)
=>
BitConverter
.
ToString
(
MD5
.
Create
().
ComputeHash
(
Encoding
.
UTF8
.
GetBytes
(
text
))).
Replace
(
"-"
,
""
);
public
static
string
Left
(
this
string
str
,
int
length
)
{
str
=
(
str
??
string
.
Empty
);
...
...
@@ -377,7 +376,6 @@ namespace IoTSharp.Extensions
{
return
str
.
Take
(
length
).
ToArray
();
}
static
readonly
MD5
md5
=
MD5
.
Create
();
public
static
byte
[]
ToBytes
(
this
string
s
)
{
return
System
.
Text
.
Encoding
.
Default
.
GetBytes
(
s
);
...
...
@@ -386,33 +384,6 @@ namespace IoTSharp.Extensions
{
return
encoding
?.
GetBytes
(
s
);
}
public
static
string
GetMd5Sum
(
this
string
s
,
Encoding
encoding
)
{
string
t2
=
BitConverter
.
ToString
(
md5
.
ComputeHash
(
s
.
ToBytes
(
encoding
)));
t2
=
t2
.
Replace
(
"-"
,
""
);
return
t2
;
}
public
static
string
GetMd5Sum
(
this
string
s
)
{
string
t2
=
BitConverter
.
ToString
(
md5
.
ComputeHash
(
s
.
ToBytes
()));
t2
=
t2
.
Replace
(
"-"
,
""
);
return
t2
;
}
public
static
string
GetMd5Sum
(
this
byte
[]
s
)
{
string
t2
=
BitConverter
.
ToString
(
md5
.
ComputeHash
(
s
));
t2
=
t2
.
Replace
(
"-"
,
""
);
return
t2
;
}
public
static
string
GetMd5Sum
(
this
Stream
s
)
{
if
(
s
.
Position
!=
0
&&
s
.
CanSeek
)
s
.
Seek
(
0
,
SeekOrigin
.
Begin
);
string
t2
=
BitConverter
.
ToString
(
md5
.
ComputeHash
(
s
));
t2
=
t2
.
Replace
(
"-"
,
""
);
if
(
s
.
Position
!=
0
&&
s
.
CanSeek
)
s
.
Seek
(
0
,
SeekOrigin
.
Begin
);
return
t2
;
}
#
region
https
:
//github.com/Coldairarrow/EFCore.Sharding/tree/master/src/EFCore.Sharding.Tests/Util
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录