From 6d5c89838bb1aba87c55f0d4056d8582f9c4e5ab Mon Sep 17 00:00:00 2001
From: liukuo <liukuo.lk@163.com>
Date: Sat, 8 May 2021 13:49:41 +0800
Subject: [PATCH] =?UTF-8?q?=E5=A2=9E=E5=8A=A0DES=E5=92=8CAES=E5=8A=A0?=
 =?UTF-8?q?=E5=AF=86=E7=AE=97=E6=B3=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../OrganizationManage/UserBLL.cs             |   4 +-
 .../YiSha.UtilTest/SecurityHelperTest.cs      |  33 +-
 YiSha.Util/YiSha.Util/EncodingHelper.cs       |  60 ++++
 YiSha.Util/YiSha.Util/SecurityHelper.cs       | 323 ++++++++++++++++--
 4 files changed, 394 insertions(+), 26 deletions(-)
 create mode 100644 YiSha.Util/YiSha.Util/EncodingHelper.cs

diff --git a/YiSha.Business/YiSha.Business/OrganizationManage/UserBLL.cs b/YiSha.Business/YiSha.Business/OrganizationManage/UserBLL.cs
index 72241bff..889fcacb 100644
--- a/YiSha.Business/YiSha.Business/OrganizationManage/UserBLL.cs
+++ b/YiSha.Business/YiSha.Business/OrganizationManage/UserBLL.cs
@@ -329,8 +329,8 @@ public async Task<TData> ImportUser(ImportParam param, List<UserEntity> list)
         /// <returns></returns>
         private string EncryptUserPassword(string password, string salt)
         {
-            string md5Password = SecurityHelper.MD5Encrypt(password);
-            string encryptPassword = SecurityHelper.MD5Encrypt(md5Password + salt);
+            string md5Password = SecurityHelper.MD5ToHex(password);
+            string encryptPassword = SecurityHelper.MD5ToHex(md5Password.ToLower() + salt).ToLower();
             return encryptPassword;
         }
 
diff --git a/YiSha.Test/YiSha.UtilTest/SecurityHelperTest.cs b/YiSha.Test/YiSha.UtilTest/SecurityHelperTest.cs
index 5ad2a1fa..49938676 100644
--- a/YiSha.Test/YiSha.UtilTest/SecurityHelperTest.cs
+++ b/YiSha.Test/YiSha.UtilTest/SecurityHelperTest.cs
@@ -6,13 +6,38 @@ namespace YiSha.UtilTest
 {
     public class SecurityHelperTest
     {
+        private string input = "我是谁 ABCD 1234 *=/.";
+
+        [Test]
+        public void TestMD5()
+        {
+            string result = SecurityHelper.MD5ToHex(input);
+
+            Assert.AreEqual("a7783d564da97a3846f5bf0f6b923d7f", result.ToLower());
+        }
+
+        [Test]
+        public void TestDES()
+        {
+            string ciperText = SecurityHelper.DESEncryptToBase64(input);
+            string result = SecurityHelper.DESDecryptFromBase64(ciperText);
+            Assert.AreEqual(input, result);
+
+            ciperText = SecurityHelper.DESEncryptToHex(input);
+            result = SecurityHelper.DESDecryptFromHex(ciperText);
+            Assert.AreEqual(input, result);
+        }
+
         [Test]
-        public void TestMD5Encrypt()
+        public void TestAES()
         {
-            string password = "123456";
-            string result = SecurityHelper.MD5Encrypt(password);
+            string ciperText = SecurityHelper.AESEncryptToBase64(input);
+            string result = SecurityHelper.AESDecryptFromBase64(ciperText);
+            Assert.AreEqual(input, result);
 
-            Assert.AreEqual("e10adc3949ba59abbe56e057f20f883e", result);
+            ciperText = SecurityHelper.AESEncryptToHex(input);
+            result = SecurityHelper.AESDecryptFromHex(ciperText);
+            Assert.AreEqual(input, result);
         }
     }
 }
diff --git a/YiSha.Util/YiSha.Util/EncodingHelper.cs b/YiSha.Util/YiSha.Util/EncodingHelper.cs
new file mode 100644
index 00000000..2afb1c0a
--- /dev/null
+++ b/YiSha.Util/YiSha.Util/EncodingHelper.cs
@@ -0,0 +1,60 @@
+using System;
+using System.Collections.Generic;
+using System.Text;
+
+namespace YiSha.Util
+{
+    public class EncodingHelper
+    {
+        private static string HexStr = "0123456789abcdef";
+        private static char[] HexCharArr = HexStr.ToCharArray();
+
+        public static string ByteArrToHex(byte[] btArr)
+        {
+            char[] strArr = new char[btArr.Length * 2];
+            int i = 0;
+            foreach (byte bt in btArr)
+            {
+                strArr[i++] = HexCharArr[bt >> 4 & 0xf];
+                strArr[i++] = HexCharArr[bt & 0xf];
+            }
+            return new string(strArr);
+        }
+
+        public static byte[] HexToByteArr(string hexStr)
+        {
+            char[] charArr = hexStr.ToCharArray();
+            byte[] btArr = new byte[charArr.Length / 2];
+            int index = 0;
+            for (int i = 0; i < charArr.Length; i++)
+            {
+                int highBit = HexStr.IndexOf(charArr[i]);
+                int lowBit = HexStr.IndexOf(charArr[++i]);
+                btArr[index] = (byte)(highBit << 4 | lowBit);
+                index++;
+            }
+            return btArr;
+        }
+
+        public static string ByteArrToHexDefault(byte[] btArr)
+        {
+            StringBuilder sb = new StringBuilder();
+            foreach (byte b in btArr)
+            {
+                sb.Append(b.ToString("X2"));
+            }
+            return sb.ToString();
+        }
+
+        public static byte[] HexToByteArrDefault(string hexStr)
+        {
+            byte[] inputArr = new byte[hexStr.Length / 2];
+            for (int i = 0; i < hexStr.Length / 2; i++)
+            {
+                int v = Convert.ToInt32(hexStr.Substring(i * 2, 2), 16);
+                inputArr[i] = (byte)v;
+            }
+            return inputArr;
+        }
+    }
+}
diff --git a/YiSha.Util/YiSha.Util/SecurityHelper.cs b/YiSha.Util/YiSha.Util/SecurityHelper.cs
index 355f8014..a18f1d15 100644
--- a/YiSha.Util/YiSha.Util/SecurityHelper.cs
+++ b/YiSha.Util/YiSha.Util/SecurityHelper.cs
@@ -5,40 +5,323 @@
 using System.Text;
 using System.Text.RegularExpressions;
 using System.Threading.Tasks;
+using System.IO;
 
 namespace YiSha.Util
 {
     public class SecurityHelper
     {
-        /// <summary>
-        /// 用MD5加密字符串，可选择生成16位或者32位的加密字符串
-        /// </summary>
-        /// <param name="str">待加密的字符串</param>
-        /// <param name="bit">位数，一般取值16 或 32</param>
-        /// <returns>返回的加密后的字符串</returns>
-        public static string MD5Encrypt(string str, int bit = 32)
-        {
-            MD5CryptoServiceProvider md5Hasher = new MD5CryptoServiceProvider();
-            byte[] hashedDataBytes;
-            hashedDataBytes = md5Hasher.ComputeHash(Encoding.UTF8.GetBytes(str));
-            StringBuilder sb = new StringBuilder();
-            foreach (byte i in hashedDataBytes)
-            {
-                sb.Append(i.ToString("x2"));
-            }
+        private static readonly string DESKey = "*change*"; // 8位或者16位
+        private static readonly string DESIv = "1change1"; // 8位或者16位
+
+        private static readonly string AESKey = "12345dontusethis"; // 16位或者32位
+        private static readonly string AESIv = "youshouldchange!"; // 16位或者32位
+
+        public static byte[] MD5(string input)
+        {
+            MD5CryptoServiceProvider md5CryptoServiceProvider = new MD5CryptoServiceProvider();
+            byte[] byteArr = md5CryptoServiceProvider.ComputeHash(Encoding.UTF8.GetBytes(input));
+            return byteArr;
+        }
+
+        public static string MD5ToHex(string input, int bit = 32)
+        {
+            byte[] byteArr = MD5(input);
+            string result = EncodingHelper.ByteArrToHexDefault(byteArr);
             if (bit == 16)
             {
-                return sb.ToString().Substring(8, 16).ToLower();
+                return result.Substring(8, 16).ToUpper();
             }
             else
             {
-                return sb.ToString().ToLower();
+                return result.ToUpper();
+            }
+        }
+
+        public static byte[] AESEncrypt(string input, string key = "", string iv = "")
+        {
+            if (string.IsNullOrEmpty(key))
+            {
+                key = AESKey;
+            }
+            if (string.IsNullOrEmpty(iv))
+            {
+                iv = AESIv;
+            }
+            try
+            {
+                var encoding = new ASCIIEncoding();
+                var keyByte = encoding.GetBytes(key);
+                var ivByte = encoding.GetBytes(iv);
+                using (var aesAlg = Aes.Create())
+                {
+                    using (var encryptor = aesAlg.CreateEncryptor(keyByte, ivByte))
+                    {
+                        using (var msEncrypt = new MemoryStream())
+                        {
+                            using (var csEncrypt = new CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write))
+
+                            using (var swEncrypt = new StreamWriter(csEncrypt))
+                            {
+                                swEncrypt.Write(input);
+                            }
+                            return msEncrypt.ToArray();
+                        }
+                    }
+                }
+            }
+            catch (Exception ex)
+            {
+                LogHelper.Error(ex);
+            }
+            return null;
+        }
+
+        public static string AESEncryptToBase64(string input, string key = "", string iv = "")
+        {
+            byte[] byteArr = AESEncrypt(input, key, iv);
+            if (byteArr != null)
+            {
+                return Convert.ToBase64String(byteArr);
+            }
+            return string.Empty;
+        }
+
+        public static string AESEncryptToHex(string input, string key = "", string iv = "")
+        {
+            byte[] byteArr = AESEncrypt(input, key, iv);
+            if (byteArr != null)
+            {
+                return EncodingHelper.ByteArrToHexDefault(byteArr);
+            }
+            return string.Empty;
+        }
+
+        public static string AESDecrypt(byte[] byteArr, string key = "", string iv = "")
+        {
+            if (string.IsNullOrEmpty(key))
+            {
+                key = AESKey;
+            }
+            if (string.IsNullOrEmpty(iv))
+            {
+                iv = AESIv;
+            }
+            try
+            {
+                var encoding = new ASCIIEncoding();
+                var keyByte = encoding.GetBytes(key);
+                var ivByte = encoding.GetBytes(iv);
+                using (var aesAlg = Aes.Create())
+                {
+                    using (var decryptor = aesAlg.CreateDecryptor(keyByte, ivByte))
+                    {
+                        string result;
+                        using (var msDecrypt = new MemoryStream(byteArr))
+                        {
+                            using (var csDecrypt = new CryptoStream(msDecrypt, decryptor, CryptoStreamMode.Read))
+                            {
+                                using (var srDecrypt = new StreamReader(csDecrypt))
+                                {
+                                    result = srDecrypt.ReadToEnd();
+                                }
+                            }
+                        }
+                        return result;
+                    }
+                }
+            }
+            catch (Exception ex)
+            {
+                LogHelper.Error(ex);
+            }
+            return string.Empty;
+        }
+
+        public static string AESDecryptFromBase64(string cipherText, string key = "", string iv = "")
+        {
+            var byteArr = Convert.FromBase64String(cipherText);
+            return AESDecrypt(byteArr, key, iv);
+        }
+
+        public static string AESDecryptFromHex(string cipherText, string key = "", string iv = "")
+        {
+            var byteArr = EncodingHelper.HexToByteArrDefault(cipherText);
+            return AESDecrypt(byteArr, key, iv);
+        }
+
+        public static byte[] DESEncrypt(string input, string key = "", string iv = "")
+        {
+            if (string.IsNullOrEmpty(key))
+            {
+                key = DESKey;
+            }
+            if (string.IsNullOrEmpty(iv))
+            {
+                iv = DESIv;
+            }
+            try
+            {
+                var encoding = new ASCIIEncoding();
+                using (DESCryptoServiceProvider desCryptoServiceProvider = new DESCryptoServiceProvider())
+                {
+                    byte[] inputArr = Encoding.UTF8.GetBytes(input);
+                    desCryptoServiceProvider.Key = encoding.GetBytes(key);
+                    desCryptoServiceProvider.IV = encoding.GetBytes(iv);
+                    using (MemoryStream memoryStream = new MemoryStream())
+                    {
+                        using (CryptoStream cryptoStream = new CryptoStream(memoryStream, desCryptoServiceProvider.CreateEncryptor(), CryptoStreamMode.Write))
+                        {
+                            cryptoStream.Write(inputArr, 0, inputArr.Length);
+                            cryptoStream.FlushFinalBlock();
+                            return memoryStream.ToArray();
+                        }
+                    }
+                }
+            }
+            catch (Exception ex)
+            {
+                LogHelper.Error(ex);
             }
+            return null;
         }
 
-        public static string GetGuid()
+        public static string DESEncryptToBase64(string input, string key = "", string iv = "")
         {
-            return Guid.NewGuid().ToString().Replace("-", string.Empty).ToLower();
+            byte[] byteArr = DESEncrypt(input, key, iv);
+            if (byteArr != null)
+            {
+                return Convert.ToBase64String(byteArr);
+            }
+            return string.Empty;
+        }
+
+        public static string DESEncryptToHex(string input, string key = "", string iv = "")
+        {
+            byte[] byteArr = DESEncrypt(input, key, iv);
+            if (byteArr != null)
+            {
+                return EncodingHelper.ByteArrToHexDefault(byteArr);
+            }
+            return string.Empty;
+        }
+
+        public static byte[] DESDecrypt(byte[] byteArr, string key = "", string iv = "")
+        {
+            if (string.IsNullOrEmpty(key))
+            {
+                key = DESKey;
+            }
+            if (string.IsNullOrEmpty(iv))
+            {
+                iv = DESIv;
+            }
+            try
+            {
+                var encoding = new ASCIIEncoding();
+                using (DESCryptoServiceProvider desCryptoServiceProvider = new DESCryptoServiceProvider())
+                {
+                    desCryptoServiceProvider.Key = encoding.GetBytes(key);
+                    desCryptoServiceProvider.IV = encoding.GetBytes(iv);
+                    using (MemoryStream memoryStream = new MemoryStream())
+                    {
+                        using (CryptoStream cryptoStream = new CryptoStream(memoryStream, desCryptoServiceProvider.CreateDecryptor(), CryptoStreamMode.Write))
+                        {
+                            cryptoStream.Write(byteArr, 0, byteArr.Length);
+                            cryptoStream.FlushFinalBlock();
+                            return memoryStream.ToArray();
+                        }
+                    }
+                }
+            }
+            catch (Exception ex)
+            {
+                LogHelper.Error(ex);
+            }
+            return null;
+        }
+
+        public static string DESDecryptFromBase64(string cipherText, string key = "", string iv = "")
+        {
+            var byteArr = Convert.FromBase64String(cipherText);
+            var result = DESDecrypt(byteArr, key, iv);
+            if (result != null)
+            {
+                return Encoding.UTF8.GetString(result);
+            }
+            return string.Empty;
+        }
+
+        public static string DESDecryptFromHex(string cipherText, string key = "", string iv = "")
+        {
+            var byteArr = EncodingHelper.HexToByteArrDefault(cipherText);
+            var result = DESDecrypt(byteArr, key, iv);
+            if (result != null)
+            {
+                return Encoding.UTF8.GetString(result);
+            }
+            return string.Empty;
+        }
+
+        public static string Base64Encrypt(string encrypt)
+        {
+            try
+            {
+                byte[] bytes = Encoding.UTF8.GetBytes(encrypt);
+                string base64 = Convert.ToBase64String(bytes);
+                return base64;
+            }
+            catch (Exception ex)
+            {
+                LogHelper.Error(ex);
+            }
+            return string.Empty;
+        }
+
+        public static string Base64Decrypt(string decrypt)
+        {
+            try
+            {
+                byte[] bytes = Convert.FromBase64String(decrypt);
+                string base64 = Encoding.UTF8.GetString(bytes);
+                return base64;
+            }
+            catch (Exception ex)
+            {
+                LogHelper.Error(ex);
+            }
+            return string.Empty;
+        }
+
+        public static byte[] HMAC_SHA256(string encrypt, string key = "")
+        {
+            if (string.IsNullOrEmpty(key))
+            {
+                key = DESKey;
+            }
+            var encoding = new ASCIIEncoding();
+            byte[] keyByte = encoding.GetBytes(key);
+            byte[] encryptByte = encoding.GetBytes(encrypt);
+            using (var hmacsha256 = new HMACSHA256(keyByte))
+            {
+                return hmacsha256.ComputeHash(encryptByte);
+            }
+        }
+
+        public static string HMAC_SHA256ToHex(string encrypt, string key = "")
+        {
+            byte[] hash = HMAC_SHA256(encrypt, key);
+            return EncodingHelper.ByteArrToHexDefault(hash);
+        }
+
+        public static string GetGuid(bool replaceDash = false)
+        {
+            string guid = Guid.NewGuid().ToString();
+            if (replaceDash)
+            {
+                guid = guid.Replace("-", string.Empty);
+            }
+            return guid;
         }
 
         public static bool IsSafeSqlParam(string value)