diff --git a/IRaCIS.Core.Application/BusinessFilter/Encryption/EncryptionRequestMiddleware.cs b/IRaCIS.Core.Application/BusinessFilter/Encryption/EncryptionRequestMiddleware.cs index 9dd672d1e..fd85d9b25 100644 --- a/IRaCIS.Core.Application/BusinessFilter/Encryption/EncryptionRequestMiddleware.cs +++ b/IRaCIS.Core.Application/BusinessFilter/Encryption/EncryptionRequestMiddleware.cs @@ -50,7 +50,7 @@ public class EncryptionRequestMiddleware { try { - var decryptedSegment = AesEncryption.Decrypt(pathSegments[i], decryptedSymmetricKey); + var decryptedSegment = Infrastructure.Encryption.AesEncryption.Decrypt(pathSegments[i], decryptedSymmetricKey); pathSegments[i] = decryptedSegment; } catch @@ -74,7 +74,7 @@ public class EncryptionRequestMiddleware foreach (var param in queryParams) { var encryptedValue = param.Value; - var decryptedValue = AesEncryption.Decrypt(encryptedValue, decryptedSymmetricKey); + var decryptedValue = Infrastructure.Encryption.AesEncryption.Decrypt(encryptedValue, decryptedSymmetricKey); decryptedQueryParams[param.Key] = decryptedValue; } @@ -104,7 +104,7 @@ public class EncryptionRequestMiddleware foreach (var property in encryptedJson.Properties()) { var encryptedValue = property.Value.ToString(); - var decryptedValue = AesEncryption.Decrypt(encryptedValue, decryptedSymmetricKey); + var decryptedValue = Infrastructure.Encryption.AesEncryption.Decrypt(encryptedValue, decryptedSymmetricKey); decryptedJson[property.Name] = decryptedValue; } diff --git a/IRaCIS.Core.Application/BusinessFilter/LegacyController/TrialGlobalLimitActionFilter.cs b/IRaCIS.Core.Application/BusinessFilter/LegacyController/TrialGlobalLimitActionFilter.cs index 7df51b758..fa853d0a3 100644 --- a/IRaCIS.Core.Application/BusinessFilter/LegacyController/TrialGlobalLimitActionFilter.cs +++ b/IRaCIS.Core.Application/BusinessFilter/LegacyController/TrialGlobalLimitActionFilter.cs @@ -1,6 +1,7 @@ using IRaCIS.Application.Contracts; using IRaCIS.Core.Application.BusinessFilter; using IRaCIS.Core.Application.Helper; +using IRaCIS.Core.Infrastructure.Encryption; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc.Filters; @@ -170,7 +171,7 @@ public class TrialGlobalLimitActionFilter(IFusionCache _fusionCache, IUserInfo _ try { //解析加密信息 - decodedText = Cryptography.DecryptString(activationCode, _basicSystemConfigConfig.CurrentValue.AESKey, "Trial_AuthorizationEncrypt"); + decodedText = AesEncryption.Decrypt(activationCode, _basicSystemConfigConfig.CurrentValue.AESKey, "Trial_AuthorizationEncrypt"); } catch (Exception) { diff --git a/IRaCIS.Core.Application/BusinessFilter/MinimalAPI/TrialGlobalLimitEndpointFilter.cs b/IRaCIS.Core.Application/BusinessFilter/MinimalAPI/TrialGlobalLimitEndpointFilter.cs index 7f31cbf42..ccd1fcf49 100644 --- a/IRaCIS.Core.Application/BusinessFilter/MinimalAPI/TrialGlobalLimitEndpointFilter.cs +++ b/IRaCIS.Core.Application/BusinessFilter/MinimalAPI/TrialGlobalLimitEndpointFilter.cs @@ -1,5 +1,6 @@ using IRaCIS.Application.Contracts; using IRaCIS.Core.Application.Helper; +using IRaCIS.Core.Infrastructure.Encryption; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Microsoft.Extensions.Options; @@ -177,7 +178,7 @@ public class TrialGlobalLimitEndpointFilter(IFusionCache _fusionCache, IUserInfo try { //解析加密信息 - decodedText = Cryptography.DecryptString(activationCode, _basicSystemConfigConfig.CurrentValue.AESKey, "Trial_AuthorizationEncrypt"); + decodedText = AesEncryption.Decrypt(activationCode, _basicSystemConfigConfig.CurrentValue.AESKey, "Trial_AuthorizationEncrypt"); } catch (Exception) { diff --git a/IRaCIS.Core.Application/Helper/Cryptography.cs b/IRaCIS.Core.Application/Helper/Cryptography.cs deleted file mode 100644 index 7e8fa32a4..000000000 --- a/IRaCIS.Core.Application/Helper/Cryptography.cs +++ /dev/null @@ -1,62 +0,0 @@ -using System; -using System.IO; -using System.Security.Cryptography; -using System.Text; - -public class Cryptography -{ - public static string EncryptString(string plainText, string key, string iv) - { - using (Aes aesAlg = Aes.Create()) - { - aesAlg.Key = GetKeyBytes(key, aesAlg.KeySize / 8); - aesAlg.IV = GetKeyBytes(iv, 16); - - ICryptoTransform encryptor = aesAlg.CreateEncryptor(aesAlg.Key, aesAlg.IV); - - using (MemoryStream msEncrypt = new MemoryStream()) - { - using (CryptoStream csEncrypt = new CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write)) - { - byte[] plainBytes = Encoding.UTF8.GetBytes(plainText); - csEncrypt.Write(plainBytes, 0, plainBytes.Length); - csEncrypt.FlushFinalBlock(); - } - return Convert.ToBase64String(msEncrypt.ToArray()); - } - } - } - - public static string DecryptString(string cipherText, string key, string iv) - { - byte[] cipherBytes = Convert.FromBase64String(cipherText); - using (Aes aesAlg = Aes.Create()) - { - aesAlg.Key = GetKeyBytes(key, aesAlg.KeySize / 8); - aesAlg.IV = GetKeyBytes(iv, 16); - - ICryptoTransform decryptor = aesAlg.CreateDecryptor(aesAlg.Key, aesAlg.IV); - - using (MemoryStream msDecrypt = new MemoryStream(cipherBytes)) - { - using (CryptoStream csDecrypt = new CryptoStream(msDecrypt, decryptor, CryptoStreamMode.Read)) - { - using (StreamReader srDecrypt = new StreamReader(csDecrypt)) - { - return srDecrypt.ReadToEnd(); - } - } - } - } - } - - private static byte[] GetKeyBytes(string key, int keySize) - { - - - using (var deriveBytes = new PasswordDeriveBytes(key, null)) - { - return deriveBytes.GetBytes(keySize); - } - } -} diff --git a/IRaCIS.Core.Application/Service/TrialSiteUser/TrialConfigService.cs b/IRaCIS.Core.Application/Service/TrialSiteUser/TrialConfigService.cs index d12229fe2..e1a924a23 100644 --- a/IRaCIS.Core.Application/Service/TrialSiteUser/TrialConfigService.cs +++ b/IRaCIS.Core.Application/Service/TrialSiteUser/TrialConfigService.cs @@ -9,6 +9,7 @@ using IRaCIS.Core.Application.ViewModel; using IRaCIS.Core.Domain.Share; using IRaCIS.Core.Infra.EFCore.Common; using IRaCIS.Core.Infrastructure; +using IRaCIS.Core.Infrastructure.Encryption; using MassTransit; using Microsoft.AspNetCore.Mvc; using Microsoft.Extensions.Options; @@ -1260,7 +1261,7 @@ namespace IRaCIS.Core.Application ActiveDeadLineDate = DateTime.Now.Date.AddDays(8).AddSeconds(-1) }; - var newActivationCode = Cryptography.EncryptString($"{JsonConvert.SerializeObject(authorizationInfo)}", _basicSystemConfigConfig.CurrentValue.AESKey, "Trial_AuthorizationEncrypt"); + var newActivationCode = AesEncryption.Encrypt($"{JsonConvert.SerializeObject(authorizationInfo)}", _basicSystemConfigConfig.CurrentValue.AESKey, "Trial_AuthorizationEncrypt"); trial.AuthorizationEncrypt = newActivationCode; trial.AuthorizationDate = deadLineDate; diff --git a/IRaCIS.Core.Application/Service/Visit/PatientService.cs b/IRaCIS.Core.Application/Service/Visit/PatientService.cs index 52c446af5..63407dac1 100644 --- a/IRaCIS.Core.Application/Service/Visit/PatientService.cs +++ b/IRaCIS.Core.Application/Service/Visit/PatientService.cs @@ -41,6 +41,7 @@ using DocumentFormat.OpenXml.Office2010.Drawing; using IDistributedLockProvider = Medallion.Threading.IDistributedLockProvider; using DocumentFormat.OpenXml.InkML; using Microsoft.AspNetCore.Hosting; +using IRaCIS.Core.Infrastructure.Encryption; namespace IRaCIS.Application.Services { @@ -168,7 +169,7 @@ namespace IRaCIS.Application.Services try { //解析加密信息 - var decodedText = Cryptography.DecryptString(trial.AuthorizationEncrypt, _basicSystemConfigConfig.CurrentValue.AESKey, "Trial_AuthorizationEncrypt"); + var decodedText = AesEncryption.Decrypt(trial.AuthorizationEncrypt, _basicSystemConfigConfig.CurrentValue.AESKey, "Trial_AuthorizationEncrypt"); var authInfo = JsonConvert.DeserializeObject(decodedText); @@ -405,7 +406,7 @@ namespace IRaCIS.Application.Services public async Task GetTrialActivationCode(TrialAuthorizationInfo authorizationInfo, [FromServices] IOptionsMonitor _basicSystemConfigConfig) { authorizationInfo.ActiveDeadLineDate = DateTime.Now.Date.AddDays(8).AddSeconds(-1); - var info = Cryptography.EncryptString($"{JsonConvert.SerializeObject(authorizationInfo)}", _basicSystemConfigConfig.CurrentValue.AESKey, "Trial_AuthorizationEncrypt"); + var info = Core.Infrastructure.Encryption.AesEncryption.Encrypt($"{JsonConvert.SerializeObject(authorizationInfo)}", _basicSystemConfigConfig.CurrentValue.AESKey, "Trial_AuthorizationEncrypt"); return ResponseOutput.Ok(info); @@ -427,7 +428,7 @@ namespace IRaCIS.Application.Services try { - decodedText = Cryptography.DecryptString(activationCode, _basicSystemConfigConfig.CurrentValue.AESKey, "Trial_AuthorizationEncrypt"); + decodedText = Core.Infrastructure.Encryption.AesEncryption.Decrypt(activationCode, _basicSystemConfigConfig.CurrentValue.AESKey, "Trial_AuthorizationEncrypt"); } @@ -469,7 +470,7 @@ namespace IRaCIS.Application.Services var decodedText = string.Empty; try { - decodedText = Cryptography.DecryptString(activationCode, _basicSystemConfigConfig.CurrentValue.AESKey, "Trial_AuthorizationEncrypt"); + decodedText = AesEncryption.Decrypt(activationCode, _basicSystemConfigConfig.CurrentValue.AESKey, "Trial_AuthorizationEncrypt"); } @@ -500,7 +501,7 @@ namespace IRaCIS.Application.Services authInfo.AuthorizationDeadLineDate = deadLineDate; authInfo.ActiveTime = DateTime.Now; - var newActivationCode = Cryptography.EncryptString($"{JsonConvert.SerializeObject(authInfo)}", _basicSystemConfigConfig.CurrentValue.AESKey, "Trial_AuthorizationEncrypt"); + var newActivationCode = AesEncryption.Encrypt($"{JsonConvert.SerializeObject(authInfo)}", _basicSystemConfigConfig.CurrentValue.AESKey, "Trial_AuthorizationEncrypt"); await _trialRepository.BatchUpdateNoTrackingAsync(t => t.Id == trialId, u => new Trial() { AuthorizationEncrypt = newActivationCode, AuthorizationDate = deadLineDate }); diff --git a/IRaCIS.Core.Application/TestService.cs b/IRaCIS.Core.Application/TestService.cs index 61d451cb8..d8fc416de 100644 --- a/IRaCIS.Core.Application/TestService.cs +++ b/IRaCIS.Core.Application/TestService.cs @@ -306,23 +306,23 @@ namespace IRaCIS.Core.Application.Service string iv = "your-iv-12345678"; // IV 长度为 16 字节 - var encreptMd5 = AesEncryption.Encrypt(MD5Helper.Md5("123456"), key); + var encreptMd5 = Infrastructure.Encryption.AesEncryption.Encrypt(MD5Helper.Md5("123456"), key); Console.WriteLine(encreptMd5); - var decrept = AesEncryption.Decrypt(encreptMd5, key); + var decrept = Infrastructure.Encryption.AesEncryption.Decrypt(encreptMd5, key); Console.WriteLine(); - Console.WriteLine(AesEncryption.Encrypt("cyldev", key)); + Console.WriteLine(Infrastructure.Encryption.AesEncryption.Encrypt("cyldev", key)); Console.WriteLine($"原始文本: {plainText}"); // 加密 - string encrypted = AesEncryption.Encrypt(plainText, key, iv); + string encrypted = Infrastructure.Encryption.AesEncryption.Encrypt(plainText, key, iv); Console.WriteLine($"加密后的数据: {encrypted}"); // 解密 - string decrypted = AesEncryption.Decrypt(encrypted, key, iv); + string decrypted = Infrastructure.Encryption.AesEncryption.Decrypt(encrypted, key, iv); Console.WriteLine($"解密后的数据: {decrypted}"); @@ -331,11 +331,11 @@ namespace IRaCIS.Core.Application.Service Console.WriteLine($"原始文本: {plainText}"); // 加密 - string encrypte = AesEncryption.Encrypt(plainText, key); + string encrypte = Infrastructure.Encryption.AesEncryption.Encrypt(plainText, key); Console.WriteLine($"加密后的数据: {encrypte}"); // 解密 - string decrypte = AesEncryption.Decrypt(encrypte, key); + string decrypte = Infrastructure.Encryption.AesEncryption.Decrypt(encrypte, key); Console.WriteLine($"解密后的数据: {decrypte}"); diff --git a/IRaCIS.Core.Infrastructure/_IRaCIS/Encryption/AesEncryption.cs b/IRaCIS.Core.Infrastructure/_IRaCIS/Encryption/AesEncryption.cs index 884e8b29b..5a104964b 100644 --- a/IRaCIS.Core.Infrastructure/_IRaCIS/Encryption/AesEncryption.cs +++ b/IRaCIS.Core.Infrastructure/_IRaCIS/Encryption/AesEncryption.cs @@ -46,8 +46,8 @@ public class AesEncryption // AES 加密(带 IV) public static string Encrypt(string plainText, string key, string iv) { - var keyBytes = Encoding.UTF8.GetBytes(key); - var ivBytes = Encoding.UTF8.GetBytes(iv); + var keyBytes = Encoding.UTF8.GetBytes(key.PadRight(32, '0').Substring(0, 32)); + var ivBytes = Encoding.UTF8.GetBytes(iv.PadRight(16, '0').Substring(0, 16)); // 使用 AES 引擎 + PKCS7 填充 + CBC 模式 var engine = new AesEngine(); @@ -64,8 +64,8 @@ public class AesEncryption // AES 解密(带 IV) public static string Decrypt(string encryptedText, string key, string iv) { - var keyBytes = Encoding.UTF8.GetBytes(key); - var ivBytes = Encoding.UTF8.GetBytes(iv); + var keyBytes = Encoding.UTF8.GetBytes(key.PadRight(32, '0').Substring(0, 32)); + var ivBytes = Encoding.UTF8.GetBytes(iv.PadRight(16, '0').Substring(0, 16)); var cipherBytes = Convert.FromBase64String(encryptedText); // 使用 AES 引擎 + PKCS7 填充 + CBC 模式