diff --git a/PCL.Core/PCL.Core.csproj b/PCL.Core/PCL.Core.csproj
index efebd8f57..bfe111316 100644
--- a/PCL.Core/PCL.Core.csproj
+++ b/PCL.Core/PCL.Core.csproj
@@ -54,6 +54,7 @@
+
@@ -100,4 +101,4 @@
-
\ No newline at end of file
+
diff --git a/PCL.Core/Utils/Exts/StringExtension.cs b/PCL.Core/Utils/Exts/StringExtension.cs
index 8082f0746..15de5e0c6 100644
--- a/PCL.Core/Utils/Exts/StringExtension.cs
+++ b/PCL.Core/Utils/Exts/StringExtension.cs
@@ -7,6 +7,7 @@
using System.Numerics;
using System.Reflection;
using System.Runtime.CompilerServices;
+using System.Text;
using System.Text.RegularExpressions;
namespace PCL.Core.Utils.Exts;
@@ -282,6 +283,20 @@ public int LastIndexOfF(string subStr, bool ignoreCase = false)
public int LastIndexOfF(string subStr, int startIndex, bool ignoreCase = false)
=> str.LastIndexOf(subStr, startIndex, ignoreCase ? StringComparison.OrdinalIgnoreCase : StringComparison.Ordinal);
+
+ public byte[] GetBytes(Encoding? encode = null)
+ {
+ encode ??= Encoding.UTF8;
+ return encode.GetBytes(str);
+ }
+ }
+ extension(ReadOnlySpan str){
+
+ public int GetBytes(Span destination, Encoding? encode = null)
+ {
+ encode ??= Encoding.UTF8;
+ return encode.GetBytes(str, destination);
+ }
}
extension(string hex)
diff --git a/PCL.Core/Utils/Secret/EncryptHelper.cs b/PCL.Core/Utils/Secret/EncryptHelper.cs
index bf1a3a390..403dc5e17 100644
--- a/PCL.Core/Utils/Secret/EncryptHelper.cs
+++ b/PCL.Core/Utils/Secret/EncryptHelper.cs
@@ -6,11 +6,16 @@
using PCL.Core.App;
using PCL.Core.Utils.Encryption;
using PCL.Core.Utils.Exts;
+using PlainToolkit.CngProtectedData;
+using DataProtectionScope = System.Security.Cryptography.DataProtectionScope;
+using CngDataProtectionScope = PlainToolkit.CngProtectedData.DataProtectionScope;
+
namespace PCL.Core.Utils.Secret;
public static class EncryptHelper
{
+ private static readonly byte[] Key = "PCL CE Encryption Key".GetBytes();
public static (IEncryptionProvider Provider, uint Version) DefaultProvider => _DefaultProvider.Value;
private static readonly Lazy<(IEncryptionProvider Provider, uint Version)> _DefaultProvider = new(_SelectBestEncryption);
@@ -137,8 +142,7 @@ public static bool IsValid(ReadOnlySpan data)
#endregion
#region "密钥存储和获取"
-
- private static readonly byte[] _IdentifyEntropy = Encoding.UTF8.GetBytes("PCL CE Encryption Key");
+
internal static byte[] EncryptionKey { get => _EncryptionKey.Value; }
private static readonly Lazy _EncryptionKey = new(_GetKey);
@@ -151,32 +155,31 @@ private static byte[] _GetKey()
var data = EncryptionData.FromBytes(buf);
return data.Version switch
{
- 1 => ProtectedData.Unprotect(data.Data, _IdentifyEntropy, DataProtectionScope.CurrentUser),
+ 1 => ProtectedData.Unprotect(data.Data, Key, DataProtectionScope.CurrentUser),
+ 2 => CngProtectedData.Unprotect(data.Data, Key, CngDataProtectionScope.CurrentUser),
_ => throw new NotSupportedException("Unsupported key version")
};
}
- else
+
+ var randomKey = new byte[32];
+ RandomNumberGenerator.Fill(randomKey);
+ var storeData = EncryptionData.ToBytes(new EncryptionData
{
- var randomKey = new byte[32];
- RandomNumberGenerator.Fill(randomKey);
- var storeData = EncryptionData.ToBytes(new EncryptionData
- {
- Version = 1,
- Data = ProtectedData.Protect(randomKey, _IdentifyEntropy, DataProtectionScope.CurrentUser)
- });
+ Version = 2,
+ Data = CngProtectedData.Protect(randomKey, Key, CngDataProtectionScope.CurrentUser)
+ });
- var tmpFile = $"{keyFile}.tmp{RandomUtils.NextInt(10000, 99999)}";
- using (var fs = new FileStream(tmpFile, FileMode.Create, FileAccess.ReadWrite, FileShare.None))
- {
- fs.Write(storeData);
- fs.Flush(true);
- }
+ var tmpFile = $"{keyFile}.tmp{RandomUtils.NextInt(10000, 99999)}";
+ using (var fs = new FileStream(tmpFile, FileMode.Create, FileAccess.ReadWrite, FileShare.None))
+ {
+ fs.Write(storeData);
+ fs.Flush(true);
+ }
- File.Move(tmpFile, keyFile, true);
+ File.Move(tmpFile, keyFile, true);
- return randomKey;
- }
+ return randomKey;
}
#endregion
-}
\ No newline at end of file
+}