public ActionResult <string> GenerateDigest([FromBody] string request, SigningAlgoritm algoritm = SigningAlgoritm.SHA256WITHRSA)
{
_logger.LogDebug($"Calling POST /generateDigest{algoritm} endpoint ");
if (request == null)
{
return(BadRequest());
}
try
{
request = DecodeBase64(request);
}
catch (Exception ex)
{
_logger.LogError($"Error decoding request data", ex);
return(BadRequest("Error decoding request data, check base64 encoding"));
}
if (algoritm == SigningAlgoritm.SHA256WITHRSA)
{
return($"SHA-256={Sha256Helper.GenerateHash(request)}");
}
else if (algoritm == SigningAlgoritm.SHA512WITHRSA)
{
return($"SHA-512={Sha512Helper.GenerateHash(request)}");
}
else
{
return(BadRequest($"Unsupported digest algoritm {algoritm}"));
}
}
public void ReturnRandomValue()
{
// Arrange & Act
var result = Sha512Helper.GetRandomValue();
_output.WriteLine("Generated hash: " + result);
// Assert
Assert.Equal(128, result.Length);
}
public async Task <IActionResult> Edit(CertificateViewModel cvm, CancellationToken cancellationToken)
{
var _user = await _userManager.GetUserAsync(User);
if (ModelState.IsValid)
{
if (cvm.File != null)
{
if (cvm.File.CheckFileExtension(_fileSettings.Expansion))
{
ModelState.AddModelError("File", _localizer["FileExtensionError"]);
return(View(cvm));
}
using (var binaryReader = new BinaryReader(cvm.File.OpenReadStream()))
{
if (cvm.File.CheckFileSize(_fileSettings.MinSize, _fileSettings.SizeLimit))
{
ModelState.AddModelError("File", _localizer["FileSizeError"]);
return(View(cvm));
}
var path = $"/private/{Sha512Helper.GetRandomValue()}.jpg";
using (var stream = System.IO.File.Create(_appEnvironment.WebRootPath + path))
{
await cvm.File.CopyToAsync(stream, cancellationToken);
}
cvm.Path = path;
}
}
try
{
await _certificateService.UpdateCertificateAsync(cvm, _user.Id, cancellationToken);
}
catch (DbUpdateConcurrencyException ex)
{
_logger.LogError("An error occurred while updating the certificate: " + ex.Message);
return(RedirectToAction(nameof(Index)));
}
_logger.LogInformation($"Certificate {cvm.Id} changed by User {_user.Id}");
return(RedirectToAction(nameof(Details), new { id = cvm.Id }));
}
return(View(cvm));
}
public async Task <IActionResult> Create(CertificateViewModel cvm, CancellationToken cancellationToken)
{
var _user = await _userManager.GetUserAsync(User);
if (cvm.File is null)
{
ModelState.AddModelError("File", _localizer["Required"]);
}
if (ModelState.IsValid)
{
if (cvm.File.CheckFileExtension(_fileSettings.Expansion))
{
ModelState.AddModelError("File", _localizer["FileExtensionError"]);
return(View());
}
using (var binaryReader = new BinaryReader(cvm.File.OpenReadStream()))
{
if (cvm.File.CheckFileSize(_fileSettings.MinSize, _fileSettings.SizeLimit))
{
ModelState.AddModelError("File", _localizer["FileSizeError"]);
return(View());
}
var path = $"/private/{Sha512Helper.GetRandomValue()}.jpg";
using (var stream = System.IO.File.Create(_appEnvironment.WebRootPath + path))
{
await cvm.File.CopyToAsync(stream, cancellationToken);
}
cvm.Path = path;
}
await _certificateService.CreateCertificateAsync(cvm, _user.Id, cancellationToken);
_logger.LogInformation($"New certificate created by User {_user.Id}");
return(RedirectToAction(nameof(Index)));
}
return(View());
}
public IActionResult SignData([FromBody] SigningRequest request)
{
_logger.LogDebug($"Calling POST /generateDigest endpoint ");
if (request == null)
{
return(BadRequest());
}
_logger.LogDebug($"Calling POST /generateDigest endpoint ");
try
{
request.DataToSign = DecodeBase64(request.DataToSign);
}
catch (Exception ex)
{
_logger.LogError($"Error decoding data to sign", ex);
return(BadRequest("Error decoding data to sign, check base64 encoding"));
}
if (request.Algorithm == SigningAlgoritm.SHA256WITHRSA)
{
var bytes = Encoding.UTF8.GetBytes(request.DataToSign ?? request.Digest.Replace("SHA-256=", ""));
var signBytes = Sha256Helper.SignData(request.PrivateKey, bytes);
var signature = Convert.ToBase64String(signBytes);
var testValid = Sha256Helper.VerifyData(request.Certificate, bytes, signBytes);
var response = new SigningResponse()
{
Algorithm = Enum.GetName(typeof(SigningAlgoritm),
request.Algorithm),
Headers = "digest tpp-transaction - id tpp - request - id timestamp psu-id",
KeyId = request.KeyID,
Signature = signature,
CertificateAuthority = "CA",
IsValid = testValid
};
return(Ok(response));
}
else if (request.Algorithm == SigningAlgoritm.SHA512WITHRSA)
{
var bytes = Encoding.UTF8.GetBytes(request.DataToSign ?? request.Digest.Replace("SHA-512=", ""));
var signBytes = Sha512Helper.SignData(request.PrivateKey, bytes);
var signature = Convert.ToBase64String(signBytes);
var testValid = Sha512Helper.VerifyData(request.Certificate, bytes, signBytes);
var response = new SigningResponse()
{
Algorithm = GetEnumDescription(request.Algorithm),
Headers = "digest tpp-transaction - id tpp - request - id timestamp psu-id",
KeyId = request.KeyID,
Signature = signature,
CertificateAuthority = "CA",
IsValid = testValid
};
return(Ok(response));
}
else
{
return(BadRequest($"Unsupported signing algoritm {request.Algorithm}"));
}
}
