public IActionResult SubmitAssignment(IFormFile file)
{
var assignment = _assignmentsService.GetAssignment(Guid.Parse(CryptographicHelper.SymmetricDecrypt(Request.Cookies["Assignment"])));
ViewBag.Assignment = assignment;
if (file != null)
{
Stream stream = file.OpenReadStream();
int firstByte = stream.ReadByte();
int secondByte = stream.ReadByte();
int thirdByte = stream.ReadByte();
int fourthByte = stream.ReadByte();
stream.Position = 0;
//If the file passes the following check, a submission is created with user credentials
if (firstByte == 37 && secondByte == 80 && thirdByte == 68 && fourthByte == 70 && Path.GetExtension(file.FileName) == ".pdf")
{
SubmissionViewModel submission = new SubmissionViewModel();
submission.Member = _membersService.GetMember(User.Identity.Name);
Tuple <byte[], byte[]> keys = CryptographicHelper.GenerateKeys();
MemberViewModel teacher = _membersService.GetMember(submission.Member.TeacherEmail);
string encryptedKey = Convert.ToBase64String(CryptographicHelper.AsymmetricEncrypt(keys.Item1, teacher.PublicKey));
string encryptedIv = Convert.ToBase64String(CryptographicHelper.AsymmetricEncrypt(keys.Item2, teacher.PublicKey));
submission.SymmetricKey = encryptedKey;
submission.SymmetricIV = encryptedIv;
submission.Assignment = _assignmentsService.GetAssignment(assignment.Id);
string absolutePath = _host.WebRootPath + @"\..\ProtectedFiles\";
string uniqueName = Guid.NewGuid().ToString() + Path.GetExtension(file.FileName);
using (MemoryStream ms = new MemoryStream())
{
stream.CopyTo(ms);
ms.Position = 0;
submission.FileHash = Convert.ToBase64String(CryptographicHelper.Hash(ms.ToArray()));
var signature = CryptographicHelper.GenerateSignature(Convert.FromBase64String(submission.FileHash), submission.Member.PrivateKey);
submission.Signature = Convert.ToBase64String(CryptographicHelper.SymmetricEncrypt(
signature,
keys.Item1, keys.Item2));
System.IO.File.WriteAllBytes(absolutePath + uniqueName,
CryptographicHelper.SymmetricEncrypt(
ms.ToArray(),
keys.Item1,
keys.Item2
)
);
}
submission.FilePath = absolutePath + uniqueName;
_assignmentsService.AddSubmission(submission);
TempData["info"] = "File accepted";
return(RedirectToAction("index"));
}
else
{
TempData["warning"] = "File is not valid, only PDF allowed";
return(View());
}
}
else
{
TempData["warning"] = "Please upload a file";
return(View());
}
}