public async Task <IActionResult> migracionClaves([FromBody] string password)
        {
            //var currentUser = await _userManager.GetUserAsync(User);
            var currentUser = _context.Users.Include(u => u.Claves).First(u => u.UserName == User.Identity.Name);

            if (!await _userManager.CheckPasswordAsync(currentUser, password))
            {
                return(Ok(new Response(false)));
            }

            var securityData = new SecurityData(currentUser.DatosSeguridad);
            var rng          = System.Security.Cryptography.RandomNumberGenerator.Create();

            foreach (var clave in currentUser.Claves)
            {
                var iv = new byte[16];
                rng.GetBytes(iv);

                var encPrivKey = securityData.Encrypt(clave.PrivateKey_ByteArray, password, iv);

                clave.EncPrivKey = Convert.ToBase64String(encPrivKey) + "|" + Convert.ToBase64String(iv);
            }
            _context.SaveChanges();
            return(Ok(new Response(true)));
        }
Ejemplo n.º 2
0
        public async Task <IActionResult> Post([FromBody] CrearClaveViewModel claveViewModel)
        {
            var parNuevo = KeyPair.GenerarNuevo();


            if (ModelState.IsValid)
            {
                var currentUserId = _userManager.GetUserId(User);
                var currentUser   = _context.Users.Include(u => u.Claves).First(u => u.Id == currentUserId);

                if (!await _userManager.CheckPasswordAsync(currentUser, claveViewModel.Password))
                {
                    return(Ok(new Response(false, "La contraseña es incorrecta.")));
                }

                var securityData = new SecurityData(currentUser.DatosSeguridad);

                var iv = new byte[16];
                using (var rng = System.Security.Cryptography.RandomNumberGenerator.Create())
                {
                    rng.GetBytes(iv);
                }


                var encryptedPrivateKey = securityData.Encrypt(parNuevo.PrivateKey.ByteArray, claveViewModel.Password, iv);



                //System.Security.Claims.ClaimsPrincipal currentUser = this.User;
                //bool IsAdmin = currentUser.IsInRole("Admin");
                //var id = _userManager.GetUserId(User); // Get user id:
                //var user = await _userManager.GetUserAsync(User);

                var csrString = LibreriaCriptografica.CertificateSigningRequest.GeneratePkcs10(
                    parNuevo.PrivateKey,
                    parNuevo.PublicKey,
                    claveViewModel.CommonName,
                    claveViewModel.Organization,
                    claveViewModel.OrganizationUnit,
                    claveViewModel.City,
                    claveViewModel.State,
                    claveViewModel.CountryIso2Characters,
                    claveViewModel.Email
                    );

                _context.Add(new Clave()
                {
                    ApplicationUser      = currentUser,
                    EncPrivKey           = Convert.ToBase64String(encryptedPrivateKey) + "|" + Convert.ToBase64String(iv), //parNuevo.PrivateKey.ByteArray.ToHexString(),
                    PublicKey            = parNuevo.PublicKey.ByteArray.ToHexString(),
                    NombreIdentificativo = claveViewModel.NombreIdentificativo,
                    Organizacion         = claveViewModel.Organization,
                    UnidadOrganizacional = claveViewModel.OrganizationUnit,
                    Localidad            = claveViewModel.City,
                    EstadoOProvincia     = claveViewModel.State,
                    Pais          = claveViewModel.CountryIso2Characters,
                    Email         = claveViewModel.Email,
                    NombreComun   = claveViewModel.CommonName,
                    CSR           = Encoding.ASCII.GetBytes(csrString),
                    FechaCreacion = DateTime.Now
                });

                _context.SaveChanges();
                return(Ok(new Response(true)));;
            }
            return(Ok(new Response(false)));;
            //return View();
        }