public List <Message> GetEncryptedMessages(string token, string privatekey) { string privatekeyhash = SymmetricCryptoProvider.GetSecureHashForString(privatekey); WebClient client = new WebClient(); client.Headers.Add("token", token); client.Headers.Add("privatekeyhash", privatekeyhash); try { byte[] response = client.DownloadData(ServiceUrl); var responseText = Encoding.Default.GetString(response); var jss = new JavaScriptSerializer(); var resource = jss.Deserialize <List <Message> >(responseText); return(resource); } catch (WebException e) { HandleWebException(e); //throw; return(null); } }
public void Encrypt_Decrypt_Hash_ReturnsOriginalValue() { var crypto = new SymmetricCryptoProvider(); string hashedPassword = SymmetricCryptoProvider.GetSecureHashForString(password); var cryptoText = crypto.EncryptWithKey(secret, hashedPassword); var original = crypto.DecryptWithKey(cryptoText, hashedPassword); Assert.AreEqual(secret, original); }
public ActionResult Read(int messageId, string passphrase, string hash) { var model = new SelfDestructingMessageModel(); try { var message = selfDestructingMessageRepository.GetMessage(messageId, passphrase); string originalHash = SymmetricCryptoProvider.GetSecureHashForString(message.Message); if (hash != originalHash) { model.MessageText = "Error: hash of retrieved message does not match the original message hash." + Environment.NewLine + "The message may have been tampered with!"; model.InvalidMessageId = true; return(View("Read", model)); } // File Attachments if (message.HasAttachment) { Message attachment = new Message { EncryptionKey = passphrase, MessageId = message.MessageId }; StoreEncryptedFileInTemporaryMemory(attachment); model.HasAttachment = true; model.TemporaryDownloadId = attachment.TemporaryDownloadId; //model.AttachmentName = message.AttachmentName; } else { model.HasAttachment = false; } model.MessageText = message.Message; } catch (Exception ex) { model.InvalidMessageId = true; model.MessageText = ex.Message; } return(View("Read", model)); }
public void Message_Encrypt_Decrypt_ReturnsOriginalValue() { // Arrange var crypto = new AsymmetricCryptoProvider(); var key = AsymmetricCryptoProvider.GenerateKeys(); string hash; string encryptedPassword; // Act var encryptedMessage = crypto.EncryptMessageWithKey(secret, key.PublicKey, out encryptedPassword, out hash); string messageDecryptionKey; var decryptedSecret = crypto.DecryptMessageWithKey(key.PrivateKey, encryptedMessage, encryptedPassword, hash, out messageDecryptionKey); // Assert Assert.AreEqual(secret, decryptedSecret); Assert.AreEqual(SymmetricCryptoProvider.GetSecureHashForString(secret), hash, "hashes do not match"); }
public static CryptoKey CreateRequestWithPassPhrase(string passphrase) { var key = AsymmetricCryptoProvider.GenerateKeys(); var request = new CryptoKey { RequestDate = DateTime.UtcNow, ReleaseDate = DateTime.Now, KeyToken = UniqueIdGenerator.GetUniqueId(), PublicKey = key.PublicKey, PrivateKey = new SymmetricCryptoProvider().EncryptWithKey(key.PrivateKey, passphrase), PrivateKeyHash = SymmetricCryptoProvider.GetSecureHashForString(key.PrivateKey), IsPrivateKeyEncrypted = true, IsPublicKeyOnly = false, Notifications = new EntityCollection<Notification>(), Messages = new EntityCollection<Message>(), }; return request; }
public ActionResult Send(SelfDestructingMessageModel message) { // verify email if (!Domain.Validation.IsValidEmail(message.Email)) { throw new ArgumentException("email", "invalid email format"); } string passphrase = PronounceablePasswordGenerator.Generate(32); passphrase = HttpUtility.UrlEncode(passphrase); int messageId = selfDestructingMessageRepository.StoreMessage(new SelfDestructingMessage() { Message = message.MessageText }, passphrase, message.AttachmentName, message.Attachment); string hash = SymmetricCryptoProvider.GetSecureHashForString(message.MessageText); const string notification = @" Hello, You have received a self-destructing message. This message will be decrypted and erased when you open the link below. You can read it at https://{0}:{1}/selfdestruct/read/?messageId={2}&passphrase={3}&hash={4} CryptAByte.com is not responsible for the contents of messages. For more information, please visit https://CryptAByte.com/SelfDestruct "; MailMessage mailMessage = new MailMessage { From = new MailAddress("*****@*****.**") }; mailMessage.To.Add(new MailAddress(message.Email)); mailMessage.Subject = "New self-destructing message @ CryptAByte"; if (Request == null) { string messageText = string.Format(notification, "cryptabyte.com", 443, messageId, passphrase, hash); Debug.WriteLine(messageText); mailMessage.Body = messageText; } else { mailMessage.Body = string.Format(notification, Request.Url.Host, Request.Url.Port, messageId, passphrase, hash);; } SmtpClient client = new SmtpClient(); client.Send(mailMessage); return(Content("Message sent")); }