private async Task <ExchangePublicKeyModel> ExchangeRsaKeyAsync(string key)
{
var payload = new ExchangePublicKeyModel()
{
Id = _deviceId,
Key = key
};
var content = new StringContent(JsonConvert.SerializeObject(payload), Encoding.UTF8, "application/json");
var serverKeyResponse = await _httpClient.PostAsync("api/securechannel/exchangepublickey", content);
var keyModelString = await serverKeyResponse.Content.ReadAsStringAsync();
var keyModel = JsonConvert.DeserializeObject <ExchangePublicKeyModel>(keyModelString);
return(keyModel);
}
public async Task <IActionResult> ExchangePublicKeys(
[FromBody] ExchangePublicKeyModel exchangePublicKeyModel,
[FromServices] ISecurityService securityService)
{
if (ModelState.IsValid)
{
var key = await securityService.GetPublicRSAKeyAsync("server");
await securityService.SaveClientRSAKeyAsync(exchangePublicKeyModel.Id, exchangePublicKeyModel.Key);
return(Json(new ExchangePublicKeyModel {
Id = "server", Key = key
}));
}
else
{
return(BadRequest(ModelState.ValidationState));
}
}
private async Task <ExchangePublicKeyModel> ExchangeTripleDesKeyAsync(string key, string rsaKey)
{
var payload = new ExchangePublicKeyModel()
{
Id = _deviceId,
Key = key
};
var content = new StringContent(JsonConvert.SerializeObject(payload), Encoding.UTF8, "application/json");
var serverKeyResponse = await _httpClient.PostAsync("api/securechannel/exchangetripledeskey", content);
var keyModelJson = await serverKeyResponse.Content.ReadAsStringAsync();
var keyModelString = JsonConvert.DeserializeObject <string>(keyModelJson);
var decryptedServerModel = await _cryptoService.DecryptRSAAsync(Convert.FromBase64String(keyModelString), rsaKey);
var keyModel = JsonConvert.DeserializeObject <ExchangePublicKeyModel>(decryptedServerModel);
return(keyModel);
}
public async Task <IActionResult> ExchangeTripleDesKeys(
[FromBody] ExchangePublicKeyModel exchangePublicKeyModel,
[FromServices] ISecurityService securityService,
[FromServices] ICryptoService cryptoService,
[FromServices] IKeyStorageContainer storageContainer)
{
if (ModelState.IsValid)
{
var rsaKey = await securityService.GetPrivateRSAKeyAsync("server");
var clientRsaKey = await securityService.GetClientPublicRSAKeysAsync(exchangePublicKeyModel.Id);
var encryptedClientTripleDesKey = Convert.FromBase64String(exchangePublicKeyModel.Key);
var decryptedClientTripleDesKey = await cryptoService.DecryptRSAAsync(encryptedClientTripleDesKey, rsaKey);
var tripleDesKey = await cryptoService.GenerateTripleDESKeyAsync();
var mergedKey = cryptoService.GenerateCombinedTripleDesKey(tripleDesKey, Convert.FromBase64String(decryptedClientTripleDesKey));
cryptoService.RegisterMergedKey(exchangePublicKeyModel.Id, mergedKey);
var model = new ExchangePublicKeyModel
{
Id = "server",
Key = Convert.ToBase64String(tripleDesKey)
};
var encryptedModel = await cryptoService.EncryptRSAAsync(JsonConvert.SerializeObject(model), clientRsaKey);
_logger.LogInformation("merged key: " + Convert.ToBase64String(mergedKey));
return(Json(Convert.ToBase64String(encryptedModel)));
}
else
{
return(BadRequest(ModelState.ValidationState));
}
}
