public ActionResult Read(int messageId, string passphrase, string hash) { var model = new SelfDestructingMessageModel(); try { var message = selfDestructingMessageRepository.GetMessage(messageId, passphrase); string originalHash = SymmetricCryptoProvider.GetSecureHashForString(message.Message); if (hash != originalHash) { model.MessageText = "Error: hash of retrieved message does not match the original message hash." + Environment.NewLine + "The message may have been tampered with!"; model.InvalidMessageId = true; return(View("Read", model)); } // File Attachments if (message.HasAttachment) { Message attachment = new Message { EncryptionKey = passphrase, MessageId = message.MessageId }; StoreEncryptedFileInTemporaryMemory(attachment); model.HasAttachment = true; model.TemporaryDownloadId = attachment.TemporaryDownloadId; //model.AttachmentName = message.AttachmentName; } else { model.HasAttachment = false; } model.MessageText = message.Message; } catch (Exception ex) { model.InvalidMessageId = true; model.MessageText = ex.Message; } return(View("Read", model)); }
public ActionResult Send(SelfDestructingMessageModel message) { // verify email if (!Domain.Validation.IsValidEmail(message.Email)) { throw new ArgumentException("email", "invalid email format"); } string passphrase = PronounceablePasswordGenerator.Generate(32); passphrase = HttpUtility.UrlEncode(passphrase); int messageId = selfDestructingMessageRepository.StoreMessage(new SelfDestructingMessage() { Message = message.MessageText }, passphrase, message.AttachmentName, message.Attachment); string hash = SymmetricCryptoProvider.GetSecureHashForString(message.MessageText); const string notification = @" Hello, You have received a self-destructing message. This message will be decrypted and erased when you open the link below. You can read it at https://{0}:{1}/selfdestruct/read/?messageId={2}&passphrase={3}&hash={4} CryptAByte.com is not responsible for the contents of messages. For more information, please visit https://CryptAByte.com/SelfDestruct "; MailMessage mailMessage = new MailMessage { From = new MailAddress("*****@*****.**") }; mailMessage.To.Add(new MailAddress(message.Email)); mailMessage.Subject = "New self-destructing message @ CryptAByte"; if (Request == null) { string messageText = string.Format(notification, "cryptabyte.com", 443, messageId, passphrase, hash); Debug.WriteLine(messageText); mailMessage.Body = messageText; } else { mailMessage.Body = string.Format(notification, Request.Url.Host, Request.Url.Port, messageId, passphrase, hash);; } SmtpClient client = new SmtpClient(); client.Send(mailMessage); return(Content("Message sent")); }