Esempio n. 1
0
        public static void EncryptContents(string content, string filePath, string password, string key, string iv, int keySize, int chunkSize)
        {
            byte[] ivBytes  = Encoding.Unicode.GetBytes(iv);
            byte[] keyBytes = AesCounterManaged.CreateKey(key, ivBytes, keySize);

            // Set the hashed password if one is provided and modify the key
            if (!string.IsNullOrEmpty(password))
            {
                keyBytes = AesCounterManaged.CreateKey(password, ivBytes, keySize);
            }

            // Encrypt Content
            byte[] data = Encoding.Unicode.GetBytes(content);
            using (MemoryStream ms = new MemoryStream(data))
            {
                AesCounterManaged.EncryptToFile(filePath, ms, chunkSize, keyBytes, ivBytes);
            }
        }
Esempio n. 2
0
        public async Task <IActionResult> ViewPaste(string type, string url, string password)
        {
            Models.Paste paste = _dbContext.Pastes.Where(p => p.Url == url).FirstOrDefault();
            if (paste != null)
            {
                ViewBag.Title       = (string.IsNullOrEmpty(paste.Title)) ? "Untitled Paste" : paste.Title + " | Pastebin";
                ViewBag.Description = "Paste your code or text easily and securely.  Set an expiration, set a password, or leave it open for the world to see.";
                // Increment Views
                paste.Views += 1;
                _dbContext.Entry(paste).State = EntityState.Modified;
                _dbContext.SaveChanges();

                // Check Expiration
                if (PasteHelper.CheckExpiration(paste))
                {
                    DeleteFile(paste);
                    return(new StatusCodeResult(StatusCodes.Status404NotFound));
                }

                PasteViewModel model = new PasteViewModel();
                model.Url        = url;
                model.Title      = paste.Title;
                model.Syntax     = paste.Syntax;
                model.DatePosted = paste.DatePosted;
                model.Username   = paste.User?.Username;

                if (User.Identity.IsAuthenticated && type.ToLower() == "full")
                {
                    Users.Models.User user = UserHelper.GetUser(_dbContext, User.Identity.Name);
                    if (user != null)
                    {
                        model.Vaults = user.Vaults.ToList();
                    }
                }

                byte[] ivBytes  = (string.IsNullOrEmpty(paste.IV)) ? new byte[paste.BlockSize] : Encoding.Unicode.GetBytes(paste.IV);
                byte[] keyBytes = (string.IsNullOrEmpty(paste.Key)) ? new byte[paste.KeySize] : AesCounterManaged.CreateKey(paste.Key, ivBytes, paste.KeySize);

                // The paste has a password set
                if (!string.IsNullOrEmpty(paste.HashedPassword))
                {
                    if (string.IsNullOrEmpty(password))
                    {
                        // Try to get the password from the session
                        password = GetCachedPassword(url);
                    }
                    string hash = string.Empty;
                    if (!string.IsNullOrEmpty(password))
                    {
                        hash     = PasteHelper.HashPassword(paste.Key, password);
                        keyBytes = AesCounterManaged.CreateKey(password, ivBytes, paste.KeySize);
                    }
                    if (string.IsNullOrEmpty(password) || hash != paste.HashedPassword)
                    {
                        PasswordViewModel passModel = new PasswordViewModel();
                        passModel.ActionUrl = Url.SubRouteUrl("p", "Paste.View");
                        passModel.Url       = url;
                        passModel.Type      = type;

                        if (!string.IsNullOrEmpty(password) && hash != paste.HashedPassword)
                        {
                            passModel.Error        = true;
                            passModel.ErrorMessage = "Invalid Password";
                        }

                        // Redirect them to the password request page
                        return(View("~/Areas/Paste/Views/Paste/PasswordNeeded.cshtml", passModel));
                    }
                }

                // Save the password to the cache
                CachePassword(url, password);

                // Read in the file
                if (string.IsNullOrEmpty(paste.FileName))
                {
                    return(new StatusCodeResult(StatusCodes.Status404NotFound));
                }
                string subDir   = paste.FileName[0].ToString();
                string filePath = Path.Combine(_config.PasteConfig.PasteDirectory, subDir, paste.FileName);
                if (!System.IO.File.Exists(filePath))
                {
                    return(new StatusCodeResult(StatusCodes.Status404NotFound));
                }

                using (FileStream fs = new FileStream(filePath, FileMode.Open, FileAccess.Read, FileShare.Read))
                    using (AesCounterStream cs = new AesCounterStream(fs, false, keyBytes, ivBytes))
                        using (StreamReader sr = new StreamReader(cs, Encoding.Unicode))
                        {
                            model.Content = await sr.ReadToEndAsync();
                        }

                switch (type.ToLower())
                {
                case "full":
                    return(View("~/Areas/Paste/Views/Paste/Full.cshtml", model));

                case "simple":
                    return(View("~/Areas/Paste/Views/Paste/Simple.cshtml", model));

                case "raw":
                    return(Content(model.Content, "text/plain"));

                case "download":
                    //Create File
                    var cd = new System.Net.Mime.ContentDisposition
                    {
                        FileName = url + ".txt",
                        Inline   = true
                    };

                    Response.Headers.Add("Content-Disposition", cd.ToString());

                    FileStream fs = new FileStream(filePath, FileMode.Open, FileAccess.Read, FileShare.Read);
                    return(new BufferedFileStreamResult("application/octet-stream", async(response) => await ResponseHelper.StreamToOutput(response, true, new AesCounterStream(fs, false, keyBytes, ivBytes), (int)fs.Length, _config.PasteConfig.ChunkSize), false));

                default:
                    return(View("~/Areas/Paste/Views/Paste/Full.cshtml", model));
                }
            }
            return(new StatusCodeResult(StatusCodes.Status404NotFound));
        }
Esempio n. 3
0
        public async Task <IActionResult> Edit(string url, string password)
        {
            Models.Paste paste = _dbContext.Pastes.Where(p => p.Url == url).FirstOrDefault();
            if (paste != null)
            {
                if (paste.User?.Username != User.Identity.Name)
                {
                    return(new StatusCodeResult(StatusCodes.Status403Forbidden));
                }

                ViewBag.Title       = "Edit Paste";
                ViewBag.Description = "Edit your paste's content.";

                // Check Expiration
                if (PasteHelper.CheckExpiration(paste))
                {
                    DeleteFile(paste);
                    return(new StatusCodeResult(StatusCodes.Status404NotFound));
                }

                PasteViewModel model = new PasteViewModel();
                model.Url        = url;
                model.Title      = paste.Title;
                model.Syntax     = paste.Syntax;
                model.DatePosted = paste.DatePosted;
                model.Username   = paste.User?.Username;

                byte[] ivBytes  = (string.IsNullOrEmpty(paste.IV)) ? new byte[paste.BlockSize] : Encoding.Unicode.GetBytes(paste.IV);
                byte[] keyBytes = (string.IsNullOrEmpty(paste.Key)) ? new byte[paste.KeySize] : AesCounterManaged.CreateKey(paste.Key, ivBytes, paste.KeySize);

                // The paste has a password set
                if (!string.IsNullOrEmpty(paste.HashedPassword))
                {
                    if (string.IsNullOrEmpty(password))
                    {
                        // Try to get the password from the session
                        password = GetCachedPassword(url);
                    }
                    string hash = string.Empty;
                    if (!string.IsNullOrEmpty(password))
                    {
                        hash     = PasteHelper.HashPassword(paste.Key, password);
                        keyBytes = AesCounterManaged.CreateKey(password, ivBytes, paste.KeySize);
                    }
                    if (string.IsNullOrEmpty(password) || hash != paste.HashedPassword)
                    {
                        PasswordViewModel passModel = new PasswordViewModel();
                        passModel.ActionUrl = Url.SubRouteUrl("p", "Paste.Edit");
                        passModel.Url       = url;

                        if (!string.IsNullOrEmpty(password) && hash != paste.HashedPassword)
                        {
                            passModel.Error        = true;
                            passModel.ErrorMessage = "Invalid Password";
                        }

                        // Redirect them to the password request page
                        return(View("~/Areas/Paste/Views/Paste/PasswordNeeded.cshtml", passModel));
                    }
                }

                // Cache the password
                CachePassword(url, password);

                // Read in the file
                if (string.IsNullOrEmpty(paste.FileName))
                {
                    return(new StatusCodeResult(StatusCodes.Status404NotFound));
                }
                string subDir   = paste.FileName[0].ToString();
                string filePath = Path.Combine(_config.PasteConfig.PasteDirectory, subDir, paste.FileName);
                if (!System.IO.File.Exists(filePath))
                {
                    return(new StatusCodeResult(StatusCodes.Status404NotFound));
                }

                using (FileStream fs = new FileStream(filePath, FileMode.Open, FileAccess.Read, FileShare.Read))
                    using (AesCounterStream cs = new AesCounterStream(fs, false, keyBytes, ivBytes))
                        using (StreamReader sr = new StreamReader(cs, Encoding.Unicode))
                        {
                            model.Content = await sr.ReadToEndAsync();
                        }

                return(View("~/Areas/Paste/Views/Paste/Edit.cshtml", model));
            }
            return(new StatusCodeResult(StatusCodes.Status404NotFound));
        }
Esempio n. 4
0
        public async Task <IActionResult> ViewVault(string id)
        {
            Models.Vault foundVault = _dbContext.Vaults.Where(v => v.Url == id).FirstOrDefault();
            if (foundVault != null)
            {
                // Update view count
                foundVault.Views += 1;
                _dbContext.Entry(foundVault).State = EntityState.Modified;
                _dbContext.SaveChanges();

                ViewBag.Title = foundVault.Title + " | Vault";

                VaultViewModel model = new VaultViewModel();
                model.CurrentSub = Subdomain;

                model.Url         = foundVault.Url;
                model.UserId      = foundVault.UserId;
                model.User        = foundVault.User;
                model.Title       = foundVault.Title;
                model.Description = foundVault.Description;
                model.DateCreated = foundVault.DateCreated;
                model.DateEdited  = foundVault.DateEdited;

                if (foundVault.VaultItems.Any())
                {
                    foreach (VaultItem item in foundVault.VaultItems.OrderBy(v => v.Index))
                    {
                        if (item.GetType().BaseType == typeof(UploadVaultItem))
                        {
                            UploadVaultItem upload = (UploadVaultItem)item;
                            // Increment Views
                            upload.Upload.Downloads += 1;
                            _dbContext.Entry(upload.Upload).State = EntityState.Modified;
                            _dbContext.SaveChanges();

                            UploadItemViewModel uploadModel = new UploadItemViewModel();
                            uploadModel.VaultItemId = item.VaultItemId;
                            uploadModel.Title       = item.Title;
                            uploadModel.Description = item.Description;
                            uploadModel.DateAdded   = item.DateAdded;
                            uploadModel.Upload      = upload.Upload;
                            model.Items.Add(uploadModel);
                        }
                        else if (item.GetType().BaseType == typeof(PasteVaultItem))
                        {
                            PasteVaultItem paste = (PasteVaultItem)item;
                            // Increment Views
                            paste.Paste.Views += 1;
                            _dbContext.Entry(paste.Paste).State = EntityState.Modified;
                            _dbContext.SaveChanges();

                            // Check Expiration
                            if (PasteHelper.CheckExpiration(paste.Paste))
                            {
                                _dbContext.Pastes.Remove(paste.Paste);
                                _dbContext.SaveChanges();
                                break;
                            }

                            PasteItemViewModel pasteModel = new PasteItemViewModel();
                            pasteModel.VaultItemId = item.VaultItemId;
                            pasteModel.Title       = item.Title;
                            pasteModel.Description = item.Description;
                            pasteModel.DateAdded   = item.DateAdded;

                            pasteModel.PasteId     = paste.Paste.PasteId;
                            pasteModel.Url         = paste.Paste.Url;
                            pasteModel.DatePosted  = paste.Paste.DatePosted;
                            pasteModel.Syntax      = paste.Paste.Syntax;
                            pasteModel.HasPassword = !string.IsNullOrEmpty(paste.Paste.HashedPassword);

                            if (!pasteModel.HasPassword)
                            {
                                // Read in the file
                                string subDir   = paste.Paste.FileName[0].ToString();
                                string filePath = Path.Combine(_config.PasteConfig.PasteDirectory, subDir, paste.Paste.FileName);
                                if (!System.IO.File.Exists(filePath))
                                {
                                    continue;
                                }

                                byte[] ivBytes  = Encoding.Unicode.GetBytes(paste.Paste.IV);
                                byte[] keyBytes = AesCounterManaged.CreateKey(paste.Paste.Key, ivBytes, paste.Paste.KeySize);
                                using (FileStream fs = new FileStream(filePath, FileMode.Open, FileAccess.Read, FileShare.Read))
                                    using (AesCounterStream cs = new AesCounterStream(fs, false, keyBytes, ivBytes))
                                        using (StreamReader sr = new StreamReader(cs, Encoding.Unicode))
                                        {
                                            pasteModel.Content = await sr.ReadToEndAsync();
                                        }
                            }

                            model.Items.Add(pasteModel);
                        }
                    }
                }

                return(View(model));
            }
            return(new StatusCodeResult(StatusCodes.Status404NotFound));
        }