public HttpResponseMessage getMessage(string user, [FromBody] GetMessageRequest request)
{
if (UserDAO.Instance.isExists(user))
{
User u = UserDAO.Instance.findByUsername(user);
if (u.messages.Count != 0)
{
//Timestamp prüfen
Double unixtimeDouble = Convert.ToDouble(request.timestamp);
DateTime timestamp = Util.Converter.UnixTimeStampToDateTime(unixtimeDouble)
.AddMinutes(5);
if (DateTime.Now > timestamp)
{
return(Request.CreateResponse(HttpStatusCode.BadRequest, "Timestamp ungültig"));
}
//Inhalt der Anfrage gegen die Signatur prüfen
string publickey = Util.Converter.Base64StringToString(u.pubkey);
if (!VerifyLogic.verifyGetMessageRequest(request.timestamp, u.username, request.dig_sig, publickey))
{
return(Request.CreateResponse(HttpStatusCode.BadRequest, "Signatur ungültig"));
}
//Die erste Nachricht holen
var msg = UserDAO.Instance.getFirstMessage(u);
if (msg != null)
{
MessageResponse msg_r = new MessageResponse();
msg_r.cipher = msg.cipher;
msg_r.iv = msg.iv;
msg_r.key_recipient_enc = msg.key_recipient_enc;
msg_r.sender = msg.sender;
msg_r.sig_recipient = msg.sig_recipient;
UserDAO.Instance.removeMessage(u, msg);
return(Request.CreateResponse(HttpStatusCode.OK, msg_r));
}
}
}
return(new HttpResponseMessage(HttpStatusCode.NotFound));
}
public HttpResponseMessage sendMessage(string user, [FromBody] SendMessageRequest request)
{
if (UserDAO.Instance.isExists(user))
{
User u = UserDAO.Instance.findByUsername(user);
if (UserDAO.Instance.isExists(request.receiver))
{
//Timestamp prüfen
Double unixtimeDouble = Convert.ToDouble(request.timestamp);
DateTime timestamp = Util.Converter.UnixTimeStampToDateTime(unixtimeDouble)
.AddMinutes(5);
//Timestamp prüfen
if (DateTime.Now > timestamp)
{
return(Request.CreateResponse(HttpStatusCode.BadRequest, "Timestamp ungültig"));
}
//Inhalt mit der Signatur prüfen
string publickey = Util.Converter.Base64StringToString(u.pubkey);
if (!VerifyLogic.verifyOuterEnvelope(request.inner_envelope, request.timestamp, request.receiver, request.sig_service, publickey))
{
return(Request.CreateResponse(HttpStatusCode.BadRequest, "Signatur ungültig"));
}
User sender = UserDAO.Instance.findByUsername(user);
User receiver = UserDAO.Instance.findByUsername(request.receiver);
Message msg = new Message();
msg.cipher = request.inner_envelope.cipher;
msg.iv = request.inner_envelope.iv;
msg.key_recipient_enc = request.inner_envelope.key_recipient_enc;
msg.sig_recipient = request.inner_envelope.sig_recipient;
msg.sender = user;
UserDAO.Instance.addMessage(receiver, msg);
return(new HttpResponseMessage(HttpStatusCode.OK));
}
}
return(new HttpResponseMessage(HttpStatusCode.BadRequest));
}
