public void ChangeUserPassword(string id, string password) { if (string.IsNullOrEmpty(id)) { throw new ArgumentNullException(ExMessage.MustNotBeNullOrEmpty(nameof(id))); } if (string.IsNullOrEmpty(password)) { throw new ArgumentNullException(ExMessage.MustNotBeNullOrEmpty(nameof(password))); } password = CryptographicHelper.Hash(password); _repository.ModifyPassword(id, password); }
public Tuple <bool, bool> CheckForAuthandInt(Guid id) { bool isDistinct = true; bool isVerified = true; SubmissionViewModel submission = _assignmentsService.GetSubmission(id); var submissions = _assignmentsService.GetSubmissions(submission.Assignment.Id); MemberViewModel teacher = _membersService.GetMember(submission.Member.TeacherEmail); byte[] key = CryptographicHelper.AsymmetricDecrypt( Convert.FromBase64String(submission.SymmetricKey), teacher.PrivateKey); byte[] iv = CryptographicHelper.AsymmetricDecrypt( Convert.FromBase64String(submission.SymmetricIV), teacher.PrivateKey); foreach (SubmissionViewModel sub in submissions) { if (sub.FileHash == submission.FileHash && sub.Member.Email != submission.Member.Email) { TempData["warning"] += "Assignment is identical to " + sub.Member.Email + "'s assignment!\n"; isDistinct = false; } } if (!CryptographicHelper.VerifySignature( CryptographicHelper.SymmetricDecrypt( Convert.FromBase64String(submission.Signature), key, iv), CryptographicHelper.Hash(GetDecryptedAssignment(id)), submission.Member.PublicKey)) { isVerified = false; } return(new Tuple <bool, bool>(isDistinct, isVerified)); }
public string AddUser(OrgUser dto) { var user = _repository.FindByAccount(dto.Account); if (user != null) { throw new NonUniqueException($"user account must be unique,account={dto.Account}"); } user = _repository.FindByCode(dto.Code); if (user != null) { throw new NonUniqueException($"user code must be unique,code={dto.Code}"); } dto.Id = ConfigHelper.NewGuid; dto.Password = CryptographicHelper.Hash(ConfigHelper.DefaultUserPwd); dto.State = (int)UserState.Normal; if (string.IsNullOrEmpty(dto.Code)) { dto.Code = dto.Id; } _repository.Add(dto); return(dto.Id); }
public IActionResult SubmitAssignment(IFormFile file) { var assignment = _assignmentsService.GetAssignment(Guid.Parse(CryptographicHelper.SymmetricDecrypt(Request.Cookies["Assignment"]))); ViewBag.Assignment = assignment; if (file != null) { Stream stream = file.OpenReadStream(); int firstByte = stream.ReadByte(); int secondByte = stream.ReadByte(); int thirdByte = stream.ReadByte(); int fourthByte = stream.ReadByte(); stream.Position = 0; //If the file passes the following check, a submission is created with user credentials if (firstByte == 37 && secondByte == 80 && thirdByte == 68 && fourthByte == 70 && Path.GetExtension(file.FileName) == ".pdf") { SubmissionViewModel submission = new SubmissionViewModel(); submission.Member = _membersService.GetMember(User.Identity.Name); Tuple <byte[], byte[]> keys = CryptographicHelper.GenerateKeys(); MemberViewModel teacher = _membersService.GetMember(submission.Member.TeacherEmail); string encryptedKey = Convert.ToBase64String(CryptographicHelper.AsymmetricEncrypt(keys.Item1, teacher.PublicKey)); string encryptedIv = Convert.ToBase64String(CryptographicHelper.AsymmetricEncrypt(keys.Item2, teacher.PublicKey)); submission.SymmetricKey = encryptedKey; submission.SymmetricIV = encryptedIv; submission.Assignment = _assignmentsService.GetAssignment(assignment.Id); string absolutePath = _host.WebRootPath + @"\..\ProtectedFiles\"; string uniqueName = Guid.NewGuid().ToString() + Path.GetExtension(file.FileName); using (MemoryStream ms = new MemoryStream()) { stream.CopyTo(ms); ms.Position = 0; submission.FileHash = Convert.ToBase64String(CryptographicHelper.Hash(ms.ToArray())); var signature = CryptographicHelper.GenerateSignature(Convert.FromBase64String(submission.FileHash), submission.Member.PrivateKey); submission.Signature = Convert.ToBase64String(CryptographicHelper.SymmetricEncrypt( signature, keys.Item1, keys.Item2)); System.IO.File.WriteAllBytes(absolutePath + uniqueName, CryptographicHelper.SymmetricEncrypt( ms.ToArray(), keys.Item1, keys.Item2 ) ); } submission.FilePath = absolutePath + uniqueName; _assignmentsService.AddSubmission(submission); TempData["info"] = "File accepted"; return(RedirectToAction("index")); } else { TempData["warning"] = "File is not valid, only PDF allowed"; return(View()); } } else { TempData["warning"] = "Please upload a file"; return(View()); } }