public IActionResult SubmitAssignment(IFormFile file) { var assignment = _assignmentsService.GetAssignment(Guid.Parse(CryptographicHelper.SymmetricDecrypt(Request.Cookies["Assignment"]))); ViewBag.Assignment = assignment; if (file != null) { Stream stream = file.OpenReadStream(); int firstByte = stream.ReadByte(); int secondByte = stream.ReadByte(); int thirdByte = stream.ReadByte(); int fourthByte = stream.ReadByte(); stream.Position = 0; //If the file passes the following check, a submission is created with user credentials if (firstByte == 37 && secondByte == 80 && thirdByte == 68 && fourthByte == 70 && Path.GetExtension(file.FileName) == ".pdf") { SubmissionViewModel submission = new SubmissionViewModel(); submission.Member = _membersService.GetMember(User.Identity.Name); Tuple <byte[], byte[]> keys = CryptographicHelper.GenerateKeys(); MemberViewModel teacher = _membersService.GetMember(submission.Member.TeacherEmail); string encryptedKey = Convert.ToBase64String(CryptographicHelper.AsymmetricEncrypt(keys.Item1, teacher.PublicKey)); string encryptedIv = Convert.ToBase64String(CryptographicHelper.AsymmetricEncrypt(keys.Item2, teacher.PublicKey)); submission.SymmetricKey = encryptedKey; submission.SymmetricIV = encryptedIv; submission.Assignment = _assignmentsService.GetAssignment(assignment.Id); string absolutePath = _host.WebRootPath + @"\..\ProtectedFiles\"; string uniqueName = Guid.NewGuid().ToString() + Path.GetExtension(file.FileName); using (MemoryStream ms = new MemoryStream()) { stream.CopyTo(ms); ms.Position = 0; submission.FileHash = Convert.ToBase64String(CryptographicHelper.Hash(ms.ToArray())); var signature = CryptographicHelper.GenerateSignature(Convert.FromBase64String(submission.FileHash), submission.Member.PrivateKey); submission.Signature = Convert.ToBase64String(CryptographicHelper.SymmetricEncrypt( signature, keys.Item1, keys.Item2)); System.IO.File.WriteAllBytes(absolutePath + uniqueName, CryptographicHelper.SymmetricEncrypt( ms.ToArray(), keys.Item1, keys.Item2 ) ); } submission.FilePath = absolutePath + uniqueName; _assignmentsService.AddSubmission(submission); TempData["info"] = "File accepted"; return(RedirectToAction("index")); } else { TempData["warning"] = "File is not valid, only PDF allowed"; return(View()); } } else { TempData["warning"] = "Please upload a file"; return(View()); } }