public async Task <IActionResult> SignMessage([FromQuery] string Message, [FromHeader] string APIKey) { try { #region Register Log var user = await UserDatabaseAccess.GetUser(APIKey, base._context); string Method = this.HttpContext.Request.Method; string Path = this.HttpContext.Request.Path; var logString = user.Role + " requested " + Method + " " + Path; await UserDatabaseAccess.AddLog(logString, user, base._context); #endregion if (Message == null) { throw new Exception(); } var byteMessage = Encoding.ASCII.GetBytes(Message); var signedData = _RSA.SignData(byteMessage, new SHA1CryptoServiceProvider()); var hexMessage = EncryptionHelper.ByteArrayToHexString(signedData, true); return(StatusCode(200, hexMessage)); } catch (Exception) { return(StatusCode(400, "Bad Request")); } }
public async Task <IActionResult> GetSHA256([FromQuery] string message, [FromHeader] string APIKey) { try { #region Register Log var authUser = await UserDatabaseAccess.GetUser(APIKey, base._context); string Method = this.HttpContext.Request.Method; string Path = this.HttpContext.Request.Path; var Log = authUser.Role + " requested " + Method + " " + Path; await UserDatabaseAccess.AddLog(Log, authUser, base._context); #endregion if (message == null) { throw new Exception(); } SHA256 SHA1Provider = new SHA256CryptoServiceProvider(); byte[] ASCIIByteMessage = Encoding.ASCII.GetBytes(message); byte[] SHA1ByteMessage = SHA1Provider.ComputeHash(ASCIIByteMessage); string Encrypted = EncryptionHelper.ByteArrayToHexString(SHA1ByteMessage, false); return(StatusCode(200, Encrypted.ToUpper())); } catch (Exception) { return(StatusCode(400, "Bad Rquest")); } }
public async Task <IActionResult> GetPublicKey([FromHeader] string APIKey) { try { #region Register Log var user = await UserDatabaseAccess.GetUser(APIKey, base._context); string Method = this.HttpContext.Request.Method; string Path = this.HttpContext.Request.Path; var logString = user.Role + " requested " + Method + " " + Path; await UserDatabaseAccess.AddLog(logString, user, base._context); #endregion _RSA.ExportParameters(false); string xmlKey = _RSA.ToXmlStringCore22(false); return(StatusCode(200, xmlKey)); } catch (Exception) { return(StatusCode(400, "Bad Request")); } }
public async Task <ActionResult <User> > DeleteUser([FromHeader] string APIKey, [FromQuery] string userName) { try { if (await UserDatabaseAccess.APIKeyExists(APIKey, base._context)) { var user = await UserDatabaseAccess.GetUser(APIKey, base._context); #region Registering UserLog string Method = this.HttpContext.Request.Method; string Path = this.HttpContext.Request.Path; var logString = user.Role + " requested " + Method + " " + Path; await UserDatabaseAccess.AddLog(logString, user, base._context); #endregion if (user.ApiKey == APIKey && user.UserName == userName) { await UserDatabaseAccess.BackupLog(APIKey, base._context); await UserDatabaseAccess.RemoveUser(user, base._context); return(StatusCode(200, true)); } } throw new Exception(); } catch (Exception) { return(StatusCode(200, false)); } }
public async Task <IActionResult> AddFifty([FromQuery] string encryptedInteger, [FromQuery] string encryptedSymKey, [FromQuery] string encryptedIV, [FromHeader] string APIKey) { #region Register Log var user = await UserDatabaseAccess.GetUser(APIKey, base._context); string Method = this.HttpContext.Request.Method; string Path = this.HttpContext.Request.Path; var logString = user.Role + " requested " + Method + " " + Path; await UserDatabaseAccess.AddLog(logString, user, base._context); #endregion try { if (encryptedInteger == null || encryptedSymKey == null || encryptedIV == null) { throw new Exception(); } byte[] byteInteger = EncryptionHelper.HexaStringToByteArray(encryptedInteger); byte[] byteAESKey = EncryptionHelper.HexaStringToByteArray(encryptedSymKey); byte[] byteAESIV = EncryptionHelper.HexaStringToByteArray(encryptedIV); var decryptedInt = _RSA.Decrypt(byteInteger, true); var decryptedAESKey = _RSA.Decrypt(byteAESKey, true); var decryptedAESIV = _RSA.Decrypt(byteAESIV, true); var aesProvider = new AesCryptoServiceProvider(); aesProvider.IV = decryptedAESIV; aesProvider.Key = decryptedAESKey; int originalInt = BitConverter.ToInt32(decryptedInt, 0) + 50; byte[] encryptedResponse = await EncryptionHelper.EncryptAES(originalInt.ToString(), aesProvider); var hexResponse = EncryptionHelper.ByteArrayToHexString(encryptedResponse, true); return(StatusCode(200, hexResponse)); } catch (Exception) { return(StatusCode(400, "Bad Request")); } }
public async Task <IActionResult> UpdateRole([FromBody] User updateUser, [FromHeader] string APIKey) { try { //if (updateUser.UserName == "" || updateUser.Role == "") // throw new Exception("NOT DONE: An error occured"); var userExists = await UserDatabaseAccess.UserExists(updateUser.UserName, base._context); if (!userExists) { throw new Exception("NOT DONE: Username does not exist"); } var user = await UserDatabaseAccess.GetUserWithName(updateUser.UserName, base._context); string[] allowedRoles = { "Admin", "User" }; if (!allowedRoles.Contains(updateUser.Role)) { throw new Exception("NOT DONE: Role does not exist"); } else if (allowedRoles.Contains(updateUser.Role)) { await UserDatabaseAccess.ChangeRole(updateUser, user, _context); var authUser = await UserDatabaseAccess.GetUser(APIKey, base._context); string Method = this.HttpContext.Request.Method; string Path = this.HttpContext.Request.Path; var Log = authUser.Role + " requested " + Method + " " + Path; await UserDatabaseAccess.AddLog(Log, authUser, base._context); return(StatusCode(200, "DONE")); } throw new Exception("NOT DONE: An error occured"); } catch (Exception e) { return(StatusCode(400, e.Message)); } }
public async Task <IActionResult> GetHello([FromHeader] string APIKey) { try { var user = await UserDatabaseAccess.GetUser(APIKey, base._context); #region Register Log string Method = this.HttpContext.Request.Method; string Path = this.HttpContext.Request.Path; var Log = user.Role + " requested " + Method + " " + Path; await UserDatabaseAccess.AddLog(Log, user, base._context); #endregion string Result = "Hello " + user.UserName; return(StatusCode(200, Result)); } catch (Exception) { return(StatusCode(400, "Bad Request")); } }