public async Task ChangeAsymmetricKey() // Not thread-safe { this.ClientState.PrivateKey = this.AsymmetricCryptoProvider.GeneratePrivateKey(); byte[] publicKey = this.AsymmetricCryptoProvider.GetPublicKey(this.ClientState.PrivateKey); byte[] iv = this.SymmetricCryptoProvider.GenerateIv(); SetKeyModel content = new SetKeyModel { Identifier = this.ClientState.Identifier, Key = publicKey, ClientSecret = await this.SymmetricCryptoProvider.EncryptBase64ToBase64Async(this.ClientState.ClientSecret, this.ClientState.RoundKey, iv), Iv = iv }; ServerResponse <SetKeyModel> response = await this.SendAsync <SetKeyModel>(HttpMethod.Put, "api/key/public", content); if (!response.IsSuccessStatusCode) { throw new HmsException(response.ReasonPhrase); } SetKeyModel encryptedLoginModel = response.Content; byte[] encryptedRoundKey = encryptedLoginModel.RoundKey; byte[] roundKey = await this.AsymmetricCryptoProvider.DecryptBytesAsync(encryptedRoundKey, this.ClientState.PrivateKey); this.ClientState.RoundKey = roundKey; }
public async Task <IHttpActionResult> SetPublicKey([FromBody] SetKeyModel model) { if (model?.Identifier == null || model.Key == null) { return(this.BadRequest("Invalid arguments")); } try { if (string.IsNullOrEmpty(model.ClientSecret)) { var clientSecretBytes = new byte[255]; var rnd = new Random(); rnd.NextBytes(clientSecretBytes); var clientSecret = Convert.ToBase64String(clientSecretBytes); model.ClientSecret = clientSecret; } else { var roundKey = await this.GadgetKeysService.GetGadgetRoundKeyAsync(model.Identifier); model.ClientSecret = await this.SymmetricCryptoProvider.DecryptBase64ToBase64Async(model.ClientSecret, roundKey, model.Iv); } await this.GadgetKeysService.SetGadgetPublicKeyAsync(model.Identifier, model.ClientSecret, model.Key); var newRoundKey = this.SymmetricCryptoProvider.GenerateKey(); model.RoundKey = newRoundKey; await this.GadgetKeysService.SetGadgetRoundKeyAsync(model.Identifier, model.ClientSecret, newRoundKey); var encryptedSecretBytes = await this.AsymmetricCryptoProvider.EncryptBytesAsync(Convert.FromBase64String(model.ClientSecret), model.Key); var encryptedSecret = Convert.ToBase64String(encryptedSecretBytes); var encryptedRoundKey = await this.AsymmetricCryptoProvider.EncryptBytesAsync(model.RoundKey, model.Key); model.ClientSecret = encryptedSecret; model.RoundKey = encryptedRoundKey; return(this.Ok(model)); } catch (Exception e) { return(this.BadRequest(e.Message)); } }
public async Task <ActionResult> SetKey(SetKeyModel model) { this.CheckUser(); if (ModelState.IsValid) { if (!ViewBag.IsAdmin) { ModelState.AddModelError("", "Sorry, you do not have permission to change the firebase key"); } else { try { var context = this.HttpContext.GetOwinContext(); var db = context.Get <ApplicationDbContext>(); var table = db.Config; SharedAppConfig config = await table.FindAsync("ApiKey"); if (config == null) { config = new SharedAppConfig() { Id = "ApiKey", Value = model.ApiKey }; table.Add(config); } else { config.Value = model.ApiKey; } await db.SaveChangesAsync(); model.Result = "updated"; } catch (Exception ex) { model.Result = ex.Message; } } } // If we got this far, something failed, redisplay form return(View(model)); }
private async Task EnsureKeysInitializationAsync() { if (!this.IsInitialized) { await InitializationSemaphore.WaitAsync(); if (!this.IsInitialized) { try { this.ClientState.Identifier = Guid.NewGuid().ToString(); this.ClientState.PrivateKey = this.AsymmetricCryptoProvider.GeneratePrivateKey(); byte[] publicKey = this.AsymmetricCryptoProvider.GetPublicKey(this.ClientState.PrivateKey); SetKeyModel content = new SetKeyModel { Identifier = this.ClientState.Identifier, Key = publicKey }; ServerResponse <SetKeyModel> result = await this.SendAsync <SetKeyModel>(HttpMethod.Put, "api/key/public", content, false); if (!result.IsSuccessStatusCode) { throw new HmsException(result.ReasonPhrase); } SetKeyModel setKeyModel = result.Content; string clientSecret = await this.AsymmetricCryptoProvider.DecryptBase64ToBase64Async(setKeyModel.ClientSecret, this.ClientState.PrivateKey); this.ClientState.RoundKey = await this.AsymmetricCryptoProvider.DecryptBytesAsync(setKeyModel.RoundKey, this.ClientState.PrivateKey); this.ClientState.ClientSecret = clientSecret; this.IsInitialized = true; } finally { InitializationSemaphore.Release(); } } } }