public void CryptoTest()
{
var input = "11234567890kjhgfdsaqwertzuiomnbvcxywertzuio8ztrfdxy34r5tzhuj!%&WDFCVZUJKOIJHNk098u7ztrfdä#ölkjh";
var key = "<RSAKeyValue><Modulus>jApiPKqlogJQ+z1OOiFqFfxpwK54o8wqhNKQ6rZ9BuUPIwYcVyaVON98M7i8kcaecLfnnQGgzoXy/PNUEH+BeKevz6qa5y3nRWkKDaBJH+2QFcmKhxJ4RBAkGVbWMzRyQb4IvAy6W5btUJWs/9lNskrxINAP3Q2/dvofaido+9KEFc9ubToMQaAxA/SXEFy0fDHTp+uEhFPESef0EFvCtmIAxUVqep3loo2XqKOhF+aqZgpY8y2QLp0koe8AJuE+BH194fJZc1kgMnbxdAEEZP0smHJ0VhfFMCBpzyvgGQWT8OiSOsmH1RUW+YzoWiVtAbtK5eMw27/uUxSDLiSpgQ==</Modulus><Exponent>AQAB</Exponent><P>wSJjw5aGPQqq22BR+oyGNoWHTS+FelF1hVggPauMIQBBQnMxkiNukPzxXfTXI6U1DHV8yohRddn3RfvMnDXyMDSUmiYhvEKPv0+Ko91pDEW7NBC0lF2ivRLRSVNN7ymqGxuHLZl9L8cGZbAd3kcOved2kwIpCTjIBZPF9FvO6W0=</P><Q>uZ/D4uFjN/TNGigBEMDnLC/QKvaKk6k5okvD5nucrZ4E4uZciTSCNVovGPUcVHaF8yVGyr2/Q/HJFqhYiVtJW0dgrgW2MGNH1zkuGdAIOWfXIJJ98OYjbSalmfdfH+Kvm2EMeobRzO2sgiXyk5FcXjVE9qv6lHsnO7aPo+vPZ+U=</Q><DP>pEohvW5dMK3TW5wbAFvri5OY3fLPw5Zptw2ZF3zHTgdOfD1LbLoRQuq4U6mEHUFa2AdVKWA+k1bf/rtMeZF2PMVtp5dKWT/x0dbS48PjqVnj/k07n33rgpTwTUS85fZ2SmrnWcXYdP0DlxryvXOKucac2j8bM0oG9J+Y4935LB0=</DP><DQ>LI5H48a8HStarAOcNdxH4Rhc/GMPYmBFYEqVbFaRhi8e9yPaZGjBNHNASNpVAYUto+53rqSbK4D3BsRD9DyAQDPC5iKi17yM+wFTqoh/4N+nCL+BEXj8We/j4jA5mhq8kixaZXLFG06VkOvw7TEAHfDla9xeGpPxF+k7U1p//20=</DQ><InverseQ>AM+xNS08+xznvloPJSwrOTPXbRYgJwM0pedDT3xWxQ1PhuO9uy0XtoVbsOnsmZ34liUamkXbmUMkmtgc4545lxIGkhvsh+pmbTShBtnn+nKYDRE5/pgmOjGVG7jILb4xpqh7jylS+1wqlxmOIDK2nzVW1e8DJ2XX6gtZw4SJifw=</InverseQ><D>PSUfhYug7F8Eit5WtKz4TAc9CYNka2huvDXQTptFdeg3trwpTagsCXwTF+Y2d5P4hBDYUUZvtxznXqjD8LwrhMn6yrqcDgqN61GUsSRmKUmp2sl38cgPuPAvQt0Wg58HsErQN4N7Lxh0H/ZqZf+0m/96zy/pbURecA1///KbNTAtWVhtx1/b22gDqNR9WKzz0NZwk/+F/01flGEfu5ui1o/7O0n7hJGAk4dff8Mc8hYC6eTI9WIc/WeW7unexe5mSJTols1s6kIAIJxKsQz8YcuF5bB3q1D0T3TvphRVJKo59FxLJyqQaqBUIrNqbvQx8/rzm2rLTtwfYS0zFVpdUQ==</D></RSAKeyValue>";
var publicOnly = SimpleCrypto.ExtractPublic(key);
Assert.AreEqual(input, SimpleCrypto.DecryptString(SimpleCrypto.EncryptString(input, key), key));
Assert.AreEqual(input, SimpleCrypto.DecryptString(SimpleCrypto.EncryptString(input, publicOnly), key));
key = SimpleCrypto.GenerateNewKey(2048);
publicOnly = SimpleCrypto.ExtractPublic(key);
Assert.AreEqual(input, SimpleCrypto.DecryptString(SimpleCrypto.EncryptString(input, key), key));
Assert.AreEqual(input, SimpleCrypto.DecryptString(SimpleCrypto.EncryptString(input, publicOnly), key));
for (var i = 0; i < 5; i++)
{
input += input;
}
Assert.AreEqual(input, SimpleCrypto.DecryptString(SimpleCrypto.EncryptString(input, key), key));
Assert.AreEqual(input, SimpleCrypto.DecryptString(SimpleCrypto.EncryptString(input, publicOnly), key));
input = "1234567890";
Assert.AreEqual(input, SimpleCrypto.DecryptString(SimpleCrypto.EncryptString(input, publicOnly), key));
////key = SimpleCrypto.GenerateNewKey(4096);
////publicOnly = SimpleCrypto.ExtractPublic(key);
////Assert.AreEqual(input, SimpleCrypto.DecryptString(SimpleCrypto.EncryptString(input, key), key));
////Assert.AreEqual(input, SimpleCrypto.DecryptString(SimpleCrypto.EncryptString(input, key), publicOnly));
}
public ActionResult Unsubscribe()
{
var id = RouteData.Values["id"];
if (id != null)
{
// we encrypted the email in the url so we need to grab it then decrypt it
string sEncryptedEmail = id.ToString();
string sDecrypted = SimpleCrypto.Decrypt(sEncryptedEmail) ?? "";
SiteDB db = new SiteDB();
var itemToDelete = db.NotifiedList.FirstOrDefault(item => !string.IsNullOrEmpty(item.Email) && item.Email.ToLower() == sDecrypted.ToLower());
// we try to delete the item if its there.
if (itemToDelete != null)
{
db.NotifiedList.Remove(itemToDelete);
db.SaveChanges();
}
}
// no matter what we return a success. The user doesn't care if the unsubscribe doesn't work.
return(View());
}
protected string CreatePValueId()
{
SimpleCrypto crypt = new SimpleCrypto();
string pValueId = String.Format("{0}&{1}", SessionGuid, HangoutUserId);
string pValueIdEncrypt = crypt.TDesEncrypt(pValueId);
return(pValueIdEncrypt);
}
protected void btnSubmit_Click(object sender, EventArgs e)
{
SimpleCrypto crypt = new SimpleCrypto();
string url = "~/PurchaseGw.aspx?p=";
string urlParams = String.Format("{0}&{1}", mSessionGuid, hUid.Text);
string urlParamsEncrypt = crypt.TDesEncrypt(urlParams);
Response.Redirect(url + urlParamsEncrypt);
}
/// <summary>
/// Main execution method
/// </summary>
/// <param name="args">
/// The args are ignored.
/// </param>
public static void Main(string[] args)
{
var key = File.ReadAllText("PrivateKey.xml");
Directory.GetFiles(Properties.Settings.Default.DataFolder, "????-??-??-??-??-??-*.xml").ForEach(
x => ExceptionHandler.Suppress(
() =>
{
Console.WriteLine("decrypting {0}...", x);
File.WriteAllText(x, SimpleCrypto.DecryptString(File.ReadAllText(x), key));
Console.WriteLine("finished {0}.", x);
},
(FormatException ex) => true));
}
public static string GetHttpValue(string key)
{
SimpleCrypto cryptographer = new SimpleCrypto();
/// searches the current httpcontext for the key
/// checks first for the key in the url variables, then in the form variables
HttpContext context = HttpContext.Current;
string urlarg = context.Request.QueryString[key];
string formarg = context.Request.Form[key];
bool encryped = false;
if (context.Request.QueryString["encrypted"] != null || context.Request.Form["encrypted"] != null)
{
if (context.Request.HttpMethod == "GET")
{
encryped = context.Request.QueryString["encrypted"].ToLower().Equals("true");
}
else
{
encryped = context.Request.Form["encrypted"].ToLower().Equals("true");
}
}
if (urlarg != null)
{
if (!encryped)
{
return(urlarg);
}
else
{
return(cryptographer.TDesDecrypt(urlarg));
}
}
else if (formarg != null)
{
if (!encryped)
{
return(formarg);
}
else
{
return(cryptographer.TDesDecrypt(formarg));
}
}
else
{
return(null);
}
}
private void SendPostedEmail(string email, BlogPost post)
{
EmailHelpers.SendEmail(
new System.Net.Mail.MailMessage(EmailHelpers.SEND_EMAIL_ADDRESS, email)
{
Subject = "Miracles for Mito New Blog Post!",
Body = "The Miracles for Mito Blog team has posted a new blog post, <a title=\"Click here to visit the Miracles for Mito Blog\" href=\"" +
(string.Format("~/Blog/Post/{0}", post.SEOLink)).ToAbsoluteUrl() +
"\">" + post.Title + "</a>.<br/><br/>" +
@"Sincerely,<br/>
The Miracles for Mito Dev Team<br/><br/>" +
"<a href=\"" + (string.Format("~/Unsubscribe/{0}", SimpleCrypto.Encrypt(email))).ToAbsoluteUrl() + "\">Click here to unsubscribe from these emails</a>",
IsBodyHtml = true
}
);
}
/// <summary>
/// Write to the debug log key value pairs, encrptying the the values in the itemsToEncrypt array
/// </summary>
/// <param name="service">The name of the service being called</param>
/// <param name="keyValues">Dictionary containing the key value pairs to write to the log.</param>
/// <param name="itemsToEncrypt">The string array of key items to encrypt</param>
protected void DebugLogEncryptList(string service, Dictionary <string, string> keyValues, string[] itemsToEncrypt)
{
Dictionary <string, string> debugKeyValues = new Dictionary <string, string>();
foreach (KeyValuePair <string, string> kvp in keyValues)
{
if (IsKeyEncrypt(kvp.Key, itemsToEncrypt))
{
SimpleCrypto crypt = new SimpleCrypto();
debugKeyValues[kvp.Key] = crypt.TDesEncrypt(kvp.Value);
}
else
{
debugKeyValues[kvp.Key] = kvp.Value;
}
}
DebugLog(service, debugKeyValues);
}
public static NameValueCollection GetHttpValueArray(HttpContext context)
{
SimpleCrypto cryptographer = new SimpleCrypto();
bool encryped = false;
NameValueCollection HttpValues = null;
if (context.Request.QueryString["encrypted"] != null || context.Request.Form["encrypted"] != null)
{
encryped = context.Request.QueryString["encrypted"].ToLower().Equals("true");
}
HttpValues = new NameValueCollection();
foreach (string key in context.Request.QueryString.AllKeys)
{
if (encryped && (key != "encrypted"))
{
HttpValues.Add(key, cryptographer.TDesDecrypt(context.Request.QueryString.Get(key)));
}
else
{
HttpValues.Add(key, context.Request.QueryString.Get(key));
}
}
foreach (string key in context.Request.Form.AllKeys)
{
if (encryped && (key != "encrypted"))
{
HttpValues.Add(key, cryptographer.TDesDecrypt(context.Request.Form.Get(key)));
}
else
{
HttpValues.Add(key, context.Request.Form.Get(key));
}
}
return(HttpValues);
}
protected string[] GetUserInfoFromSecureInfo(string secureInfo)
{
SimpleCrypto crypt = new SimpleCrypto();
string[] returnValueArray = new string[4];
string values = crypt.TDesDecrypt(secureInfo);
string[] valuesArray = values.Split('&');
returnValueArray[0] = valuesArray[0]; //SessionId
returnValueArray[1] = valuesArray[1]; //Hangout userId
PaymentItemsRequest request = new PaymentItemsRequest();
XmlDocument userInformation = request.GetTheUserInformationFromHangoutId(valuesArray[1], BaseServicesRoot);
if (userInformation.SelectSingleNode("/Accounts/Account") != null)
{
returnValueArray[2] = userInformation.SelectSingleNode("/Accounts/Account").Attributes["PIAccountId"].InnerText;
returnValueArray[3] = userInformation.SelectSingleNode("/Accounts/Account").Attributes["PISecureKey"].InnerText;
}
return(returnValueArray);
}
/// <summary>
/// Sends an exception file if the configuration does permit this to the configured WCF service.
/// The public portion of the encryption key (2048 Bit RSA) is read from the service. There is
/// currently no check if the encryption key is authentic - if someone did manipulate your
/// configuration, she/he can implement the same type of service and send a different key, so
/// that she/he can decrypt the information.
/// <para>
/// If you want to, you can simply generate a new key pair, compile the service (which is
/// part of this solution) and provide such an exception service by yourself.
/// </para>
/// <remarks>
/// The file is encrypted using 2048-bit RSA key. This sounds strong, but was implemented by a
/// non-crypto-programmer: me. So don't be surprised if I did a very silly line of code that totally
/// broke my encryption class - but inform me if I did so (and also how to fix it).
/// </remarks>
/// </summary>
/// <param name="fileName">
/// the file to be sent
/// </param>
private static void SendFile(string fileName)
{
var content = File.ReadAllText(fileName);
// ask the user if it's ok to send exception information
if (UserInterface == null || !UserInterface.AskForConfirmSendingException(content))
{
return;
}
// create a new service client
var sender = new ExceptionServiceClient();
// todo: encryption - in this case we should use public key encryption
// send the information and currently don't care about rejected messages
try
{
var key = sender.GetEncryptionKey();
content = SimpleCrypto.EncryptString(content, key);
sender.WriteExceptionData(content);
}
catch (ProtocolException ex)
{
var x = ex.InnerException as System.Net.WebException;
var r = x == null ? null : x.Response as System.Net.HttpWebResponse;
if (r != null && r.StatusCode == System.Net.HttpStatusCode.ProxyAuthenticationRequired)
{
var proxyCredentials = new Credentials();
var wp = System.Net.WebRequest.DefaultWebProxy;
var logonCredentialRequest = new LogonCredentialRequest(
proxyCredentials,
string.Format(
CultureInfo.CurrentCulture,
"The proxy server needs your credentials to receive content from {0}.",
sender.InnerChannel.RemoteAddress.Uri),
sender.InnerChannel.RemoteAddress.Uri.ToString());
if (UserInterface.AskForLogOnCredentials(logonCredentialRequest))
{
if (string.IsNullOrEmpty(proxyCredentials.LogOnDomain))
{
wp.Credentials = new NetworkCredential(
proxyCredentials.LogOnUserId, proxyCredentials.LogOnPassword);
}
else
{
wp.Credentials = new NetworkCredential(
proxyCredentials.LogOnUserId,
proxyCredentials.LogOnPassword,
proxyCredentials.LogOnDomain);
}
sender.WriteExceptionData(content);
logonCredentialRequest.SaveCredentials();
}
return;
}
throw;
}
}
