API tools faq
paste
Advertisement
Guest User

Untitled

a guest
May 31st, 2016
58
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.09 KB | None | 0 0
raw download clone embed print report
  1. public class SecurityModel
  2. {
  3. public string Token { get; set; }
  4. public string PublicKey { get; set; }
  5. }
  6.  
  7. public class EncryptedModel
  8. {
  9. public string Token { get; set; }
  10. public string Encrypted { get; set; }
  11. }
  12.  
  13. [HttpGet]
  14. public async Task<SecurityModel> GeneratePublicKey()
  15. {
  16. var model = new SecurityModel();
  17. using (var generator = new RSACryptoServiceProvider(1024))
  18. {
  19. try
  20. {
  21. var token = Convert.ToBase64String(Guid.NewGuid().ToByteArray());
  22. var keys = generator.ExportParameters(true);
  23. var pemString = generator.GetPublicKeyAsPemString();
  24.  
  25. MemoryCache.Default.Add(token, keys, new CacheItemPolicy
  26. {
  27. AbsoluteExpiration = ObjectCache.InfiniteAbsoluteExpiration,
  28. SlidingExpiration = TimeSpan.FromMinutes(30),
  29. Priority = CacheItemPriority.NotRemovable
  30. });
  31.  
  32. model.Token = token;
  33. model.PublicKey = pemString;
  34. }
  35. finally
  36. {
  37. generator.PersistKeyInCsp = false;
  38. }
  39. }
  40. return model;
  41. }
  42.  
  43. [HttpPost]
  44. public async Task<bool> ReadSensitiveData(EncryptedModel model)
  45. {
  46. using (var generator = new RSACryptoServiceProvider(1024))
  47. {
  48. try
  49. {
  50. var keys = (RSAParameters)MemoryCache.Default.Get(model.Token);
  51. generator.ImportParameters(keys);
  52.  
  53. var binary = Convert.FromBase64String(model.Encrypted);
  54. var decrypted = generator.Decrypt(binary, false);
  55. var sensitive = Encoding.UTF8.GetString(decrypted);
  56.  
  57. return sensitive == "Sensitive Data";
  58. }
  59. finally
  60. {
  61. generator.PersistKeyInCsp = false;
  62. }
  63. }
  64. return false;
  65. }
  66.  
  67. -----BEGIN PUBLIC KEY-----
  68. MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDlOJu6TyygqxfWT7eLtGDwajtN
  69. FOb9I5XRb6khyfD1Yt3YiCgQWMNW649887VGJiGr/L5i2osbl8C9+WJTeucF+S76
  70. xFxdU6jE0NQ+Z+zEdhUTooNRaY5nZiu5PgDB0ED/ZKBUSLKL7eibMxZtMlUDHjm4
  71. gwQco1KRMDSmXSMkDwIDAQAB
  72. -----END PUBLIC KEY-----
  73.  
  74. var encrypt = new JSEncrypt();
  75. var token = "";
  76. var generatePublicKey = function () {
  77. var httpRequest = new XMLHttpRequest();
  78. httpRequest.open('GET', '/api/Security/', true);
  79. httpRequest.responseType = "json";
  80. httpRequest.addEventListener("readystatechange", function (event) {
  81. if (httpRequest.readyState == 4) {
  82. token = httpRequest.response.Token;
  83. encrypt.setPublicKey(httpRequest.response.PublicKey);
  84. sendSensitiveData();
  85. }
  86. });
  87. httpRequest.send();
  88. }
  89.  
  90. var sendSensitiveData = function () {
  91. var sensitive = "Sensitive Data";
  92. var encrypted = encrypt.encrypt(sensitive);
  93.  
  94. var httpRequest = new XMLHttpRequest();
  95. httpRequest.open('POST', '/api/Security/', true);
  96. httpRequest.setRequestHeader("Content-Type", "application/json;charset=UTF-8");
  97. httpRequest.addEventListener("readystatechange", function (event) {
  98. if (httpRequest.readyState == 4) {
  99. console.log(httpRequest);
  100. }
  101. });
  102. httpRequest.send(JSON.stringify({ Token: token, Encrypted: encrypted }));
  103. }
  104.  
  105. generatePublicKey();
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!