The next generation of the Teknik Services. Written in ASP.NET.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 

188 lines
8.1 KiB

using System;
using System.Collections.Generic;
using System.Linq;
using System.Security.Cryptography;
using System.Text;
using System.Web;
using System.Web.Mvc;
using Teknik.Areas.Error.Controllers;
using Teknik.Areas.Paste.ViewModels;
using Teknik.Controllers;
using Teknik.Helpers;
using Teknik.Models;
namespace Teknik.Areas.Paste.Controllers
{
public class PasteController : DefaultController
{
private TeknikEntities db = new TeknikEntities();
[AllowAnonymous]
public ActionResult Index()
{
ViewBag.Title = Config.Title + " Paste";
PasteCreateViewModel model = new PasteCreateViewModel();
return View(model);
}
[AllowAnonymous]
public ActionResult ViewPaste(string type, string url, string password)
{
Models.Paste paste = db.Pastes.Where(p => p.Url == url).FirstOrDefault();
if (paste != null)
{
PasteViewModel model = new PasteViewModel();
model.Url = url;
model.Content = paste.Content;
model.Title = paste.Title;
model.Syntax = paste.Syntax;
model.DatePosted = paste.DatePosted;
// The paste has a password set
if (!string.IsNullOrEmpty(paste.HashedPassword))
{
if (string.IsNullOrEmpty(password) || Helpers.SHA384.Hash(paste.Key, password) != paste.HashedPassword)
{
PasswordViewModel passModel = new PasswordViewModel();
passModel.Url = url;
passModel.CallingAction = Url.SubRouteUrl("paste", "Paste.View");
// Redirect them to the password request page
return View("~/Areas/Paste/Views/Paste/PasswordNeeded.cshtml", passModel);
}
// Now we decrypt the content
byte[] data = Encoding.Unicode.GetBytes(paste.Content);
byte[] ivBytes = Encoding.Unicode.GetBytes(paste.IV);
byte[] keyBytes = AES.CreateKey(password, ivBytes, paste.KeySize);
byte[] encData = AES.Decrypt(data, keyBytes, ivBytes);
model.Content = Encoding.Unicode.GetString(encData);
}
return View("~/Areas/Paste/Views/Paste/" + type + ".cshtml", model);
}
return Redirect(Url.SubRouteUrl("error", "Error.Http404"));
}
[AllowAnonymous]
public ActionResult Raw(string url, string password)
{
Models.Paste paste = db.Pastes.Where(p => p.Url == url).FirstOrDefault();
if (paste != null)
{
string content = paste.Content;
// The paste has a password set
if (!string.IsNullOrEmpty(paste.HashedPassword))
{
if (string.IsNullOrEmpty(password) || Helpers.SHA384.Hash(paste.Key, password) != paste.HashedPassword)
{
PasswordViewModel passModel = new PasswordViewModel();
passModel.Url = url;
passModel.CallingAction = Url.SubRouteUrl("paste", "Paste.Raw");
// Redirect them to the password request page
return View("~/Areas/Paste/Views/Paste/PasswordNeeded.cshtml", passModel);
}
// Now we decrypt the content
byte[] data = Encoding.Unicode.GetBytes(paste.Content);
byte[] ivBytes = Encoding.Unicode.GetBytes(paste.IV);
byte[] keyBytes = AES.CreateKey(password, ivBytes, paste.KeySize);
byte[] encData = AES.Decrypt(data, keyBytes, ivBytes);
content = Encoding.Unicode.GetString(encData);
}
return Content(content, "text/plain");
}
return Redirect(Url.SubRouteUrl("error", "Error.Http404"));
}
[AllowAnonymous]
public ActionResult Download(string url, string password)
{
Models.Paste paste = db.Pastes.Where(p => p.Url == url).FirstOrDefault();
if (paste != null)
{
byte[] fileData = Encoding.Unicode.GetBytes(paste.Content);
// The paste has a password set
if (!string.IsNullOrEmpty(paste.HashedPassword))
{
if (string.IsNullOrEmpty(password) || Helpers.SHA384.Hash(paste.Key, password) != paste.HashedPassword)
{
PasswordViewModel passModel = new PasswordViewModel();
passModel.Url = url;
passModel.CallingAction = Url.SubRouteUrl("paste", "Paste.Download");
// Redirect them to the password request page
return View("~/Areas/Paste/Views/Paste/PasswordNeeded.cshtml", passModel);
}
// Now we decrypt the content
byte[] data = Encoding.Unicode.GetBytes(paste.Content);
byte[] ivBytes = Encoding.Unicode.GetBytes(paste.IV);
byte[] keyBytes = AES.CreateKey(password, ivBytes, paste.KeySize);
fileData = AES.Decrypt(data, keyBytes, ivBytes);
}
//Create File
var cd = new System.Net.Mime.ContentDisposition
{
FileName = url,
Inline = true
};
Response.AppendHeader("Content-Disposition", cd.ToString());
return File(fileData, "text/plain");
}
return Redirect(Url.SubRouteUrl("error", "Error.Http404"));
}
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public ActionResult Paste([Bind(Include = "Content, Title, Syntax, Password, Hide")]PasteCreateViewModel model)
{
if (ModelState.IsValid)
{
try
{
Models.Paste paste = db.Pastes.Create();
paste.DatePosted = DateTime.Now;
paste.Url = Utility.RandomString(Config.PasteConfig.UrlLength);
// Set the hashed password if one is provided and encrypt stuff
if (!string.IsNullOrEmpty(model.Password))
{
string key = Utility.RandomString(Config.PasteConfig.KeySize / 8);
string iv = Utility.RandomString(Config.PasteConfig.BlockSize / 8);
paste.HashedPassword = Helpers.SHA384.Hash(key, model.Password);
// Encrypt Content
byte[] data = Encoding.Unicode.GetBytes(model.Content);
byte[] ivBytes = Encoding.Unicode.GetBytes(iv);
byte[] keyBytes = AES.CreateKey(model.Password, ivBytes, Config.PasteConfig.KeySize);
byte[] encData = AES.Encrypt(data, keyBytes, ivBytes);
model.Content = Encoding.Unicode.GetString(encData);
paste.Key = key;
paste.KeySize = Config.PasteConfig.KeySize;
paste.IV = iv;
paste.BlockSize = Config.PasteConfig.BlockSize;
}
paste.Content = model.Content;
paste.Title = model.Title;
paste.Syntax = model.Syntax;
paste.Hide = model.Hide;
db.Pastes.Add(paste);
db.SaveChanges();
return Redirect(Url.SubRouteUrl("paste", "Paste.View", new { url = paste.Url, password = model.Password }));
}
catch (Exception ex)
{
return Redirect(Url.SubRouteUrl("error", "Error.500", new { exception = ex }));
}
}
return View("~/Areas/Paste/Views/Paste/Index.cshtml", model);
}
}
}