我试图保护桌面应用需要获取的数据\发送(通过http请求消息) 从\到Web Api。我正在使用EllipticCurveDiffieHellman加密(公共私钥)。 所以如果我需要发送一个用户Json对象Ill加密它然后发送它。 最终项目将允许用户为双方传输数据:
PC< - > Web api< - >手机app。
我的问题\问题是:此时我有一个消息处理程序与客户端进行对话,但是当检查完所有必需的数据后,请求需要继续到apicontroller但它仍然是加密的。所以我需要知道如何解密请求正文消息,所以对于func Post(用户i_User)会得到User Json对象,因为它shoud ??
提前10倍。更新问题
protected override Task<HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
{
{
//scenarios that I check and response
}
//if any of the scenarios didnt match, I do the process below
EllipticCurveDiffieHellman.Security.ClientIV = m_SecondPart.First();
string encryptedMessage = string.Empty;
string jsonDecryptedMessage = string.Empty;
m_OriginalContentHeaders = new Dictionary<string, string>();
byte[] jsonBytes;
foreach (var header in request.Content.Headers)
{
if (!header.Key.Equals("Content-Length"))
{
m_OriginalContentHeaders.Add(header.Key, header.Value.First());
}
}
Stream newStream = new MemoryStream();
StreamReader streamReader = new StreamReader(request.Content.ReadAsStreamAsync().Result);
encryptedMessage = streamReader.ReadToEnd();
jsonDecryptedMessage = EllipticCurveDiffieHellman.Security.Decryption(encryptedMessage);
jsonBytes = Encoding.UTF8.GetBytes(jsonDecryptedMessage);
StreamWriter streamWriter = new StreamWriter(newStream);
streamWriter.Write(jsonDecryptedMessage);
streamWriter.Flush();
newStream.Seek(0, SeekOrigin.Begin);
request.Content = new StreamContent(newStream);
foreach (var header in m_OriginalContentHeaders)
{
request.Content.Headers.Add(header.Key, header.Value);
}
request.Content.Headers.Add("Content-Length", string.Format("{0}", jsonBytes.Length));
//for Testing
StreamReader streamReaderTest = new StreamReader(newStream);
newStream.Seek(0, SeekOrigin.Begin);
encryptedMessage = streamReaderTest.ReadToEnd();
streamReaderTest.Close();
streamWriter.Close();
return base.SendAsync(request, cancellationToken);
StreamReaderTest尝试读取我写入newStream的字符串,它可以工作,我也可以看到标题,但问题是: 1 api中的Post func得到null作为参数。
答案 0 :(得分:0)
protected override Task<HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
{
//sometesting for clear process
IDictionary<string, string> m_OriginalHeaders;
IDictionary<string, string> m_OriginalContentHeaders;
//sometesting for clear process
// and if none of them response...
EllipticCurveDiffieHellman.Security.ClientIV = m_SecondPart.First();
string encryptedMessage = string.Empty;
string jsonDecryptedMessage = string.Empty;
m_OriginalContentHeaders = new Dictionary<string, string>();
byte[] jsonBytes;
foreach (var header in request.Content.Headers)
{
if (!header.Key.Equals("Content-Length"))
{
m_OriginalContentHeaders.Add(header.Key, header.Value.First());
}
}
Stream newStream = new MemoryStream();
StreamReader streamReader = new StreamReader(request.Content.ReadAsStreamAsync().Result);
encryptedMessage = streamReader.ReadToEnd();
jsonDecryptedMessage = EllipticCurveDiffieHellman.Security.Decryption(encryptedMessage);
StreamWriter streamWriter = new StreamWriter(newStream);
streamWriter.Write(jsonDecryptedMessage);
streamWriter.Flush();
newStream.Seek(0, SeekOrigin.Begin);
request.Content = new StreamContent(newStream);
foreach (var header in m_OriginalContentHeaders)
{
request.Content.Headers.Add(header.Key, header.Value);
}
return base.SendAsync(request, cancellationToken);
}
}
问题只是一条线是不必要的。 这对我有用。 感谢Kiran Challa指导我解决方案。