Fixed uploads via API not adhering to the saveKey attribute, or allowing custom Keys/IVs.

.gitignore

@@ -197,3 +197,13 @@ ModelManifest.xml
 /Teknik/App_Data/Config.json.old
 /Teknik/App_Data/MachineKey.config
 /.vs/Teknik/v15/sqlite3/storage.ide
+/.vs/Teknik/v15/sqlite3/storage.ide-wal
+/.vs/Teknik/v15/sqlite3/storage.ide-shm
+/.vs/Teknik/v15/sqlite3/db.lock
+/.vs/Teknik/v15/sqlite3
+/.vs/Teknik/v15/Server/sqlite3/storage.ide-wal
+/.vs/Teknik/v15/Server/sqlite3/storage.ide-shm
+/.vs/Teknik/v15/Server/sqlite3/storage.ide
+/.vs/Teknik/v15/Server/sqlite3/db.lock
+/.vs/Teknik/v15/Server/sqlite3
+/.vs/Teknik/v15

Teknik/Areas/API/Controllers/APIv1Controller.cs

@@ -1,4 +1,4 @@
-using System;
+using System;
 using System.Collections.Generic;
 using System.Data.Entity;
 using System.IO;
@@ -100,6 +100,8 @@ namespace Teknik.Areas.API.Controllers
 
                                 if (upload != null)
                                 {
+                                    string fileKey = upload.Key;
+
                                     // Associate this with the user if they provided an auth key
                                     if (User.Identity.IsAuthenticated)
                                     {
@@ -120,18 +122,26 @@ namespace Teknik.Areas.API.Controllers
                                         db.SaveChanges();
                                     }
 
+                                    // remove the key if we don't want to save it
+                                    if (!model.saveKey)
+                                    {
+                                        upload.Key = null;
+                                        db.Entry(upload).State = EntityState.Modified;
+                                        db.SaveChanges();
+                                    }
+
                                     // Pull all the information together 
                                     string fullUrl = Url.SubRouteUrl("u", "Upload.Download", new { file = upload.Url });
                                     var returnData = new
                                     {
-                                        url = (model.saveKey || string.IsNullOrEmpty(model.key)) ? fullUrl : fullUrl + "#" + model.key,
+                                        url = (model.saveKey || string.IsNullOrEmpty(fileKey)) ? fullUrl : fullUrl + "#" + fileKey,
                                         fileName = upload.Url,
-                                        contentType = model.contentType,
-                                        contentLength = contentLength,
-                                        key = model.key,
-                                        keySize = model.keySize,
-                                        iv = model.iv,
-                                        blockSize = model.blockSize,
+                                        contentType = upload.ContentType,
+                                        contentLength = upload.ContentLength,
+                                        key = fileKey,
+                                        keySize = upload.KeySize,
+                                        iv = upload.IV,
+                                        blockSize = upload.BlockSize,
                                         deletionKey = upload.DeleteKey
 
                                     };

Teknik/Areas/Upload/Uploader.cs

@@ -1,4 +1,4 @@
-using System;
+using System;
 using System.Collections.Generic;
 using System.Linq;
 using System.Web;
@@ -47,7 +47,9 @@ namespace Teknik.Areas.Upload
             if (encrypt)
             {
                 // Generate a key and iv
+                if (string.IsNullOrEmpty(key))
                     key = StringHelper.RandomString(config.UploadConfig.KeySize / 8);
+                if (string.IsNullOrEmpty(iv))
                     iv = StringHelper.RandomString(config.UploadConfig.BlockSize / 8);
 
                 byte[] keyBytes = Encoding.UTF8.GetBytes(key);