Change the name of the pdf file to hash and then be able to undo the name to read again

I'm doing a functionality on a system where; Any sector will upload an important file, this file contains confidential information linked to each employee of the company. Each employee will be able to open their own file, but no other employee will be able to open it.

The file is in PDF format, and all follow a ex nomenclature Rule : ano-mes-codigofuncionario.pdf. What happens... when I allow the employee to download your file, he will see the name and if he understands the logic of the names, he can change the employee code and view other people's files.

I would then, at the time of saving the file to disk, generate a hash based on the policies of the file name and when I need to identify the file to designate each employee I could "decrypt" and take the original name. The final result should be something like: fe415d322sefe185d32sd1f51000e1fea6e.pdf, this way it will be more difficult others employees try to view other files.

Here I save to disk: 

private void SalvarArquivo(HttpPostedFile file)
{
    var pathString = DiretorioTemp();

    var fileName1 = Path.GetFileName(file.FileName);
    bool isExists = Directory.Exists(pathString);

    if (!isExists)
        Directory.CreateDirectory(pathString);

    var path = string.Format("{0}\\{1}", pathString, file.FileName);
    file.SaveAs(path);
}

After reading the file I click the button to the user, respecting the rules that are used to name the original file. 

public static void Download(string fName)
    {
        FileInfo fInfo = new FileInfo(fName);
        HttpContext.Current.Response.Clear();
        HttpContext.Current.Response.ContentType = "application/octet-stream";
        HttpContext.Current.Response.AddHeader("Content-Disposition", "attachment; filename=\"" + fInfo.Name + "\"");
        HttpContext.Current.Response.AddHeader("Content-Length", fInfo.Length.ToString());
        HttpContext.Current.Response.Flush();
        HttpContext.Current.Response.WriteFile(fInfo.FullName);
        fInfo = null;
    }

Note: If I generate a hash and can not undo it will not help, because I will not know the parameters used on the date in which the files were inserted.

Remembering that, windows does not allow some characters (* / \ ) for this reason I would like something that is simple.

Author: Thiago Araújo, 2017-06-23
Source

2 answers

The logic is very simple: you keep the files with the original names in the system and when you send to download send it with another name 

public static void Download(string fName)
{
    FileInfo fInfo = new FileInfo(fName);

    HttpContext.Current.Response.Clear();
    HttpContext.Current.Response.ContentType = "application/octet-stream";

    HttpContext.Current.Response.AddHeader("Content-Disposition", "attachment; filename=\"" + Guid.NewGuid() + ".pdf\""); // Aqui está o segredo

    HttpContext.Current.Response.AddHeader("Content-Length", fInfo.Length.ToString());

    HttpContext.Current.Response.Flush();
    HttpContext.Current.Response.WriteFile(fInfo.FullName);
    fInfo = null;
}
 1
Author: LINQ, 2017-06-23 20:42:35

This is impossible using hash, since this is the purpose of it, being oneway, when the code is generated it does not return. To solve your problem I suggest using Base64 . in C#: To encode: 

public static string Base64Encode(string plainText) {
  var plainTextBytes = System.Text.Encoding.UTF8.GetBytes(plainText);
  return System.Convert.ToBase64String(plainTextBytes);
}

To disengage: 

public static string Base64Decode(string base64EncodedData) {
  var base64EncodedBytes = System.Convert.FromBase64String(base64EncodedData);
  return System.Text.Encoding.UTF8.GetString(base64EncodedBytes);
}

I also suggest using password in PDF files, where the password is the first 3 digits of his CPF or any other code of its kind. This can be done with PDF Sharp 

// Open an existing document. Providing an unrequired password is ignored.
PdfDocument document = PdfReader.Open(filename, "some text");

PdfSecuritySettings securitySettings = document.SecuritySettings;

// Setting one of the passwords automatically sets the security level to 
// PdfDocumentSecurityLevel.Encrypted128Bit.
securitySettings.UserPassword  = "user";
securitySettings.OwnerPassword = "owner";

// Don't use 40 bit encryption unless needed for compatibility reasons
//securitySettings.DocumentSecurityLevel = PdfDocumentSecurityLevel.Encrypted40Bit;

// Restrict some rights.
securitySettings.PermitAccessibilityExtractContent = false;
securitySettings.PermitAnnotations = false;
securitySettings.PermitAssembleDocument = false;
securitySettings.PermitExtractContent = false;
securitySettings.PermitFormsFill = true;
securitySettings.PermitFullQualityPrint = false;
securitySettings.PermitModifyDocument = true;
securitySettings.PermitPrint = false;

// Save the document...
document.Save(filename);

Source

 0
Author: Matheus E. Mordorst, 2017-06-23 20:11:33