public IHttpActionResult updateUserAndPassword(int id, usuario usuario)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
if (id != usuario.id_usuario)
{
return(BadRequest());
}
usuario.password = AES256.encryptPassword(usuario.password);
usuario.rol = db.rols.Find(usuario.id_rol);
db.Entry(usuario).State = EntityState.Modified;
try
{
db.SaveChanges();
}
catch (DbUpdateConcurrencyException)
{
if (!usuarioExists(id))
{
return(NotFound());
}
else
{
throw;
}
}
return(StatusCode(HttpStatusCode.NoContent));
}
public static byte[] getCCD()
{
LogManager.WriteLine("--- Get CCD ---");
byte[] ccdcBytes = (byte[])StorageUtils.getData(StorageUtils.kCCDC);
LogManager.WriteLine("CCDC: ");
PrintByteArray(ccdcBytes);
byte[] cccBytes;
if (!StorageUtils.IsStoredFlagActive(StorageUtils.kIsBlockingCodeActive))
{
cccBytes = PBKDF2.calculateCCCwithIDA(StorageUtils.getIDA());
}
else
{
try
{
cccBytes = PBKDF2.calculateCCCwithCodBlq(lockCode, StorageUtils.getIDA());
}
catch (Exception)
{
throw new LockCodeException();
}
}
LogManager.WriteLine("CCC: ");
PrintByteArray(cccBytes);
byte[] ccdBytes = AES256.DecryptAES256CBC(StorageUtils.getAppIV(), ccdcBytes, cccBytes);
LogManager.WriteLine("CCD: ");
PrintByteArray(ccdBytes);
return(ccdBytes);
}
public IHttpActionResult Postusuario(usuario usuario)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
if (usuario.productos == null)
{
}
else
{
int count = usuario.productos.Count;
for (int i = 0; i < usuario.productos.Count; i++)
{
producto pproducto = usuario.productos.ElementAt(i);
usuario.productos.Remove(pproducto);
usuario.productos.Add(db.productos.Find(pproducto.id_producto));
}
}
usuario.password = AES256.encryptPassword(usuario.password);
db.usuarios.Add(usuario);
db.SaveChanges();
historial_contrasennas historial = new historial_contrasennas();
historial.id_usuario = usuario.id_usuario;
historial.contraseña = usuario.password;
db.historial_contrasennas.Add(historial);
db.SaveChanges();
return(CreatedAtRoute("DefaultApi", new { id = usuario.id_usuario }, usuario));
}
public void Aes_EncryptFile_Test()
{
//Arrange
var tempPath = Path.GetTempPath();
if (!Directory.Exists(tempPath))
{
Directory.CreateDirectory(tempPath);
}
var path = $"{tempPath}Security.txt";
var originalData = Resources.ResourceManager.GetString("Security");
File.WriteAllText(path, originalData);
var encryptedPath = $"{tempPath}Security.encrypt";
var decryptPath = $"{tempPath}security2.txt";
var aes = new AES256();
//Act
aes.EncryptFile(EncryptionKey, path, encryptedPath);
aes.DecryptFile(EncryptionKey, encryptedPath, decryptPath);
var inputFile = File.ReadAllText(path);
var outputFile = File.ReadAllText(decryptPath);
//Assert
Assert.AreEqual(inputFile, outputFile);
File.Delete(path);
File.Delete(encryptedPath);
File.Delete(decryptPath);
}
public GenerateTokenOut GenerateToken(GenerateTokenIn input)
{
var output = new GenerateTokenOut();
AES256 securityAES256 = new AES256();
var expireMinutes = TokenExpireMinutes;
var symmetricKey = Convert.FromBase64String(TokenSecret);
var tokenHandler = new JwtSecurityTokenHandler();
var now = DateTime.UtcNow;
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new[]
{
new Claim("sessionId", input.sessionId),
new Claim("usrID", input.usrID.ToString())
}),
Expires = now.AddMinutes(expireMinutes),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(symmetricKey), SecurityAlgorithms.HmacSha256Signature)
};
var stoken = tokenHandler.CreateToken(tokenDescriptor);
var token = tokenHandler.WriteToken(stoken);
output.token = securityAES256.Encrypt(token);
return(output);
}
/// <summary>
/// Retrieves an AES 256 encrypted value from the configuration file.
/// </summary>
/// <param name="log">The event log to log exceptions to. May be null for no logging.</param>
/// <returns>The value or null if not found or it could not be decrypted.</returns>
protected string SecureGet(EventLog.EventLog log)
{
// Get the raw value of the encrypted string.
string value = Get(log);
// Decrypt the string if the raw value contains one.
if (!string.IsNullOrWhiteSpace(value))
{
// Get the encrypted string containing the key, initialization vector, value, and key and
// initialization vector lengths from the file.
// Read only the first line of the file, as this is all that is necessary for the encrypted
// format.
StringReader reader = new StringReader(Get(log));
string encryptedValue = reader.ReadLine();
// Check that an encrypted value was retrieved.
if (!string.IsNullOrWhiteSpace(encryptedValue))
{
// The encrypted value was retrieved.
// Decrypt the encrypted value.
return(AES256.DecryptConsolidatedString(encryptedValue));
}
}
// Could not retrieve the encrypted value.
return(null);
}
public void EncryptAndDecryptString()
{
string encrypted = AES256.Encrypt("test", "password");
string decrypted = AES256.Decrypt(encrypted, "password");
Assert.AreEqual(decrypted, "test");
}
public static string SendCommand(string Text, HenkTcpClient Client, byte[] EncryptionKeyServer, string Password, byte[] Salt)
{
if (Text.Equals("!users"))
{
int Online = BitConverter.ToInt32(Client.WriteAndGetReply(new byte[] { 42, 6, 1 }, TimeSpan.FromSeconds(1)).DecryptedData, 0);
string Users = string.Empty;
for (int x = 0; x < Online; x++)
{
Users += ", " + AES256.decrypt(Client.WriteAndGetReply(CombineBytes(new byte[] { 42, 6, 1 }, BitConverter.GetBytes(x)), TimeSpan.FromSeconds(1)).Data, Password, Salt);
}
return($"({Online}) {Users.Remove(0, 2)}");
}
if (Text.StartsWith("!admin "))
{
Rfc2898DeriveBytes HashedAdminPassword = new Rfc2898DeriveBytes(Text.Remove(0, 7), Salt, 500000);
return(_SendCommand(CombineBytes(new byte[] { 42, 6 }, HenkTcp.Encryption.Encrypt(Aes.Create(), Encoding.UTF8.GetBytes("!admin " + Convert.ToBase64String(HashedAdminPassword.GetBytes(20))), EncryptionKeyServer)), Client));
}
else if (Text.StartsWith("!kick "))
{
return(_SendCommand(CombineBytes(new byte[] { 42, 6, 2 }, AES256.encrypt(Text.Remove(0, 6), Password, Salt)), Client));
}
else if (Text.StartsWith("!ban "))
{
return(_SendCommand(CombineBytes(new byte[] { 42, 6, 3 }, AES256.encrypt(Text.Remove(0, 5), Password, Salt)), Client));
}
else
{
return(_SendCommand(CombineBytes(new byte[] { 42, 6 }, HenkTcp.Encryption.Encrypt(Aes.Create(), Encoding.UTF8.GetBytes(Text), EncryptionKeyServer)), Client));
}
}
/// <summary>
/// Initializes all required instances.
/// </summary>
public CipherRegister()
{
aes256 = new AES256();
des = new DES();
psi_128bit = new implementations.psi.utility.UsageHelper_Crypto();
rsa2048 = new RSA2048();
tripledes = new TripleDES();
}
static void Main()
{
string teste = "{ola:\"mundo\"}";
byte[] testeB = Encoding.UTF8.GetBytes(teste);
AES256 aes = new AES256();
Console.WriteLine(Encoding.UTF8.GetString(aes.Decrypt(aes.Encrypt(testeB))));
}
/**
* Repete o mesmo procedimento de encriptação e compara as hashs resultantes com
* o que está salvo no banco de dados.
*/
public static bool Uncrypt(string password, string hash, string username)
{
string hashedPassword = SHA_256.GenerateSHA256String(password);
string nounced = hashedPassword + username;
string myHash = BCrypt.HashPassword(nounced, hash);
string mySalt = myHash.Substring(0, 29);
string result = mySalt + AES256.AES_Encrypt(myHash.Substring(29, myHash.Length - 29));
bool doesPasswordMatch = Pepper.Check(result, hash, mySalt);
return(doesPasswordMatch);
}
/**
* O procedimento é:
* - recebe senha X
* - Hasheia X com SHA256, resultando em Y
* - "Acopla" o nounce (login) no final deste resultado (Y), resultando em Z
* - gera um Salt aleatório, com 29 caracteres
* - Utiliza o BCrypt para gerar outra hash, sendo esta resultado do Salt + Z, resultando em W
* - Como os primeiros 29 caracteres de W são o proprio salt, encripta-se, com o AES, apenas os caracteres que não fazem parte do Salt, resultando Salt + R
* - aclopa-se, então, uma Pepper aleatória ao final da string, sendo esta, agora, composta por Salt + R + Pepper; resultando em G
* - Por fim, hasheia-se G com SHA512 e adiciona ao início da string o Salt; resultando em Salt+F
*/
public static string Encrypt(string password, string username)
{
string hashedPassword = SHA_256.GenerateSHA256String(password);
string nounced = hashedPassword + username;
string mySalt = BCrypt.GenerateSalt();
string myHash = BCrypt.HashPassword(nounced, mySalt);
string result = mySalt + AES256.AES_Encrypt(myHash.Substring(29, myHash.Length - 29)) + Pepper.Generate();
result = mySalt + SHA_512.GenerateSHA512String(result);
return(result);
}
public void Aes_StringEncryption_Test()
{
//Arrange
var data = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA";
var aes = new AES256();
//Act
var encryptedString = aes.EncryptString(data, EncryptionKey);
var result = aes.DecryptString(encryptedString, EncryptionKey);
//Assert
Assert.AreEqual(data, result);
}
public void Configure(EntityTypeBuilder <User> builder)
{
builder.HasData(new User
{
CompanyId = 1,
Email = AES256.EncryptAndEncode("*****@*****.**"),
Password = AES256.EncryptAndEncode("test"),
FirstName = "test",
LastName = "test",
Status = true
});
}
public void EncryptAndDecryptLargeString()
{
string encrypted = AES256.Encrypt(
"test string that is longer than 16 characters",
"password"
);
string decrypted = AES256.Decrypt(encrypted, "password");
Assert.AreEqual(
decrypted,
"test string that is longer than 16 characters"
);
}
public void EncryptAndDecryptExactly16chars()
{
string encrypted = AES256.Encrypt(
"0123456789abcdef",
"password"
);
string decrypted = AES256.Decrypt(encrypted, "password");
Assert.AreEqual(
decrypted,
"0123456789abcdef"
);
}
private static void CallLogService(string appName, string msg, Guid ClientTransactionId)
{
//{"clientId":"84239dab-07f1-4ad9-a0d9-35ab0432a8c5","Stamp":1576564602,"Msg":"2019 year Dec","LocalTimeZone":"WT",
//"ClientTransactionId":"5f96e6dd-54bf-4625-9c42-962060c9a2a5", "LogServiceInstanceId":"6b12528e-3c8d-4782-9732-40d7e49f39be" }
Int32 unixTimestamp = (Int32)(DateTime.UtcNow.Subtract(new DateTime(1970, 1, 1))).TotalSeconds;
TimeZone localZone = TimeZone.CurrentTimeZone;
// Guid ClientTransactionId = Guid.NewGuid();
StringBuilder strB = new StringBuilder();
strB.AppendFormat("\"clientId\":\"84239dab-07f1-4ad9-a0d9-35ab0432a8c5\",\"Stamp\":{0},\"AppName\":\"{1}\"," +
"\"Msg\":\"{2}\"," +
"\"LocalTimeZone\":\"{3}\"," +
"\"ClientTransactionId\":\"{4}\"," +
" \"LogServiceInstanceId\":\"{5}\"", unixTimestamp.ToString(), appName, msg, localZone.StandardName, ClientTransactionId.ToString(), Guid.NewGuid().ToString());
strB.Insert(0, "{", 1);
strB.Insert(strB.Length, "}", 1);
AES256 aes = new AES256();
string cryptedBody = aes.Encrypt(strB.ToString(), PASSWORD);
string cryptedAPIKey = aes.Encrypt(API_KEY, PASSWORD);
//soap sample starts here
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(BASE_URL + DIR_GET_URL + ConvertStringToHex(cryptedAPIKey, Encoding.ASCII));
request.Method = "POST";
request.ContentType = "application/json";
request.ContentLength = cryptedBody.Length;
using (Stream webStream = request.GetRequestStream())
using (StreamWriter requestWriter = new StreamWriter(webStream, System.Text.Encoding.ASCII))
{
requestWriter.Write(cryptedBody);
}
try
{
WebResponse webResponse = request.GetResponse();
using (Stream webStream = webResponse.GetResponseStream() ?? Stream.Null)
using (StreamReader responseReader = new StreamReader(webStream))
{
string response = responseReader.ReadToEnd();
Console.Out.WriteLine(response);
}
}
catch (Exception e)
{
Console.Out.WriteLine("-----------------");
Console.Out.WriteLine(e.Message);
}
}
// To retrieve (last used) IDC
public static string getLastUsedIDC()
{
byte[] ccd = CryptoUtils.getCCD();
byte[] idcData = AES256.decryptDataAndGetFromMem(StorageUtils.kLastUsedIDC, ccd);
if (idcData != null)
{
string result = CryptoUtils.toHexStringFromBytes(idcData);
result = result.Replace(" ", "").Replace("<", "").Replace(">", "");
return(result);
}
return(null);
}
public void EncryptAndDecryptCheckPadding()
{
string encrypted = AES256.Encrypt("test", "password");
byte[] decrypted = AES256.DecryptToByteArray(
encrypted,
Encoding.UTF8.GetBytes("password")
);
Assert.That(
decrypted,
Is.EqualTo(
new byte[] { 116, 101, 115, 116 }
)
);
}
private void EncryptFileOnUpload(String pathFile, String encryptionKey, Boolean isImage)
{
AES256.EncryptFile(pathFile, encryptionKey);
if (isImage)
{
foreach (ImageFormat format in ImagesFormats)
{
String pathFileWithExtension = DocumentUtils.GetNewPathFileName(pathFile, format.Name);
if (File.Exists(pathFileWithExtension))
{
AES256.EncryptFile(pathFileWithExtension, encryptionKey);
}
}
}
}
public SaveSessionResults SaveSession(LoginRequestBody login, IPAddress clientIp)
{
if (login != null && login.SessionId != null && login.SessionId.Length > 0)
{
var session = GetSession(login.SessionId, clientIp);
if (session != null && session.Data != null)
{
byte[] key = null;
byte[] mPwd = null;
try
{
key = generateSessionKey(session);
try
{
mPwd = AES256.DecryptToByteArray(login.Password, key);
}
catch (CryptographicException)
{
return(SaveSessionResults.InvalidPassword);
}
if (session.Data.IsOriginalPassword(mPwd))
{
saveSessionData(session, mPwd, key);
return(SaveSessionResults.Success);
}
else
{
return(SaveSessionResults.OriginalPasswordDiffers);
}
}
finally
{
// The byte array might already be cleared but it
// doesn't hurt to do it more than one time.
if (mPwd != null)
{
Array.Clear(mPwd, 0, mPwd.Length);
}
if (key != null)
{
Array.Clear(key, 0, key.Length);
}
}
}
}
// Could also mean invalid IP address in this case.
return(SaveSessionResults.InvalidSession);
}
/// <summary>
/// Checks if user credentials are valid
/// </summary>
/// <param name="user"></param>
/// <returns></returns>
public bool AuthenticateUser(ref User user)
{
DataTable dtUser = new DataTable();
dtUser = _db.GetData($"SELECT Usuario, Contrasena FROM Usuario WHERE Usuario = '{user.Username}' AND Estatus = 1", autoConnect: true);
if (dtUser.Rows.Count > 0)
{
if (AES256.Decrypt(dtUser.Rows[0]["Contrasena"].ToString(), _config.Database.EncryptionKey) == user.Password)
{
GetUserDataByUsername(ref user);
}
}
return((user.Id == default) ? false : true);
}
public void AESEncrypt()
{
var sample = "something";
string key = "z,mv--342krnsdrfJDSf33dq2423nsda";
string iv = "12325346457462343654867843523421";
var aes = new AES256(key, iv);
var encryptedStr = aes.Encrypt(sample);
var decryptedStr = aes.Decrypt(encryptedStr);
var len1 = sample.Length;
var len2 = decryptedStr.Length;
True(sample.Length == decryptedStr.Length, "not match, dec:" + decryptedStr + " len1:" + len1 + " len2:" + len2);
}
public ValidateTokenOut ValidateToken(ValidateTokenIn input)
{
var output = new ValidateTokenOut();
AES256 aes256 = new AES256();
string tokenDecrypt = aes256.Decrypt(input.token);
// Se obtiene la información del token
ClaimsPrincipal simplePrinciple = GetPrincipal(tokenDecrypt);
if (simplePrinciple != null)
{
// Se obtienen las propiedades
var identity = simplePrinciple.Identity as ClaimsIdentity;
if (identity != null)
{
// Si no esta autenticado se denega el acceso
if (identity.IsAuthenticated)
{
// Se obtienen las variables de las propiedades que se le asignaron al Token cuando se genero
var sessionId = identity.FindFirst("sessionId");
var usrID = identity.FindFirst("usrID");
var ip = System.Web.HttpContext.Current.Request.UserHostAddress;
if (sessionId?.Value != null &&
usrID?.Value != null &&
ip != null)
{
var autentication = new SystemManagement.Business.Authentication.Authentication();
var validateSessionOut = autentication.ValidateSession(new MethodParameters.Authentication.ValidateSessionIn()
{
sessionId = sessionId.Value,
userId = Convert.ToDecimal(usrID.Value)
});
if (validateSessionOut.result == Entities.Common.Result.Success &&
validateSessionOut.session.usrID == Convert.ToDecimal(usrID.Value) &&
validateSessionOut.session.sesID == sessionId.Value &&
validateSessionOut.session.ses_status == "V")
{
output.tokenInformation = new Entities.Authentication.TokenInformation();
output.tokenInformation.sessionId = sessionId.Value;
output.tokenInformation.usrID = usrID.Value;
}
}
}
}
}
return(output);
}
/// <summary>
/// Writes an AES 256 encrypted value to its configuration file.
/// </summary>
/// <param name="value">The value to write to the file.</param>
/// <param name="log">The event log to log execptions to. May be null for no logging.</param>
/// <returns>True if the write was successful, false otherwise.</returns>
protected bool SecureWrite(string value, EventLog.EventLog log)
{
// Create a consolidated encrypted string value for storage in the file.
string consolidatedString = AES256.CreateConsolidatedString(value);
// Check that the consolidated string value was created successfully.
if (!string.IsNullOrWhiteSpace(consolidatedString))
{
// The consolidated string value was created successfully.
// Write the consolidated string value containing the encrypted value to a file.
return(Write(consolidatedString, log));
}
else
{
// The consolidated string value was not created.
return(false);
}
}
public IHttpActionResult Login(usuario usuario)
{
string result = AES256.encryptPassword(usuario.password);
usuario user = db.usuarios.FirstOrDefault(u => u.correo == usuario.correo && u.password == result);
if (user == null)
{
return(NotFound());
}
user.rol = db.rols.Find(user.id_rol);
db.Entry(user.rol).Collection(p => p.permisos).Load();
sesion sesion = new sesion();
sesion.fecha = DateTime.Now;
sesion.id_usuario = user.id_usuario;
db.sesions.Add(sesion);
Bitacora.getInstance().addBitacora(BitacoraActions.SIGN_IN, user.id_usuario);
db.SaveChanges();
return(Ok(user));
}
public ActionResult LoginIn(LoginINM login)
{
if (login != null)
{
AES256 aES256Enc = new AES256();
login.Pwd = aES256Enc.EncryptString(login.Pwd.Trim(), ConfigurationManager.AppSettings["AESkey1"].ToString());
using (SecurityDBEntities gMSEntities = new SecurityDBEntities())
{
List <logindetails_get_Result> dbresult = gMSEntities.logindetails_get(login.UserName, login.Pwd).ToList();
if (dbresult.Count > 0)
{
foreach (logindetails_get_Result result in dbresult)
{
SessionSet session = new SessionSet();
session.SeeionSetLogin(result.UserId, result.UserName, result.Pwd, result.ProfileId, result.ProfileCode, result.ProfileName, result.CustName, result.ClientName, result.BranchName, result.ClustrNme, result.SiteName, result.ClientId, result.CustId, result.BranchId, result.ClustrId, result.SiteId);
}
//List<Menudetails_get_Result> menuresult = new List<Menudetails_get_Result>();
//var menudb = gMSEntities.Menudetails_get((int)Session["ProfileId"], Session["GMS"].ToString(), Session["EPS"].ToString(), Session["OMS"].ToString());
//foreach (Menudetails_get_Result mrs in menudb)
//{
// menuresult.Add(mrs);
//}
//Session["MenuMaster"] = menuresult;
//Session["SessionId"] = Session.SessionID;
return(RedirectToAction("Index", "Home"));
}
else
{
TempData["StatusMsg"] = "Invalid User and Password.";
return(RedirectToAction("Login", "Login"));
}
}
}
else
{
TempData["StatusMsg"] = "UserName and Password cannot be Empty";
}
return(RedirectToAction("Login", "Login"));
}
public void AESEncryptBytes()
{
var sampleBytes = new byte[1024];
var rnd = new System.Random();
rnd.NextBytes(sampleBytes);
string key = "z,mv--342krnsdrfJDSf33dq2423nsda";
string iv = "12325346457462343654867843523421";
var aes = new AES256(key, iv);
var encryptedBytes = aes.Encrypt(sampleBytes);
var decryptedBytes = aes.Decrypt(encryptedBytes);
var bytesLen1 = sampleBytes.Length;
var bytesLen2 = decryptedBytes.Length;
True(sampleBytes.Length == decryptedBytes.Length, "not match," + " bytesLen1:" + bytesLen1 + " bytesLen2:" + bytesLen2);
True(sampleBytes.SequenceEqual(decryptedBytes), "not match");
}
public async Task <List <UserDto> > GetAll()
{
var users = await _service.GetAllAsync();
var userDtos = new List <UserDto>();
foreach (var item in users)
{
userDtos.Add(new UserDto
{
Email = AES256.DecodeAndDecrypt(item.Email),
Password = AES256.DecodeAndDecrypt(item.Password),
CompanyId = item.CompanyId,
FirstName = item.FirstName,
LastName = item.LastName,
Status = item.Status,
});
}
return(userDtos);
}
public void ManagerProcess(InfoTypes types, string account, string password)
{
string encryptPassword = new AES256().AESEncrypt256(password);
switch (types)
{
case InfoTypes.Gamezone:
main.gamezoneAccount = account;
main.gamezonePassword = encryptPassword;
panel_Gamezone.Visible = false;
OutSystemMessage($"{main.gamezoneAccount}, {main.gamezonePassword}");
main.toolStripMenuItem_ProcessStart.Enabled = true;
main.needView = checkBox_needView.Checked;
TodayPanel_Initialize();
break;
case InfoTypes.Today:
main.todayAccount = account;
main.todayPassword = encryptPassword;
panel_Today.Visible = false;
OutSystemMessage($"{main.todayAccount}, {main.todayPassword}");
main.needView1 = checkBox_needView1.Checked;
this.Close();
//NaverPanel_Initialize();
break;
case InfoTypes.Naver:
main.naverAccount = account;
main.naverPassword = encryptPassword;
OutSystemMessage($"{main.naverAccount}, {password} => {main.naverPassword}");
main.needView2 = checkBox_needView2.Checked;
main.toolStripMenuItem_ProcessStart.Enabled = true;
this.Close();
break;
default:
MessageBox.Show("Exec Error");
break;
}
}
