public void V2PasswordsUniqueEncryptionTest()
{
string key = CalculateNewMasterPasswordKey(MASTERPASSWORD);
string encryptedPassword = PasswordFunctions2.EncryptPassword(USERPASSWORD, key);
string encryptedPassword2 = PasswordFunctions2.EncryptPassword(USERPASSWORD, key);
Assert.AreNotEqual(encryptedPassword, encryptedPassword2, "password encryption always generates identical encrypted bytes");
}
private static string CheckEncryptDecryptPasswordV2(string password, string masterPassword)
{
string masterKey = CalculateNewMasterPasswordKey(masterPassword);
string encryptedPassword = PasswordFunctions2.EncryptPassword(password, masterKey);
string decryptedPassword = PasswordFunctions2.DecryptPassword(encryptedPassword, masterKey);
Assert.AreEqual(password, decryptedPassword, "Unable to decrypt password");
return(encryptedPassword);
}
public void V2PasswordsEncryptDecryptTest()
{
PasswordsEncryptDecryptCheck(CheckEncryptDecryptPasswordV2);
string masterKey = CalculateNewMasterPasswordKey(MASTERPASSWORD);
string decryptedPassword = PasswordFunctions2.DecryptPassword(string.Empty, masterKey);
Assert.AreEqual(string.Empty, decryptedPassword, "Decryption of empty stored password failed");
}
private void UpdateStoredPasswords(string newKeyMaterial)
{
TerminalsConfigurationSection configSection = GetSection();
configSection.EncryptedDefaultPassword = PasswordFunctions2.EncryptPassword(DefaultPassword, newKeyMaterial);
configSection.EncryptedAmazonAccessKey = PasswordFunctions2.EncryptPassword(AmazonAccessKey, newKeyMaterial);
configSection.EncryptedAmazonSecretKey = PasswordFunctions2.EncryptPassword(AmazonSecretKey, newKeyMaterial);
configSection.EncryptedConnectionString = PasswordFunctions2.EncryptPassword(ConnectionString, newKeyMaterial);
configSection.DatabaseMasterPasswordHash = PasswordFunctions2.EncryptPassword(DatabaseMasterPassword, newKeyMaterial);
}
private void MigrateNotEncryptedAttribute(XElement element, string attributeName)
{
var plainTextAttribute = element.Attribute(attributeName);
if (plainTextAttribute == null)
{
return;
}
plainTextAttribute.Value = PasswordFunctions2.EncryptPassword(plainTextAttribute.Value, this.newKey);
}
public void V2UpgradePasswordsTest()
{
this.UpgradePasswordsTestInitialize(SECURED_CONFIG_FILE, SECURED_CREDENTIALS_FILE, "favoritesSecured.xml");
IPersistence persistence = this.RunUpgrade();
bool masterStillValid = PasswordFunctions2.MasterPasswordIsValid(PasswordTests.MASTERPASSWORD, settings.MasterPasswordHash);
Assert.IsTrue(masterStillValid, "Master password upgrade failed.");
AssertUserAndCredential(persistence);
AssertFavoriteCredentialSet(persistence);
}
public void V2MasterPasswordValidationTest()
{
string stored = PasswordFunctions2.CalculateStoredMasterPasswordKey(MASTERPASSWORD);
string stored2 = PasswordFunctions2.CalculateStoredMasterPasswordKey(MASTERPASSWORD);
Assert.AreNotEqual(stored, stored2);
bool isValid = PasswordFunctions2.MasterPasswordIsValid(MASTERPASSWORD, stored);
Assert.IsTrue(isValid, "Unable to validate encrypted master password version 2");
}
private void MigrateNotEncryptedElement(XElement element, string elementName)
{
var plainTextElement = element.Element(elementName);
if (plainTextElement == null)
{
return;
}
plainTextElement.Value = PasswordFunctions2.EncryptPassword(plainTextElement.Value, this.newKey);
}
public void V2UpgradeNoMasterPasswordConfigTest()
{
this.UpgradePasswordsTestInitialize(NOMASTER_CONFIG_FILE, NOMASTER_CREDENTIALS_FILE);
// simply nothing to upgrade, procedure shouldn't fail.
IPersistence persistence = this.RunUpgrade();
Assert.IsFalse(askedForPassword, "Config file shouldn't ask for password");
bool masterStillValid = PasswordFunctions2.MasterPasswordIsValid(string.Empty, settings.MasterPasswordHash);
Assert.IsTrue(masterStillValid, "Master password upgrade failed.");
AssertUserAndCredential(persistence);
}
private void Configure(string connectionString, string oldPassword, string newPassword)
{
// persistence doesn't have to be fully configured, we need only the persistence passwords part
this.persistenceSecurity = new SqlPersistenceSecurity();
this.persistenceSecurity.UpdateDatabaseKey(connectionString, oldPassword);
if (!string.IsNullOrEmpty(newPassword))
{
this.newStoredKey = PasswordFunctions2.CalculateStoredMasterPasswordKey(newPassword);
}
this.newKeyMaterial = PasswordFunctions2.CalculateMasterPasswordKey(newPassword, this.newStoredKey);
}
internal void UpdateMasterPassword(string newPassword)
{
string storedMasterPassword = PasswordFunctions2.CalculateStoredMasterPasswordKey(newPassword);
string newMasterKey = PasswordFunctions2.CalculateMasterPasswordKey(newPassword, storedMasterPassword);
// start of not secured transaction. Old key is still present,
// but passwords are already encrypted by new Key
this.persistence.UpdatePasswordsByNewMasterPassword(newMasterKey);
settings.UpdateConfigurationPasswords(newMasterKey, storedMasterPassword);
// finish transaction, the passwords now reflect the new key
this.KeyMaterial = newMasterKey;
}
private Boolean IsMasterPasswordValid(string passwordToCheck)
{
string storedMasterPassword = this.settings.MasterPasswordHash;
bool isValid = PasswordFunctions2.MasterPasswordIsValid(passwordToCheck, storedMasterPassword);
if (isValid)
{
this.KeyMaterial = PasswordFunctions2.CalculateMasterPasswordKey(passwordToCheck, storedMasterPassword);
return(true);
}
return(false);
}
internal bool UpdateDatabaseKey(string connectionString, string databasePassword)
{
try
{
string databaseStoredKey = DatabaseConnections.TryGetMasterPasswordHash(connectionString);
this.persistenceKeyMaterial = PasswordFunctions2.CalculateMasterPasswordKey(databasePassword, databaseStoredKey);
return(true);
}
catch
{
Logging.Error("Unable to obtain database key from database");
return(false);
}
}
private string UpdateThePropertiesPassword(string rdpOptions)
{
var document = XDocument.Parse(rdpOptions);
if (document.Root == null)
{
return(rdpOptions);
}
var tsgwPasswordHash = document.Root.Descendants("EncryptedPassword").First();
var oldPassword = this.persistenceSecurity.DecryptPersistencePassword(tsgwPasswordHash.Value);
tsgwPasswordHash.Value = PasswordFunctions2.EncryptPassword(oldPassword, this.newKeyMaterial);
return(document.ToString());
}
/// <summary>
/// Replaces stored encrypted password by new one using newKeymaterial
/// </summary>
/// <param name="newKeymaterial">key created from master password hash</param>
internal void UpdatePasswordByNewKeyMaterial(string newKeymaterial)
{
string userName = this.GetDecryptedUserName();
if (!string.IsNullOrEmpty(userName))
{
this.credential.EncryptedUserName = PasswordFunctions2.EncryptPassword(userName, newKeymaterial);
}
string domain = this.GetDecryptedDomain();
if (!string.IsNullOrEmpty(domain))
{
this.credential.EncryptedDomain = PasswordFunctions2.EncryptPassword(domain, newKeymaterial);
}
string secret = this.GetDecryptedPassword();
if (!string.IsNullOrEmpty(secret))
{
this.credential.EncryptedPassword = PasswordFunctions2.EncryptPassword(secret, newKeymaterial);
}
}
private string MigratePassword(string oldPassword)
{
var securityPassword = PasswordFunctions.DecryptPassword(oldPassword, this.oldKey);
return(PasswordFunctions2.EncryptPassword(securityPassword, this.newKey));
}
private static string CalculateNewMasterPasswordKey(string password)
{
string storedKey = PasswordFunctions2.CalculateStoredMasterPasswordKey(password);
return(PasswordFunctions2.CalculateMasterPasswordKey(password, storedKey));
}
private static bool TestDatabasePassword(string connectionStringToTest, string databasePassword)
{
var storedHash = TryGetMasterPasswordHash(connectionStringToTest);
return(PasswordFunctions2.MasterPasswordIsValid(databasePassword, storedHash));
}
/// <summary>
/// Use only to store all other passwords except settings file passwords
/// </summary>
internal string EncryptPersistencePassword(string decryptedPassword)
{
return(PasswordFunctions2.EncryptPassword(decryptedPassword, this.PersistenceKeyMaterial));
}
private void AssignFieldsByOldMasterPassword(string masterPassword)
{
this.oldKey = PasswordFunctions.CalculateMasterPasswordKey(masterPassword);
this.storedMasterPassword = PasswordFunctions2.CalculateStoredMasterPasswordKey(masterPassword);
this.newKey = PasswordFunctions2.CalculateMasterPasswordKey(masterPassword, this.storedMasterPassword);
}
/// <summary>
/// Use only to resolve settings file passwords
/// </summary>
internal string DecryptPassword(string encryptedPassword)
{
return(PasswordFunctions2.DecryptPassword(encryptedPassword, this.KeyMaterial));
}
