public override ValidationResult Validate(SecretDecryptionContext decryptionContext, string validationData, ClaimsPrincipal principal)
{
var passphraseData = DeserializeData <PassphraseValidationData>(validationData);
var userSuppliedPassphrase = decryptionContext.GetInput(UserInputConstants.Passphrase);
if (string.IsNullOrEmpty(userSuppliedPassphrase))
{
return(ValidationResult.SuccessResult);
}
switch (passphraseData.Algorithm)
{
case PassphraseAlgorithm.Pbkdf2Sha1:
default:
decryptionContext.DecryptionKeys.Clear();
decryptionContext.DecryptionKeys.Add(GetEncryptionKey(userSuppliedPassphrase, passphraseData));
_logger.LogDebug($"Using passphrase {userSuppliedPassphrase} to set encryption key to {decryptionContext.EncryptionKey}");
return(ValidationResult.SuccessResult);
}
}
public override ValidationResult Validate(SecretDecryptionContext decryptionContext, string validationData, ClaimsPrincipal principal)
{
var ipData = DeserializeData <UserIpValidationData>(validationData);
string ipAddress = decryptionContext.GetInput(UserInputConstants.IpAddress);
if (string.IsNullOrEmpty(ipData.IpRegex) || string.IsNullOrEmpty(ipAddress))
{
return(ValidationResult.SuccessResult);
}
if (!Regex.IsMatch(ipAddress, ipData.IpRegex))
{
_logger.LogDebug($"IP address {ipAddress} did not match pattern {ipData.IpRegex}");
return(new ValidationResult(false)
{
Error = "User IP does not match expected pattern",
ValidationPointOfFailure = this.Name
});
}
return(ValidationResult.SuccessResult);
}