public static bool CheckMasterPassword(SecureString password, bool shortCheck = false)
{
EncryptedPassword created = new EncryptedPassword();
created.GetPasswordFromFile(".key");
int iterations = cryptography.GenerateIterationsFromSalt(created.Salt);
if (iterations == 0)
{
throw new SecurityException("Password hash was tampered with!");
}
byte[] newHash = cryptography.GenerateMasterPasswordHash(password, created.Salt, iterations);
if (!ConstantTimeComparison(newHash, created.Hash))
{
return(false);
}
else
{
string commonErrorMessage = "New password could be generated but all existing data including plugins state will be lost."
+ Environment.NewLine + "Would you like to generate new password?";
if (shortCheck)
{
return(true);
}
if (IOProxy.Exists(".bak_key"))
{
EncryptedPassword appHash = new EncryptedPassword();
appHash.GetPasswordFromFile(".bak_key");
try
{
_appPassword = new PasswordObject(cryptography.DecryptAppPassword(appHash.Hash, _appPasswordLenght, password, appHash.Salt), appHash.Salt);
}
catch (Exception)
{
if (!ShowAppPasswordDecryptionError("Application password cannot be decrypted! " + Environment.NewLine + commonErrorMessage))
{
OnAuthentificationComplete(new AuthentificationEventArgs(false));
}
else
{
NewApplicationPassword(password);
}
}
}
else
{
if (!ShowAppPasswordDecryptionError("Application password file not found! " + Environment.NewLine + commonErrorMessage))
{
OnAuthentificationComplete(new AuthentificationEventArgs(false));
}
else
{
NewApplicationPassword(password);
}
}
OnAuthentificationComplete(new AuthentificationEventArgs());
return(true);
}
}
private static void GenerateAppPassword(bool force = false)
{
if (_appPassword != null)
{
if (_appPassword.isValid() && !force)
{
return;
}
}
_appPassword = new PasswordObject();
foreach (char c in Membership.GeneratePassword(_appPasswordLenght, 7))
{
_appPassword.Password.AppendChar(c);
}
}