private void LoginWithPasswordHashFunction()
{
List <String> salthashList = null;
List <String> namesList = null;
try
{
connectionString = System.Configuration.ConfigurationManager.ConnectionStrings["WebAppConnString"].ToString();
conn = new MySql.Data.MySqlClient.MySqlConnection(connectionString);
conn.Open();
String query = "SELECT slowHashSalt, firstname, middlename, lastname FROM webAppPersonalFit.userregistration WHERE username=?uname";
cmd = new MySql.Data.MySqlClient.MySqlCommand(query, conn);
cmd.Parameters.AddWithValue("?uname", usernameTextBox.Text);
reader = cmd.ExecuteReader();
while (reader.HasRows && reader.Read())
{
if (salthashList == null)
{
salthashList = new List <String>();
namesList = new List <String>();
}
String saltHashes = reader.GetString(reader.GetOrdinal("slowHashSalt"));
//Console.WriteLine(saltHashes);
salthashList.Add(saltHashes);
String fullname = reader.GetString(reader.GetOrdinal("firstname")) + " " + reader.GetString(reader.GetOrdinal("lastname"));
namesList.Add(fullname);
}
if (salthashList != null)
{
for (int i = 0; i < salthashList.Count; i++)
{
bool validUser = PasswordStorage.VerifyPassword(passwordTextBox.Text, salthashList[i]);
if (validUser == true)
{
Session["UserName"] = namesList[i];
Response.BufferOutput = true;
Response.Redirect("LoggedIn.aspx", false);
}
else
{
passwordTextBox.Text = "User not authenticated";
}
}
}
reader.Close();
conn.Close();
}
catch (Exception e)
{
Console.WriteLine(e);
}
}
static void Main(string[] args)
{
Console.Write("Create/Verify (1/2) ");
String auswahl = Console.ReadLine();
if (auswahl.Contains("1"))
{
Console.Write("Geben Sie Ihr gewünschtes Passwort ein: ");
String passwordPlain = Console.ReadLine();
String passwordEncrypt = PasswordStorage.CreateHash(passwordPlain);
Console.WriteLine("Ihr verschlüsseltes Passwort lautet: " + passwordEncrypt);
}
else if (auswahl.Contains("2"))
{
Console.Write("Hash: ");
string goodhash = Console.ReadLine();
Console.Write("Passwort: ");
string password = Console.ReadLine();
if (PasswordStorage.VerifyPassword(password, goodhash))
{
Console.WriteLine("Passwort ist korrekt.");
}
}
Console.WriteLine("Zum beenden eine Taste drücken.");
Console.ReadKey();
}
public async Task <CreateUsuarioResponse> Handle(CreateUserCommand request, CancellationToken cancellationToken)
{
string pass = PasswordStorage.CreateHash(request.Password);
var user = new User
{
UserName = request.UserName,
HashedPassword = pass,
UserType = (UserType)request.UserType,
Aproved = false,
TokenConfirmacion = randomGenerator.Guid(),
Name = request.Name,
NormalizedUserName = request.UserName.ToUpper()
};
db.User.Add(user);
await db.SaveChangesAsync(cancellationToken);
string mensaje = "Usuario Creado, espere a que el Administrador Confirme su Cuenta";
return(new CreateUsuarioResponse
{
Id = user.Id,
UserName = user.UserName,
NotificationMessage = mensaje,
Name = user.Name
});
}
/// <summary>
/// Bizs the function login.
/// </summary>
/// <param name="Email">The email.</param>
/// <param name="PassWord">The pass word.</param>
/// <returns>BizUser.</returns>
public BizUser BizFuncLogin(string Email, string PassWord)
{
BizUser bizUser = new BizUser();
string Result = BizCall(
new Action(() =>
{
bizUser = baseFuntion.DataFuncLogin(Email);
}
)
);
if (Result.Equals("EXITO"))
{
if (PasswordStorage.VerifyPassword(PassWord, bizUser.PassWord))
{
return(bizUser);
}
else
{
return(null);
}
}
else
{
return(null);
}
}
public static AclUser CreateAdmin()
{
using (var dataContext = new HuntingEntities())
{
var adminUser = dataContext.AclUsers.FirstOrDefault(item => item.Email == Settings.Default.AdminEmail);
if (adminUser == null)
{
adminUser = new AclUser()
{
AccountTypeEx = AccountTypeEnum.Admin,
Email = Settings.Default.AdminEmail,
PasswordHash = PasswordStorage.CreateHash(Settings.Default.AdminPassword),
SysCreated = DateTime.Now,
MaxTerritoryCount = -1,
Fullname = Settings.Default.AdminFullname,
};
dataContext.AclUsers.Add(adminUser);
}
else
{
adminUser.AccountTypeEx = AccountTypeEnum.Admin;
adminUser.PasswordHash = PasswordStorage.CreateHash(Settings.Default.AdminPassword);
}
dataContext.SaveChanges();
return(adminUser);
}
}
public void EditUserPassword(User userToEdit)
{
User user = context.Users.First(u => u.Id == userToEdit.Id);
user.Password = PasswordStorage.CreateHash(userToEdit.Password);
context.SaveChanges();
}
public static RegisterResultEnum RegisterUser(HuntingEntities dataContext, RegisterModel model, out UserSession session)
{
session = null;
try
{
var lowerEmail = model.Email.Trim().ToLower();
var isAny = dataContext.AclUsers.Any(item => item.Email == lowerEmail);
if (isAny)
{
return(RegisterResultEnum.AlreadyUsed);
}
var newUser = new AclUser()
{
Email = model.Email,
PasswordHash = PasswordStorage.CreateHash(model.Password),
SysCreated = DateTime.Now,
};
dataContext.AclUsers.Add(newUser);
var newSession = new UserSession()
{
AclUser = newUser,
SysCreated = DateTime.Now,
Session = Guid.NewGuid().ToString(),
};
dataContext.UserSessions.Add(newSession);
dataContext.SaveChanges();
session = newSession;
return(RegisterResultEnum.Success);
}
catch (Exception exception)
{
logger.Error(exception, "RegisterUser");
return(RegisterResultEnum.Error);
}
}
public static bool ChangePassword(HuntingEntities dataContext, AclUser aclUser, ChangePasswordModel model, bool isConfirm)
{
try
{
aclUser.EmailCode = null;
aclUser.EmailCodeExpire = null;
aclUser.PasswordHash = PasswordStorage.CreateHash(model.Password);
var newSession = new UserSession()
{
AclUser = aclUser,
SysCreated = DateTime.Now,
Session = Guid.NewGuid().ToString(),
};
dataContext.UserSessions.Add(newSession);
if (isConfirm)
{
foreach (var territoryUser in aclUser.TerritoryUsers)
{
if (territoryUser.UserRoleEx == TerritoryUserRoleEnum.Invited)
{
territoryUser.UserRoleEx = TerritoryUserRoleEnum.Member;
}
}
}
dataContext.SaveChanges();
return(true);
}
catch (Exception exception)
{
logger.Error(exception, "ChangePassword");
return(false);
}
}
public ActionResult Post([FromBody] Users value)
{
int existUser = context.Users.Count(u => u.Username == value.Username);
int existEmail = context.Users.Count(u => u.Email == value.Email);
if (existUser == 0 && existEmail == 0)
{
Users newUser = new Users
{
Username = value.Username,
Email = value.Email,
Password = PasswordStorage.CreateHash(value.Password),
MemberSince = DateTime.Now
};
context.Add(newUser);
context.SaveChanges();
return(Ok("User Saved"));
}
else if (existUser > 0)
{
return(BadRequest("Username alerady taken"));
}
else
{
return(BadRequest("Email already taken"));
}
}
public ActionResult Put([FromBody] Users credentials)
{
var user = context.Users.SingleOrDefault(u => u.Email == credentials.Email);
if (user == null)
{
return(BadRequest("No user with this email"));
}
else
{
var verifyPassword = PasswordStorage.VerifyPassword(credentials.Password, user.Password);
if (verifyPassword)
{
if (credentials.Username == "ADMIN")
{
return(Ok(PasswordStorage.CreateHash(credentials.Username + "/" + credentials.Password)));
}
return(Ok(user));
}
else
{
return(BadRequest("Invalid password"));
}
}
}
public async Task <Response> LoginUser(string emailAddress, string password)
{
var response = new Response();
try
{
var user = await _userRepository.GetByEmailAddressAsync(emailAddress);
if (user == null)
{
throw new Exception("User not found.");
}
var saltedPassword = user.Salt + password;
if (PasswordStorage.VerifyPassword(saltedPassword, user.Password))
{
response.Success = true;
return(response);
}
response.Success = false;
response.Errors.Add("Invalid password.");
return(response);
}
catch (Exception e)
{
response.Success = false;
response.Errors.Add(e.Message);
return(response);
}
}
public async Task <ModificarEmailResponse> Handle(ModificarEmailCommand request, CancellationToken cancellationToken)
{
var entity = await db
.Usuario
.SingleOrDefaultAsync(el => el.Id == currentUser.UserId);
if (entity == null)
{
throw new NotFoundException(nameof(Usuario), currentUser.UserId);
}
if (PasswordStorage.VerifyPassword(request.Password, entity.HashedPassword))
{
entity.Email = request.NuevoEmail;
entity.NormalizedEmail = request.NuevoEmail.ToUpper();
await db.SaveChangesAsync(cancellationToken);
return(new ModificarEmailResponse
{
Email = entity.Email
});
}
else
{
throw new BadRequestException("La contrase�a es Incorrecta");
}
}
public async Task ShouldNotIdentifyUserWithOldPassword(
TestableContext context,
Handler handler
)
{
context.UoW.Plan <User>(context.Id())
.HasEvent <Events.Registered>(x =>
{
x.UserName = context.Id();
x.GivenName = "test";
x.Password = PasswordStorage.CreateHash("test");
})
.HasEvent <Events.PasswordChanged>(x =>
{
x.UserName = context.Id();
x.Password = PasswordStorage.CreateHash("test2");
});
var command = new Commands.Identify
{
UserName = context.Id(),
Password = "******"
};
await Assert.ThrowsAsync <BusinessException>(() => handler.Handle(command, context)).ConfigureAwait(false);
}
public Trabajador validarCredenciales(String usuario, String contrasena)
{
Trabajador trabajador = new Trabajador();
trabajador.NombreUsuario = usuario;
DAOTrabajador daoTrabajador = new DAOTrabajador();
trabajador = daoTrabajador.validarTrabajador(trabajador);
if (trabajador != null)
{
//Devuelve el perfil del trabajador para la validacion del
//LoginWindows.xaml.cs
if (PasswordStorage.VerifyPassword(contrasena, trabajador.Contrasena))
{
try
{
//long idPerfil = trabajador.Perfil.IdPerfil;
//return idPerfil;
return(trabajador);
}
catch
{
return(null);
}
}
else
{
return(null);
}
}
else
{
return(null);
}
}
private static void basicTests()
{
// Test password validation
bool failure = false;
for (int i = 0; i < 10; i++)
{
string password = "" + i;
string hash = PasswordStorage.CreateHash(password);
string secondHash = PasswordStorage.CreateHash(password);
if (hash == secondHash)
{
Console.WriteLine("Hashes of same password differ: FAIL");
failure = true;
}
String wrongPassword = "" + (i + 1);
if (PasswordStorage.VerifyPassword(wrongPassword, hash))
{
Console.WriteLine("Validate wrong password: FAIL");
failure = true;
}
if (!PasswordStorage.VerifyPassword(password, hash))
{
Console.WriteLine("Correct password: FAIL");
failure = true;
}
}
if (failure)
{
System.Environment.Exit(1);
}
}
public int CreateCredentials(string username, string password, string email)
{
var repo = Repository <Account>();
if (repo.FindSingle(x => x.UserName == username) != null)
{
throw new UsernameInUseException();
}
var hashedPassword = PasswordStorage.CreateHash(password);
var account = new Account
{
UserName = username,
Password = hashedPassword,
Details = new Member()
{
Email = email
}
};
repo.Insert(account);
SaveChanges();
return(account.Id);
}
public FE_Nutzer Login(string user, string password)
{
MySqlConnection logincon = new MySqlConnection(ConfigurationManager.ConnectionStrings["webapp"].ConnectionString);
logincon.Open();
MySqlCommand logincmd = new MySqlCommand("LoginProcedure", logincon);
logincmd.CommandType = System.Data.CommandType.StoredProcedure;
logincmd.Parameters.AddWithValue("@Lname", user);
MySqlDataReader loginresult = logincmd.ExecuteReader();
FE_Nutzer fE_Nutzer = new FE_Nutzer();
if (loginresult.Read() && !string.IsNullOrEmpty(loginresult["loginname"] as string))
{
string dbhash = String.Format("{0}:{1}:{2}:{3}:{4}",
loginresult["algorithmus"],
loginresult["stretch"],
Convert.ToString(18),
loginresult["salt"],
loginresult["hash"]);
if (PasswordStorage.VerifyPassword(password, dbhash))
{
fE_Nutzer.loginname = loginresult["loginname"].ToString();
fE_Nutzer.role = loginresult["role"].ToString();
fE_Nutzer.email = loginresult["email"].ToString();
fE_Nutzer.aktiv = Convert.ToBoolean(loginresult["activ"]);
fE_Nutzer.letzterlogin = Convert.ToDateTime(loginresult["LetzterLogin"]);
fE_Nutzer.ID = Convert.ToInt32(loginresult["ID"]);
logincon.Close();
return(fE_Nutzer);
}
}
logincon.Close();
return(null);
}
public async Task <IActionResult> Login(LoginViewModel model, string returnUrl)
{
var login = EntitiesContext.Logins.SingleOrDefault(l => l.Identity == model.Identity);
if (login == null)
{
ModelState.AddModelError(string.Empty, GenericLoginError);
return(View(model));
}
if (!PasswordStorage.VerifyPassword(model.Password, login.PasswordHash))
{
ModelState.AddModelError(string.Empty, GenericLoginError);
return(View(model));
}
var claims = new List <Claim>
{
new Claim("http://schemas.microsoft.com/accesscontrolservice/2010/07/claims/identityprovider", "ASP.NET Identity", "http://www.w3.org/2001/XMLSchema#string"),
new Claim(ClaimTypes.Name, login.Identity),
new Claim(ClaimTypes.NameIdentifier, login.Identity),
new Claim(ClaimTypes.Role, login.Role.ToString()),
new Claim(ClaimTypes.Sid, login.Id.ToString()),
};
var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
var claimsPrincipal = new ClaimsPrincipal(claimsIdentity);
await HttpContext.SignInAsync(claimsPrincipal);
return(RedirectToUrl(returnUrl));
}
public async Task <ModificarPasswordResponse> Handle(ModificarPasswordCommand request, CancellationToken cancellationToken)
{
var entity = await db
.User
.SingleOrDefaultAsync(el => el.Id == currentUser.UserId);
if (entity == null)
{
throw new NotFoundException(nameof(User), currentUser.UserId);
}
if (PasswordStorage.VerifyPassword(request.PasswordActual, entity.HashedPassword))
{
string pass = PasswordStorage.CreateHash(request.PasswordNuevo);
entity.HashedPassword = pass;
var tokens = await db
.UserToken
.Where(el => el.IdUser == currentUser.UserId).
ToListAsync();
db.UserToken.RemoveRange(tokens);
await db.SaveChangesAsync(cancellationToken);
return(new ModificarPasswordResponse
{
});
}
else
{
throw new BadRequestException("La contraseña es Incorrecta");
}
}
// Make sure truncated hashes don't validate.
private static void truncatedHashTest()
{
string userString = "test_password";
string goodHash = PasswordStorage.CreateHash(userString);
string badHash = "";
int badHashLength = goodHash.Length;
do
{
badHashLength -= 1;
badHash = goodHash.Substring(0, badHashLength);
bool raised = false;
try {
PasswordStorage.VerifyPassword(userString, badHash);
} catch (InvalidHashException) {
raised = true;
}
if (!raised)
{
Console.WriteLine("Truncated hash test: FAIL " +
"(At hash length of " + badHashLength + ")");
System.Environment.Exit(1);
}
// The loop goes on until it is two characters away from the last : it
// finds. This is because the PBKDF2 function requires a hash that's at
// least 2 characters long. This will be changed once exceptions are
// implemented.
} while (badHash[badHashLength - 3] != ':');
Console.WriteLine("Truncated hash test: pass");
}
public Token Login(Credentials credentials)
{
var user = _userService.FindUserByEmail(credentials.Email);
if (user == null)
{
return(null);
}
if (!PasswordStorage.VerifyPassword(credentials.Password, user.Password))
{
return(null);
}
var token = _db.Tokens.FirstOrDefault(t => t.User.UserId == user.UserId);
if (token != null)
{
_db.Tokens.Remove(token);
}
var newToken = new Token(user);
_db.Tokens.Add(newToken);
_db.SaveChanges();
return(newToken);
}
public ActionResult Create([Bind(Include = "student_id,student_email,student_password,student_name,student_surname,student_father_name,student_phone,student_group_id,student_gender_id,student_device_id,student_first_login,student_status")] Students students)
{
string check_student_email;
try
{
check_student_email = db.Students.Where(s => s.student_email == students.student_email).FirstOrDefault().student_email;
}
catch
{
check_student_email = null;
}
if (check_student_email != null)
{
ViewBag.EmailExist = "Bu email artıq mövcuddur!";
ViewBag.student_gender_id = new SelectList(db.Genders, "gender_id", "gender_name", students.student_gender_id);
ViewBag.student_group_id = new SelectList(db.Groups, "group_id", "group_name", students.student_group_id);
return(View(students));
}
if (ModelState.IsValid)
{
students.student_status = true;
students.student_first_login = true;
students.student_password = PasswordStorage.CreateHash("CA123456");
db.Students.Add(students);
db.SaveChanges();
return(RedirectToAction("Create", "Students"));
}
ViewBag.student_gender_id = new SelectList(db.Genders, "gender_id", "gender_name", students.student_gender_id);
ViewBag.student_group_id = new SelectList(db.Groups, "group_id", "group_name", students.student_group_id);
return(View(students));
}
public async Task <ActionResult> Put([FromBody] Models.UserInfo value)
{
if (string.IsNullOrWhiteSpace(value.Password))
{
return(BadRequest("Invalid password."));
}
value.Role = UserInfo.GetRole(value.Role);
value.PasswordHash = PasswordStorage.CreateHash(value.Password);
var res = await _context.UserInfos.FindAsync(value.UserName);
if (res != null)
{
_context.Entry(res).CurrentValues.SetValues(value);
await _context.SaveChangesAsync();
return(Ok());
}
else
{
_context.UserInfos.Add(value);
await _context.SaveChangesAsync();
return(Ok());
}
}
public new int?Create(SecurityUser securityUser)
{
int?id = null;
if (securityUser != null)
{
if (ValidatePasswordsBeforeHash(securityUser))
{
_log.Info("Creating securityUser");
securityUser.PasswordHash = PasswordStorage.CreateHash(securityUser.PasswordPlaintext);
base.Add(securityUser);
int unit = _UnitOfWork.SaveChanges();
if (unit < 1 || securityUser.Id < 1)
{
_log.Warn("Failed to Create securityUser", new ArgumentNullException());
}
else
{
_log.Info("Created Security User with ID " + securityUser.Id);
id = securityUser.Id;
}
}
else
{
_log.Info("Passwords are invalid, Security User not created");
}
}
return(id);
}
public SecurityUser GetByLogin(string username, string password)
{
SecurityUser securityUser;
if (string.IsNullOrWhiteSpace(username) || string.IsNullOrWhiteSpace(password))
{
securityUser = null;
}
else
{
securityUser = GetQueryable()
.Where(u => u.UserName == username)
//.Where(u => u.UserStatusId == (int)UserStatusEnum.ACTIVE)
.SingleOrDefault();
if (securityUser != null)
{
bool passwordMatched = PasswordStorage.VerifyPassword(password, securityUser.PasswordHash);
if (!passwordMatched)
{
securityUser = null;
}
}
}
if (securityUser == null)
{
_log.Warn("Failed to retrieve user with login credentials");
}
return(securityUser);
}
public void Identify(string password)
{
Rule("Disabled", x => x.Disabled, "user disabled");
Rule("Password", x => !PasswordStorage.VerifyPassword(password, x.HashedPassword), "invalid password");
Apply <Events.Identified>(x => { x.UserName = Id; });
}
public async Task ShouldIdentifyWithNewPassword(
TestableContext context,
Handler handler
)
{
context.UoW.Plan <User>(context.Id())
.HasEvent <Events.Registered>(x =>
{
x.UserName = context.Id();
x.GivenName = "test";
x.Password = PasswordStorage.CreateHash("test");
})
.HasEvent <Events.PasswordChanged>(x =>
{
x.UserName = context.Id();
x.Password = PasswordStorage.CreateHash("test2");
});
var command = new Commands.Identify
{
UserName = context.Id(),
Password = "******"
};
await handler.Handle(command, context).ConfigureAwait(false);
context.UoW.Check <User>(context.Id()).Raised <Events.Identified>();
}
public async Task <string> Add(UserCreateRequest create, bool sendVerification = true)
{
if (create?.Email == null || create.Password == null || create.Name == null)
{
throw new HTTPError("Invalid request", 400);
}
if (!create.Email.Contains("@"))
{
throw new HTTPError("Invalid email address", 400);
}
if (create.Name.Contains("@"))
{
throw new HTTPError("Invalid name", 400);
}
var user = await Services.DoWithDB(async db =>
{
var _user = (await db.Users.AddAsync(new UserData()
{
Id = 0,
Email = create.Email,
Name = create.Name,
Hash = PasswordStorage.CreateHash(create.Password),
})).Entity;
return(_user);
})
.HandleDuplicate("ak_users_email", "A user with that email already exists")
.HandleDuplicate("ak_users_name", "A user with that name already exists");
// TODO: Handle this failing and roll back the user add, putting this inside recurses the DB instance
if (sendVerification)
{
await _sendVerification(user).ConfigureAwait(false);
}
return(Auth.GenerateToken(user));
}
public ActionResult Register(UserMaster data)
{
string otp = generateOTP();
int otps = Convert.ToInt32(otp);
System.Data.Entity.Core.Objects.ObjectParameter msg = new System.Data.Entity.Core.Objects.ObjectParameter("msg", typeof(string));
if (ModelState.IsValid)
{
data.Password = PasswordStorage.CreateHash(data.Password);
entity.UserMaster_CURD(data.UserName, data.Mobile, data.UserName, data.Password, 2, 1, 0, "INS", 0, otps, 0, data.FirstName, data.LastName, "Insert", msg);
string output = msg.Value.ToString();
if (output == "User already exists")
{
ViewBag.Message = String.Format("{0} Already Exists", data.UserName);
//return RedirectToAction("Register", "User");
return(View());
}
else if (output == "Data Inserted")
{
sendEmail(otp, data.UserName);
return(RedirectToAction("VerifyUser", "User", new { email = data.UserName }));
}
else
{
return(View());
}
}
return(View());
}
public ActionResult Edit(int?id)
{
if (id == null)
{
return(new HttpStatusCodeResult(HttpStatusCode.BadRequest));
}
if (Session["result_password"] == null)
{
PasswordStorage passwordStorage = db.GetPasswordStorage.Find(id);
passwordStorage.Password = AdvancedEncryptionStandard.DecryptText(passwordStorage.Password);
if (passwordStorage == null)
{
return(HttpNotFound());
}
return(View(passwordStorage));
}
else
{
PasswordStorage passwordStorage = db.GetPasswordStorage.Find(id);
passwordStorage.Password = Session["result_password"].ToString();
if (passwordStorage == null)
{
return(HttpNotFound());
}
return(View(passwordStorage));
}
}
private bool BasicUIViewModel_OnConnect(string ip, ushort port, string password, bool autoReconnect)
{
try
{
Password = new PasswordStorage(password);
if (Stream.IsConnected)
Disconnect();
Stream.Connect(ip, port);
SendPacket(new AuthorizationRequestPacket());
return true;
}
catch (Exception) { return false; }
}
private void Initialize(Stream input, byte[] info, PasswordStorage password, long limit)
{
mBuffer = new byte[4 << 10];
mStream = input;
mLimit = limit;
// The 7z AES encoder/decoder classes do not perform padding, instead they require the input stream to provide a multiple of 16 bytes.
// If the exception below is thrown this means the 7z file is either corrupt or a newer 7z version has been published and we haven't updated yet.
if (((uint)input.Length & 15) != 0)
throw new NotSupportedException("7z requires AES streams to be properly padded.");
int numCyclesPower;
byte[] salt, seed;
Init(info, out numCyclesPower, out salt, out seed);
byte[] pass = null;
byte[] key = null;
try
{
using (var accessor = password.GetPassword())
pass = Encoding.Unicode.GetBytes(accessor);
key = InitKey(numCyclesPower, salt, pass);
using (var aes = Aes.Create())
{
aes.Mode = CipherMode.CBC;
aes.Padding = PaddingMode.None;
mDecoder = aes.CreateDecryptor(key, seed);
}
}
finally
{
Utilities.ClearBuffer(ref pass);
Utilities.ClearBuffer(ref key);
}
}
/// <summary>
/// Creates encoder settings with a random seed.
/// </summary>
/// <remarks>
/// This overload does not dispose the encoder seed. This is no security flaw because the
/// seed is public anyways. If you still want to ensure there are no traces in memory when
/// you are done, use the other overload which gives you control over disposing the seed.
/// </remarks>
public AesEncoderSettings(PasswordStorage password)
: this(password, AesEncoderSeed.CreateRandom())
{
}
public AesEncoderSettings(PasswordStorage password, AesEncoderSeed seed)
{
mPassword = password;
mSeed = seed;
mSlowdown = 19; // 7z922 has this parameter fixed
}
protected ArchiveMetadata ReadMetadataCore(Stream stream, PasswordStorage password)
{
if (stream == null)
throw new ArgumentNullException(nameof(stream));
if (!stream.CanRead || !stream.CanSeek)
throw new InvalidOperationException("Stream must support reading and seeking.");
if (mStream != null)
throw new InvalidOperationException("Recursive invocation.");
try
{
mPassword = password;
mStream = stream;
mStream.Position = 0;
mStreamLength = stream.Length;
var exception = ReadFileHeader(mStream, mStreamLength, out mMajorVersion, out mMinorVersion, out mMetadataOffset, out mMetadataLength, out mMetadataChecksum);
if (exception != null)
throw exception;
if (mMetadataLength == 0)
return new ArchiveMetadata();
// TODO: validate metadata stream checksum
using (var metadataStream = new ConstrainedReadStream(mStream, ArchiveMetadataFormat.kHeaderLength + mMetadataOffset, mMetadataLength))
using (var scope = new StreamScope(this))
{
scope.SetSource(metadataStream);
if (!PrepareMetadata(scope))
return new ArchiveMetadata();
return ReadArchive();
}
}
finally
{
// Drop references to password and stream so they aren't retained.
mPassword = null;
mStream = null;
// It is also important to reset optional values to their defaults. Otherwise if
// the next archive we are reading doesn't contain some of the optional values
// we could mistake the values from the previous archive as current values.
//mFileCount = 0;
}
}
/// <summary>
/// Creates a new iteration to unpack a sequence of streams from a decoded archive section.
/// </summary>
/// <param name="stream">A readable and seekable stream for the archive.</param>
/// <param name="metadata">The metadata for the archive.</param>
/// <param name="index">The decoder section index from the metadata which should be unpacked.</param>
/// <param name="password">An optional password to unpack the archive content.</param>
public DecodedSectionReader(Stream stream, ArchiveMetadata metadata, int index, PasswordStorage password)
{
mDecodedStream = new ArchiveSectionDecoder(stream, metadata, index, password);
mMetadata = metadata;
mDecoderSection = metadata.DecoderSections[index];
}
public ArchiveSectionDecoder(Stream stream, ArchiveMetadata metadata, int index, PasswordStorage password)
{
if (stream == null)
throw new ArgumentNullException(nameof(stream));
if (!stream.CanRead)
throw new ArgumentException("Stream must be readable.", nameof(stream));
if (!stream.CanSeek)
throw new ArgumentException("Stream must be seekable.", nameof(stream));
if (metadata == null)
throw new ArgumentNullException(nameof(metadata));
if (index < 0 || index >= metadata.DecoderSections.Length)
throw new ArgumentOutOfRangeException(nameof(index));
var inputCoordinator = new StreamCoordinator(stream);
var inputStreams = new ReaderNode[metadata.FileSections.Length];
for (int i = 0; i < inputStreams.Length; i++)
inputStreams[i] = new CoordinatedStream(inputCoordinator, metadata.FileSections[i].Offset, metadata.FileSections[i].Length);
var decoderSection = metadata.DecoderSections[index];
var decoderDefinitions = decoderSection.Decoders;
var decoders = new DecoderNode[decoderDefinitions.Length];
for (int i = 0; i < decoders.Length; i++)
{
var decoderDefinition = decoderDefinitions[i];
decoders[i] = decoderDefinition.DecoderType.CreateDecoder(decoderDefinition.Settings, decoderDefinition.OutputStreams, password);
}
for (int i = 0; i < decoders.Length; i++)
{
var decoder = decoders[i];
var decoderDefinition = decoderDefinitions[i];
var decoderInputDefinitions = decoderDefinition.InputStreams;
for (int j = 0; j < decoderInputDefinitions.Length; j++)
{
ReaderNode inputStream;
long inputLength;
SelectStream(metadata, decoderSection, decoderInputDefinitions[j], inputStreams, decoders, out inputStream, out inputLength);
decoder.SetInputStream(j, inputStream, inputLength);
}
}
ReaderNode outputStream;
long outputLength;
SelectStream(metadata, decoderSection, decoderSection.DecodedStream, inputStreams, decoders, out outputStream, out outputLength);
mCoordinator = inputCoordinator;
mInputStreams = inputStreams;
mDecoders = decoders;
mOutputStream = outputStream;
}
public DecodedArchiveSectionStream(Stream stream, ArchiveMetadata metadata, int index, PasswordStorage password)
{
mReader = new ArchiveSectionDecoder(stream, metadata, index, password);
}
public AesArchiveDecoder(ImmutableArray<byte> settings, PasswordStorage password, long length)
{
if (password == null)
throw new InvalidOperationException("Password required.");
mInput = new InputStream();
mOutput = new OutputStream(this);
mLength = length;
Initialize(mInput, settings.ToArray(), password, length);
}
public ArchiveMetadata ReadMetadata(Stream stream, PasswordStorage password)
{
return ReadMetadataCore(stream, password);
}
