/// <summary>
/// Initializes a new instance of the <see cref="Cryptkeeper" /> class.
/// </summary>
/// <param name="passphrase">The encryption key or passphrase represented in a SecureString. This is the preferred method of instantiating this class because it protects the key in memory.</param>
public Cryptkeeper(System.Security.SecureString passphrase)
{
string err = "Cryptkeeper passphrase must be 16 characters (128-bit encryption) or 32 characters (256-bit) in length.";
if (passphrase == null)
{
throw new ApplicationException(err);
}
if (passphrase.Length == 0)
{
throw new ApplicationException(err);
}
if (passphrase.Length > 1 && passphrase.Length <= 16)
{
this.keysize = 128; // 128 bits is 16 bytes or 16 characters in UTF8
this.keyString = passphrase.Copy();
return;
}
if (passphrase.Length > 16 && passphrase.Length <= 32)
{
this.keysize = 256; // 256 bits is 32 bytes or 32 characters in UTF8
this.keyString = passphrase.Copy();
return;
}
if (passphrase.Length > 32)
{
throw new ApplicationException(err);
}
}
public ConnectionOptions(string locale, string username, SecureString password, string authority, ImpersonationLevel impersonation, AuthenticationLevel authentication, bool enablePrivileges, ManagementNamedValueCollection context, TimeSpan timeout) : base(context, timeout)
{
if (locale != null)
{
this.locale = locale;
}
this.username = username;
this.enablePrivileges = enablePrivileges;
if (password != null)
{
this.securePassword = password.Copy();
}
if (authority != null)
{
this.authority = authority;
}
if (impersonation != ImpersonationLevel.Default)
{
this.impersonation = impersonation;
}
if (authentication != AuthenticationLevel.Default)
{
this.authentication = authentication;
}
}
/// <summary>
/// Initializes a new instance of the <see cref="WebPageSteganography" /> class.
/// </summary>
/// <param name="file">A file containing HTML.</param>
/// <param name="passphrase">The passphrase to use for encryption and decryption.</param>
public WebPageSteganography(FileInfo file, SecureString passphrase)
{
// Update the file info
this.isFileInfo = true;
this.webPageFile = new FileInfo(file.FullName);
// Load the bytes from the file and then reset last access time.
DateTime created = this.webPageFile.CreationTime;
DateTime modified = this.webPageFile.LastWriteTime;
DateTime accessed = this.webPageFile.LastAccessTime;
BinaryReader readFile = new BinaryReader(File.Open(file.FullName, FileMode.Open));
this.OriginalBytes = new byte[readFile.BaseStream.Length];
this.OriginalBytes = readFile.ReadBytes(this.OriginalBytes.Length);
readFile.Close();
this.webPageFile.CreationTime = created;
this.webPageFile.LastWriteTime = modified;
this.webPageFile.LastAccessTime = accessed;
// Setup the original steganography bytes
this.CopyOriginalToStego();
// Setup the index positions for each steganographic message byte
uint length = Math.Min(4096, this.Maximum - this.Minimum);
this.Positions = ChannelTools.MathSetRandom(this.Minimum, this.Maximum, length);
// Save the password
this.passphrase = passphrase.Copy();
}
public static SecureString ReadLineMasked(bool useMask, char mask)
{
using (var securePassword = new SecureString())
{
while (true)
{
var k = Console.ReadKey(true);
if (k.Key == ConsoleKey.Enter)
break;
if (k.Key == ConsoleKey.Escape)
return null;
if (k.Key == ConsoleKey.Backspace)
{
if (securePassword.Length > 0)
{
securePassword.RemoveChar();
if (useMask)
Console.Write("\b \b");
}
continue;
}
securePassword.AppendChar(k.KeyChar);
if (useMask)
Console.Write(mask);
}
if (securePassword.Length > 0)
return securePassword.Copy();
return null;
}
}
/// <summary>
/// Initializes a new instance of the <see cref="HttpServer" /> class.
/// </summary>
/// <param name="passphrase">The passphrase for encrypting and decrypting.</param>
public HttpServer(SecureString passphrase)
{
this.Address = IPAddress.Any;
this.Port = 80;
this.Active = false;
this.MessageQueue = new Queue();
this.passphrase = passphrase.Copy();
}
/// <summary>
/// Initializes a new instance of the <see cref="HttpServer" /> class.
/// </summary>
/// <param name="passphrase">The passphrase for encrypting and decrypting.</param>
/// <param name="address">Sets the IP address that the server listens on.</param>
/// <param name="port">Sets the TCP/IP Port that the HTTP server listens on.</param>
public HttpServer(SecureString passphrase, IPAddress address, int port)
{
this.Address = address;
this.Port = port;
this.Active = false;
this.MessageQueue = new Queue();
this.passphrase = passphrase.Copy();
}
/// <summary>
/// Initializes a new instance of the <see cref="ClusterCredentials"/> class.
/// </summary>
/// <param name="clusterUri">The cluster URI.</param>
/// <param name="userName">The username.</param>
/// <param name="password">The password.</param>
public ClusterCredentials(Uri clusterUri, string userName, SecureString password)
{
clusterUri.ArgumentNotNull("clusterUri");
userName.ArgumentNotNullNorEmpty("username");
password.ArgumentNotNull("securePassword");
ClusterUri = clusterUri;
UserName = userName;
_clusterPassword = password.Copy();
_clusterPassword.MakeReadOnly();
}
public FtpManager(string host, int port, string directory, string username, SecureString password, WebProxy proxy, bool usePassiveMode, string transferAssemblyFilePath, int protcol)
{
TransferAssemblyPath = transferAssemblyFilePath;
GetTransferProvider();
_transferProvider.Host = host;
_transferProvider.Port = port;
_transferProvider.Directory = directory;
_transferProvider.Username = username;
_transferProvider.Password = password.Copy();
_transferProvider.Proxy = proxy;
_transferProvider.UsePassiveMode = usePassiveMode;
if (String.IsNullOrWhiteSpace(transferAssemblyFilePath))
Protocol = (FtpSecurityProtocol)protcol;
}
/// <summary>
/// Initializes a new instance of the <see cref="SqlAuthenticationCredentials" /> class.
/// </summary>
/// <param name="userName">The user name.</param>
/// <param name="password">The encrypted password.</param>
public SqlAuthenticationCredentials(string userName, SecureString password)
{
if (string.IsNullOrEmpty(userName))
{
throw new ArgumentException("userName");
}
if (password == null)
{
throw new ArgumentNullException("password");
}
this.userName = userName;
this.password = password.Copy();
this.password.MakeReadOnly();
}
internal NativeCimCredentialHandle(IntPtr handle, bool bIsCertificate, SecureString secureStr) : base(true)
{
try
{
this.passwordSecureStr = null;
this.credentialIsCretificate = bIsCertificate;
if (secureStr != null && secureStr.Length > 0)
{
this.passwordSecureStr = secureStr.Copy();
}
this.handle = handle;
}
catch
{
}
}
/// <summary>
/// The to secure string.
/// </summary>
/// <param name="current">
/// The current.
/// </param>
/// <returns>
/// </returns>
public static SecureString ToSecureString(this string current)
{
if (current == null)
{
current = string.Empty;
}
using (var str = new SecureString())
{
for (int i = 0; i < current.Length; i++)
{
str.AppendChar(current[i]);
}
return str.Copy();
}
}
/// <summary>
/// Encode an arbitrary byte array as a hexadecimal string, into a SecureString
/// </summary>
/// <param name="bytes"></param>
/// <returns></returns>
public static SecureStringWrapper ConvertToHex(byte[] bytes)
{
using (System.Security.SecureString ss = new System.Security.SecureString())
{
using (SecureStringWrapper ssw = new SecureStringWrapper(ss))
{
// convert to hex
for (int i = 0; i < bytes.Length; i++)
{
char c1 = hexChars[bytes[i] / 16];
char c2 = hexChars[bytes[i] % 16];
ss.AppendChar(c1);
ss.AppendChar(c2);
}
ss.MakeReadOnly();
return(new SecureStringWrapper(ss.Copy()));
}
}
}
/// <summary>
/// Constructor
/// </summary>
public SecureCredential(string principalName, SecureString password)
{
// validate inputs
if (principalName.Length >
UnsafeNativeMethods.CREDUI_MAX_USERNAME_LENGTH + UnsafeNativeMethods.CREDUI_MAX_DOMAIN_TARGET_LENGTH)
{
throw new ArgumentException(string.Format(CultureInfo.CurrentUICulture, Properties.Resources.InvalidPrincipalLength,
UnsafeNativeMethods.CREDUI_MAX_USERNAME_LENGTH + UnsafeNativeMethods.CREDUI_MAX_DOMAIN_TARGET_LENGTH),
"principalName");
}
if (password.Length > UnsafeNativeMethods.CREDUI_MAX_PASSWORD_LENGTH)
{
throw new ArgumentException(string.Format(CultureInfo.CurrentUICulture, Properties.Resources.InvalidPasswordLength,
UnsafeNativeMethods.CREDUI_MAX_PASSWORD_LENGTH), "password");
}
this.principalName = principalName;
this.password = password.Copy();
this.password.MakeReadOnly();
LoadUserDomainValues();
}
public static void SetPassword(string username, SecureString password)
{
string path = Path.Combine(DataPath.AppData, FILE);
byte[] passwordData;
if (password.Length > 0)
{
byte[] buffer = new byte[2 * password.Length];
IntPtr ptr = Marshal.SecureStringToBSTR(password);
try
{
Marshal.Copy(ptr, buffer, 0, buffer.Length);
}
finally
{
Marshal.ZeroFreeBSTR(ptr);
}
try
{
passwordData = ProtectedData.Protect(buffer, KEY, DataProtectionScope.CurrentUser);
}
finally
{
Array.Clear(buffer, 0, buffer.Length);
}
}
else
{
passwordData = new byte[0];
}
lock (_lock)
{
try
{
if (cache == null)
cache = new Dictionary<string, SecureString>(StringComparer.OrdinalIgnoreCase);
SecureString s = password.Copy();
s.MakeReadOnly();
cache[username] = s;
}
catch { }
if (storeCredentials)
{
try
{
using (BinaryReader reader = new BinaryReader(File.Open(path, FileMode.OpenOrCreate, FileAccess.Read, FileShare.ReadWrite)))
{
using (BinaryWriter writer = new BinaryWriter(File.Open(path, FileMode.OpenOrCreate, FileAccess.Write, FileShare.ReadWrite)))
{
bool hasHeader = false;
try
{
hasHeader = reader.ReadUInt16() == FILE_HEADER;
if (!hasHeader)
reader.BaseStream.Position = 0;
}
catch { }
ushort count;
if (hasHeader)
{
long position = reader.BaseStream.Position;
bool hasUsername = false;
count = reader.ReadUInt16();
for (int i = 0; i < count; i++)
{
if (!hasUsername)
writer.BaseStream.Position = reader.BaseStream.Position;
string name = reader.ReadString();
ushort length = reader.ReadUInt16();
byte[] data = reader.ReadBytes(length);
if (hasUsername)
{
writer.Write(name);
writer.Write(length);
writer.Write(data);
}
else if (name.Equals(username, StringComparison.OrdinalIgnoreCase))
{
//all users past this user will be shifted up
//this user will be moved to the end of the file
hasUsername = true;
}
}
if (!hasUsername)
writer.BaseStream.Position = reader.BaseStream.Position;
writer.Write(username);
writer.Write((ushort)passwordData.Length);
writer.Write(passwordData);
if (writer.BaseStream.Position < writer.BaseStream.Length)
writer.BaseStream.SetLength(writer.BaseStream.Position);
if (!hasUsername)
{
count++;
writer.BaseStream.Position = position;
writer.Write(count);
}
}
else
{
writer.Write(FILE_HEADER);
writer.Write((ushort)1);
writer.Write(username);
writer.Write((ushort)passwordData.Length);
writer.Write(passwordData);
}
}
}
}
catch { }
}
}
}
private readonly string _digest; // used to implement Equals without referring to the SecureString
// constructors
/// <summary>
/// Initializes a new instance of the <see cref="PasswordEvidence" /> class.
/// </summary>
/// <param name="password">The password.</param>
public PasswordEvidence(SecureString password)
{
_securePassword = password.Copy();
_securePassword.MakeReadOnly();
_digest = GenerateDigest(password);
}
public UserCredentials(SecureString username, SecureString password, SecureString domain)
{
_userName = username.Copy();
_password = password.Copy();
DomainName = ConvertToUnsecuredString(domain);
}
public UserCredentials(SecureString username, SecureString password)
{
_userName = username.Copy();
_password = password.Copy();
}
// Private methods.
/// <summary>
/// An event handler called when the text of the secure text box has been set.
/// </summary>
/// <param name="text">The new text.</param>
private void OnSecureTextSet(SecureString text)
{
// If the secure text is null.
if (null == text)
{
// Clear the current secure text.
this.secureText.Clear();
// Clear the displayed text.
base.Text = string.Empty;
}
else
{
// Dispose the previous secure text.
this.secureText.Dispose();
// Set the new secure text to a read-write copy of the secure text.
this.secureText = text.Copy();
// Update the displayed text.
base.Text = new string(SecureTextBox.passwordChar, this.secureText.Length);
}
}
/// <summary>
/// Constructs an ImmutableCredentials object with supplied accessKey, secretKey as a SecureString
/// and an optional session token.
/// </summary>
/// <param name="accessKey"></param>
/// <param name="secretKey"></param>
/// <param name="token">Optional. Can be set to null or empty for non-session credentials.</param>
public ImmutableCredentials(string accessKey, SecureString secretKey, string token)
{
if (string.IsNullOrEmpty(accessKey)) throw new ArgumentNullException("accessKey");
if (secretKey == null) throw new ArgumentNullException("secretKey");
AccessKey = accessKey;
ClearSecretKey = null;
SecureSecretKey = secretKey.Copy();
Token = token ?? string.Empty;
}
// Sets the content with a copy of a supplied SecureString.
internal void SetPassword(SecureString value)
{
int symbolCount;
symbolCount = this.SymbolCount;
_password.Clear();
OnPasswordChange(0, -symbolCount);
_password = (value == null) ? new SecureString() : value.Copy();
OnPasswordChange(0, this.SymbolCount);
}
/// <summary>
/// Initializes a new instance of the <see cref="WebPageSteganography" /> class.
/// </summary>
/// <param name="html">The HTML from the stream byte array.</param>
/// <param name="passphrase">The passphrase to use for encryption and decryption.</param>
public WebPageSteganography(byte[] html, SecureString passphrase)
{
// Setup the original HTML bytes
this.OriginalBytes = new byte[html.Length];
Array.Copy(html, this.OriginalBytes, this.OriginalBytes.Length);
// Setup the original steganography bytes
this.CopyOriginalToStego();
// Setup the index positions for each steganographic message byte
uint length = Math.Min(4096, this.Maximum - this.Minimum);
this.Positions = ChannelTools.MathSetRandom(this.Minimum, this.Maximum, length);
// Save the password
this.passphrase = passphrase.Copy();
}
private void LoadPasswordValue(StringBuilder password)
{
var pwd = new char[password.Length];
var securePassword = new SecureString();
try
{
password.CopyTo(0, pwd, 0, pwd.Length);
foreach (var c in pwd)
{
securePassword.AppendChar(c);
}
securePassword.MakeReadOnly();
Password = securePassword.Copy();
}
finally
{
// discard the char array
Array.Clear(pwd, 0, pwd.Length);
}
}
public void Copy_Empty ()
{
SecureString empty = new SecureString ();
Assert.AreEqual (0, empty.Length, "Empty.Length");
SecureString empty_copy = empty.Copy ();
Assert.AreEqual (0, empty_copy.Length, "EmptyCopy.Length");
}
public void Copy ()
{
SecureString ss = new SecureString ();
ss.AppendChar ('a');
Assert.AreEqual (1, ss.Length, "Length");
SecureString ss2 = ss.Copy();
Assert.AreEqual (1, ss2.Length, "Copy.Length");
Assert.IsFalse (ss2.IsReadOnly (), "Copy.IsReadOnly");
ss2.MakeReadOnly ();
Assert.IsTrue (ss2.IsReadOnly (), "Copy.IsReadOnly-2");
SecureString ss3 = ss2.Copy ();
Assert.IsFalse (ss3.IsReadOnly (), "Copy.IsReadOnly-3");
}
