public async Task <string> CreateRefreshTokenAsync(AuthenticationTicket ticket, string protectedTicket) { if (ticket == null) { throw new ArgumentNullException("ticket"); } if (string.IsNullOrWhiteSpace(protectedTicket)) { throw new ArgumentNullException("protectedTicket"); } var refreshTokenId = Guid.NewGuid().ToString("n"); var refreshToken = CryptoAes.GetHash(refreshTokenId); var clientId = ticket.Properties.Dictionary["as:client_id"]; var token = new RefreshToken { Id = refreshToken, ClientId = clientId, Subject = ticket.Identity.Name, IssuedUtc = DateTime.UtcNow, ExpiresUtc = ticket.Properties.ExpiresUtc.GetValueOrDefault().DateTime, ProtectedTicket = protectedTicket }; var result = await userManager.AddRefreshTokenAsync(token); return((result) ? refreshToken : null); }
private static List <Client> BuildClientsList() { var clientsList = new List <Client> { new Client { Id = "RestaurantDemoApp", Secret = CryptoAes.GetHash("*****@*****.**"), Name = "Chinese Restaurant", ApplicationType = ApplicationTypes.JavaScript, Active = true, RefreshTokenLifeTime = 7200, AllowedOrigin = "http://www.swaksoft.com" }, new Client { Id = "RestaurantDemoTestApp", Secret = CryptoAes.GetHash("*****@*****.**"), Name = "Chinese Restaurant Test", ApplicationType = ApplicationTypes.JavaScript, Active = true, RefreshTokenLifeTime = 7200, AllowedOrigin = "http://localhost:20178" } }; return(clientsList); }
public override Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context) { string clientId; string clientSecret; if (!context.TryGetBasicCredentials(out clientId, out clientSecret)) { context.TryGetFormCredentials(out clientId, out clientSecret); } if (context.ClientId == null) { //Remove the comments from the below line context.SetError, and invalidate context //if you want to force sending clientId/secrects once obtain access tokens. context.Validated(); //context.SetError("invalid_clientId", "ClientId should be sent."); return(Task.FromResult <object>(null)); } var client = _identityRepository.FindClient(context.ClientId); if (client == null) { context.SetError("invalid_clientId", string.Format("Client '{0}' is not registered in the system.", context.ClientId)); return(Task.FromResult <object>(null)); } if (client.ApplicationType == ApplicationTypes.NativeConfidential) { if (string.IsNullOrWhiteSpace(clientSecret)) { context.SetError("invalid_clientId", "Client secret should be sent."); return(Task.FromResult <object>(null)); } if (client.Secret != CryptoAes.GetHash(clientSecret)) { context.SetError("invalid_clientId", "Client secret is invalid."); return(Task.FromResult <object>(null)); } } if (!client.Active) { context.SetError("invalid_clientId", "Client is inactive."); return(Task.FromResult <object>(null)); } context.OwinContext.Set("as:clientAllowedOrigin", client.AllowedOrigin); context.OwinContext.Set("as:clientRefreshTokenLifeTime", client.RefreshTokenLifeTime.ToString()); context.Validated(); return(Task.FromResult <object>(null)); }
private static void CreateConfig() { Console.WriteLine(" - Creating default conficuration file"); StringBuilder sb = new StringBuilder(); if (DB_KEY is null || DB_KEY.Length > 0) { Console.WriteLine(" - Generate DB_KEY"); DB_KEY = CryptoAes.GenerateHexString(40); DB_KEY_A = CryptoAes.KeyToBytes(DB_KEY, 32); //256-bits DB_KEY_B = CryptoAes.KeyToBytes(DB_KEY, 16); //128-bits } if (PRESHARED_KEY is null || PRESHARED_KEY.Length > 0) { Console.WriteLine(" - Generate PRESHARED_KEY"); PRESHARED_KEY = CryptoAes.GenerateHexString(40); PRESHARED_KEY_A = CryptoAes.KeyToBytes(PRESHARED_KEY, 32); //256-bits PRESHARED_KEY_B = CryptoAes.KeyToBytes(PRESHARED_KEY, 16); //128-bits } sb.AppendLine($"# version {Assembly.GetExecutingAssembly().GetName().Version.Major}.{Assembly.GetExecutingAssembly().GetName().Version.Minor}"); sb.AppendLine(); sb.AppendLine($"db_key = {DB_KEY}"); sb.AppendLine($"preshared_key = {PRESHARED_KEY}"); sb.AppendLine(); sb.AppendLine($"force_registry_keys = {force_registry_keys.ToString().ToLower()}"); sb.AppendLine(); sb.AppendLine("# you can use multiple entries"); sb.AppendLine("ip_access = *"); sb.AppendLine(); sb.AppendLine("http_enable = true"); sb.AppendLine("http_prefix = https://+:443/"); sb.AppendLine("http_prefix = http://127.0.0.1:80/"); sb.AppendLine(); sb.AppendLine("addressbook_enable = false"); sb.AppendLine("addressbook_prefix = http://*:911/"); sb.AppendLine(); sb.AppendLine(); sb.AppendLine("###"); sb.AppendLine("### Use NETSH to bind an SSL certificate with your https endpoint:"); sb.AppendLine($"### netsh http add sslcert ipport=0.0.0.0:443 certhash=[thumbprint] appid={{{GetAppid()}}}"); sb.AppendLine("###"); File.WriteAllText(Strings.FILE_CONFIG, sb.ToString()); }
public OAuthToken(string accessToken, string accessTokenSecret) { if (string.IsNullOrWhiteSpace(accessToken)) { throw new ArgumentNullException("accessToken"); } var crypto = new CryptoAes(); AccessToken = crypto.EncryptToString(accessToken); if (!string.IsNullOrWhiteSpace(accessTokenSecret)) { AccessTokenSecret = crypto.EncryptToString(accessTokenSecret); } }
public void SaveSettings() { Settings.Default.ip_index = cmbListennerIp.SelectedIndex; Settings.Default.port = (int)txtListennerPort.Value; Settings.Default.key = txtKey.Text; key = txtKey.Text; bKey = key.Length > 0 ? CryptoAes.KeyToBytes(key, 32) : null; //256-bits bIv = CryptoAes.KeyToBytes(key, 16); //128-bits Settings.Default.stamp_enable = srv_stamp.chkEnable.Checked; Settings.Default.uvnc_enable = srv_uvnc.chkEnable.Checked; Settings.Default.uvnc_exe = srv_uvnc.txtExe.Text; Settings.Default.uvnc_para = srv_uvnc.txtParam.Text; Settings.Default.uvnc_pass = CryptoAes.EncryptB64($"3{srv_uvnc.txtPassword.Text}", bKey, bIv); //add salt Settings.Default.mstsc_enable = srv_rdp.chkEnable.Checked; Settings.Default.mstsc_exe = srv_rdp.txtExe.Text; Settings.Default.mstsc_para = srv_rdp.txtParam.Text; Settings.Default.rdp_native_client = chkOverrideWinRdpClient.Checked; Settings.Default.rdp_user = srv_rdp.txtUsername.Text; Settings.Default.rdp_pass = CryptoAes.EncryptB64($"9{srv_rdp.txtPassword.Text}", bKey, bIv); //add salt Settings.Default.pse_enable = srv_pse.chkEnable.Checked; Settings.Default.pse_exe = srv_pse.txtExe.Text; Settings.Default.pse_para = srv_pse.txtParam.Text; Settings.Default.pse_user = srv_pse.txtUsername.Text; Settings.Default.pse_pass = CryptoAes.EncryptB64($"6{srv_pse.txtPassword.Text}", bKey, bIv); //add salt Settings.Default.winbox_enable = srv_winbox.chkEnable.Checked; Settings.Default.winbox_exe = srv_winbox.txtExe.Text; Settings.Default.winbox_para = srv_winbox.txtParam.Text; Settings.Default.winbox_user = srv_winbox.txtUsername.Text; Settings.Default.winbox_pass = CryptoAes.EncryptB64($"8{srv_winbox.txtPassword.Text}", bKey, bIv); //add salt Settings.Default.Save(); }
private void Connect() { string key = Settings.Default.key; byte[] bKey = key.Length > 0 ? CryptoAes.KeyToBytes(key, 32) : null; //256-bits byte[] bIv = CryptoAes.KeyToBytes(key, 16); string username = Settings.Default.rdp_user; string password = CryptoAes.DecryptB64(Settings.Default.rdp_pass, bKey, bIv).Substring(1); mstsc.Server = target; mstsc.UserName = username; IMsTscNonScriptable sec = (IMsTscNonScriptable)mstsc.GetOcx(); sec.ClearTextPassword = password; mstsc.DesktopWidth = this.ClientSize.Width; mstsc.DesktopHeight = this.ClientSize.Height; try { mstsc.Connect(); } catch { } }
public static DbEntry Read(FileInfo f, bool isUser) { DbEntry entry = new DbEntry() { filename = f.Name, hash = new Hashtable(), isUser = isUser, write_lock = new object() }; try { if (f.Length < 2) { throw new Exception("null file: " + f.FullName); } byte[] bytes = File.ReadAllBytes(f.FullName); string plain = Encoding.UTF8.GetString(CryptoAes.Decrypt(bytes, Program.DB_KEY_A, Program.DB_KEY_B)); string[] split = plain.Split((char)127); entry.hash.Add(".FILENAME", new string[] { f.Name, "", "" }); for (int i = 0; i < split.Length - 3; i += 4) { if (!entry.hash.ContainsKey(split[i])) { entry.hash.Add(split[i], new string[] { split[i + 1], split[i + 2], split[i + 3] }); } } } catch (IOException ex) { entry.hash = null; Logging.Err(ex); } catch (Exception ex) { entry.hash = null; Logging.Err(ex); } return(entry); }
static void Serve(TcpClient client) { byte[] buffer = new byte[client.ReceiveBufferSize]; int length; try { length = client.Client.Receive(buffer); Array.Resize(ref buffer, length); } catch { client.Close(); return; } byte[] decrypt = CryptoAes.Decrypt(buffer, Main.bKey, Main.bIv); if (decrypt is null) { client.Close(); return; } Action(System.Text.Encoding.UTF8.GetString(decrypt)); client.Close(); }
private static bool LoadConfig() { if (!File.Exists(Strings.FILE_CONFIG)) { return(false); } List <string> httpPrefixes = new List <string>(); List <string> abPrefixes = new List <string>(); StreamReader fileReader = new StreamReader(Strings.FILE_CONFIG); string line; while ((line = fileReader.ReadLine()) != null) { line = line.Trim(); if (line.StartsWith("#")) { continue; } string[] split = line.Split('='); if (split.Length < 2) { continue; } split[0] = split[0].Trim().ToLower(); split[1] = split[1].Trim(); switch (split[0]) { case "db_key": DB_KEY = split[1]; DB_KEY_A = DB_KEY.Length > 0 ? CryptoAes.KeyToBytes(DB_KEY, 32) : null; //256-bits DB_KEY_B = DB_KEY.Length > 0 ? CryptoAes.KeyToBytes(DB_KEY, 16) : null; //128-bits break; case "preshared_key": PRESHARED_KEY = split[1]; PRESHARED_KEY_A = PRESHARED_KEY.Length > 0 ? CryptoAes.KeyToBytes(PRESHARED_KEY, 32) : null; //256-bits PRESHARED_KEY_B = PRESHARED_KEY.Length > 0 ? CryptoAes.KeyToBytes(PRESHARED_KEY, 16) : null; //128-bits break; case "force_registry_keys": force_registry_keys = (split[1] == "true"); break; case "http_enable": http_enable = (split[1] == "true"); break; case "http_prefix": httpPrefixes.Add(split[1].Trim()); break; case "addressbook_enable": addressbook_enable = (split[1] == "true"); break; case "addressbook_prefix": abPrefixes.Add(split[1].Trim()); break; case "ip_access": Session.ip_access.Add(split[1], null); break; } } fileReader.Close(); if (httpPrefixes.Count > 0) { http_prefixes = httpPrefixes.ToArray(); } if (abPrefixes.Count > 0) { addressbook_prefixes = abPrefixes.ToArray(); } return(true); }
public void LoadSettings() { int index = Settings.Default.ip_index; if (index > -1) { cmbListennerIp.SelectedIndex = index; } txtListennerPort.Value = Settings.Default.port; txtKey.Text = Settings.Default.key; key = txtKey.Text; bKey = key.Length > 0 ? CryptoAes.KeyToBytes(key, 32) : null; //256-bits bIv = CryptoAes.KeyToBytes(key, 16); //128-bits srv_stamp.chkEnable.Checked = Settings.Default.stamp_enable; srv_uvnc.chkEnable.Checked = Settings.Default.uvnc_enable; srv_uvnc.txtExe.Text = Settings.Default.uvnc_exe; srv_uvnc.txtParam.Text = Settings.Default.uvnc_para; srv_uvnc.txtPassword.Text = CryptoAes.DecryptB64(Settings.Default.uvnc_pass, bKey, bIv); if (srv_uvnc.txtPassword.Text.Length > 0) //remove salt { srv_uvnc.txtPassword.Text = srv_uvnc.txtPassword.Text.Substring(1); } srv_rdp.chkEnable.Checked = Settings.Default.mstsc_enable; srv_rdp.txtExe.Text = Settings.Default.mstsc_exe; srv_rdp.txtParam.Text = Settings.Default.mstsc_para; srv_rdp.txtUsername.Text = Settings.Default.rdp_user; srv_rdp.txtPassword.Text = CryptoAes.DecryptB64(Settings.Default.rdp_pass, bKey, bIv); if (srv_rdp.txtPassword.Text.Length > 0) //remove salt { srv_rdp.txtPassword.Text = srv_rdp.txtPassword.Text.Substring(1); } srv_pse.txtExe.Text = Settings.Default.pse_exe; srv_pse.txtParam.Text = Settings.Default.pse_para; srv_pse.txtUsername.Text = Settings.Default.pse_user; srv_pse.txtPassword.Text = CryptoAes.DecryptB64(Settings.Default.pse_pass, bKey, bIv); if (srv_pse.txtPassword.Text.Length > 0) //remove salt { srv_pse.txtPassword.Text = srv_pse.txtPassword.Text.Substring(1); } srv_winbox.txtExe.Text = Settings.Default.winbox_exe; srv_winbox.txtParam.Text = Settings.Default.winbox_para; srv_winbox.txtUsername.Text = Settings.Default.winbox_user; srv_winbox.txtPassword.Text = CryptoAes.DecryptB64(Settings.Default.winbox_pass, bKey, bIv); if (srv_winbox.txtPassword.Text.Length > 0) //remove salt { srv_winbox.txtPassword.Text = srv_winbox.txtPassword.Text.Substring(1); } chkOverrideWinRdpClient.Checked = Settings.Default.rdp_native_client; }
static void Main(string[] args) { var str = CryptoSecureString.ToSecureString(new[] { 'h', 'i', 'r', 'o' }); char [] charArray = CryptoSecureString.CharacterData(str); string unsecure = CryptoSecureString.ConvertToUnsecureString(str); var rsaParameters = new CryptoRSAParameters(); rsaParameters.GenerateKeys(); Console.WriteLine($"Random {Convert.ToBase64String(CryptoRandom.Generate(32))}"); Console.WriteLine("-------------------------------------------"); var message = "Hiro universe"; var messageBytes = Encoding.UTF8.GetBytes(message); Console.WriteLine($"MD5 message: {message} hash: {Convert.ToBase64String(CryptoHash.Md5(messageBytes))}"); Console.WriteLine($"SHA1 message: {message} hash: {Convert.ToBase64String(CryptoHash.Sha1(messageBytes))}"); Console.WriteLine($"SHA256 message: {message} hash: {Convert.ToBase64String(CryptoHash.Sha256(messageBytes))}"); Console.WriteLine($"SHA512 message: {message} hash: {Convert.ToBase64String(CryptoHash.Sha512(messageBytes))}"); var key = CryptoRandom.Generate(32); Console.WriteLine($"HMAC MD5 message: {message} hash: {Convert.ToBase64String(CryptoHmac.Md5(messageBytes, key))}"); Console.WriteLine($"HMAC SHA1 message: {message} hash: {Convert.ToBase64String(CryptoHmac.Sha1(messageBytes, key))}"); Console.WriteLine($"HMAC SHA256 message: {message} hash: {Convert.ToBase64String(CryptoHmac.Sha256(messageBytes, key))}"); Console.WriteLine($"HMAC SHA512 message: {message} hash: {Convert.ToBase64String(CryptoHmac.Sha512(messageBytes, key))}"); Console.WriteLine("-------------------------------------------"); Console.WriteLine("Passsword hash with salt"); Console.WriteLine($"Password: {message}"); Console.WriteLine($"Password hashed: {Convert.ToBase64String(CryptoHash.Password(messageBytes))}"); Console.WriteLine("-------------------------------------------"); var salt = CryptoRandom.Generate(32); Console.WriteLine("Passsword hash with salt - Based Key Derivation Function - PBKDF2"); Console.WriteLine($"Password: {message}"); Console.WriteLine($"Password hashed 100 rounds: {Convert.ToBase64String(CryptoHash.Password(messageBytes, salt, 100))}"); Console.WriteLine($"Password hashed 1000 rounds: {Convert.ToBase64String(CryptoHash.Password(messageBytes, salt, 1000))}"); Console.WriteLine($"Password hashed 10000 rounds: {Convert.ToBase64String(CryptoHash.Password(messageBytes, salt, 10000))}"); Console.WriteLine("-------------------------------------------"); var desKey = CryptoRandom.Generate(8); var desIv = CryptoRandom.Generate(8); var desEncryptedMessage = CryptoDes.Encrypt(message, desKey, desIv); var desDecryptedMessage = CryptoDes.Decrypt(desEncryptedMessage, desKey, desIv); Console.WriteLine("DES Encryption"); Console.WriteLine($"Text: {message}"); Console.WriteLine($"Key: {Convert.ToBase64String(desKey)}"); Console.WriteLine($"IV: {Convert.ToBase64String(desIv)}"); Console.WriteLine($"Encrypted: {Convert.ToBase64String(desEncryptedMessage)}"); Console.WriteLine($"Decrypted: {desDecryptedMessage}"); Console.WriteLine("-------------------------------------------"); var tripleDesKey = CryptoRandom.Generate(16); var tripleDesIv = CryptoRandom.Generate(8); var tripleDesEncryptedMessage = CryptoTripleDes.Encrypt(message, tripleDesKey, tripleDesIv); var tripleDesDecryptedMessage = CryptoTripleDes.Decrypt(tripleDesEncryptedMessage, tripleDesKey, tripleDesIv); Console.WriteLine("Triple DES Encryption"); Console.WriteLine($"Text: {message}"); Console.WriteLine($"Key: {Convert.ToBase64String(tripleDesKey)}"); Console.WriteLine($"IV: {Convert.ToBase64String(tripleDesIv)}"); Console.WriteLine($"Encrypted: {Convert.ToBase64String(tripleDesEncryptedMessage)}"); Console.WriteLine($"Decrypted: {tripleDesDecryptedMessage}"); Console.WriteLine("-------------------------------------------"); var aesKey = CryptoRandom.Generate(32); var aesIv = CryptoRandom.Generate(16); var aesEncryptedMessage = CryptoAes.Encrypt(message, aesKey, aesIv); var aesDecryptedMessage = CryptoAes.Decrypt(aesEncryptedMessage, aesKey, aesIv); Console.WriteLine("AES Encryption"); Console.WriteLine($"Text: {message}"); Console.WriteLine($"Key: {Convert.ToBase64String(aesKey)}"); Console.WriteLine($"IV: {Convert.ToBase64String(aesIv)}"); Console.WriteLine($"Encrypted: {Convert.ToBase64String(aesEncryptedMessage)}"); Console.WriteLine($"Decrypted: {aesDecryptedMessage}"); Console.WriteLine("-------------------------------------------"); var rsaEncryptedMessage = CryptoRsa.Encrypt(messageBytes, rsaParameters.publicKey); var rsaDecryptedMessage = CryptoRsa.Decrypt(rsaEncryptedMessage, rsaParameters.privateKey); Console.WriteLine("RSA Encryption"); Console.WriteLine($"Text: {message}"); Console.WriteLine($"Encrypted: {Convert.ToBase64String(rsaEncryptedMessage)}"); Console.WriteLine($"Decrypted: {Encoding.Default.GetString(rsaDecryptedMessage)}"); Console.WriteLine("-------------------------------------------"); var hybridEncryptedPacket = CryptoHybrid.Encrypt(message, rsaParameters.publicKey); var hybridDecryptedMessage = CryptoHybrid.Decrypt(hybridEncryptedPacket, rsaParameters.privateKey); Console.WriteLine("Hybrid Encryption using AES and RSA"); Console.WriteLine($"Text: {message}"); Console.WriteLine($"Encrypted: {Convert.ToBase64String(hybridEncryptedPacket.EncryptedData)}"); Console.WriteLine($"Decrypted: {hybridDecryptedMessage}"); Console.WriteLine("-------------------------------------------"); var hashedMessage = CryptoHash.Sha256(messageBytes); var signature = CryptoDigitalSignature.Sign(hashedMessage, rsaParameters.privateKey); var verify = CryptoDigitalSignature.Verify(hashedMessage, signature, rsaParameters.publicKey); Console.WriteLine("Digital Signature"); Console.WriteLine($"Text: {message}"); Console.WriteLine($"Signature: {Convert.ToBase64String(signature)}"); Console.WriteLine("Is Verified: " + (verify ? "true" : "false")); Console.WriteLine("-------------------------------------------"); try { var hybridSignatureEncryptedPacket = CryptoHybridIntegrity.Encrypt(message, rsaParameters); var hybridSignatureDecryptedMessage = CryptoHybridIntegrity.Decrypt(hybridSignatureEncryptedPacket, rsaParameters); Console.WriteLine("Hybrid encryption with digital signature"); Console.WriteLine($"Text: {message}"); Console.WriteLine($"Signature: {Convert.ToBase64String(hybridSignatureEncryptedPacket.Signature)}"); Console.WriteLine($"Encrypted: {Convert.ToBase64String(hybridSignatureEncryptedPacket.EncryptedData)}"); Console.WriteLine($"Decrypted: {hybridSignatureDecryptedMessage}"); } catch (CryptographicException ex) { Console.WriteLine("Error : " + ex.Message); } }