public void EncryptDataUsingRijndael()
        {
            var encriptedText = CryptographHelper.RijndaelEncrypt(_textToEncrypt, _password);
            var decriptedText = CryptographHelper.RijndaelDecrypt(encriptedText, _password);

            Assert.IsNotNull(encriptedText);
            Assert.IsNotNull(decriptedText);
            Assert.AreEqual(_textToEncrypt, decriptedText);
        }
Example #2
0
        public SsoAuthorizationDTO ValidateAndGetUserAuthorizations(SsoAuthenticationDTO sso)
        {
            var authorization = new SsoAuthorizationDTO {
                IsValid = false
            };

            try
            {
                if (string.IsNullOrEmpty(sso.EncriptedAppCode) ||
                    string.IsNullOrEmpty(sso.EncriptedLogin))
                {
                    throw new ServiceException(CommonExceptionType.ParameterException, "EncriptedAppCode and EncriptedLogin");
                }

                var appCode    = CryptographHelper.RijndaelDecrypt(sso.EncriptedAppCode, CommonConsts.CommonPassword);
                var login      = CryptographHelper.RijndaelDecrypt(sso.EncriptedLogin, CommonConsts.CommonPassword);
                var userFilter = new UserFilterDTO {
                    Login = login, LoadProfiles = true
                };

                //Get user data
                var worker = GetWorker(userFilter);

                //Validates user password if its a SSO user
                worker.ValidateUserCredential(sso.EncriptedPassword);

                //Get worker related apps filtered by AppCode
                worker.Applications = GetUserApplications(userFilter, new ApplicationFilterDTO
                {
                    ApplicationCode     = appCode,
                    LoadTranslations    = true,
                    LanguageCultureName = sso.LanguageCultureName
                });

                //Transforms user permissions to claims identity
                authorization.Claims  = worker.GetClaims();
                authorization.IsValid = (!worker.Validation.HasErrors && authorization.Claims.Count > 0);
            }
            catch (ServiceException ex)
            {
                //Suppress validations exceptions and returns an empty authorization
            }
            catch (Exception ex)
            {
                LogHelper.ExceptionAndThrow(ex);
            }

            return(authorization);
        }
        private static string GetConnectionString(Profile profile)
        {
            //Initializes and decrypts profile connection string
            string connectionString = CryptographHelper.RijndaelDecrypt(profile.ConnectionString, _password);

            //Mounts vault pattern to be attached in connection string
            if (profile.UsePattern)
            {
                var passwordPattern = CryptographHelper.RijndaelDecrypt(_pattern.PatternValue, _password).ToUpper();
                passwordPattern = _pattern.PatternOptions
                                  .Aggregate(passwordPattern, (pattern, option) =>
                                             pattern.Replace(option.Key, (string.IsNullOrWhiteSpace(option.Value) ? profile.Name : option.Value)));

                connectionString += passwordPattern;
            }

            return(connectionString);
        }
Example #4
0
        /// <summary>
        /// Validate database user password
        /// </summary>
        public void ValidateUserCredential(string password)
        {
            //Validates user password if it was provided
            if (UserExtraInfo.AccountTypeName == AccountType.SSOUser.ToString())
            {
                if (string.IsNullOrEmpty(password))
                {
                    Validation.Results.Add(new ValidationResult("Error: EncriptedPassword is null or empty"));
                }

                if (LoginExpirationDate.HasValue && LoginExpirationDate < DateTime.Now)
                {
                    Validation.Results.Add(new ValidationResult("Error: Login account expired"));
                }

                if (string.IsNullOrEmpty(WebSignature))
                {
                    Validation.Results.Add(new ValidationResult("Error: WebSignature is null or empty"));
                }

                if (!string.IsNullOrEmpty(password) &&
                    !string.IsNullOrEmpty(WebSignature))
                {
                    password = CryptographHelper.RijndaelDecrypt(password, CommonConsts.CommonPassword);

                    //Creates the password to decrypt PrivateKeys
                    var prefix = CommonResource.GetString("PassNumbers") + CommonResource.GetString("PassSpecialChars");
                    var pass   = prefix + CommonResource.GetString("PassText") + prefix;

                    var xmlPrivateKey         = CryptographHelper.RijndaelDecrypt(WebSignatureRsaKey.PrivateKey.GetDescription(), pass);
                    var clearTextWebSignature = CryptographHelper.RsaDecrypt(WebSignature, xmlPrivateKey);

                    if (password != clearTextWebSignature)
                    {
                        Validation.Results.Add(new ValidationResult("Error: Password mismatch."));
                    }
                }
            }
        }