public void HttpService040Test()
        {
            using (var clientChannel = new HttpServiceChannel(new Uri("http://192.168.0.235:5000/api/safevault")))
            {
                clientChannel.CipherLib["rsa-public"]  = RsaCipher.LoadFromPEM($"data\\server\\server.pem");
                clientChannel.CipherLib["rsa-private"] = RsaCipher.LoadFromX509Store("Evgeny Zyuzin SafeVault Client");

                var qm = new QueryMessage {
                    Command = "dbx-Download"
                };
                qm.Params["username"] = "******";
                qm.Params["uuid"]     = "safevault";
                qm.Params["password"] = "******";

                clientChannel.Encrypt();
                clientChannel.WriteObject(qm);
                clientChannel.Post();

                var response = clientChannel.ReadObject <ResponseMessage>();
                Console.WriteLine(response.StatusCode + " " + response.StatusText);
                Assert.AreEqual(200, response.StatusCode);
                Console.WriteLine(response.Header["data"]);

                var data = clientChannel.Read();
                Assert.AreEqual(response.Header["md5"], Security.Hash.MD5(data));
                Console.WriteLine(data.Length);
            }
        }
Example #2
0
        private HttpServiceChannel CreateHttpServiceChannel()
        {
            HttpServiceChannel channel = null;

            try
            {
                channel = new HttpServiceChannel(new Uri(_conf.ServerUrl));
                channel.CipherLib["rsa-private"] = RsaCipher.LoadFromX509Store(_conf.ClientCertificateName);
                channel.CipherLib["rsa-public"]  = RsaCipher.LoadFromX509Store(_conf.ServerCertificateName);
            }
            catch (Exception)
            {
                channel?.Dispose();
                throw;
            }

            return(channel);
        }
        private byte[] Create(KeyProviderQueryContext ctx)
        {
            var vaultConf = new SafeVaultConf(ctx.DatabaseIOInfo);

            var vaultConnectionForm = new VaultConnectionConfigForm();

            vaultConnectionForm.InitEx(vaultConf);

            if (UIUtil.ShowDialogAndDestroy(vaultConnectionForm) != DialogResult.OK)
            {
                return(null);
            }

            VaultKeyCreateForm createForm = new VaultKeyCreateForm();

            createForm.InitEx(vaultConf, ctx);
            if (UIUtil.ShowDialogAndDestroy(createForm) != DialogResult.OK)
            {
                return(null);
            }

            vaultConf.Type    = PROVIDER_TYPE;
            vaultConf.Version = PROVIDER_VERSION;

            var masterKey = Encoding.UTF8.GetBytes(vaultConf.DatabaseKeyA);

            var keyLen = (masterKey.Length > 254) ? masterKey.Length : 254;

            var keyA = new byte[keyLen + 2];

            Array.Copy(BitConverter.GetBytes((ushort)masterKey.Length), keyA, 2);
            Array.Copy(masterKey, 0, keyA, 2, masterKey.Length);

            var keyB = Random.Get(keyA.Length);

            for (int i = 0; i < keyB.Length; i++)
            {
                keyA[i] ^= keyB[i];
            }

            var salt = Random.Get(64);

            using (var aes = new Aes256Cipher())
            {
                aes.SetPassPhrase(salt);
                keyA = aes.Encrypt(keyA);
                keyB = aes.Encrypt(keyB);
            }

            using (var rsa = RsaCipher.LoadFromX509Store(vaultConf.ClientCertificateName))
            {
                salt = rsa.Encrypt(salt);
            }

            vaultConf.Salt         = Convert.ToBase64String(salt);
            vaultConf.DatabaseKeyA = Convert.ToBase64String(keyA);
            vaultConf.VaultKeyname = Guid.NewGuid().ToString();
            var databaseKeyB = Convert.ToBase64String(keyB);

            VaultKeyPromptForm promptForm = new VaultKeyPromptForm();

            promptForm.InitEx("Enter SafeVault Password", "Save KeyB to SafeVault", (oneTimePassword) => {
                string status = "";
                var query     = new SafeVaultWebClient(vaultConf);
                try
                {
                    status = Async.Invoke(() => query.SetDbxKey(vaultConf.VaultKeyname, databaseKeyB, oneTimePassword));
                    if (status == "OK")
                    {
                        return(true);
                    }

                    MessageService.ShowWarning(
                        query.Utc != null ? "DateTime: " + DateTime.Parse(query.Utc).ToLocalTime() : "",
                        status);
                }
                catch (CryptographicException ex)
                {
                    MessageService.ShowWarning(
                        query.Utc != null ? "DateTime: " + DateTime.Parse(query.Utc).ToLocalTime() : "",
                        ex.Message);
                }
                return(false);
            });

            if (UIUtil.ShowDialogAndDestroy(promptForm) != DialogResult.OK)
            {
                return(null);
            }

            try
            {
                vaultConf.Save();
            }
            catch (Exception e)
            {
                MessageService.ShowWarning(e.Message);
                return(null);
            }

            return(masterKey);
        }
        private byte[] OpenInternal(KeyProviderQueryContext ctx)
        {
            SafeVaultConf conf = new SafeVaultConf(ctx.DatabaseIOInfo);

            var required = new[] {
                conf.ClientCertificateName,
                conf.ServerUrl,
                conf.ServerCertificateName,
                conf.Salt,
                conf.Username,
                conf.VaultKeyname,
                conf.DatabaseKeyA
            };

            if (required.Any(string.IsNullOrEmpty))
            {
                throw new ConfigurationException("SafeVault not configured.");
            }

            byte[] salt = Convert.FromBase64String(conf.Salt);
            using (var rsa = RsaCipher.LoadFromX509Store(conf.ClientCertificateName))
            {
                salt = rsa.Decrypt(salt);
            }

            string             sKeyB      = string.Empty;
            VaultKeyPromptForm promptForm = new VaultKeyPromptForm();

            promptForm.InitEx("Enter SafeVault Password", "Open Database", (oneTimePassword) => {
                var query = new SafeVaultWebClient(conf);
                try
                {
                    sKeyB = query.GetDbxKey(conf.VaultKeyname, oneTimePassword);
                    return(true);
                }
                catch (SafeVaultException ex)
                {
                    MessageService.ShowWarning(
                        query.Utc != null ? "DateTime: " + DateTime.Parse(query.Utc).ToLocalTime() : "",
                        ex.Message
                        );
                }
                return(false);
            });

            if (UIUtil.ShowDialogAndDestroy(promptForm) != DialogResult.OK)
            {
                return(null);
            }

            byte[] keyA = Convert.FromBase64String(conf.DatabaseKeyA);
            byte[] keyB = Convert.FromBase64String(sKeyB);
            using (var aes = new Aes256Cipher())
            {
                aes.SetPassPhrase(salt);
                keyA = aes.Decrypt(keyA);
                keyB = aes.Decrypt(keyB);
            }

            if (keyA.Length != keyB.Length)
            {
                throw new SafevaultKeyProviderException("Incompatible KEYA and KEYB");
            }

            for (int i = 0; i < keyB.Length; i++)
            {
                keyA[i] ^= keyB[i];
            }
            int keyL = BitConverter.ToUInt16(keyA, 0);

            if (keyL > keyA.Length)
            {
                throw new SafevaultKeyProviderException("Invalid KEYB");
            }

            byte[] masterKey = new byte[keyL];
            Array.Copy(keyA, 2, masterKey, 0, masterKey.Length);

            return(masterKey);
        }