private void oAddFromStoreButton_Click(object sender, RoutedEventArgs e)
{
// open the locate personal certificate store
using (X509Store oStore = new X509Store(StoreName.My, StoreLocation.CurrentUser))
{
oStore.Open(OpenFlags.ReadOnly);
// downselect to only display rsa certs
X509Certificate2Collection oCollection = new X509Certificate2Collection();
foreach (X509Certificate2 oCert in oStore.Certificates)
{
if (oCert.GetRSAPublicKey() != null && CertificateOperations.CheckCertificateStatus(oCert))
{
oCollection.Add(oCert);
}
}
// ask the user which certificate to publish
oCollection = X509Certificate2UI.SelectFromCollection(oCollection,
"Select Certificate", "Select Certificate To Add",
X509SelectionFlag.SingleSelection, new WindowInteropHelper(this).Handle);
// commit the certificate to the database
foreach (X509Certificate2 oCert in oCollection)
{
AddCertificate(oCert, WindowsIdentity.GetCurrent().User.Value);
}
}
}
private static void AddAutomaticCertificates()
{
// cycle through mandatory certificates to add
foreach (byte[] bCertData in CertificateOperations.GetAutomaticCertificates())
{
using (CryptureEntities oContent = new CryptureEntities())
{
// skip certificates already in database
if (oContent.Users.Where(u => u.Certificate == bCertData).Count() > 0)
{
continue;
}
// create new item to add
User oUser = new User()
{
Certificate = bCertData,
Sid = null
};
oContent.Users.Add(oUser);
oContent.SaveChanges();
}
}
}
private X509Certificate2 GetUserKey(IEnumerable <User> SourceUserList)
{
// open our local certificate store
using (X509Store oStore = new X509Store(StoreName.My, StoreLocation.CurrentUser))
{
oStore.Open(OpenFlags.ReadOnly);
// collate the database certificates to those locally available
X509Certificate2Collection oMyCertCollection = new X509Certificate2Collection();
foreach (X509Certificate2 oStoreUser in oStore.Certificates)
{
foreach (User oUser in SourceUserList)
{
if (oStoreUser.HasPrivateKey)
{
if (StructuralComparisons.StructuralEqualityComparer.Equals(
oUser.Certificate, oStoreUser.RawData))
{
oMyCertCollection.Add(oStoreUser);
}
}
}
}
// error if no valid local certification might be available local certif
if (oMyCertCollection.Count == 0)
{
MessageBox.Show(this,
"Could not find any certificates to decode this item.",
"Not Shared With You");
return(null);
}
// allow the certificate
X509Certificate2Collection oCollection = X509Certificate2UI.SelectFromCollection(oMyCertCollection,
"Select Certificate", "Select Certificate To Decode", X509SelectionFlag.SingleSelection,
new WindowInteropHelper(this).Handle);
if (oCollection.Count == 0)
{
return(null);
}
// verify the selected cert is not revoked
if (CertificateOperations.CheckCertificateStatus(oCollection[0]) == false)
{
// alert user and return
MessageBox.Show(this, "The selected certificate cannot be verified.",
"Cannot Verify Certificate", MessageBoxButton.OK, MessageBoxImage.Exclamation);
return(null);
}
return(oCollection[0]);
}
}
private void oRemoveItemUser_Click(object sender, RoutedEventArgs e)
{
// get the selected object based on what button was pressed
object oObject = (sender == oRemoveCertButton) ?
oCertDataGrid.SelectedItem : oItemDataGrid.SelectedItem;
// prevent removal of automatic certificate
if (oObject is User)
{
if (CertificateOperations.GetAutomaticCertificates().Where(u =>
StructuralComparisons.StructuralEqualityComparer.Equals(u, ((User)oObject).Certificate)).Count() > 0)
{
MessageBox.Show(this, "Removal of automatic certificate is prohibited.",
"Removal Prohibited", MessageBoxButton.OK, MessageBoxImage.Exclamation);
return;
}
}
// confirm removal
if (oObject == null || MessageBox.Show(this,
"Are you sure you want to remove '" + ((oObject is User) ?
((User)oObject).Name : ((Item)oObject).Label) + "'?",
"Removal Confirmation",
MessageBoxButton.YesNo, MessageBoxImage.Question) != MessageBoxResult.Yes)
{
return;
}
// remove select item or user
using (CryptureEntities oContent = new CryptureEntities())
{
oContent.Entry(oObject).State = EntityState.Deleted;
oContent.SaveChanges();
oRefreshItemButton_Click();
}
}
private void oSaveItemButton_Click(object sender, RoutedEventArgs e)
{
// perform data validation if in text mode and option is set
if (ThisItem.ItemType.Equals("text") &&
!String.IsNullOrWhiteSpace(Properties.Settings.Default.ItemTextExpressionFilter))
{
if (!Regex.Match(oItemData.Text, Properties.Settings.Default.ItemTextExpressionFilter).Success)
{
// note to the user that the data was invalid
MessageBox.Show(this, "The item text provided does not satifsy the content filter.",
"Invalid Item Text", MessageBoxButton.OK, MessageBoxImage.Error);
return;
}
}
// update the entity using the local copy we have
using (CryptureEntities oContent = new CryptureEntities())
{
oContent.Entry(ThisItem).State = (ThisItem.CreatedDate == DateTime.MinValue)
? EntityState.Added : EntityState.Modified;
// verify the selected users
foreach (User oUser in UserListSelected.ToArray())
{
using (X509Certificate2 oCert = new X509Certificate2(oUser.Certificate))
{
if (CertificateOperations.CheckCertificateStatus(oCert) == false &&
MessageBox.Show(this,
"The certificate for '" + oUser.Name + "' cannot be verified. " +
"Should this certificate be removed from the list?",
"Cannot Verify Certificate",
MessageBoxButton.YesNo, MessageBoxImage.Question) == MessageBoxResult.Yes)
{
// remove from list and force refresh
UserListSelected.Remove(oUser);
oAddCertDropDown.Items.Refresh();
}
}
}
// error if there are no selected users
if (UserListSelected.Count == 0)
{
MessageBox.Show(this, "This certificate share list is empty and cannot be saved.",
"Empty Certificates List", MessageBoxButton.OK, MessageBoxImage.Question);
return;
}
using (Aes oCng = AesCng.Create())
{
// create new cipher object and associate it with this id
ThisItem.Cipher = new Cipher();
ThisItem.Cipher.Item = ThisItem;
using (MemoryStream oMemory = new MemoryStream())
using (CryptoStream oCrypto = new CryptoStream(
oMemory, oCng.CreateEncryptor(), CryptoStreamMode.Write))
{
byte[] oPlainByte = ThisItem.ItemType.Equals("text") ?
Encoding.Unicode.GetBytes(oItemData.Text) : BinaryItemData;
oCrypto.Write(oPlainByte, 0, oPlainByte.Length);
oCrypto.FlushFinalBlock();
ThisItem.Cipher.CipherText = oMemory.ToArray();
}
ThisItem.Cipher.CipherVector = oCng.IV;
ThisItem.CreatedDate = DateTime.Now;
ThisItem.ModifiedDate = DateTime.Now;
// clear out any existing instances
oContent.Instances.RemoveRange(ThisItem.Instances);
// encode each instance
foreach (User oUser in UserListSelected)
{
Instance oInstance = new Instance();
oInstance.Signature = new byte[] { };
oInstance.UserId = oUser.UserId;
oInstance.ItemId = ThisItem.ItemId;
byte[] oCipherByte = null;
using (X509Certificate2 oCert = new X509Certificate2(oUser.Certificate))
{
// always attempt to use next generation classes first before
// resorting to using legacy crytographic classes
try
{
using (RSA oRSA = oCert.GetRSAPublicKey())
{
oCipherByte = oRSA.Encrypt(oCng.Key, RSAEncryptionPadding.Pkcs1);
}
}
catch (CryptographicException)
{
using (RSACryptoServiceProvider oRSA = oCert.PublicKey.Key as RSACryptoServiceProvider)
{
oCipherByte = oRSA.Encrypt(oCng.Key, false);
}
}
}
oInstance.CipherKey = oCipherByte;
ThisItem.Instances.Add(oInstance);
}
}
// commit changes to database
oContent.SaveChanges();
}
// close and return to calling dialog
Close();
}
