public static bool CheckMasterPassword(SecureString password, bool shortCheck = false) { EncryptedPassword created = new EncryptedPassword(); created.GetPasswordFromFile(".key"); int iterations = cryptography.GenerateIterationsFromSalt(created.Salt); if (iterations == 0) { throw new SecurityException("Password hash was tampered with!"); } byte[] newHash = cryptography.GenerateMasterPasswordHash(password, created.Salt, iterations); if (!ConstantTimeComparison(newHash, created.Hash)) { return(false); } else { string commonErrorMessage = "New password could be generated but all existing data including plugins state will be lost." + Environment.NewLine + "Would you like to generate new password?"; if (shortCheck) { return(true); } if (IOProxy.Exists(".bak_key")) { EncryptedPassword appHash = new EncryptedPassword(); appHash.GetPasswordFromFile(".bak_key"); try { _appPassword = new PasswordObject(cryptography.DecryptAppPassword(appHash.Hash, _appPasswordLenght, password, appHash.Salt), appHash.Salt); } catch (Exception) { if (!ShowAppPasswordDecryptionError("Application password cannot be decrypted! " + Environment.NewLine + commonErrorMessage)) { OnAuthentificationComplete(new AuthentificationEventArgs(false)); } else { NewApplicationPassword(password); } } } else { if (!ShowAppPasswordDecryptionError("Application password file not found! " + Environment.NewLine + commonErrorMessage)) { OnAuthentificationComplete(new AuthentificationEventArgs(false)); } else { NewApplicationPassword(password); } } OnAuthentificationComplete(new AuthentificationEventArgs()); return(true); } }
public static bool WritePassword(EncryptedPassword password, string filename) { BinaryFormatter formatter = new BinaryFormatter(); MemoryStream ms = new MemoryStream(); formatter.Serialize(ms, password); return(EncryptFile(WriteMemoryStreamToFile(ms, filename))); }
public void GetPasswordFromFile(string filename) { MemoryStream ms = IOProxy.GetMemoryStreamFromFile(filename); EncryptedPassword ps = new EncryptedPassword(); BinaryFormatter formatter = new BinaryFormatter(); ps = (EncryptedPassword)formatter.Deserialize(ms); Hash = ps.Hash; Salt = ps.Salt; }
public static void NewApplicationPassword(SecureString password) { GenerateAppPassword(); EncryptedPassword result = new EncryptedPassword(cryptography.EncryptAppPassword(_appPassword.Password, password)); _appPassword.Salt = result.Salt; if (!IOProxy.WritePassword(result, ".bak_key")) { OnAuthentificationComplete(new AuthentificationEventArgs(false)); } }
public static void NewMasterPassword(SecureString password, bool triggerCompleteEvent = true) { EncryptedPassword result = new EncryptedPassword(cryptography.EncryptMasterPassword(password)); if (!IOProxy.WritePassword(result, ".key")) { OnAuthentificationComplete(new AuthentificationEventArgs(false)); } NewApplicationPassword(password); if (triggerCompleteEvent) { OnAuthentificationComplete(new AuthentificationEventArgs()); } }