Example #1
0
        /// <summary>
        /// Encrypts the data with the given password and salt with the AES algorithm.
        /// </summary>
        /// <param name="data"></param>
        /// <param name="password"></param>
        /// <returns></returns>
        public byte[] Encrypt(byte[] data, byte[] encryptedPassword, byte[] salt)
        {
            byte[] encryptedData = null;

            using (AesCryptoServiceProvider provider = new AesCryptoServiceProvider())
            {
                provider.GenerateIV();
                // Create a byte array out of the encrypted bytes
                var passwordBytes = CryptMemoryProtection.DecryptInMemoryData(encryptedPassword);
                provider.Key     = passwordBytes;
                provider.Mode    = CipherMode.CBC;
                provider.Padding = PaddingMode.PKCS7;

                using (MemoryStream memStream = new MemoryStream())
                {
                    memStream.Write(provider.IV, 0, 16);
                    using (ICryptoTransform encryptor = provider.CreateEncryptor(provider.Key, provider.IV))
                    {
                        using (CryptoStream cryptoStream = new CryptoStream(memStream, encryptor, CryptoStreamMode.Write))
                        {
                            cryptoStream.Write(data, 0, data.Length);
                            cryptoStream.FlushFinalBlock();
                        }
                    }
                    encryptedData = memStream.ToArray();
                }
            }
            return(encryptedData);
        }
Example #2
0
        /// <summary>
        /// Decrypts data with the password and salt that its been encrypted with.
        /// </summary>
        /// <param name="data"></param>
        /// <param name="password"></param>
        /// <returns></returns>
        public byte[] Decrypt(byte[] data, byte[] encryptedPassword, byte[] salt)
        {
            byte[] decryptedData = new byte[data.Length];

            using (AesCryptoServiceProvider provider = new AesCryptoServiceProvider())
            {
                // Create a byte array out of the encrypted bytes
                var passwordBytes = CryptMemoryProtection.DecryptInMemoryData(encryptedPassword);
                provider.Key     = passwordBytes;
                provider.Mode    = CipherMode.CBC;
                provider.Padding = PaddingMode.PKCS7;
                using (MemoryStream memStream = new MemoryStream(data))
                {
                    byte[] iv = new byte[16];
                    memStream.Read(iv, 0, 16);
                    using (ICryptoTransform decryptor = provider.CreateDecryptor(provider.Key, iv))
                    {
                        using (CryptoStream cryptoStream = new CryptoStream(memStream, decryptor, CryptoStreamMode.Read))
                        {
                            cryptoStream.Read(decryptedData, 0, decryptedData.Length);
                        }
                    }
                }
            }
            return(decryptedData);
        }
        /// <summary>
        /// Takes in an encrypted pw and calculates its strength => return list of tips and blackList status.
        /// </summary>
        /// <param name="pw"></param>
        /// <returns></returns>
        public static double CalculatePasswordStrength(byte[] encryptedPw, out HashSet <string> resultTips, out bool isBlackListed)
        {
            // Load in the pw blacklist
            isBlackListed = false;
            resultTips    = new HashSet <string>();
            var    pw = ByteHelper.ByteArrayToString(CryptMemoryProtection.DecryptInMemoryData(encryptedPw));
            double passwordStrengthValue = 1;

            if (!pw.Any(c => char.IsUpper(c)))
            {
                passwordStrengthValue -= 0.25;
                resultTips.Add("The password doesn't contain upper case characters.");
            }
            if (!pw.Any(c => char.IsDigit(c)))
            {
                passwordStrengthValue -= 0.25;
                resultTips.Add("The password doesn't contain digits.");
            }
            if (pw.Length < 12)
            {
                passwordStrengthValue -= 0.50;
                resultTips.Add("The password is too short. It should be at least 12 characters long.");
            }
            if (!WellKnownSpecialCharacters.ContainsSpecialCharacters(pw))
            {
                passwordStrengthValue -= 0.25;
                resultTips.Add("The password doesn't contain special characters.");
            }
            if (PasswordBlackList.GetBlackList().Contains(pw))
            {
                passwordStrengthValue -= 1;
                isBlackListed          = true;
                resultTips.Add("This password has already been leaked and is widely spread on the internet - combined with it's hash. It is not save.");
            }

            // We do not want a "negative" value password strength
            if (passwordStrengthValue <= 0)
            {
                passwordStrengthValue = 0.1;
            }
            if (isBlackListed)
            {
                passwordStrengthValue = 0;
            }

            pw = string.Empty;
            return(passwordStrengthValue);
        }