/// <summary>
/// Decrypt method implementation
/// </summary>
public override byte[] Decrypt(byte[] data, string description = "")
{
try
{
byte[] Hdr = GetHeader(data);
if (Hdr.SequenceEqual(new byte[] { 0x17, 0xD3, 0xF4, 0x2B })) // RSA
{
using (RSASystemEncryption enc = new RSASystemEncryption())
{
return(enc.Decrypt(data));
}
}
else if (Hdr.SequenceEqual(new byte[] { 0x17, 0xD3, 0xF4, 0x2A })) // AES256
{
using (AESSystemEncryption enc = new AESSystemEncryption())
{
return(enc.Decrypt(data));
}
}
else
{
return(data);
}
}
catch
{
return(data);
}
}
/// <summary>
/// GetConfig method implementation
/// </summary>
private static byte[] GetConfig(MFAConfig config)
{
using (AESSystemEncryption MSIS = new AESSystemEncryption())
{
config.KeysConfig.XORSecret = MSIS.Encrypt(config.KeysConfig.XORSecret);
config.Hosts.ActiveDirectoryHost.Password = MSIS.Encrypt(config.Hosts.ActiveDirectoryHost.Password);
config.MailProvider.Password = MSIS.Encrypt(config.MailProvider.Password);
};
XmlConfigSerializer xmlserializer = new XmlConfigSerializer(typeof(MFAConfig));
MemoryStream stm = new MemoryStream();
using (StreamReader reader = new StreamReader(stm))
{
xmlserializer.Serialize(stm, config);
stm.Position = 0;
byte[] bytes = null;
using (AESSystemEncryption aes = new AESSystemEncryption())
{
bytes = aes.Encrypt(stm.ToArray());
}
return(bytes);
}
}
/// <summary>
/// Encrypt method implementation
/// </summary>
public override byte[] Encrypt(byte[] data, string description = "")
{
try
{
if (CngKey.Exists(SystemUtilities.SystemKeyName, KeyStorageProvider, CngKeyOpenOptions.MachineKey))
{
using (RSASystemEncryption enc = new RSASystemEncryption())
{
return(enc.Encrypt(data, description));
}
}
else
{
using (AESSystemEncryption enc = new AESSystemEncryption())
{
return(enc.Encrypt(data, description));
}
}
}
catch
{
return(data);
}
}
/// <summary>
/// SetMFACredentials method implementation
/// </summary>
internal static void SetMFACredentials(PSHost host, byte kind, string value, bool clearvalue = false)
{
MFAConfig config = CFGUtilities.ReadConfigurationFromADFSStore(host);
if (config == null)
{
return;
}
switch (kind)
{
case 0x00:
using (AESSystemEncryption MSIS = new AESSystemEncryption())
{
if (clearvalue)
{
config.Hosts.ActiveDirectoryHost.Password = string.Empty;
config.Hosts.ActiveDirectoryHost.Account = string.Empty;
config.Hosts.ActiveDirectoryHost.DomainAddress = string.Empty;
config.MailProvider.Password = string.Empty;
config.MailProvider.UserName = string.Empty;
config.MailProvider.Anonymous = true;
config.KeysConfig.XORSecret = XORUtilities.DefaultKey;
}
else
{
config.Hosts.ActiveDirectoryHost.Password = MSIS.Encrypt(config.Hosts.ActiveDirectoryHost.Password);
config.MailProvider.Password = MSIS.Encrypt(config.MailProvider.Password);
config.KeysConfig.XORSecret = MSIS.Encrypt(config.KeysConfig.XORSecret);
if (!string.IsNullOrEmpty(value))
{
host.UI.WriteWarningLine("Block Updates not allowed, values where only encrypted !");
}
}
}
break;
case 0x01:
using (AESSystemEncryption MSIS = new AESSystemEncryption())
{
if (clearvalue)
{
config.Hosts.ActiveDirectoryHost.Password = string.Empty;
config.Hosts.ActiveDirectoryHost.Account = string.Empty;
config.Hosts.ActiveDirectoryHost.DomainAddress = string.Empty;
}
else
{
if (string.IsNullOrEmpty(value))
{
config.Hosts.ActiveDirectoryHost.Password = MSIS.Encrypt(config.Hosts.ActiveDirectoryHost.Password);
host.UI.WriteWarningLine("Empty value not allowed, value was only encrypted !");
}
else
{
config.Hosts.ActiveDirectoryHost.Password = MSIS.Encrypt(value);
}
}
}
break;
case 0x02:
using (AESSystemEncryption MSIS = new AESSystemEncryption())
{
if (clearvalue)
{
config.MailProvider.Password = string.Empty;
config.MailProvider.UserName = string.Empty;
config.MailProvider.Anonymous = true;
}
else
{
if (string.IsNullOrEmpty(value))
{
config.MailProvider.Password = MSIS.Encrypt(config.MailProvider.Password);
host.UI.WriteWarningLine("Empty value not allowed, value was only encrypted !");
}
else
{
config.MailProvider.Password = MSIS.Encrypt(value);
}
}
}
break;
case 0x03:
using (AESSystemEncryption MSIS = new AESSystemEncryption())
{
if (clearvalue)
{
config.KeysConfig.XORSecret = XORUtilities.DefaultKey;
}
else
{
if (string.IsNullOrEmpty(value))
{
config.KeysConfig.XORSecret = MSIS.Encrypt(config.KeysConfig.XORSecret);
host.UI.WriteWarningLine("Empty value not allowed, value was only encrypted !");
}
else
{
config.KeysConfig.XORSecret = MSIS.Encrypt(value);
}
}
}
break;
}
CFGUtilities.WriteConfigurationToDatabase(host, config, false);
CFGUtilities.BroadcastNotification(config, NotificationsKind.ConfigurationCreated, Environment.MachineName, true, true);
}
