public void ZeroOutBytes()
{
byte[] bytes = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 };
byte[] expected = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
CryptographyUtility.ZeroOutBytes(bytes);
Assert.AreEqual(expected, bytes);
}
/// <summary>
/// <para>Releases the unmanaged resources used by the <see cref="KeyAlgorithmPair"/> and optionally releases the managed resources.</para>
/// </summary>
/// <param name="disposing">
/// <para><see langword="true"/> to release both managed and unmanaged resources; <see langword="false"/> to release only unmanaged resources.</para>
/// </param>
protected virtual void Dispose(bool disposing)
{
if (disposing)
{
if (this.key != null)
{
CryptographyUtility.ZeroOutBytes(this.key);
}
}
}
public void ZeroOutNullByteArray()
{
CryptographyUtility.ZeroOutBytes(null);
byte[] b = new byte[] { 1, 2, 3, 4 };
CryptographyUtility.ZeroOutBytes(b);
Assert.AreEqual(4, b.Length);
byte expected = 0;
Assert.AreEqual(expected, b[2]);
}
public static LoginUserStatus ValidLogin(SiteManager manager)
{
if (manager == null)
{
return(LoginUserStatus.InvalidCredentials);
}
LoginUserStatus status = Users.ValidateUser(manager);
if ((status == LoginUserStatus.Success) && (manager.UserRole == UserRole.SiteManager))
{
HttpContext context = HiContext.Current.Context;
string path = context.Request.MapPath(Globals.ApplicationPath + "/config/Hishop.key");
if (File.Exists(path))
{
return(status);
}
try
{
XmlDocument document = new XmlDocument();
try
{
document.Load(context.Request.MapPath(Globals.ApplicationPath + "/config/key.config"));
}
catch
{
document.Load(context.Request.MapPath(Globals.ApplicationPath + "/config/key.config.bak"));
}
if (int.Parse(document.SelectSingleNode("Settings/Token").InnerText) != manager.UserId)
{
return(status);
}
byte[] userData = Cryptographer.DecryptWithPassword(Convert.FromBase64String(document.SelectSingleNode("Settings/Key").InnerText), manager.Password);
byte[] encryptedKey = ProtectedData.Protect(userData, null, DataProtectionScope.LocalMachine);
using (Stream stream = new FileStream(path, FileMode.Create))
{
KeyManager.Write(stream, encryptedKey, DataProtectionScope.LocalMachine);
}
CryptographyUtility.ZeroOutBytes(encryptedKey);
CryptographyUtility.ZeroOutBytes(userData);
}
catch
{
}
}
return(status);
}
//创建key
bool CreateKey(int userId, out string errorMsg)
{
bool flag = false;
try
{
byte[] plaintext = KeyManager.GenerateSymmetricKey(typeof(RijndaelManaged));
string filename = Request.MapPath(Globals.ApplicationPath + "/config/key.config");
byte[] inArray = Cryptographer.EncryptWithPassword(plaintext, password);
XmlDocument document = new XmlDocument();
document.LoadXml("<?xml version=\"1.0\" encoding=\"utf-8\"?>" + Environment.NewLine + "<Settings><Token></Token><Key></Key></Settings>");
document.SelectSingleNode("Settings/Token").InnerText = userId.ToString(CultureInfo.InvariantCulture);
document.SelectSingleNode("Settings/Key").InnerText = Convert.ToBase64String(inArray);
//保存文件
document.Save(filename);
document.Save(Request.MapPath(Globals.ApplicationPath + "/config/key.config.bak"));
CryptographyUtility.ZeroOutBytes(inArray);
byte[] encryptedKey = System.Security.Cryptography.ProtectedData.Protect(plaintext, null, System.Security.Cryptography.DataProtectionScope.LocalMachine);
using (Stream stream = new FileStream(Request.MapPath(Globals.ApplicationPath + "/config/Hishop.key"), FileMode.Create))
{
KeyManager.Write(stream, encryptedKey, DataProtectionScope.LocalMachine);
}
CryptographyUtility.ZeroOutBytes(encryptedKey);
CryptographyUtility.ZeroOutBytes(plaintext);
errorMsg = "";
flag = true;
}
catch (Exception exception)
{
errorMsg = exception.Message;
}
return(flag);
}