public string TryDecrypt(string ciphertext, byte[] key) { try { return(RockCrypto.DecryptString(ciphertext, key)); } catch (Exception) { return(null); } }
public PacketSecurity(bool FromServer) { byte[] Key = null; m_FromServer = FromServer; #region Server Key = new byte[] { 0xE8, 0x17, 0x33, 0x00, 0x00, 0x8D, 0x45, 0xC8, 0x8B, 0xCF, 0x50, 0xE8, 0xF9, 0x23, 0x00, 0xFF }; ScMethods[0] = new RockCrypto(null, Key, null, null); Key = new byte[] { 0x66, 0x8D, 0x45, 0xEC, 0xF6, 0x50, 0x8B, 0xCF, 0x89, 0x35, 0x8C, 0x4A, 0x00, 0xE8, 0x2C, 0x86 }; ScMethods[1] = new RockCrypto(null, Key, null, null); #endregion #region Client Key = new byte[] { 0x7D, 0x44, 0x01, 0x00, 0x83, 0xEC, 0x24, 0x83, 0x25, 0xB8, 0x8C, 0x4A, 0x0D, 0x56, 0x8B, 0x75 }; CsMethods[0] = new RockCrypto(null, Key, null, null); Key = new byte[] { 0x1C, 0x8D, 0x1C, 0x57, 0x50, 0xCE, 0xE8, 0x6F, 0x85, 0xFE, 0xFF, 0x8B }; CsMethods[1] = new RockCrypto(Key, null, null, null); Key = new byte[] { 0x76, 0x0C, 0x50, 0x45, 0x14, 0x83, 0x65, 0xFC, 0x56, 0x50, 0x7D, 0xD1, 0x74, 0x03, 0xB8, 0x43 }; CsMethods[2] = new RockCrypto(null, Key, null, null); Key = new byte[] { 0x8B, 0x47, 0xDD, 0x6A, 0xE8, 0x14, 0x83, 0xC4, 0xBC, 0xF3, 0x7F, 0x75 }; CsMethods[3] = new RockCrypto(Key, null, null, null); #endregion }
void IJob.Execute(IJobExecutionContext context) { // Get the current password string currentEncryptionPassword = RockCrypto.GetConfiguredEncryptionPassword(); byte[] currentEncryptionKey = RockCrypto.GetDerivedKey(currentEncryptionPassword); // Generate a new password string newEncryptionPassword = RockCrypto.GenerateRandomBase64String(128); byte[] newEncryptionKey = RockCrypto.GetDerivedKey(newEncryptionPassword); context.UpdateLastStatusMessage("Migrating Attribute DefaultValues"); // Re-encrypt all Attribute DefaultValues using (RockContext rockContext = new RockContext()) { // Make a new Attribute service AttributeService attributeService = new AttributeService(rockContext); // Get all attributes that have an encrypted DefaultValue // Normally we just use the field type to define what's encrypted or not, but System // Settings don't have a field type so we have to do a bit of extra searching. IEnumerable <Attribute> attributes = attributeService.Queryable().Where(a => _EncryptedAttributeFieldTypes.Contains(a.FieldType.Class) || a.DefaultValue.StartsWith("EAAAA") ); // Go through each attribute and try re-encrypting it. foreach (Attribute attribute in attributes) { if (!string.IsNullOrEmpty(attribute.DefaultValue)) { string decryptedValue = TryDecrypt(attribute.DefaultValue, currentEncryptionKey); if (!string.IsNullOrEmpty(decryptedValue)) { attribute.DefaultValue = RockCrypto.EncryptString(decryptedValue, newEncryptionKey); } } } // Save the attributes rockContext.SaveChanges(true); } context.UpdateLastStatusMessage("Migrating AttributeValue Values"); // Re-encrypt all AttributeValue Values using (RockContext rockContext = new RockContext()) { // Make a new Attribute Value service AttributeValueService attributeValueService = new AttributeValueService(rockContext); // Get all attribute valuess that have an encrypted DefaultValue // Normally we just use the field type to define what's encrypted or not, but System // Settings don't have a field type so we have to do a bit of extra searching. IEnumerable <AttributeValue> attributeValues = attributeValueService.Queryable() .Where(a => a.Value != null && a.Value != "") .Where(a => _EncryptedAttributeFieldTypes.Contains(a.Attribute.FieldType.Class) || a.Value.StartsWith("EAAAA")); // Track numbers since this will take a while int totalCount = attributeValues.Count(); int currentCount = 1; // Go through each attribute value and try re-encrypting it. foreach (AttributeValue attributeValue in attributeValues) { if (!string.IsNullOrEmpty(attributeValue.Value)) { string decryptedValue = TryDecrypt(attributeValue.Value, currentEncryptionKey); if (!string.IsNullOrEmpty(decryptedValue)) { attributeValue.Value = RockCrypto.EncryptString(decryptedValue, newEncryptionKey); } } // Update the status and save every 250 attribute values currentCount++; if (currentCount % 250 == 0) { context.UpdateLastStatusMessage($@"Migrating AttributeValue {currentCount} of {totalCount}"); } } context.UpdateLastStatusMessage($@"Saving AttributeValues"); // Save the attribute values rockContext.SaveChanges(true); } context.UpdateLastStatusMessage("Migrating encrypted FinancialPaymentDetail fields"); // Re-encrypt all encrypted FinancialPaymentDetail fields using (RockContext rockContext = new RockContext()) { // Make a new Financial Payment Detail service FinancialPaymentDetailService financialPaymentDetailService = new FinancialPaymentDetailService(rockContext); IEnumerable <FinancialPaymentDetail> financialPaymentDetails = financialPaymentDetailService.Queryable().Where(fpd => (fpd.ExpirationMonthEncrypted != null && fpd.ExpirationMonthEncrypted != "") || (fpd.ExpirationYearEncrypted != null && fpd.ExpirationYearEncrypted != "") || (fpd.NameOnCardEncrypted != null && fpd.NameOnCardEncrypted != "") ); // Track numbers since this will take a while int totalCount = financialPaymentDetails.Count(); int currentCount = 1; // Go through each financial payment detail and try re-encrypting it. foreach (FinancialPaymentDetail financialPaymentDetail in financialPaymentDetails) { // Check Expiration Month if (!string.IsNullOrEmpty(financialPaymentDetail.ExpirationMonthEncrypted)) { string decryptedValue = TryDecrypt(financialPaymentDetail.ExpirationMonthEncrypted, currentEncryptionKey); if (!string.IsNullOrEmpty(decryptedValue)) { financialPaymentDetail.ExpirationMonthEncrypted = RockCrypto.EncryptString(decryptedValue, newEncryptionKey); } } // Check Expiration Year if (!string.IsNullOrEmpty(financialPaymentDetail.ExpirationYearEncrypted)) { string decryptedValue = TryDecrypt(financialPaymentDetail.ExpirationYearEncrypted, currentEncryptionKey); if (!string.IsNullOrEmpty(decryptedValue)) { financialPaymentDetail.ExpirationYearEncrypted = RockCrypto.EncryptString(decryptedValue, newEncryptionKey); } } // Check Name On Card if (!string.IsNullOrEmpty(financialPaymentDetail.NameOnCardEncrypted)) { string decryptedValue = TryDecrypt(financialPaymentDetail.NameOnCardEncrypted, currentEncryptionKey); if (!string.IsNullOrEmpty(decryptedValue)) { financialPaymentDetail.NameOnCardEncrypted = RockCrypto.EncryptString(decryptedValue, newEncryptionKey); } } // Update the status and save every 250 financial payment detail currentCount++; if (currentCount % 250 == 0) { context.UpdateLastStatusMessage($@"Migrating FinancialPaymentDetail {currentCount} of {totalCount}"); } } context.UpdateLastStatusMessage($@"Saving FinancialPaymentDetails"); // Save the financial payment details rockContext.SaveChanges(true); } context.UpdateLastStatusMessage("Migrating encrypted FinancialTransaction fields"); // Re-encrypt all encrypted FinancialTransaction fields using (RockContext rockContext = new RockContext()) { // Make a new Financial Transaction service FinancialTransactionService financialTransactionService = new FinancialTransactionService(rockContext); IEnumerable <FinancialTransaction> financialTransactions = financialTransactionService.Queryable().Where(ft => (ft.CheckMicrEncrypted != null && ft.CheckMicrEncrypted != "") || (ft.CheckMicrParts != null && ft.CheckMicrParts != "") ); // Track numbers since this will take a while int totalCount = financialTransactions.Count(); int currentCount = 1; // Go through each financial payment detail and try re-encrypting it. foreach (FinancialTransaction financialTransaction in financialTransactions) { // Check the Check Micr if (!string.IsNullOrEmpty(financialTransaction.CheckMicrEncrypted)) { string decryptedValue = TryDecrypt(financialTransaction.CheckMicrEncrypted, currentEncryptionKey); if (!string.IsNullOrEmpty(decryptedValue)) { financialTransaction.CheckMicrEncrypted = RockCrypto.EncryptString(decryptedValue, newEncryptionKey); } } // Check the Check Micr Parts if (!string.IsNullOrEmpty(financialTransaction.CheckMicrParts)) { string decryptedValue = TryDecrypt(financialTransaction.CheckMicrParts, currentEncryptionKey); if (!string.IsNullOrEmpty(decryptedValue)) { financialTransaction.CheckMicrParts = RockCrypto.EncryptString(decryptedValue, newEncryptionKey); } } // Update the status and save every 250 financial payment detail currentCount++; if (currentCount % 250 == 0) { context.UpdateLastStatusMessage($@"Migrating FinancialTransaction {currentCount} of {totalCount}"); } } context.UpdateLastStatusMessage($@"Saving FinancialTransactions"); // Save the financial transactions rockContext.SaveChanges(true); } context.UpdateLastStatusMessage("Done"); // Delete the job so it doesn't run again using (RockContext rockContext = new RockContext()) { // Make a new Job service ServiceJobService jobService = new ServiceJobService(rockContext); // Get the current job var job = jobService.Get(context.GetJobId()); // Delete it if (job != null) { jobService.Delete(job); rockContext.SaveChanges(true); } } // Save the new password // This will cause Rock to restart, so it has to be last RockCrypto.SetConfiguredEncryptionPassword(newEncryptionPassword); }