public static XmlDocument UpdateMachineKey(XmlDocument xmlConfig) { PortalSecurity objSecurity = new PortalSecurity(); string validationKey = objSecurity.CreateKey(20); string decryptionKey = objSecurity.CreateKey(24); XmlNode xmlMachineKey = xmlConfig.SelectSingleNode("configuration/system.web/machineKey"); XmlUtils.UpdateAttribute(xmlMachineKey, "validationKey", validationKey); XmlUtils.UpdateAttribute(xmlMachineKey, "decryptionKey", decryptionKey); xmlConfig = AddAppSetting(xmlConfig, "InstallationDate", System.DateTime.Today.ToShortDateString()); return(xmlConfig); }
public SubscriberInfo() { _id = System.Guid.NewGuid().ToString(); _name = ""; _description = ""; _address = ""; PortalSecurity oPortalSecurity = new PortalSecurity(); _privateKey = oPortalSecurity.CreateKey(16); }
public SubscriberInfo() { this._id = Guid.NewGuid().ToString(); this._name = ""; this._description = ""; this._address = ""; PortalSecurity portalSecurity = new PortalSecurity(); this._privateKey = portalSecurity.CreateKey(16); }
public SubscriberInfo() { ID = Guid.NewGuid().ToString(); Name = ""; Description = ""; Address = ""; var oPortalSecurity = new PortalSecurity(); PrivateKey = oPortalSecurity.CreateKey(16); }
public static XmlDocument UpdateValidationKey(XmlDocument xmlConfig) { XmlNode xmlMachineKey = xmlConfig.SelectSingleNode("configuration/system.web/machineKey"); if (xmlMachineKey.Attributes["validationKey"].Value == "F9D1A2D3E1D3E2F7B3D9F90FF3965ABDAC304902") { var objSecurity = new PortalSecurity(); string validationKey = objSecurity.CreateKey(20); XmlUtils.UpdateAttribute(xmlMachineKey, "validationKey", validationKey); } return(xmlConfig); }
public void PerformStepOne() { IDataReader dr; string sqlStatement; var objLogger = new DotNetNuke.Services.Log.EventLog.EventLogController(); LogInfo objLog; InsertLogNote("Starting Phase 1 Processing"); //Remove temporary table if needed sqlStatement = "DROP TABLE dbo.[ICG_SMI_Passwords]"; try { ExecuteNonQuery(sqlStatement); } catch (Exception) { //Table didn't exist } //Create temporary table sqlStatement = "CREATE TABLE dbo.[ICG_SMI_Passwords]( [UserId] [uniqueidentifier] NOT NULL, [Username] [nvarchar](256) NOT NULL, [OldPassword] [nvarchar](128) NOT NULL, [Password] [nvarchar](128) NULL, CONSTRAINT [PK_aspnet_Membership_Passwords] PRIMARY KEY CLUSTERED ( [UserId] ASC ) ON [PRIMARY] ) ON [PRIMARY]"; try { ExecuteNonQuery(sqlStatement); objLog = new LogInfo(); objLog.AddProperty("SecureMyInstall", "Phase 1 Created Temp Password Table"); objLog.LogTypeKey = EventLogController.EventLogType.HOST_ALERT.ToString(); objLogger.AddLog(objLog); } catch (Exception ex) { objLog = new LogInfo(); objLog.AddProperty("SecureMyInstall", "Phase 1 Error Creating Temp Password Table " + ex); objLog.LogTypeKey = DotNetNuke.Services.Log.EventLog.EventLogController.EventLogType.HOST_ALERT.ToString(); objLogger.AddLog(objLog); } InsertLogNote("Created temp password table"); //Migrate over passwords sqlStatement = "INSERT INTO dbo.ICG_SMI_Passwords (UserId, Username, OldPassword, Password) SELECT dbo.aspnet_Users.UserId, Username, Password, NULL FROM dbo.aspnet_Users INNER JOIN dbo.aspnet_Membership ON dbo.aspnet_Users.UserId = dbo.aspnet_Membership.UserId"; try { ExecuteNonQuery(sqlStatement); objLog = new DotNetNuke.Services.Log.EventLog.LogInfo(); objLog.AddProperty("SecureMyInstall", "Phase 1 Inserted User Accounts Into Temp Password Table"); objLog.LogTypeKey = DotNetNuke.Services.Log.EventLog.EventLogController.EventLogType.HOST_ALERT.ToString(); objLogger.AddLog(objLog); } catch (Exception ex) { objLog = new DotNetNuke.Services.Log.EventLog.LogInfo(); objLog.AddProperty("SecureMyInstall", "Phase 1 Error Inserting User Accounts Into Temp Password Table " + ex.ToString()); objLog.LogTypeKey = DotNetNuke.Services.Log.EventLog.EventLogController.EventLogType.HOST_ALERT.ToString(); objLogger.AddLog(objLog); } InsertLogNote("Migrated passwords to temporary table"); //Decrypt passwords int processedUsers = 0; int decryptedUsers = 0; System.Web.Security.MembershipUser objUser; var wasSuccessful = false; sqlStatement = "SELECT * FROM dbo.ICG_SMI_Passwords"; try { dr = ExecuteReader(sqlStatement); while (dr.Read()) { processedUsers++; objUser = Membership.GetUser(dr.GetString(dr.GetOrdinal("Username"))); if (objUser != null) { try { var strPassword = objUser.GetPassword(); sqlStatement = "UPDATE dbo.ICG_SMI_Passwords SET Password = '******'", "''") + "' WHERE Username = '******'"; ExecuteNonQuery(sqlStatement); decryptedUsers++; } catch (Exception) { //Unable to get this users password } } //Provide status if (processedUsers != 0 && (processedUsers % 1000) == 0) { objLog = new DotNetNuke.Services.Log.EventLog.LogInfo(); objLog.AddProperty("SecureMyInstall", "Phase 1 User Accounts Processed: " + processedUsers.ToString()); objLog.LogTypeKey = DotNetNuke.Services.Log.EventLog.EventLogController.EventLogType.HOST_ALERT.ToString(); objLogger.AddLog(objLog); } } dr.Close(); InsertLogNote(string.Format("Processed {0} user accounts", processedUsers.ToString())); InsertLogNote(string.Format("Decrypted {0} user password", decryptedUsers.ToString())); wasSuccessful = true; } catch (Exception) { //Oopsie } //Final eventLog entries objLog = new DotNetNuke.Services.Log.EventLog.LogInfo(); objLog.AddProperty("SecureMyInstall", "Phase 1 User Accounts Processed: " + processedUsers.ToString()); objLog.AddProperty("SecureMyInstall", "Phase 1 User Passwords Decrypted: " + decryptedUsers.ToString()); objLog.LogTypeKey = DotNetNuke.Services.Log.EventLog.EventLogController.EventLogType.HOST_ALERT.ToString(); objLogger.AddLog(objLog); if (wasSuccessful) { //Generate new keys var objSecurity = new PortalSecurity(); var newValidationKey = objSecurity.CreateKey(20); var newDecryptionKey = objSecurity.CreateKey(24); objLog = new DotNetNuke.Services.Log.EventLog.LogInfo(); objLog.AddProperty("SecureMyInstall", "Phase 1 New Machine Keys Generated"); objLog.LogTypeKey = DotNetNuke.Services.Log.EventLog.EventLogController.EventLogType.HOST_ALERT.ToString(); objLogger.AddLog(objLog); InsertLogNote("Phase 2 New Machine Keys Generated"); //Update web.config, change keys as well as password format try { DotNetNuke.Common.Utilities.Config.BackupConfig(); var xmlConfig = new XmlDocument(); xmlConfig = DotNetNuke.Common.Utilities.Config.Load(); var xmlMachineKey = xmlConfig.SelectSingleNode("configuration/system.web/machineKey"); XmlUtils.UpdateAttribute(xmlMachineKey, "validationKey", newValidationKey); XmlUtils.UpdateAttribute(xmlMachineKey, "decryptionKey", newDecryptionKey); var xmlMembershipProvider = xmlConfig.SelectSingleNode("configuration/system.web/membership/providers/add[@name='AspNetSqlMembershipProvider']"); XmlUtils.UpdateAttribute(xmlMembershipProvider, "passwordFormat", "Hashed"); XmlUtils.UpdateAttribute(xmlMembershipProvider, "enablePasswordRetrieval", "false"); DotNetNuke.Common.Utilities.Config.Save(xmlConfig); objLog = new DotNetNuke.Services.Log.EventLog.LogInfo(); objLog.AddProperty("SecureMyInstall", "Phase 1 Updated Web.Config With New Machine Keys and password format"); objLog.LogTypeKey = DotNetNuke.Services.Log.EventLog.EventLogController.EventLogType.HOST_ALERT.ToString(); objLogger.AddLog(objLog); } catch (Exception) { objLog = new DotNetNuke.Services.Log.EventLog.LogInfo(); objLog.AddProperty("SecureMyInstall", "Phase 1 Error Processing User Accounts"); objLog.LogTypeKey = DotNetNuke.Services.Log.EventLog.EventLogController.EventLogType.HOST_ALERT.ToString(); objLogger.AddLog(objLog); } } }
public static XmlDocument UpdateValidationKey(XmlDocument xmlConfig) { XmlNode xmlMachineKey; string strError = string.Empty; xmlMachineKey = xmlConfig.SelectSingleNode("configuration/system.web/machineKey"); if (xmlMachineKey.Attributes["validationKey"].Value == "F9D1A2D3E1D3E2F7B3D9F90FF3965ABDAC304902") { PortalSecurity objSecurity = new PortalSecurity(); string validationKey = objSecurity.CreateKey(20); XmlUtils.UpdateAttribute(xmlMachineKey, "validationKey", validationKey); } return xmlConfig; }
public static XmlDocument UpdateMachineKey(XmlDocument xmlConfig) { PortalSecurity objSecurity = new PortalSecurity(); string validationKey = objSecurity.CreateKey(20); string decryptionKey = objSecurity.CreateKey(24); XmlNode xmlMachineKey = xmlConfig.SelectSingleNode("configuration/system.web/machineKey"); XmlUtils.UpdateAttribute(xmlMachineKey, "validationKey", validationKey); XmlUtils.UpdateAttribute(xmlMachineKey, "decryptionKey", decryptionKey); xmlConfig = AddAppSetting(xmlConfig, "InstallationDate", System.DateTime.Today.ToShortDateString()); return xmlConfig; }