// --------------------------------------------------------------------------------------------------- // OLD routines now below // do not use anymore // routines above offer increased security characteristics per PABP // --------------------------------------------------------------------------------------------------- public static String UnmungeStringOld(String s) { SecurityParams p = GetSecurityParams(); String tmpS = new EncryptOld().DecryptData(p.EncryptKey, s); return(tmpS); }
public async Task <IActionResult> SecurityRestriction(SecurityRestrictionViewModel model) { if (ModelState.IsValid) { _userManager.Options.Lockout.MaxFailedAccessAttempts = model.NbTentatives; _userManager.Options.Password.RequiredLength = model.RequiredLength; _userManager.Options.Password.RequireDigit = model.RequireDigit; _userManager.Options.Password.RequireNonAlphanumeric = model.RequireNonAlphanumeric; _userManager.Options.Password.RequireUppercase = model.RequireUppercase; _userManager.Options.Password.RequireLowercase = model.RequireLowercase; if (_dbContext.SecurityParams.Any()) { _dbContext.SecurityParams.FirstOrDefault().FailedLoginDelay = model.FailedLoginDelay; } else { var secParams = new SecurityParams { FailedLoginDelay = model.FailedLoginDelay }; _dbContext.SecurityParams.Add(secParams); } await _dbContext.SaveChangesAsync(); ModelState.AddModelError(string.Empty, "Saved"); } return(View(nameof(SecurityRestriction), model)); }
private static List <GrpcChannel> CreateChannels( int clientChannels, IEnumerable <string> serverTargets, SecurityParams securityParams, ILoggerFactory clientLoggerFactory) { GrpcPreconditions.CheckArgument(clientChannels > 0, "clientChannels needs to be at least 1."); GrpcPreconditions.CheckArgument(serverTargets.Count() > 0, "at least one serverTarget needs to be specified."); var result = new List <GrpcChannel>(); for (var i = 0; i < clientChannels; i++) { var target = serverTargets.ElementAt(i % serverTargets.Count()); // Contents of "securityParams" (useTestCa and sslTargetHostOverride) are basically ignored. // Instead the client just uses TLS and disable any certificate checks. var prefix = (securityParams == null) ? "http://" : "https://"; var channel = GrpcChannel.ForAddress(prefix + target, new GrpcChannelOptions { HttpHandler = new SocketsHttpHandler { EnableMultipleHttp2Connections = true, SslOptions = new SslClientAuthenticationOptions { // Ignore TLS certificate errors. RemoteCertificateValidationCallback = (_, __, ___, ____) => true } }, LoggerFactory = clientLoggerFactory }); result.Add(channel); } return(result); }
// --------------------------------------------------------------------------------------------------- // OLD routines now below // do not use anymore // routines above offer increased security characteristics per PABP // --------------------------------------------------------------------------------------------------- public static String MungeStringOld(String s) { SecurityParams p = GetSecurityParams(); String tmpS = new EncryptOld().EncryptData(p.EncryptKey, s); // we removed s.ToLowerInvariant() from this call in v5.8!! return(tmpS); }
/// <summary> /// Overload for backwards compatibility. If no security params are passed, the default values will be used. /// </summary> /// <param name="SecurityAction">Brief description of the security event</param> /// <param name="Description">Full description of the security event</param> /// <param name="CustomerUpdated">The customer ID which the event targeted (eg. password change event)</param> /// <param name="UpdatedBy">The ID of the initiating customer or administrator</param> /// <param name="CustomerSessionID">The session ID of the initiating customer or administrator</param> /// <returns></returns> public static String LogEvent(String SecurityAction, String Description, int CustomerUpdated, int UpdatedBy, int CustomerSessionID) { string err = String.Empty; SecurityParams spa = GetSecurityParams(); LogEvent(SecurityAction, Description, CustomerUpdated, UpdatedBy, CustomerSessionID, spa); return(err); }
public static String MungeString(String s, String SaltKey, SecurityParams p) { if (s.Length == 0) { return(s); } Encrypt e = new Encrypt(p.EncryptKey, p.InitializationVector, 4, 4, p.KeySize, p.HashAlgorithm, SaltKey, p.EncryptIterations); String tmpS = e.EncryptData(s); return(tmpS); }
public static String UnmungeString(String s, String SaltKey, SecurityParams p) { if (s.Length == 0) { return(s); } try { Encrypt e = new Encrypt(p.EncryptKey, p.InitializationVector, 4, 4, p.KeySize, p.HashAlgorithm, SaltKey, p.EncryptIterations); String tmpS = e.DecryptData(s); return(tmpS); } catch { //return "Error: Decrypt Failed"; // to make sure when comparing the StartsWith return(ro_DecryptFailedPrefix + " Decrypt Failed"); } }
public static string MungeString(string value, string saltKey, SecurityParams securityParams) { if (string.IsNullOrEmpty(value)) { return(value); } var encrypt = new Encrypt( passPhrase: securityParams.EncryptKey, initVector: securityParams.InitializationVector, minSaltLen: 4, maxSaltLen: 4, keySize: securityParams.KeySize, hashAlgorithm: securityParams.HashAlgorithm, saltValue: saltKey, passwordIterations: securityParams.EncryptIterations); return(encrypt.EncryptData(value)); }
private static List <Channel> CreateChannels(int clientChannels, IEnumerable <string> serverTargets, SecurityParams securityParams) { GrpcPreconditions.CheckArgument(clientChannels > 0, "clientChannels needs to be at least 1."); GrpcPreconditions.CheckArgument(serverTargets.Count() > 0, "at least one serverTarget needs to be specified."); var credentials = securityParams != null?TestCredentials.CreateSslCredentials() : ChannelCredentials.Insecure; List <ChannelOption> channelOptions = null; if (securityParams != null && securityParams.ServerHostOverride != "") { channelOptions = new List <ChannelOption> { new ChannelOption(ChannelOptions.SslTargetNameOverride, securityParams.ServerHostOverride) }; } var result = new List <Channel>(); for (int i = 0; i < clientChannels; i++) { var target = serverTargets.ElementAt(i % serverTargets.Count()); var channel = new Channel(target, credentials, channelOptions); result.Add(channel); } return(result); }
private static List<Channel> CreateChannels(int clientChannels, IEnumerable<string> serverTargets, SecurityParams securityParams) { GrpcPreconditions.CheckArgument(clientChannels > 0, "clientChannels needs to be at least 1."); GrpcPreconditions.CheckArgument(serverTargets.Count() > 0, "at least one serverTarget needs to be specified."); var credentials = securityParams != null ? TestCredentials.CreateSslCredentials() : ChannelCredentials.Insecure; List<ChannelOption> channelOptions = null; if (securityParams != null && securityParams.ServerHostOverride != "") { channelOptions = new List<ChannelOption> { new ChannelOption(ChannelOptions.SslTargetNameOverride, securityParams.ServerHostOverride) }; } var result = new List<Channel>(); for (int i = 0; i < clientChannels; i++) { var target = serverTargets.ElementAt(i % serverTargets.Count()); var channel = new Channel(target, credentials, channelOptions); result.Add(channel); } return result; }
public static String MungeString(String s, SecurityParams p) { return(MungeString(s, String.Empty, p)); }
/// <summary> /// Writes an event to the encrypted system security log /// This method is used for PA-DSS compliance /// </summary> /// <param name="SecurityAction">Brief description of the security event</param> /// <param name="Description">Full description of the security event</param> /// <param name="CustomerUpdated">The customer ID which the event targeted (eg. password change event)</param> /// <param name="UpdatedBy">The ID of the initiating customer or administrator</param> /// <param name="CustomerSessionID">The session ID of the initiating customer or administrator</param> /// <param name="SecurityParameters">Security parameter object allowing the developer to control how strings are encrypted</param> /// <returns></returns> public static String LogEvent(String SecurityAction, String Description, int CustomerUpdated, int UpdatedBy, int CustomerSessionID, SecurityParams SecurityParameters) { String err = String.Empty; SqlConnection cn = new SqlConnection(DB.GetDBConn()); cn.Open(); SqlCommand cmd = new SqlCommand(); cmd.Connection = cn; cmd.CommandType = CommandType.StoredProcedure; cmd.CommandText = "dbo.aspdnsf_SecurityLogInsert"; cmd.Parameters.Add(new SqlParameter("@SecurityAction", SqlDbType.NVarChar, 200)); cmd.Parameters.Add(new SqlParameter("@Description", SqlDbType.NText)); cmd.Parameters.Add(new SqlParameter("@CustomerUpdated", SqlDbType.Int, 4)); cmd.Parameters.Add(new SqlParameter("@UpdatedBy", SqlDbType.Int, 4)); cmd.Parameters.Add(new SqlParameter("@CustomerSessionID", SqlDbType.Int, 4)); cmd.Parameters.Add(new SqlParameter("@logid", SqlDbType.BigInt, 8)).Direction = ParameterDirection.Output; cmd.Parameters["@SecurityAction"].Value = MungeString(SecurityAction, SecurityParameters); cmd.Parameters["@Description"].Value = MungeString(Description, SecurityParameters); cmd.Parameters["@CustomerUpdated"].Value = CustomerUpdated; cmd.Parameters["@UpdatedBy"].Value = UpdatedBy; cmd.Parameters["@CustomerSessionID"].Value = CustomerSessionID; try { cmd.ExecuteNonQuery(); } catch (Exception ex) { err = ex.Message; } cn.Close(); cmd.Dispose(); cn.Dispose(); return(err); }