/// <summary> /// Decrypt method implementation /// </summary> public override byte[] Decrypt(byte[] data, string description = "") { try { byte[] Hdr = GetHeader(data); if (Hdr.SequenceEqual(new byte[] { 0x17, 0xD3, 0xF4, 0x2B })) // RSA { using (RSASystemEncryption enc = new RSASystemEncryption()) { return(enc.Decrypt(data)); } } else if (Hdr.SequenceEqual(new byte[] { 0x17, 0xD3, 0xF4, 0x2A })) // AES256 { using (AESSystemEncryption enc = new AESSystemEncryption()) { return(enc.Decrypt(data)); } } else { return(data); } } catch { return(data); } }
/// <summary> /// GetConfig method implementation /// </summary> private static byte[] GetConfig(MFAConfig config) { using (AESSystemEncryption MSIS = new AESSystemEncryption()) { config.KeysConfig.XORSecret = MSIS.Encrypt(config.KeysConfig.XORSecret); config.Hosts.ActiveDirectoryHost.Password = MSIS.Encrypt(config.Hosts.ActiveDirectoryHost.Password); config.MailProvider.Password = MSIS.Encrypt(config.MailProvider.Password); }; XmlConfigSerializer xmlserializer = new XmlConfigSerializer(typeof(MFAConfig)); MemoryStream stm = new MemoryStream(); using (StreamReader reader = new StreamReader(stm)) { xmlserializer.Serialize(stm, config); stm.Position = 0; byte[] bytes = null; using (AESSystemEncryption aes = new AESSystemEncryption()) { bytes = aes.Encrypt(stm.ToArray()); } return(bytes); } }
/// <summary> /// Encrypt method implementation /// </summary> public override byte[] Encrypt(byte[] data, string description = "") { try { if (CngKey.Exists(SystemUtilities.SystemKeyName, KeyStorageProvider, CngKeyOpenOptions.MachineKey)) { using (RSASystemEncryption enc = new RSASystemEncryption()) { return(enc.Encrypt(data, description)); } } else { using (AESSystemEncryption enc = new AESSystemEncryption()) { return(enc.Encrypt(data, description)); } } } catch { return(data); } }
/// <summary> /// SetMFACredentials method implementation /// </summary> internal static void SetMFACredentials(PSHost host, byte kind, string value, bool clearvalue = false) { MFAConfig config = CFGUtilities.ReadConfigurationFromADFSStore(host); if (config == null) { return; } switch (kind) { case 0x00: using (AESSystemEncryption MSIS = new AESSystemEncryption()) { if (clearvalue) { config.Hosts.ActiveDirectoryHost.Password = string.Empty; config.Hosts.ActiveDirectoryHost.Account = string.Empty; config.Hosts.ActiveDirectoryHost.DomainAddress = string.Empty; config.MailProvider.Password = string.Empty; config.MailProvider.UserName = string.Empty; config.MailProvider.Anonymous = true; config.KeysConfig.XORSecret = XORUtilities.DefaultKey; } else { config.Hosts.ActiveDirectoryHost.Password = MSIS.Encrypt(config.Hosts.ActiveDirectoryHost.Password); config.MailProvider.Password = MSIS.Encrypt(config.MailProvider.Password); config.KeysConfig.XORSecret = MSIS.Encrypt(config.KeysConfig.XORSecret); if (!string.IsNullOrEmpty(value)) { host.UI.WriteWarningLine("Block Updates not allowed, values where only encrypted !"); } } } break; case 0x01: using (AESSystemEncryption MSIS = new AESSystemEncryption()) { if (clearvalue) { config.Hosts.ActiveDirectoryHost.Password = string.Empty; config.Hosts.ActiveDirectoryHost.Account = string.Empty; config.Hosts.ActiveDirectoryHost.DomainAddress = string.Empty; } else { if (string.IsNullOrEmpty(value)) { config.Hosts.ActiveDirectoryHost.Password = MSIS.Encrypt(config.Hosts.ActiveDirectoryHost.Password); host.UI.WriteWarningLine("Empty value not allowed, value was only encrypted !"); } else { config.Hosts.ActiveDirectoryHost.Password = MSIS.Encrypt(value); } } } break; case 0x02: using (AESSystemEncryption MSIS = new AESSystemEncryption()) { if (clearvalue) { config.MailProvider.Password = string.Empty; config.MailProvider.UserName = string.Empty; config.MailProvider.Anonymous = true; } else { if (string.IsNullOrEmpty(value)) { config.MailProvider.Password = MSIS.Encrypt(config.MailProvider.Password); host.UI.WriteWarningLine("Empty value not allowed, value was only encrypted !"); } else { config.MailProvider.Password = MSIS.Encrypt(value); } } } break; case 0x03: using (AESSystemEncryption MSIS = new AESSystemEncryption()) { if (clearvalue) { config.KeysConfig.XORSecret = XORUtilities.DefaultKey; } else { if (string.IsNullOrEmpty(value)) { config.KeysConfig.XORSecret = MSIS.Encrypt(config.KeysConfig.XORSecret); host.UI.WriteWarningLine("Empty value not allowed, value was only encrypted !"); } else { config.KeysConfig.XORSecret = MSIS.Encrypt(value); } } } break; } CFGUtilities.WriteConfigurationToDatabase(host, config, false); CFGUtilities.BroadcastNotification(config, NotificationsKind.ConfigurationCreated, Environment.MachineName, true, true); }