public OtpSaveKeyOfFileTask(string keyPath, string filePath) : base(ResourceType.File, keyPath, filePath)
{
InnerTask = new Task(() =>
{
OtpHelper.GenerateKey(keyPath, filePath);
});
}
/// <summary>
///
/// </summary>
public static void ShredFile(string path, CipherType cipherType, bool nameObfuscation = true, bool propertyObfuscation = true)
{
if ((File.GetAttributes(path) & FileAttributes.Directory) == FileAttributes.Directory)
{
throw new FileNotFoundException(path);
}
if (!File.Exists(path))
{
throw new FileNotFoundException(path);
}
switch (cipherType)
{
case CipherType.Otp:
OtpHelper.EncryptWithoutKey(path);
break;
case CipherType.Aes:
AesHelper.EncryptFile(AesHelper.GetNewAesKey(), path);
break;
}
if (propertyObfuscation)
{
ObfuscateFileProperties(path);
}
if (nameObfuscation)
{
path = ObfuscateFileName(path);
}
File.Delete(path);
}
public TokenInfo VerifyOtp(User user, string otp)
{
if (OtpHelper.VerifyOtp(user.TotpToken, otp))
{
return(GenerateToken(user));
}
_logger.LogInformation("OTP failed verification.");
return(null);
}
public OpenOtpPasswordStoreTask(string filePath, string keyFilePath)
: base(ResourceType.File, filePath, keyFilePath)
{
InnerTask = new Task(() =>
{
var model = new OpenOtpPasswordStoreTaskResultModel
{
StorePath = filePath,
KeyPath = keyFilePath
};
if (!File.Exists(filePath))
{
using (var fs = File.Create(filePath))
{
new BinaryFormatter().Serialize(fs, new List <PasswordModel>());
}
model.Exception = new OtpPasswordStoreFirstUseException();
Result.Value = model;
return;
}
if (!File.Exists(keyFilePath))
{
model.Exception = new OtpKeyFileNotAvailableException();
Result.Value = model;
return;
}
if (new FileInfo(filePath).Length > new FileInfo(keyFilePath).Length)
{
throw new InvalidKeyException();
}
OtpHelper.Transform(filePath, keyFilePath);
var models = new List <PasswordModel>();
using (var fs = new FileStream(filePath, FileMode.Open))
{
if (fs.Length > 0)
{
if (new BinaryFormatter().Deserialize(fs) is List <PasswordModel> list)
{
models = list;
}
}
}
OtpHelper.Transform(filePath, keyFilePath);
model.Models = models;
Result.Value = model;
});
}
public CreateOtpPasswordStoreKeyTask(string storeFilePath, string keyPath, bool open) : base(ResourceType.File, keyPath)
{
InnerTask = new Task(() =>
{
OtpHelper.GenerateKey(keyPath, 1024 * 1024);
OtpHelper.Transform(storeFilePath, keyPath);
Result.Value = new CreateOtpPasswordStoreKeyTaskResultModel {
StorePath = storeFilePath, KeyPath = keyPath, OpenAfter = open
};
});
}
public OtpSavePasswordsTask(string storePath, string keyPath, IReadOnlyCollection <PasswordModel> models) : base(ResourceType.File, storePath, keyPath)
{
InnerTask = new Task(() =>
{
if (!File.Exists(storePath))
{
throw new FileNotFoundException(nameof(storePath));
}
if (!File.Exists(keyPath))
{
throw new FileNotFoundException(nameof(keyPath));
}
OtpHelper.Transform(storePath, keyPath);
using (var fs = new FileStream(storePath, FileMode.Create))
{
new BinaryFormatter().Serialize(fs, models);
}
var storeLength = new FileInfo(storePath).Length;
var keyLength = new FileInfo(keyPath).Length;
if (storeLength > keyLength)
{
var increase = storeLength - keyLength;
using (var crypto = new RNGCryptoServiceProvider())
{
using (var fs = new FileStream(keyPath, FileMode.Append))
{
var buffer = new byte[1024];
while (increase > 0)
{
if (buffer.Length > increase)
{
buffer = new byte[increase];
}
crypto.GetNonZeroBytes(buffer);
fs.Write(buffer, 0, buffer.Length);
increase -= buffer.Length;
}
}
}
}
OtpHelper.Transform(storePath, keyPath);
});
}
public OtpTransformTask(string filePath, string ext, string keyFilePath = "", bool encrypt = true) : base(ResourceType.File, filePath, keyFilePath)
{
InnerTask = new Task(() =>
{
string newFileName;
if (encrypt)
{
newFileName = FileGeneratorHelper.GetValidFileNameForDirectory(
DirectoryHelper.GetDirectoryPath(filePath),
Path.GetFileName(filePath),
ext);
}
else
{
if (!filePath.EndsWith(ext, StringComparison.Ordinal))
{
throw new InvalidEncryptedFileException();
}
var name = filePath.RemoveLast(ext.Length);
newFileName = FileGeneratorHelper.GetValidFileNameForDirectory(
DirectoryHelper.GetDirectoryPath(name),
Path.GetFileName(name),
string.Empty);
}
if (newFileName == null)
{
throw new NoSuitableNameFoundException();
}
File.Move(filePath, newFileName);
if (string.IsNullOrEmpty(keyFilePath))
{
OtpHelper.EncryptWithoutKey(newFileName);
}
else
{
OtpHelper.Transform(newFileName, keyFilePath);
}
});
}
public override Task OnAuthorizationAsync(HttpActionContext actionContext, System.Threading.CancellationToken cancellationToken)
{
var principal = actionContext.RequestContext.Principal as ClaimsPrincipal;
var preSharedKey = principal.FindFirst("PSK").Value;
bool hasValidTotp = OtpHelper.HasValidTotp(actionContext.Request, preSharedKey);
if (hasValidTotp)
{
return(Task.FromResult <object>(null));
}
else
{
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized, new CustomError()
{
Code = 100, Message = "Time sensitive passcode is invalid"
});
return(Task.FromResult <object>(null));
}
}
public override Task OnAuthorizationAsync(HttpActionContext actionContext, System.Threading.CancellationToken cancellationToken)
{
//cerca nei claims principal la chiave PSK.. i claim vengono aggiunti nel SimpleAuthorizationServerProvider
var principal = actionContext.RequestContext.Principal as ClaimsPrincipal;
var preSharedKey = principal.FindFirst("PSK").Value;
bool hasValidTotp = OtpHelper.HasValidTotp(actionContext.Request, preSharedKey);
if (hasValidTotp)
{
return(Task.FromResult <object>(null));
}
else
{
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized, new CustomError()
{
Code = 100, Message = "One Time Password is Invalid"
});
return(Task.FromResult <object>(null));
}
}
private async Task LoadData(bool reset)
{
var user = await this._userManager.GetUserAsync(this.User);
var isOtpEnabled = await this._userManager.GetTwoFactorEnabledAsync(user);
this.CurrentOtpStatus = isOtpEnabled ? OtpStatus.Enabled : OtpStatus.Disabled;
if (!isOtpEnabled && reset)
{
var result = await this._userManager.ResetAuthenticatorKeyAsync(user);
if (!result.Succeeded)
{
throw new Exception("Unable to reset OTP secret.");
}
}
var secret = await this._userManager.GetAuthenticatorKeyAsync(user);
this.FormattedSecret = OtpHelper.FormatSecret(secret);
this.OtpUri = OtpHelper.GenerateUri("ShirtShop", user.UserName, secret);
}
public bool ValidOTP(string login, string pwd, String token)
{
string psk = rechPSK(login, pwd);
return(OtpHelper.HasValidTotp(token, psk));
}
public string GenerateTotp(ref User user)
{
user.TotpToken = new byte[32];
new RNGCryptoServiceProvider().GetBytes(user.TotpToken);
return(OtpHelper.GenerateTotp(user.TotpToken));
}
