/// <summary>
 /// Decrypt method implementation
 /// </summary>
 public override byte[] Decrypt(byte[] data, string description = "")
 {
     try
     {
         byte[] Hdr = GetHeader(data);
         if (Hdr.SequenceEqual(new byte[] { 0x17, 0xD3, 0xF4, 0x2B }))  // RSA
         {
             using (RSASystemEncryption enc = new RSASystemEncryption())
             {
                 return(enc.Decrypt(data));
             }
         }
         else if (Hdr.SequenceEqual(new byte[] { 0x17, 0xD3, 0xF4, 0x2A }))  // AES256
         {
             using (AESSystemEncryption enc = new AESSystemEncryption())
             {
                 return(enc.Decrypt(data));
             }
         }
         else
         {
             return(data);
         }
     }
     catch
     {
         return(data);
     }
 }
예제 #2
0
        /// <summary>
        /// GetConfig method implementation
        /// </summary>
        private static byte[] GetConfig(MFAConfig config)
        {
            using (AESSystemEncryption MSIS = new AESSystemEncryption())
            {
                config.KeysConfig.XORSecret = MSIS.Encrypt(config.KeysConfig.XORSecret);
                config.Hosts.ActiveDirectoryHost.Password = MSIS.Encrypt(config.Hosts.ActiveDirectoryHost.Password);
                config.MailProvider.Password = MSIS.Encrypt(config.MailProvider.Password);
            };
            XmlConfigSerializer xmlserializer = new XmlConfigSerializer(typeof(MFAConfig));
            MemoryStream        stm           = new MemoryStream();

            using (StreamReader reader = new StreamReader(stm))
            {
                xmlserializer.Serialize(stm, config);
                stm.Position = 0;
                byte[] bytes = null;
                using (AESSystemEncryption aes = new AESSystemEncryption())
                {
                    bytes = aes.Encrypt(stm.ToArray());
                }
                return(bytes);
            }
        }
 /// <summary>
 /// Encrypt method implementation
 /// </summary>
 public override byte[] Encrypt(byte[] data, string description = "")
 {
     try
     {
         if (CngKey.Exists(SystemUtilities.SystemKeyName, KeyStorageProvider, CngKeyOpenOptions.MachineKey))
         {
             using (RSASystemEncryption enc = new RSASystemEncryption())
             {
                 return(enc.Encrypt(data, description));
             }
         }
         else
         {
             using (AESSystemEncryption enc = new AESSystemEncryption())
             {
                 return(enc.Encrypt(data, description));
             }
         }
     }
     catch
     {
         return(data);
     }
 }
        /// <summary>
        /// SetMFACredentials method implementation
        /// </summary>
        internal static void SetMFACredentials(PSHost host, byte kind, string value, bool clearvalue = false)
        {
            MFAConfig config = CFGUtilities.ReadConfigurationFromADFSStore(host);

            if (config == null)
            {
                return;
            }
            switch (kind)
            {
            case 0x00:
                using (AESSystemEncryption MSIS = new AESSystemEncryption())
                {
                    if (clearvalue)
                    {
                        config.Hosts.ActiveDirectoryHost.Password      = string.Empty;
                        config.Hosts.ActiveDirectoryHost.Account       = string.Empty;
                        config.Hosts.ActiveDirectoryHost.DomainAddress = string.Empty;
                        config.MailProvider.Password  = string.Empty;
                        config.MailProvider.UserName  = string.Empty;
                        config.MailProvider.Anonymous = true;
                        config.KeysConfig.XORSecret   = XORUtilities.DefaultKey;
                    }
                    else
                    {
                        config.Hosts.ActiveDirectoryHost.Password = MSIS.Encrypt(config.Hosts.ActiveDirectoryHost.Password);
                        config.MailProvider.Password = MSIS.Encrypt(config.MailProvider.Password);
                        config.KeysConfig.XORSecret  = MSIS.Encrypt(config.KeysConfig.XORSecret);
                        if (!string.IsNullOrEmpty(value))
                        {
                            host.UI.WriteWarningLine("Block Updates not allowed, values where only encrypted !");
                        }
                    }
                }
                break;

            case 0x01:
                using (AESSystemEncryption MSIS = new AESSystemEncryption())
                {
                    if (clearvalue)
                    {
                        config.Hosts.ActiveDirectoryHost.Password      = string.Empty;
                        config.Hosts.ActiveDirectoryHost.Account       = string.Empty;
                        config.Hosts.ActiveDirectoryHost.DomainAddress = string.Empty;
                    }
                    else
                    {
                        if (string.IsNullOrEmpty(value))
                        {
                            config.Hosts.ActiveDirectoryHost.Password = MSIS.Encrypt(config.Hosts.ActiveDirectoryHost.Password);
                            host.UI.WriteWarningLine("Empty value not allowed, value was only encrypted !");
                        }
                        else
                        {
                            config.Hosts.ActiveDirectoryHost.Password = MSIS.Encrypt(value);
                        }
                    }
                }
                break;

            case 0x02:
                using (AESSystemEncryption MSIS = new AESSystemEncryption())
                {
                    if (clearvalue)
                    {
                        config.MailProvider.Password  = string.Empty;
                        config.MailProvider.UserName  = string.Empty;
                        config.MailProvider.Anonymous = true;
                    }
                    else
                    {
                        if (string.IsNullOrEmpty(value))
                        {
                            config.MailProvider.Password = MSIS.Encrypt(config.MailProvider.Password);
                            host.UI.WriteWarningLine("Empty value not allowed, value was only encrypted !");
                        }
                        else
                        {
                            config.MailProvider.Password = MSIS.Encrypt(value);
                        }
                    }
                }
                break;

            case 0x03:
                using (AESSystemEncryption MSIS = new AESSystemEncryption())
                {
                    if (clearvalue)
                    {
                        config.KeysConfig.XORSecret = XORUtilities.DefaultKey;
                    }
                    else
                    {
                        if (string.IsNullOrEmpty(value))
                        {
                            config.KeysConfig.XORSecret = MSIS.Encrypt(config.KeysConfig.XORSecret);
                            host.UI.WriteWarningLine("Empty value not allowed, value was only encrypted !");
                        }
                        else
                        {
                            config.KeysConfig.XORSecret = MSIS.Encrypt(value);
                        }
                    }
                }
                break;
            }
            CFGUtilities.WriteConfigurationToDatabase(host, config, false);
            CFGUtilities.BroadcastNotification(config, NotificationsKind.ConfigurationCreated, Environment.MachineName, true, true);
        }