/// <summary> /// This method constructs an Asymmetric data encryptor from a certificate found in the certificate store. /// </summary> /// <param name="storeLocation">The store location.</param> /// <param name="storeName">The store name.</param> /// <param name="certificateSelector">The certificate predicate selector, cannot be null.</param> /// <param name="keySelector">The delegate that extracts the key data from the certificate, cannot be null.</param> /// <exception cref="InvalidOperationException">The certificate could not be found or loaded.</exception> /// <exception cref="SecurityException">The calling context is denied access to the certificate store.</exception> /// <exception cref="CryptographicException">The encryption operation failed.</exception> /// <returns>The asymmetric key, cannot be null.</returns> private static AsymmetricDataEncryptor LoadCertificateKey(StoreLocation storeLocation, StoreName storeName, Predicate <X509Certificate2> certificateSelector, Func <X509Certificate2, string> keySelector) { // argument validation done in public method for first three arguments, last argument trusted to be not null X509Store store = null; try { store = new X509Store(storeName, storeLocation); store.Open(OpenFlags.ReadOnly); X509Certificate2 certificate = store.Certificates.Cast <X509Certificate2>().FirstOrDefault(cert => certificateSelector(cert)); if (certificate != null) { // capture keydata once so that multiple calls to encrypt/decrypt for a single instance of AsymmetricDataEncryptor always behaves the same // but keep the key under DPAPI encryption to protect from crash dump attacks IStringEncryptor encryptor = StringEncryptor.Create(CurrentUserDataEncryptor.Instance); string keyDataCipher = encryptor.Encrypt(AsymmetricDataEncryptor.InMemoryKeyName, keySelector(certificate)); return(new AsymmetricDataEncryptor(() => encryptor.Decrypt(AsymmetricDataEncryptor.InMemoryKeyName, keyDataCipher))); } } finally { if (store != null) { store.Close(); store = null; } } throw new InvalidOperationException("The requested certificate could not be loaded."); }
public static bool DecryptConnectionString( [NotNull] IStringEncryptor stringEncryptor, [NotNull] string connectionString, [NotNull] out string decryptedConnectionString) { var builder = new ConnectionStringBuilder(connectionString); bool changed = false; foreach (KeyValuePair <string, string> pair in builder.GetEntries()) { string keyword = pair.Key; string value = pair.Value; string innerValue; if (!PropertyValueEncryptionUtils.IsEncryptedValue(value, out innerValue)) { continue; } builder.Update(keyword, stringEncryptor.Decrypt(innerValue)); changed = true; } decryptedConnectionString = changed ? builder.ConnectionString : connectionString; return(changed); }
public UsersManagementService(IUsersRepository usersRepository, ISettingsRepository settingsRepository) { Protector.SetIfNotNull(ref _usersRepository, usersRepository); Protector.SetIfNotNull(ref _settingsRepository, settingsRepository); _encryptor = new StringEncryptor(_settingsRepository); }
internal static User Encrypt(this User user, IStringEncryptor encryptor) { user.Credentials = encryptor.EncryptString(user.Credentials); user.Birthday = encryptor.EncryptString(user.Birthday); user.Email = encryptor.EncryptString(user.Email); user.Comment = encryptor.EncryptString(user.Comment); return(user); }
/// <summary> /// Creates an AsymmetricDataEncryptor instance with a new RSA key. /// </summary> /// <returns>The asymmetric key, cannot be null.</returns> public static AsymmetricDataEncryptor GenerateRandomEncryptor() { // capture keydata once so that multiple calls to encrypt/decrypt for a single instance of AsymmetricDataEncryptor always behaves the same // but keep the key under DPAPI encryption to protect from crash dump attacks IStringEncryptor encryptor = StringEncryptor.Create(CurrentUserDataEncryptor.Instance); string keyDataCipher = encryptor.Encrypt(AsymmetricDataEncryptor.InMemoryKeyName, AsymmetricDataEncryptor.GenerateKey()); return(new AsymmetricDataEncryptor(() => encryptor.Decrypt(AsymmetricDataEncryptor.InMemoryKeyName, keyDataCipher))); }
public PendingClientService( IRepository <PendingClientEntity> pendingClientRepository, IStringEncryptor stringEncryptor, ICryptoService cryptoService, IMapper mapper) { _pendingClientRepository = pendingClientRepository; _stringEncryptor = stringEncryptor; _cryptoService = cryptoService; _mapper = mapper; }
public PendingClientService( IRepository<PendingClientEntity> pendingClientRepository, IStringEncryptor stringEncryptor, ICryptoService cryptoService, IMapper mapper) { _pendingClientRepository = pendingClientRepository; _stringEncryptor = stringEncryptor; _cryptoService = cryptoService; _mapper = mapper; }
/// <summary> /// Saves the public property values contained in the current instance to an encrypted file. Key and IV parameters are used /// to specify an AES encryption. Serialization is used to get the object values into an XML string that will be encrypted and /// written to the output file. /// </summary> /// <param name="filePath">Full path for output file.</param> /// <param name="key">AES encryption key.</param> /// <param name="iv">AES IV value.</param> /// <remarks>Only AES encryption is supported by this routine.</remarks> public void SaveToXmlFile(string filePath, string key, string iv) { pfEncryptionAlgorithm alg = pfEncryptionAlgorithm.AES; IStringEncryptor enc2 = PFEncryption.GetStringEncryptor(alg); //store xml data in a string string xmldata = this.ToXmlString(); //encrypt the xml data string enc2.Key = key; enc2.IV = iv; string encryptedXML = enc2.Encrypt(xmldata); //save encrypted xml to file File.WriteAllText(filePath, encryptedXML); }
/// <summary> /// Creates and initializes an instance of the class by loading a serialized version of the instance stored in an encrypted file. /// The file is first decrypted into an XML string and the XML string is then used to create an instance of the class. /// </summary> /// <param name="filePath">Full path for the input file.</param> /// <param name="key">AES encryption key.</param> /// <param name="iv">AES IV value.</param> /// <returns>An instance of PFKeyValueListEx.</returns> /// <remarks>Only AES encryption is supported by this routine.</remarks> public static PFKeyValueListExSorted <K, V> LoadFromXmlFile(string filePath, string key, string iv) { pfEncryptionAlgorithm alg = pfEncryptionAlgorithm.AES; IStringEncryptor enc2 = PFEncryption.GetStringEncryptor(alg); PFKeyValueListExSorted <K, V> listElements; //first: load the encrypted data from the specified file string encryptedXML = File.ReadAllText(filePath); //next: decrypt the encrypted data enc2.Key = key; enc2.IV = iv; string xmldata = enc2.Decrypt(encryptedXML); //step 3: create a PFLIcense object from the decrypted string listElements = LoadFromXmlString(xmldata); //finally: return to caller return(listElements); }
public UserRepository(IStringEncryptor encryptor, IDapperSampleContext dapperSampleContext, System.Data.IDbTransaction transaction = null) : base(dapperSampleContext, transaction) { this.encryptor = encryptor; }
public HashUserPassword([Named(nameof(AESEncryptor))] IStringEncryptor encryptor) { _encryptor = encryptor; }
public HashUserPassword() { _encryptor = CompositionRoot.Resolve <IStringEncryptor>(nameof(AESEncryptor)); }
public RecoveryLinkService(IStringEncryptor stringEncryptor) { _stringEncryptor = stringEncryptor; }
public HashUserPassword([KeyFilter(nameof(AESEncryptor))] IStringEncryptor encryptor) { _encryptor = encryptor; }