public static List <Service> GetServicesListDecrypted() { var services = new List <Service>(); var eccService = new EccKeyServiceProvider(); var masterKeyService = new KeyDerivationServiceProvider(); var crypto = new SymmetricCryptographyServiceProvider(); var userServices = UserData.ApiClient.ApiEcccredentialsGetAsync(null, null).ConfigureAwait(false).GetAwaiter().GetResult(); foreach (var service in userServices) { var derivedKey = eccService.EcdhDervieKey( new EccKeyPairBlob( service.EccDerivationBlob.Curve, service.EccDerivationBlob.PublicKey, null ), new EccKeyPairBlob( service.EccDerivationBlob.Curve, null, UserData.PrivateKeyDecrypted ), HashAlgorithmName.SHA256 ); var masterKey = masterKeyService.DeriveKeyFromBlob( derivedKey, new KeyDerivationBlob( service.SymmetricCiphertextBlob.DerivationDescription, service.SymmetricCiphertextBlob.DerivationSalt, null ) ); var decryptedService = crypto.DecryptFromSymmetricCipthertextBlob( masterKey.MasterKey, new SymmetricCipthertextBlob( service.SymmetricCiphertextBlob.CipherDescription, service.SymmetricCiphertextBlob.InitializationVector, service.SymmetricCiphertextBlob.Ciphertext, service.SymmetricCiphertextBlob.AuthenticationTag ) ); Service tempService = JsonConvert.DeserializeObject <Service>(Encoding.UTF8.GetString(decryptedService)); tempService.Id = service.Id; services.Add(tempService); } return(services); }
private async void LoginButton_Click(object sender, RoutedEventArgs e) { UserData.eccKeyPairs = new List <EccKeyPairGetModel>(); if (String.IsNullOrEmpty(LoginBox.Text) || String.IsNullOrEmpty(PasswordBox.Password)) { await DialogHost.Show(new MessageDialog("Fields cannot be empty!"), "login"); return; } PasswordHashingServiceProvider phsp = new PasswordHashingServiceProvider(); UserAuthenticatePostModel loginModel = new UserAuthenticatePostModel() { Username = LoginBox.Text, Password = await phsp.Client_ComputePasswordForLogin(Encoding.UTF8.GetBytes(LoginBox.Text), Encoding.UTF8.GetBytes(PasswordBox.Password)) }; try { var result = await UserData.ApiClient.ApiUsersAuthenticateAsync(loginModel); UserData.AuthToken = result.AuthenticationToken; UserData.UserName = LoginBox.Text; UserData.BytePassword = Encoding.UTF8.GetBytes(PasswordBox.Password); var checkResult = await UserData.ApiClient.ApiEcckeypairsGetAsync(20, 0); if (checkResult.Count == 0) { // Send new keypair EccKeyServiceProvider ecckey = new EccKeyServiceProvider(); var keypair = ecckey.CreateNew_secp256r1_ECKeyPair(); var masterKeyService = new KeyDerivationServiceProvider(); var masterKey = masterKeyService.Pbkdf2Sha256DeriveKeyFromPassword(UserData.BytePassword, 16, 16); var crypto = new SymmetricCryptographyServiceProvider(); var privateKeyEncrypted = crypto.Aes128GcmEncrypt(masterKey.MasterKey, keypair.PrivateKey); var keyPairPostResult = await UserData.ApiClient.ApiEcckeypairsPostAsync(new EccKeyPairPostModel { EncryptedPrivateKey = new EccEncryptedPrivateKeyModel() { Curve = keypair.Curve, AuthenticationTag = privateKeyEncrypted.AuthenticationTag, CipherDescription = privateKeyEncrypted.CipherDescription, Ciphertext = privateKeyEncrypted.Cipthertext, InitializationVector = privateKeyEncrypted.InitializationVector, DerivationDescription = masterKey.DerivationDescription, DerivationSalt = masterKey.DerivationSalt }, PublicKey = new EccPublicKeyModel() { Curve = keypair.Curve, PublicKey = keypair.PublicKey } }); checkResult = await UserData.ApiClient.ApiEcckeypairsGetAsync(20, 0); } // Get user keypairs and decrypt them foreach (var keyPair in checkResult) { UserData.eccKeyPairs.Add(keyPair); var masterKeyService = new KeyDerivationServiceProvider(); var masterKey = masterKeyService.DeriveKeyFromBlob(UserData.BytePassword, new KeyDerivationBlob( keyPair.EncryptedPrivateKey.DerivationDescription, keyPair.EncryptedPrivateKey.DerivationSalt, null )); var crypto = new SymmetricCryptographyServiceProvider(); var privateKeyDecrypted = crypto.DecryptFromSymmetricCipthertextBlob(masterKey.MasterKey, new SymmetricCipthertextBlob ( keyPair.EncryptedPrivateKey.CipherDescription, keyPair.EncryptedPrivateKey.InitializationVector, keyPair.EncryptedPrivateKey.Ciphertext, keyPair.EncryptedPrivateKey.AuthenticationTag ) ); UserData.PrivateKeyDecrypted = privateKeyDecrypted; //CngKey.Import(privateKeyDecrypted, CngKeyBlobFormat.EccPrivateBlob, new CngProvider()); } WindowManager.MainWindow = new MainWindow(); WindowManager.MainWindow.Show(); WindowManager.MainWindow.Notifier.ShowSuccess("You logged in successfully!"); Close(); } catch (ApiException <ProblemDetails> exc) { await DialogHost.Show(new MessageDialog(ApiErrorsBuilder.GetErrorString(exc.Result.Errors)), "login"); } catch (Exception) { await DialogHost.Show(new MessageDialog("Unknown error"), "login"); } }
private async void SaveChangesButton_Click(object sender, RoutedEventArgs e) { if (String.IsNullOrEmpty(OldPasswordBox.Password) || String.IsNullOrEmpty(NewPasswordBox.Password) || String.IsNullOrEmpty(ConfirmNewPasswordBox.Password)) { Notifier.ShowError("Fields can not be empty!"); return; } var keyPairs = new List <EccKeyPairModel>(); foreach (var keyPair in UserData.eccKeyPairs) { var masterKeyService = new KeyDerivationServiceProvider(); var decryptionMasterKey = masterKeyService.DeriveKeyFromBlob(UserData.BytePassword, new KeyDerivationBlob( keyPair.EncryptedPrivateKey.DerivationDescription, keyPair.EncryptedPrivateKey.DerivationSalt, null )); var crypto = new SymmetricCryptographyServiceProvider(); var privateKeyDecrypted = crypto.DecryptFromSymmetricCipthertextBlob(decryptionMasterKey.MasterKey, new SymmetricCipthertextBlob ( keyPair.EncryptedPrivateKey.CipherDescription, keyPair.EncryptedPrivateKey.InitializationVector, keyPair.EncryptedPrivateKey.Ciphertext, keyPair.EncryptedPrivateKey.AuthenticationTag ) ); var encryptionMasterKey = masterKeyService.Pbkdf2Sha256DeriveKeyFromPassword(Encoding.UTF8.GetBytes(NewPasswordBox.Password), 16, 16); var encryptedPrivateKey = crypto.Aes128GcmEncrypt(encryptionMasterKey.MasterKey, privateKeyDecrypted); keyPairs.Add(new EccKeyPairModel() { Id = keyPair.Id, PublicKey = keyPair.PublicKey, EncryptedPrivateKey = new EccEncryptedPrivateKeyModel() { Curve = keyPair.EncryptedPrivateKey.Curve, AuthenticationTag = encryptedPrivateKey.AuthenticationTag, CipherDescription = encryptedPrivateKey.CipherDescription, Ciphertext = encryptedPrivateKey.Cipthertext, InitializationVector = encryptedPrivateKey.InitializationVector, DerivationDescription = encryptionMasterKey.DerivationDescription, DerivationSalt = encryptionMasterKey.DerivationSalt } }); } try { PasswordHashingServiceProvider phsp = new PasswordHashingServiceProvider(); await UserData.ApiClient.ApiUsersChangePasswordAsync(new Core.ApiClient.UserChangePasswordModel() { CurrentPassword = await phsp.Client_ComputePasswordForLogin(Encoding.UTF8.GetBytes(UserData.UserName), Encoding.UTF8.GetBytes(OldPasswordBox.Password)), Password = await phsp.Client_ComputePasswordForLogin(Encoding.UTF8.GetBytes(UserData.UserName), Encoding.UTF8.GetBytes(NewPasswordBox.Password)), PasswordRepeat = await phsp.Client_ComputePasswordForLogin(Encoding.UTF8.GetBytes(UserData.UserName), Encoding.UTF8.GetBytes(ConfirmNewPasswordBox.Password)), EccKeyPairs = keyPairs }); WindowManager.MainWindow.Logout(); var dialogResult = await DialogHost.Show(new MessageDialog("Password changed successfully!\nYou can login now."), "login"); } catch (ApiException <ProblemDetails> exc) { foreach (var error in ApiErrorsBuilder.GetErrorList(exc.Result.Errors)) { Notifier.ShowError(error); } } catch (Exception) { Notifier.ShowError("Unknown error"); } }