public byte[] Encrypt(long id, SecureString securePassword, bool half)
{
if (id < 0 || id > MaximumId)
{
throw new ArgumentOutOfRangeException(nameof(id));
}
if (null == securePassword)
{
throw new ArgumentNullException(nameof(securePassword));
}
if (0 == securePassword.Length)
{
throw new ArgumentOutOfRangeException(nameof(securePassword));
}
byte[] password = null;
try
{
password = SecureStringUtility.SecureStringToByteArray(securePassword, DefaultEncoding);
return(Encrypt(id, password, half));
}
finally
{
if (null != password)
{
Array.Clear(password, 0, password.Length);
}
}
}
public static DecryptedKey Decrypt(byte[] encrypted, long id, SecureString securePassword)
{
if (null == securePassword)
{
throw new ArgumentNullException(nameof(securePassword));
}
if (0 == securePassword.Length)
{
throw new ArgumentOutOfRangeException(nameof(securePassword));
}
byte[] password = null;
try
{
password = SecureStringUtility.SecureStringToByteArray(securePassword, DefaultEncoding);
return(Decrypt(encrypted, id, password));
}
finally
{
if (null != password)
{
Array.Clear(password, 0, password.Length);
}
}
}
private static void OnBoundPasswordChanged(DependencyObject d, DependencyPropertyChangedEventArgs e)
{
PasswordBox box = d as PasswordBox;
if (d == null || !GetBindPassword(d))
{
return;
}
box.PasswordChanged -= HandlePasswordChanged;
SecureString newPassword = (SecureString)e.NewValue;
if (newPassword.Length == 0)
{
box.Clear();
}
if (!GetUpdatingPassword(box))
{
SecureStringUtility.FillSecureString(box.SecurePassword, newPassword);
}
box.PasswordChanged += HandlePasswordChanged;
}
private void LoginStoredProcedure()
{
try
{
string encryptedPassword = Security.BetaEncryption.Encrypt(Key, SecureStringUtility.SecureStringToString(Password));
SQL.StoredProcedures.Login(Username, encryptedPassword);
}
catch (SqlException e)
{
int errorNumber = e.Number;
if (errorNumber >= 50000)
{
Message = e.Message;
}
else
{
Message = UNKNOWN;
}
MessageColor = "red";
}
catch (Exception)
{
Message = UNKNOWN;
MessageColor = "red";
}
}
private void GetAccountSettings()
{
_getAccountSettingsCommand.SetCanExecute(false);
try
{
var scsOauth = new SwisscomOauth(APP_KEY, APP_SECRET);
var credentials = scsOauth.GetCredentials();
UserName = credentials.Username;
ClearTextPassword = credentials.Password;
Password = SecureStringUtility.ToSecureString(credentials.Password);
CalenderUrl = credentials.Url;
}
catch (Exception x)
{
s_logger.Error("Exception while getting account settings.", x);
string message = null;
for (Exception ex = x; ex != null; ex = ex.InnerException)
{
message += ex.Message + Environment.NewLine;
}
MessageBox.Show(message, "Account settings");
}
finally
{
_getAccountSettingsCommand.SetCanExecute(true);
}
}
public static async Task SecureStringUpdatePassword(SecureString currentPassword, SecureString newPassword, SecureString confirmPassword, Func <byte[], byte[], byte[], Task> UpdatePassword)
{
IntPtr unmanagedPtr1 = IntPtr.Zero;
byte[] plaintext1 = null;
GCHandle gcHandle1 = GCHandle.Alloc(plaintext1, GCHandleType.Pinned);
IntPtr unmanagedPtr2 = IntPtr.Zero;
byte[] plaintext2 = null;
GCHandle gcHandle2 = GCHandle.Alloc(plaintext1, GCHandleType.Pinned);
IntPtr unmanagedPtr3 = IntPtr.Zero;
byte[] plaintext3 = null;
GCHandle gcHandle3 = GCHandle.Alloc(plaintext1, GCHandleType.Pinned);
try
{
SecureStringUtility.SecureStringToByteArray(unmanagedPtr1, currentPassword, ref plaintext1);
SecureStringUtility.SecureStringToByteArray(unmanagedPtr2, newPassword, ref plaintext2);
SecureStringUtility.SecureStringToByteArray(unmanagedPtr3, confirmPassword, ref plaintext3);
await UpdatePassword(plaintext1, plaintext2, plaintext3);
}
finally
{
SecureStringUtility.ClearPasswordFromMemory(unmanagedPtr1, ref plaintext1, gcHandle1);
SecureStringUtility.ClearPasswordFromMemory(unmanagedPtr2, ref plaintext2, gcHandle2);
SecureStringUtility.ClearPasswordFromMemory(unmanagedPtr3, ref plaintext3, gcHandle3);
}
}
public void AutoFillServerSettings(OptionsModel optionsModel)
{
var scsOauth = new SwisscomOauth(APP_KEY, APP_SECRET);
var credentials = scsOauth.GetCredentials();
optionsModel.UserName = credentials.Username;
optionsModel.Password = SecureStringUtility.ToSecureString(credentials.Password);
optionsModel.CalenderUrl = credentials.Url;
}
private void ServerSettingsView_DataContextChanged(object sender, System.Windows.DependencyPropertyChangedEventArgs e)
{
_viewModel = e.NewValue as ServerSettingsViewModel;
if (_viewModel != null)
{
// Password is just a OneWayBinding. Therefore just set the initial value
_passwordBox.Password = SecureStringUtility.ToUnsecureString(_viewModel.Password);
}
}
public async Task AutoFillServerSettingsAsync(OptionsModel optionsModel)
{
CredentialSet credentials = await new SwisscomOauth().GetCredentialsAsync(optionsModel.CalenderUrl);
if (credentials != null)
{
optionsModel.UserName = credentials.Username;
optionsModel.Password = SecureStringUtility.ToSecureString(credentials.Password);
optionsModel.CalenderUrl = credentials.Url;
}
}
public void SetOptions(Contracts.Options value)
{
_emailAddressTextBox.Text = value.EmailAddress;
_calenderUrlTextBox.Text = value.CalenderUrl;
_userNameTextBox.Text = value.UserName;
_ignoreAccountPasswordCheckBoxCheckedChanged = true;
_useAccountPasswordCheckBox.Checked = value.UseAccountPassword;
_ignoreAccountPasswordCheckBoxCheckedChanged = false;
_passwordTextBox.Text = SecureStringUtility.ToUnsecureString(value.Password);
_networkAndProxyOptions = new NetworkAndProxyOptions(value.CloseAfterEachRequest, value.PreemptiveAuthentication, value.ForceBasicAuthentication, value.ProxyOptions ?? new ProxyOptions());
UpdatePasswordControlEnabled();
}
public void FillOptions(Contracts.Options optionsToFill)
{
optionsToFill.EmailAddress = _emailAddressTextBox.Text;
optionsToFill.CalenderUrl = _calenderUrlTextBox.Text;
optionsToFill.UserName = _userNameTextBox.Text;
optionsToFill.Password = SecureStringUtility.ToSecureString(_passwordTextBox.Text);
optionsToFill.UseAccountPassword = _useAccountPasswordCheckBox.Checked;
optionsToFill.ServerAdapterType = ServerAdapterType.WebDavHttpClientBased;
optionsToFill.CloseAfterEachRequest = _networkAndProxyOptions.CloseConnectionAfterEachRequest;
optionsToFill.PreemptiveAuthentication = _networkAndProxyOptions.PreemptiveAuthentication;
optionsToFill.ForceBasicAuthentication = _networkAndProxyOptions.ForceBasicAuthentication;
optionsToFill.ProxyOptions = _networkAndProxyOptions.ProxyOptions;
}
private IWebDavClient CreateWebDavClient(NetworkSettingsViewModel networkSettings, GeneralOptions generalOptions)
{
return(SynchronizerFactory.CreateWebDavClient(
EmailAddress,
SecureStringUtility.ToSecureString(string.Empty),
CalenderUrl,
TimeSpan.Parse(ConfigurationManager.AppSettings["calDavConnectTimeout"]),
ServerAdapterType.WebDavHttpClientBasedWithGoogleOAuth,
networkSettings.CloseConnectionAfterEachRequest,
networkSettings.PreemptiveAuthentication,
networkSettings.ForceBasicAuthentication,
networkSettings.CreateProxyOptions(),
generalOptions.AcceptInvalidCharsInServerResponse));
}
public IWebDavClient CreateWebDavClient()
{
return(SynchronizerFactory.CreateWebDavClient(
_userNameTextBox.Text,
_useAccountPasswordCheckBox.Checked
? _outlookAccountPasswordProvider.GetPassword(_dependencies.FolderAccountName)
: SecureStringUtility.ToSecureString(_passwordTextBox.Text),
_calenderUrlTextBox.Text,
TimeSpan.Parse(ConfigurationManager.AppSettings["calDavConnectTimeout"]),
ServerAdapterType.WebDavHttpClientBased,
_networkAndProxyOptions.CloseConnectionAfterEachRequest,
_networkAndProxyOptions.PreemptiveAuthentication,
_networkAndProxyOptions.ForceBasicAuthentication,
_networkAndProxyOptions.ProxyOptions));
}
public SecureString GetPassword(string accountNameOrNull)
{
try
{
using (RegistryKey profileKey = Registry.CurrentUser.OpenSubKey(_profileRegistryKeyName))
{
foreach (string subKeyName in profileKey.GetSubKeyNames())
{
using (RegistryKey subKey = profileKey.OpenSubKey(subKeyName))
{
if (accountNameOrNull != null)
{
var registryAccountName = ConvertRegistryValueToString(subKey.GetValue("Account Name"));
if (registryAccountName != accountNameOrNull)
{
continue;
}
}
var passwordValue = (byte[])subKey.GetValue("IMAP Password") ?? (byte[])subKey.GetValue("POP3 Password");
if (passwordValue == null)
{
continue;
}
var encPassword = passwordValue.Skip(1).ToArray();
try
{
var clearPassword = ProtectedData.Unprotect(encPassword, null, DataProtectionScope.CurrentUser);
return(SecureStringUtility.ToSecureString(Encoding.Unicode.GetString(clearPassword).TrimEnd('\0')));
}
catch (CryptographicException x)
{
s_logger.Error("Error while decrypting account password. Using empty password", x);
return(new SecureString());
}
}
}
return(new SecureString());
}
}
catch (Exception ex)
{
s_logger.Error("Error while fetching account password from registry. Using empty password", ex);
return(new SecureString());
}
}
public void OnLoaded(object sender, EventArgs e)
{
// Enable moving the window when clicking on the control CtlMoveable
this.CtlMoveable = (FrameworkElement)this.Template.FindName("CtlMoveable", this);
if (null != this.CtlMoveable)
{
this.CtlMoveable.MouseLeftButtonDown += new MouseButtonEventHandler(OnMoveableClick);
}
Application.Current.MainWindow = this;
this.TbxUserName.Focus();
if (this.vm.RememberMe)
{
TbxPassword.Password = SecureStringUtility.SecureStringToString(vm.Password);
}
}
public static async Task SecureStringRegistration(string username, string firstName, string lastName, SecureString password, Func <string, string, string, byte[], Task> Register)
{
IntPtr unmanagedPtr = IntPtr.Zero;
byte[] plaintext = null;
GCHandle gcHandle = GCHandle.Alloc(plaintext, GCHandleType.Pinned);
try
{
SecureStringUtility.SecureStringToByteArray(unmanagedPtr, password, ref plaintext);
await Register(lastName, firstName, username, plaintext);
}
finally
{
SecureStringUtility.ClearPasswordFromMemory(unmanagedPtr, ref plaintext, gcHandle);
}
}
public static async Task SecureStringLogin(string username, SecureString password, Func <string, byte[], Task> Login)
{
// Pass in Login(string username, byte[] password) as function
byte[] plaintext = null;
GCHandle gcHandle = GCHandle.Alloc(plaintext, GCHandleType.Pinned);
IntPtr unmanagedPtr = IntPtr.Zero;
try
{
SecureStringUtility.SecureStringToByteArray(unmanagedPtr, password, ref plaintext);
await Login(username, plaintext);
}
finally
{
SecureStringUtility.ClearPasswordFromMemory(unmanagedPtr, ref plaintext, gcHandle);
}
}
private async Task <bool> IsAdmin()
{
string adminPassword = "******";
try
{
if (Username.Equals("betafastadmin") && Encrypt(SecureStringUtility.SecureStringToString(Password)).Equals(adminPassword))
{
return(true);
}
else
{
return(await Logon.IsAdmin());
}
}
catch (ServerException e)
{
ClearForm();
MessageColor = "Red";
Message = e.Message;
throw new Exception();
}
catch (UserDoesNotExistException)
{
ClearForm();
MessageColor = "Red";
Message = ROLE_ERROR;
throw new Exception();
}
catch (Exception e)
{
ClearForm();
MessageColor = "Red";
Message = ROLE_ERROR;
throw new Exception();
}
}
private bool IsAdmin()
{
string adminPassword = "******";
if (Username.Equals("The_Chairman") && Security.BetaEncryption.Encrypt(Key, SecureStringUtility.SecureStringToString(Password)).Equals(adminPassword))
{
return(true);
}
else
{
return(false);
}
}