private static bool WriteCredential(string key, string userName, string secret) { var byteArray = Encoding.Unicode.GetBytes(secret); if (byteArray.Length > 512) { throw new ArgumentOutOfRangeException("secret", "The secret message has exceeded 512 bytes."); } var cred = new CredUi.Credential(); cred.TargetName = key; cred.UserName = userName; cred.CredentialBlob = secret; cred.CredentialBlobSize = (UInt32)Encoding.Unicode.GetBytes(secret).Length; cred.AttributeCount = 0; cred.Attributes = IntPtr.Zero; cred.Comment = null; cred.TargetAlias = null; cred.Type = CredUi.CredTypes.CRED_TYPE_GENERIC; cred.Persist = CredUi.IsWindowsVistaOrEarlier ? CredUi.CredPersistance.Session : CredUi.CredPersistance.LocalMachine; var ncred = CredUi.NativeCredential.GetNativeCredential(cred); var written = CredUi.CredWrite(ref ncred, 0); var lastError = Marshal.GetLastWin32Error(); if (!written) { var message = string.Format("CredWrite failed with the error code {0}.", lastError); throw new CredentialException(lastError, message); } return(true); }
private void WriteCredential(string key, string userName, string secret) { if (_credentialStoragePolicy == CredentialStoragePolicy.None) { Log.Debug("Writing credentials disabled according to used storage policy"); return; } if (_credentialStoragePolicy == CredentialStoragePolicy.Configuration) { Log.Debug("Force writing credentials to configuration"); WriteCredentialToConfiguration(key, userName, secret); return; } var byteArray = Encoding.Unicode.GetBytes(secret); if (byteArray.Length > 512) { throw Log.ErrorAndCreateException(x => new ArgumentOutOfRangeException(nameof(secret), x), "The secret message has exceeded 512 bytes."); } Log.Debug("Writing credentials with username '{0}' for key '{1}'", userName, key); var cred = new CredUi.Credential { TargetName = key, UserName = userName, CredentialBlob = secret, CredentialBlobSize = (uint)Encoding.Unicode.GetBytes(secret).Length, AttributeCount = 0, Attributes = IntPtr.Zero, Comment = null, TargetAlias = null, Type = CredUi.CredTypes.CRED_TYPE_GENERIC, Persist = CredUi.IsWindowsVistaOrEarlier ? CredUi.CredPersistance.Session : CredUi.CredPersistance.LocalMachine }; Log.Debug("Persisting credentials as '{0}'", cred.Persist); var ncred = CredUi.NativeCredential.GetNativeCredential(cred); var written = CredUi.CredWrite(ref ncred, 0); var lastError = Marshal.GetLastWin32Error(); if (!written) { throw Log.ErrorAndCreateException(x => new CredentialException(lastError, x), "CredWrite failed with the error code '{0}'", lastError); } // Note: immediately read it for ORCOMP-229 var credential = ReadCredential(key, false); if ((credential is null || string.IsNullOrWhiteSpace(credential.Password)) && _credentialStoragePolicy == CredentialStoragePolicy.WindowsVaultConfigurationFallback) { WriteCredentialToConfiguration(key, cred.UserName, secret); } Log.Debug("Successfully written credentials for key '{0}'", key); }
private bool WriteCredential(string key, string userName, string secret) { var byteArray = Encoding.Unicode.GetBytes(secret); if (byteArray.Length > 512) { throw Log.ErrorAndCreateException(x => new ArgumentOutOfRangeException("secret", x), "The secret message has exceeded 512 bytes."); } Log.Debug("Writing credentials with username '{0}' for key '{1}'", userName, key); var cred = new CredUi.Credential(); cred.TargetName = key; cred.UserName = userName; cred.CredentialBlob = secret; cred.CredentialBlobSize = (uint)Encoding.Unicode.GetBytes(secret).Length; cred.AttributeCount = 0; cred.Attributes = IntPtr.Zero; cred.Comment = null; cred.TargetAlias = null; cred.Type = CredUi.CredTypes.CRED_TYPE_GENERIC; cred.Persist = CredUi.IsWindowsVistaOrEarlier ? CredUi.CredPersistance.Session : CredUi.CredPersistance.LocalMachine; Log.Debug("Persisting credentials as '{0}'", cred.Persist); var ncred = CredUi.NativeCredential.GetNativeCredential(cred); var written = CredUi.CredWrite(ref ncred, 0); var lastError = Marshal.GetLastWin32Error(); if (!written) { throw Log.ErrorAndCreateException(x => new CredentialException(lastError, x), "CredWrite failed with the error code '{0}'", lastError); } // Note: immediately read it for ORCOMP-229 var credential = ReadCredential(key, false); if (credential == null || string.IsNullOrWhiteSpace(credential.Password)) { var configurationKey = GetPasswordConfigurationKey(key, cred.UserName); var encryptionKey = GetEncryptionKey(key, cred.UserName); Log.Debug("Failed to write credentials to vault, probably a company policy. Falling back to writing configuration key '{0}'", configurationKey); var encryptedPassword = EncryptionHelper.Encrypt(secret, encryptionKey); _configurationService.SetRoamingValue(configurationKey, encryptedPassword); } Log.Debug("Successfully written credentials for key '{0}'", key); return(true); }