static FrameworkAlcoaVault()
        {
            try
            {
                //Searchs for vault file inside some windows folders
                var vaultFullPath = FileHelper.SearchFileFullPath(Resources.VaultPath, Resources.VaultFileName, Resources.VaultFolderToSearch);

                //Combine and generate vault password to decrypt connection strings
                var fixes = CommonResource.GetString("PassNumbers") + CommonResource.GetString("PassSpecialChars");
                _password = fixes + CommonResource.GetString("PassText") + fixes;

                XDocument vaultFile = XDocument.Load(vaultFullPath);

                //Read and loads connection data
                _profiles_ = vaultFile.Descendants("Profile")
                             .Select(e => new Profile
                {
                    Name             = e.FirstAttribute.Value.ToUpper(),
                    DatabaseType     = (DatabaseTypes)Enum.Parse(typeof(DatabaseTypes), e.Parent.Name.ToString()),
                    ConnectionString = e.Value,
                    UsePattern       = e.LastAttribute.Value.ToBool()
                })
                             .ToList();

                //Read and loads pattern data
                _pattern = vaultFile.Descendants("Pattern")
                           .Select(e => new Pattern {
                    PatternValue = e.Value
                })
                           .FirstOrDefault();
            }
            catch (Exception ex)
            {
            }
        }
Exemplo n.º 2
0
        public string GetEncryptedConnectionString(ConnectionStringFilterDTO filter)
        {
            var connectionString = string.Empty;

            try
            {
                if (string.IsNullOrEmpty(filter.ConnectionString))
                {
                    throw new ServiceException(CommonExceptionType.ParameterException, "ConnectionString");
                }

                var prefix = CommonResource.GetString("PassNumbers") + CommonResource.GetString("PassSpecialChars");
                var pass   = prefix + CommonResource.GetString("PassText") + prefix;

                var upperConnection = filter.ConnectionString.ToUpper();
                if (upperConnection.Contains("DATA SOURCE") &&
                    upperConnection.Contains("USER ID") &&
                    upperConnection.Contains("PASSWORD"))
                {
                    connectionString = CryptographHelper.RijndaelEncrypt(filter.ConnectionString, pass);
                }

                else if (upperConnection.Contains("SERVER") &&
                         upperConnection.Contains("DATABASE") &&
                         (upperConnection.Contains("TRUSTED_CONNECTION") ||
                          (upperConnection.Contains("USER ID") && upperConnection.Contains("PASSWORD"))))
                {
                    connectionString = CryptographHelper.RijndaelEncrypt(filter.ConnectionString, pass);
                }

                else if (upperConnection.Contains("DATA SOURCE") &&
                         upperConnection.Contains("PROVIDER"))
                {
                    connectionString = CryptographHelper.RijndaelEncrypt(filter.ConnectionString, pass);
                }
                else
                {
                    throw new ServiceException(CommonExceptionType.ValidationException,
                                               "ConnectionString parameter, must follow connection standards " + Environment.NewLine +
                                               "For Oracle" + Environment.NewLine +
                                               "DATA SOURCE=#########;PERSIST SECURITY INFO=FALSE;USER ID=######;PASSWORD=######;" + Environment.NewLine +
                                               "For SQL Server" + Environment.NewLine +
                                               "SERVER=###############;DATABASE=###############;[USER ID=######;PASSWORD=######;|TRUSTED_CONNECTION=TRUE;]" + Environment.NewLine +
                                               "For MS Access" + Environment.NewLine +
                                               "PROVIDER=###############;DATA SOURCE=###############;PERSIST SECURITY INFO=FALSE;[USER ID=######;PASSWORD=######;]");
                }
            }
            catch (Exception ex)
            {
                LogHelper.ExceptionAndThrow(ex);
            }

            return(connectionString);
        }
Exemplo n.º 3
0
        /// <summary>
        /// Validate database user password
        /// </summary>
        public void ValidateUserCredential(string password)
        {
            //Validates user password if it was provided
            if (UserExtraInfo.AccountTypeName == AccountType.SSOUser.ToString())
            {
                if (string.IsNullOrEmpty(password))
                {
                    Validation.Results.Add(new ValidationResult("Error: EncriptedPassword is null or empty"));
                }

                if (LoginExpirationDate.HasValue && LoginExpirationDate < DateTime.Now)
                {
                    Validation.Results.Add(new ValidationResult("Error: Login account expired"));
                }

                if (string.IsNullOrEmpty(WebSignature))
                {
                    Validation.Results.Add(new ValidationResult("Error: WebSignature is null or empty"));
                }

                if (!string.IsNullOrEmpty(password) &&
                    !string.IsNullOrEmpty(WebSignature))
                {
                    password = CryptographHelper.RijndaelDecrypt(password, CommonConsts.CommonPassword);

                    //Creates the password to decrypt PrivateKeys
                    var prefix = CommonResource.GetString("PassNumbers") + CommonResource.GetString("PassSpecialChars");
                    var pass   = prefix + CommonResource.GetString("PassText") + prefix;

                    var xmlPrivateKey         = CryptographHelper.RijndaelDecrypt(WebSignatureRsaKey.PrivateKey.GetDescription(), pass);
                    var clearTextWebSignature = CryptographHelper.RsaDecrypt(WebSignature, xmlPrivateKey);

                    if (password != clearTextWebSignature)
                    {
                        Validation.Results.Add(new ValidationResult("Error: Password mismatch."));
                    }
                }
            }
        }