Exemplo n.º 1
0
        public void TestEncryptionDecryptionAPI()
        {
            FabricClient client        = new FabricClient();
            string       text          = "Lazy Fox jumped";
            string       encryptedText = EncryptionUtility.EncryptText(
                text,
                "78 12 20 5a 39 d2 23 76 da a0 37 f0 5a ed e3 60 1a 7e 64 bf",
                X509Credentials.StoreNameDefault,
                StoreLocation.LocalMachine,
                null);

            string resultStr = new string(SecureStringToCharArray(EncryptionUtility.DecryptText(encryptedText)));

            Assert.AreEqual <string>(text, resultStr);
            LogHelper.Log("Decrypted text is {0}", resultStr);
            try
            {
                string encryptedText2 = EncryptionUtility.EncryptText(
                    text,
                    "aa 79 54 22 7e 61 82 1d 8a 72 48 55 8b 7c 62 67 33 07 96 c5",
                    X509Credentials.StoreNameDefault);

                Assert.AreNotEqual <string>(encryptedText, encryptedText2);
            }
            catch (COMException e)
            {
                LogHelper.Log("Got expected exception {0}", e.Message);
                Assert.IsTrue(e is COMException);
            }
        }
Exemplo n.º 2
0
        // TODO: Avoid returning a string because strings are immutable and hence we cannot clear out the
        // secret from memory when we are done using it.
        internal static string GetStorageAccountKey(Dictionary <string, string> options)
        {
            string key            = options[Constants.StorageAccountKeyOption].Trim();
            bool   keyIsEncrypted = options.ContainsKey(Constants.StorageAccountKeyIsEncryptedOption) &&
                                    Boolean.Parse(options[Constants.StorageAccountKeyIsEncryptedOption]);

            if (keyIsEncrypted)
            {
                key = EncryptionUtility.DecryptText(key).ToString();
            }
            return(key);
        }
Exemplo n.º 3
0
        protected override CloudStorageAccount GetCloudStorageAccount()
        {
            CloudStorageAccount storageAccount;

            if (this.azureBlobBackupStore.IsAccountKeyEncrypted)
            {
                storageAccount = CloudStorageAccount.Parse(this.SecureStringToString(EncryptionUtility.DecryptText(this.azureBlobBackupStore.ConnectionString)));
            }
            else
            {
                storageAccount = CloudStorageAccount.Parse(this.azureBlobBackupStore.ConnectionString);
            }

            return(storageAccount);
        }
Exemplo n.º 4
0
        public AzureBlobRecoveryPointStore(Model.AzureBlobBackupStorageInfo azureBlobStoreInformation) : base(azureBlobStoreInformation)
        {
            this._storeInformation = azureBlobStoreInformation;

            if (azureBlobStoreInformation.IsConnectionStringEncrypted)
            {
                using (var secureString = EncryptionUtility.DecryptText(azureBlobStoreInformation.ConnectionString))
                {
                    this.container = AzureBlobStoreHelper.GetContainer(UtilityHelper.ConvertToUnsecureString(secureString), this._storeInformation.ContainerName);
                }
            }
            else
            {
                this.container = AzureBlobStoreHelper.GetContainer(this._storeInformation.ConnectionString, this._storeInformation.ContainerName);
            }
        }
        /// <summary>
        /// Translates encrypted secret which key given as argument to SecureString.
        /// </summary>
        /// <returns>The cofiguration passed - as SecureString, Or null if the configuration doesn't exist</returns>
        /// <exception cref="InvalidOperationException">Thrown when failed to translate encrypted secret to SecureString</exception>
        public static SecureString GetSecret(this IConfiguration configutations, string configurationName)
        {
            string encryptedSecret = configutations[configurationName];

            if (encryptedSecret == null)
            {
                return(null);
            }

            try
            {
                return(EncryptionUtility.DecryptText(encryptedSecret));
            }
            catch (COMException exception)
            {
                throw new InvalidOperationException($"configuration value for key {configurationName} is not a valid encrypted value", exception);
            }
        }
Exemplo n.º 6
0
        private BackupStorage UpdateSecretInStorage(BackupStorage storage, string thumbprintFromManifest, string x509StoreNameFromManifest, CancellationToken cancellationToken)
        {
            if (storage.BackupStorageType == BackupStorageType.AzureBlobStore)
            {
                var azureStorage = (AzureBlobBackupStorageInfo)storage;
                if (!azureStorage.IsConnectionStringEncrypted && String.IsNullOrEmpty(thumbprintFromManifest))
                {
                    return(storage);
                }
                if (azureStorage.IsConnectionStringEncrypted)
                {
                    return(azureStorage.ToBuilder()
                           .WithConnectionString(UtilityHelper.ConvertToUnsecureString(EncryptionUtility.DecryptText(azureStorage.ConnectionString)))
                           .SetIsConnectionStringEncrypted(false)
                           .Build());
                }

                if (!String.IsNullOrEmpty(thumbprintFromManifest))
                {
                    return(azureStorage.ToBuilder()
                           .WithConnectionString(EncryptionUtility.EncryptText(azureStorage.ConnectionString, thumbprintFromManifest, x509StoreNameFromManifest))
                           .SetIsConnectionStringEncrypted(true)
                           .Build());
                }
            }
            else if (storage.BackupStorageType == BackupStorageType.FileShare)
            {
                var fileShareStorage = (FileShareBackupStorageInfo)storage;
                if (!fileShareStorage.IsPasswordEncrypted && String.IsNullOrEmpty(thumbprintFromManifest))
                {
                    return(storage);
                }
                if (fileShareStorage.IsPasswordEncrypted)
                {
                    var builder = fileShareStorage.ToBuilder()
                                  .SetIsPasswordEncrypted(false);
                    if (!String.IsNullOrEmpty(fileShareStorage.PrimaryPassword))
                    {
                        builder.WithPrimaryPassword(UtilityHelper.ConvertToUnsecureString(EncryptionUtility.DecryptText(fileShareStorage.PrimaryPassword)));
                    }

                    if (!String.IsNullOrEmpty(fileShareStorage.SecondaryPassword))
                    {
                        builder.WithSecondaryPassword(UtilityHelper.ConvertToUnsecureString(EncryptionUtility.DecryptText(fileShareStorage.SecondaryPassword)));
                    }

                    return(builder.Build());
                }

                if (!String.IsNullOrEmpty(thumbprintFromManifest))
                {
                    var builder = fileShareStorage.ToBuilder()
                                  .SetIsPasswordEncrypted(true);
                    if (!String.IsNullOrEmpty(fileShareStorage.PrimaryPassword))
                    {
                        builder.WithPrimaryPassword(EncryptionUtility.EncryptText(fileShareStorage.PrimaryPassword, thumbprintFromManifest, x509StoreNameFromManifest));
                    }

                    if (!String.IsNullOrEmpty(fileShareStorage.SecondaryPassword))
                    {
                        builder.WithSecondaryPassword(EncryptionUtility.EncryptText(fileShareStorage.SecondaryPassword, thumbprintFromManifest, x509StoreNameFromManifest));
                    }

                    return(builder.Build());
                }
            }
            else if (storage.BackupStorageType == BackupStorageType.DsmsAzureBlobStore)
            {
                // DsmsAzureBlobStorage doesn't contain any encrypted strings, return the original value.
                return(storage);
            }

            throw new ArgumentException("Invalid storage type");
        }
Exemplo n.º 7
0
 private void InvokeDecryptText(string cipherText)
 {
     Console.WriteLine(EncryptionUtility.DecryptText(cipherText));
 }
        private WindowsIdentity GetIdentityToImpersonate()
        {
            WindowsIdentity identity;

            var domainUserNameToTry = this._storeInformation.PrimaryUserName;
            var passwordToTry       = this._storeInformation.PrimaryPassword;

            var retrying = false;

            do
            {
                string domainName, userName;
                var    tokens = domainUserNameToTry.Split(PathSeparator);

                if (tokens.Length == 2)
                {
                    domainName = tokens[0];
                    userName   = tokens[1];
                }
                else
                {
                    domainName = ".";
                    userName   = domainUserNameToTry;
                }

                try
                {
                    if (this._storeInformation.IsPasswordEncrypted)
                    {
                        var password = EncryptionUtility.DecryptText(passwordToTry);

                        identity = AccountHelper.CreateWindowsIdentity(
                            userName,
                            domainName,
                            password,
                            false,
                            NativeHelper.LogonType.LOGON32_LOGON_NEW_CREDENTIALS,
                            NativeHelper.LogonProvider.LOGON32_PROVIDER_WINNT50);
                    }
                    else
                    {
                        identity = AccountHelper.CreateWindowsIdentity(
                            userName,
                            domainName,
                            passwordToTry,
                            false,
                            NativeHelper.LogonType.LOGON32_LOGON_NEW_CREDENTIALS,
                            NativeHelper.LogonProvider.LOGON32_PROVIDER_WINNT50);
                    }

                    break;
                }
                catch (InvalidOperationException)
                {
                    // Retry with secondary if secondary password exist
                    if (retrying || String.IsNullOrEmpty(this._storeInformation.SecondaryUserName))
                    {
                        throw;
                    }

                    domainUserNameToTry = this._storeInformation.SecondaryUserName;
                    passwordToTry       = this._storeInformation.SecondaryPassword;
                    retrying            = true;
                }
            } while (true);

            return(identity);
        }