Exemplo n.º 1
0
        private static void UsePasswordGroup(PasswordDb db, PasswordGroup passwordGroup)
        {
            while (true)
            {
                Console.WriteLine();

                Console.WriteLine($"Group: {passwordGroup.GroupName}");
                Console.WriteLine("0: Back to main menu");
                var menuItem = 1;
                var entries  = passwordGroup.PasswordEntries.OrderBy(pe => pe.Name).ToList();
                foreach (var entry in entries)
                {
                    var entryValue = entry.IsValueEncrypted ? "****" : entry.Value;
                    Console.WriteLine($"{menuItem}: {entry.Name}\t{entryValue}");
                    menuItem++;
                }
                Console.WriteLine();
                Console.Write("Option: ");
                if (!int.TryParse(Console.ReadLine().Trim(), out var choice) ||
                    choice < 0 || choice >= menuItem)
                {
                    continue;
                }
                if (choice == 0)
                {
                    return;
                }
                DecryptPassword(db, passwordGroup, entries[choice - 1]);
            }
        }
Exemplo n.º 2
0
        private static void DecryptPassword(PasswordDb db, PasswordGroup passwordGroup, PasswordEntry passwordEntry)
        {
            while (true)
            {
                if (!passwordEntry.IsValueEncrypted || masterPassword != null)
                {
                    break;
                }
                Console.WriteLine();
                Console.Write("Enter master password: "******"Invalid master password entered, please try again.");
                        continue;
                    }
                    masterPassword = enteredMasterPassword;
                    break;
                }
            }

            Console.WriteLine();
            Console.WriteLine($"Group: {passwordGroup.GroupName}");
            Console.WriteLine($"Name: {passwordEntry.Name}");
            var passwordValue = passwordEntry.Value;

            if (passwordEntry.IsValueEncrypted)
            {
                using (var secure = new Secure())
                {
                    passwordValue = secure.Decrypt(masterPassword, db.IV, passwordEntry.Salt, passwordValue);
                }
            }
            Console.WriteLine($"Value: {passwordValue}");
            Console.WriteLine();
            Console.WriteLine("Press return to continue...");
            Console.ReadLine();
        }
Exemplo n.º 3
0
        public async Task <GenerateLinkModel> Handle(GeneratePasswordLinkRequest request, CancellationToken cancellationToken)
        {
            var key = _keyGenerator.GenerateKey();

            var passwordGroup = new PasswordGroup
            {
                Id        = Guid.NewGuid(),
                Passwords = request.Passwords.Select(password => Handle(password, key)).ToArray(),
            };

            var expiration = TimeSpan.FromSeconds(request.ExpiresIn);

            _logger.Information("Create new group {@group} for {@expiration}", passwordGroup, expiration);

            var redisClient = _redisClientFactory.GetClient();
            await redisClient.SetAsync(new PasswordGroupKey(passwordGroup.Id), passwordGroup, expiration);

            return(new GenerateLinkModel
            {
                Key = _keyGenerator.ToString(key),
                PasswordGroupId = passwordGroup.Id
            });
        }
Exemplo n.º 4
0
 public GroupViewModel(PasswordGroup group)
 {
     Name    = group.GroupName;
     Entries = group.PasswordEntries.Select(pe => new EntryViewModel(pe)).OrderBy(pe => pe.Name);
 }
Exemplo n.º 5
0
        public async Task <ActionResult> Add([FromForm] EncryptDecryptInfo info)
        {
            logger.LogDebug("Received encrypt info: {0}", info);
            if (!ModelState.IsValid)
            {
                return(new ObjectResult(new {
                    Added = false,
                    Reason = ActionFailReason.InvalidInput,
                    Group = info.Group,
                    Entry = info.Entry
                }));
            }

            var masterPassword = info.MasterPassword;

            if (string.IsNullOrWhiteSpace(masterPassword))
            {
                masterPassword = this.RememberedMasterPassword();
            }
            else if (info.RememberMasterPassword)
            {
                this.RememberMasterPassword(info.MasterPassword);
            }

            if (string.IsNullOrWhiteSpace(masterPassword))
            {
                return(new ObjectResult(new {
                    Added = false,
                    Reason = ActionFailReason.NeedMasterPassword,
                    Group = info.Group,
                    Entry = info.Entry
                }));
            }

            using (var secure = new Secure())
            {
                var userAccount = await userAccountRepository.GetUserAccountAsync(User);

                var passwordDb = userAccount.GetPasswordDb();

                if (!secure.ValidateHash(masterPassword, passwordDb.MasterPassword))
                {
                    return(new ObjectResult(new {
                        Added = false,
                        Reason = ActionFailReason.MasterPasswordInvalid,
                        Group = info.Group,
                        Entry = info.Entry
                    }));
                }

                var group = passwordDb.PasswordGroups.FirstOrDefault(pg => pg.GroupName == info.Group);
                if (group == null)
                {
                    group = new PasswordGroup {
                        GroupName = info.Group
                    };
                    passwordDb.PasswordGroups.Add(group);
                }
                var entry = group.PasswordEntries.FirstOrDefault(pe => pe.Name == info.Entry);
                if (entry == null)
                {
                    // no existing entry, adding a new one
                    entry = new PasswordEntry {
                        Name = info.Entry
                    };
                    group.PasswordEntries.Add(entry);
                }
                entry.IsValueEncrypted = info.ValueEncrypted;

                if (info.ValueEncrypted)
                {
                    var encryptedInfo = secure.Encrypt(masterPassword, passwordDb.IV, info.Value);
                    entry.Salt    = encryptedInfo.Salt;
                    entry.Value   = encryptedInfo.EncryptedValueBase64Encoded;
                    passwordDb.IV = passwordDb.IV ?? encryptedInfo.IV;
                }
                else
                {
                    entry.Salt  = null;
                    entry.Value = info.Value;
                }

                userAccount.SetPasswordDb(passwordDb);
                await userAccountRepository.SaveUserAccountAsync(userAccount);

                return(new ObjectResult(new {
                    Added = true,
                    Group = info.Group,
                    Entry = info.Entry
                }));
            }
        }
Exemplo n.º 6
0
        public void TestSetAndGet()
        {
            var group1 = new PasswordGroup {
                GroupName = "group 1", PasswordEntries =
                {
                    new PasswordEntry {
                        Name = "entry 1.1", IsValueEncrypted = false, Value = "plain text 1.1"
                    },
                    new PasswordEntry {
                        Name = "entry 1.2", IsValueEncrypted = true, Value = "encrypted value 1.2", Salt = new byte[]{                                                                                 1, 2 }
                    }
                }
            };

            var group2 = new PasswordGroup {
                GroupName = "group 2", PasswordEntries =
                {
                    new PasswordEntry {
                        Name = "entry 2.1", IsValueEncrypted = true, Value = "encrypted value 2.1", Salt = new byte[]{                                                                                 2, 1 }
                    }
                }
            };

            var db = new PasswordDb {
                MasterPassword = "******",
                IV             = new byte[] { 1, 2, 3, 4 },
                PasswordGroups = { group1, group2 }
            };

            var account = new UserAccount();

            Assert.Null(account.PasswordDatabase);

            PasswordDbExtensions.SetPasswordDb(account, db);

            Assert.NotNull(account.PasswordDatabase);
            Assert.NotEqual("", account.PasswordDatabase);

            var deserialized = PasswordDbExtensions.GetPasswordDb(account);

            Assert.NotNull(deserialized);

            Assert.Equal("hashed password", deserialized.MasterPassword);
            Assert.Equal(new byte[] { 1, 2, 3, 4 }, deserialized.IV);
            Assert.Equal(2, deserialized.PasswordGroups.Count);

            Assert.Equal("group 1", deserialized.PasswordGroups.ElementAt(0).GroupName);
            Assert.Equal(2, deserialized.PasswordGroups.ElementAt(0).PasswordEntries.Count);

            Assert.Equal("entry 1.1", deserialized.PasswordGroups.ElementAt(0).PasswordEntries.ElementAt(0).Name);
            Assert.False(deserialized.PasswordGroups.ElementAt(0).PasswordEntries.ElementAt(0).IsValueEncrypted);
            Assert.Equal("plain text 1.1", deserialized.PasswordGroups.ElementAt(0).PasswordEntries.ElementAt(0).Value);
            Assert.Null(deserialized.PasswordGroups.ElementAt(0).PasswordEntries.ElementAt(0).Salt);

            Assert.Equal("entry 1.2", deserialized.PasswordGroups.ElementAt(0).PasswordEntries.ElementAt(1).Name);
            Assert.True(deserialized.PasswordGroups.ElementAt(0).PasswordEntries.ElementAt(1).IsValueEncrypted);
            Assert.Equal("encrypted value 1.2", deserialized.PasswordGroups.ElementAt(0).PasswordEntries.ElementAt(1).Value);
            Assert.Equal(new byte[] { 1, 2 }, deserialized.PasswordGroups.ElementAt(0).PasswordEntries.ElementAt(1).Salt);

            Assert.Equal("group 2", deserialized.PasswordGroups.ElementAt(1).GroupName);
            Assert.Single(deserialized.PasswordGroups.ElementAt(1).PasswordEntries);

            Assert.Equal("entry 2.1", deserialized.PasswordGroups.ElementAt(1).PasswordEntries.ElementAt(0).Name);
            Assert.True(deserialized.PasswordGroups.ElementAt(1).PasswordEntries.ElementAt(0).IsValueEncrypted);
            Assert.Equal("encrypted value 2.1", deserialized.PasswordGroups.ElementAt(1).PasswordEntries.ElementAt(0).Value);
            Assert.Equal(new byte[] { 2, 1 }, deserialized.PasswordGroups.ElementAt(1).PasswordEntries.ElementAt(0).Salt);
        }