CredWrite() private method

private CredWrite ( NativeCredential &Credential, int Flags ) : bool
Credential NativeCredential
Flags int
return bool
Exemplo n.º 1
0
        private static bool WriteCredential(string key, string userName, string secret)
        {
            var byteArray = Encoding.Unicode.GetBytes(secret);

            if (byteArray.Length > 512)
            {
                throw new ArgumentOutOfRangeException("secret", "The secret message has exceeded 512 bytes.");
            }

            var cred = new CredUi.Credential();

            cred.TargetName         = key;
            cred.UserName           = userName;
            cred.CredentialBlob     = secret;
            cred.CredentialBlobSize = (UInt32)Encoding.Unicode.GetBytes(secret).Length;
            cred.AttributeCount     = 0;
            cred.Attributes         = IntPtr.Zero;
            cred.Comment            = null;
            cred.TargetAlias        = null;
            cred.Type    = CredUi.CredTypes.CRED_TYPE_GENERIC;
            cred.Persist = CredUi.IsWindowsVistaOrEarlier ? CredUi.CredPersistance.Session : CredUi.CredPersistance.LocalMachine;

            var ncred     = CredUi.NativeCredential.GetNativeCredential(cred);
            var written   = CredUi.CredWrite(ref ncred, 0);
            var lastError = Marshal.GetLastWin32Error();

            if (!written)
            {
                var message = string.Format("CredWrite failed with the error code {0}.", lastError);
                throw new CredentialException(lastError, message);
            }

            return(true);
        }
        private void WriteCredential(string key, string userName, string secret)
        {
            if (_credentialStoragePolicy == CredentialStoragePolicy.None)
            {
                Log.Debug("Writing credentials disabled according to used storage policy");
                return;
            }

            if (_credentialStoragePolicy == CredentialStoragePolicy.Configuration)
            {
                Log.Debug("Force writing credentials to configuration");
                WriteCredentialToConfiguration(key, userName, secret);
                return;
            }

            var byteArray = Encoding.Unicode.GetBytes(secret);

            if (byteArray.Length > 512)
            {
                throw Log.ErrorAndCreateException(x => new ArgumentOutOfRangeException(nameof(secret), x), "The secret message has exceeded 512 bytes.");
            }

            Log.Debug("Writing credentials with username '{0}' for key '{1}'", userName, key);

            var cred = new CredUi.Credential
            {
                TargetName         = key,
                UserName           = userName,
                CredentialBlob     = secret,
                CredentialBlobSize = (uint)Encoding.Unicode.GetBytes(secret).Length,
                AttributeCount     = 0,
                Attributes         = IntPtr.Zero,
                Comment            = null,
                TargetAlias        = null,
                Type    = CredUi.CredTypes.CRED_TYPE_GENERIC,
                Persist = CredUi.IsWindowsVistaOrEarlier ? CredUi.CredPersistance.Session : CredUi.CredPersistance.LocalMachine
            };

            Log.Debug("Persisting credentials as '{0}'", cred.Persist);

            var ncred     = CredUi.NativeCredential.GetNativeCredential(cred);
            var written   = CredUi.CredWrite(ref ncred, 0);
            var lastError = Marshal.GetLastWin32Error();

            if (!written)
            {
                throw Log.ErrorAndCreateException(x => new CredentialException(lastError, x), "CredWrite failed with the error code '{0}'", lastError);
            }

            // Note: immediately read it for ORCOMP-229
            var credential = ReadCredential(key, false);

            if ((credential is null || string.IsNullOrWhiteSpace(credential.Password)) && _credentialStoragePolicy == CredentialStoragePolicy.WindowsVaultConfigurationFallback)
            {
                WriteCredentialToConfiguration(key, cred.UserName, secret);
            }

            Log.Debug("Successfully written credentials for key '{0}'", key);
        }
        private bool WriteCredential(string key, string userName, string secret)
        {
            var byteArray = Encoding.Unicode.GetBytes(secret);

            if (byteArray.Length > 512)
            {
                throw Log.ErrorAndCreateException(x => new ArgumentOutOfRangeException("secret", x), "The secret message has exceeded 512 bytes.");
            }

            Log.Debug("Writing credentials with username '{0}' for key '{1}'", userName, key);

            var cred = new CredUi.Credential();

            cred.TargetName         = key;
            cred.UserName           = userName;
            cred.CredentialBlob     = secret;
            cred.CredentialBlobSize = (uint)Encoding.Unicode.GetBytes(secret).Length;
            cred.AttributeCount     = 0;
            cred.Attributes         = IntPtr.Zero;
            cred.Comment            = null;
            cred.TargetAlias        = null;
            cred.Type    = CredUi.CredTypes.CRED_TYPE_GENERIC;
            cred.Persist = CredUi.IsWindowsVistaOrEarlier ? CredUi.CredPersistance.Session : CredUi.CredPersistance.LocalMachine;

            Log.Debug("Persisting credentials as '{0}'", cred.Persist);

            var ncred     = CredUi.NativeCredential.GetNativeCredential(cred);
            var written   = CredUi.CredWrite(ref ncred, 0);
            var lastError = Marshal.GetLastWin32Error();

            if (!written)
            {
                throw Log.ErrorAndCreateException(x => new CredentialException(lastError, x), "CredWrite failed with the error code '{0}'", lastError);
            }

            // Note: immediately read it for ORCOMP-229
            var credential = ReadCredential(key, false);

            if (credential == null || string.IsNullOrWhiteSpace(credential.Password))
            {
                var configurationKey = GetPasswordConfigurationKey(key, cred.UserName);
                var encryptionKey    = GetEncryptionKey(key, cred.UserName);

                Log.Debug("Failed to write credentials to vault, probably a company policy. Falling back to writing configuration key '{0}'", configurationKey);

                var encryptedPassword = EncryptionHelper.Encrypt(secret, encryptionKey);
                _configurationService.SetRoamingValue(configurationKey, encryptedPassword);
            }

            Log.Debug("Successfully written credentials for key '{0}'", key);

            return(true);
        }