Exemplo n.º 1
0
        public async Task <string> GetPasswordAsync(string dpapiFilePath, System.Security.Cryptography.DataProtectionScope scope, Config.KeyVaultSecret secretsTuple)
        {
            if (secretsTuple == null)
            {
                if (string.IsNullOrWhiteSpace(dpapiFilePath))
                {
                    return(null);
                }

                if (!File.Exists(dpapiFilePath))
                {
                    throw new BadConfigException("Protected file missing", dpapiFilePath);
                }

                return(DPAPIHelper.ReadDataFromFile(dpapiFilePath, scope));
            }

            if (string.IsNullOrWhiteSpace(secretsTuple.ApplicationIdEnvironmentVariableName))
            {
                throw new BadConfigException("Application ID", "Empty Application ID variable name");
            }

            if (string.IsNullOrWhiteSpace(secretsTuple.ApplicationSecretEnvironmentVariableName))
            {
                throw new BadConfigException("Application Secret", "Empty Application Secret variable name");
            }

            clientId     = GetRequiredEnvironmentVariable(secretsTuple.ApplicationIdEnvironmentVariableName);
            clientSecret = GetRequiredEnvironmentVariable(secretsTuple.ApplicationSecretEnvironmentVariableName);

            var kv     = new KeyVaultClient(new KeyVaultClient.AuthenticationCallback(GetToken));
            var result = await kv.GetSecretAsync(secretsTuple.KeyVaultPath);

            return(result.Value);
        }
Exemplo n.º 2
0
        public string GetPassword(string dpapiFilePath, System.Security.Cryptography.DataProtectionScope scope, Config.KeyVaultSecret secretsTuple)
        {
            var task = GetPasswordAsync(dpapiFilePath, scope, secretsTuple);

            task.Wait();
            if (task.IsFaulted)
            {
                throw task.Exception;
            }
            return(task.Result);
        }
        public static string Encryption_AES()
        {
            string StringToEncrypt = RandomString(16);

            // Registry...
            string keyName    = @"HKEY_CURRENT_USER";
            string subKey     = @"AESEncrytion";
            string valueName  = "AESKeyData";
            string valueName2 = "AppPassword";

            System.Security.Cryptography.DataProtectionScope dpScope = DataProtectionScope.CurrentUser;

            string key;
            int    keysize = 128;

            // Create Encryption Key.
            key = TTC1.GenerateKey(keysize);

            // For additional security Pin the key.
            GCHandle gch = GCHandle.Alloc(key, GCHandleType.Pinned);

            // Store key into registry, using DPAPI.
            TTC1.StoreKey(keyName, subKey, valueName, key, dpScope);

            // Encrypt the string.
            string EncryptedHexString = TTC1.Encrypt(StringToEncrypt, key, keysize);

            TTC1.StoreKey(keyName, subKey, valueName2, EncryptedHexString, dpScope);

            // Decrypt the string.
            string DecryptedHexString = TTC1.Decrypt(EncryptedHexString, TTC1.ReadKey(keyName, subKey, valueName), keysize);

            //Console.WriteLine("{0}", DecryptedHexString);

            return(DecryptedHexString);
        }
Exemplo n.º 4
0
        public static void StoreKey(string keyName, string subKey, string valueName, string key, System.Security.Cryptography.DataProtectionScope dpScope)
        {
            // Turn string key into byte array.
            byte[] keyAsBytes = UnicodeEncoding.ASCII.GetBytes(key);

            // Store key to protected byte array.
            byte[] encryptedKeyPair = ProtectedData.Protect(keyAsBytes, null, dpScope);

            // Create a security context.
            string             user     = Environment.UserDomainName + "\\" + Environment.UserName;
            RegistrySecurity   security = new RegistrySecurity();
            RegistryAccessRule rule     = new RegistryAccessRule(user
                                                                 , RegistryRights.FullControl
                                                                 , InheritanceFlags.ContainerInherit
                                                                 , PropagationFlags.None
                                                                 , AccessControlType.Allow);

            // Add rule to RegistrySecurity.
            security.AddAccessRule(rule);

            // Create registry key and apply security context
            Registry.CurrentUser.CreateSubKey(subKey, RegistryKeyPermissionCheck.ReadWriteSubTree, security);

            // Write the encrypted connection string into the registry
            Registry.SetValue(keyName + @"\" + subKey, valueName, encryptedKeyPair);
        }