/// <summary>
/// 从一个字节数组中反序列化对象。
/// </summary>
/// <typeparam name="T"></typeparam>
/// <param name="bytes">字节数组。</param>
/// <returns>反序列化后的对象。</returns>
public override object Deserialize(byte[] bytes, Type type)
{
byte[] data;
if (Token != null && Token.Data != null && Token.Data.Length > 0)
{
data = new byte[bytes.Length - Token.Data.Length];
Array.Copy(bytes, Token.Data.Length, data, 0, data.Length);
if (Token.Data.Where((t, i) => t != bytes[i]).Any())
{
throw new SerializationException(SR.GetString(SRKind.SerializationTokenInvalid));
}
}
else
{
data = bytes;
}
try
{
using var stream = new MemoryStream(_cryptoProvider.Decrypt(data));
var bin = new BinaryFormatter
{
Binder = new IgnoreSerializationBinder()
};
return(bin.Deserialize(stream));
}
catch (Exception ex)
{
throw new SerializationException(SR.GetString(SRKind.DeserializationError), ex);
}
}
/// <summary>
/// Tries to parse an encrypted operation response.
/// </summary>
/// <param name="data">The data.</param>
/// <param name="cryptoProvider">The crypto provider.</param>
/// <param name="operationResponse">The operation response.</param>
/// <returns> true if the operation response was parsed successfully; otherwise false.</returns>
public bool TryParseOperationResponseEncrypted(byte[] data, ICryptoProvider cryptoProvider, out OperationResponse operationResponse)
{
object obj2;
if (cryptoProvider == null)
{
operationResponse = null;
return(false);
}
byte[] buffer = cryptoProvider.Decrypt(data, 2, data.Length - 2);
if (buffer == null)
{
operationResponse = null;
return(false);
}
if (operationDataLogger.IsDebugEnabled)
{
operationDataLogger.DebugFormat("Decrypted data: data=({0} bytes) {1}", new object[] { buffer.Length, BitConverter.ToString(buffer) });
}
int pos = 0;
if (GpBinaryByteReaderV17.TryReadOperationResponse(buffer, ref pos, out obj2))
{
operationResponse = (OperationResponse)obj2;
return(true);
}
operationResponse = null;
return(false);
}
public bool IsValidLogin(string alias, string password)
{
var user = FindUserByAlias(alias).OperationResult;
var isValid = user != null &&
cryptoProvider.Decrypt(user.Password) == password;
return(isValid);
}
/// <summary>
/// Returns the plaintext of the key this protector protects,
/// decrypting it if required.
/// </summary>
public byte[] GetKey()
{
if (_decryptedKey != null)
{
return(_decryptedKey);
}
_decryptedKey = Provider.Decrypt(ProtectorKey);
return(_decryptedKey);
}
public bool TryParseEventDataEncrypted(byte[] data, ICryptoProvider cryptoProvider, out EventData eventData)
{
if (cryptoProvider == null)
{
eventData = null;
return(false);
}
byte[] buffer = cryptoProvider.Decrypt(data, this.headerSize, data.Length - this.headerSize);
using (MemoryStream stream = new MemoryStream(buffer))
{
if (operationDataLogger.IsDebugEnabled)
{
operationDataLogger.DebugFormat("Decrypted data: data=({0} bytes) {1}", new object[] { buffer.Length, BitConverter.ToString(buffer) });
}
return(TryParseEventData(stream, out eventData));
}
}
public ActionResult Edit(Guid id, AwsProfileViewModel profileViewModel)
{
try
{
AwsProfile profile = _profileRepository.Find(id);
if (profileViewModel.SecretAccessKey == _encryptedMessagePlaceholder)
{
profileViewModel.SecretAccessKey = _cryptoProvider.Decrypt(profile.EncryptedKey, profile.EncryptedSecretAccessKey);
}
if (ValidateViewModelAgainstExternalSources(profileViewModel, newProfile: false))
{
profile.Name = profileViewModel.Name;
profile.Account = profileViewModel.Account;
profile.AccessKeyId = profileViewModel.AccessKeyId;
profile.DefaultVpcId = profileViewModel.DefaultVpcId;
profile.DefaultSubnetId = profileViewModel.DefaultSubnetId;
profile.HostedZone = profileViewModel.HostedZone;
profile.Groups = profileViewModel.Groups.ToList();
profile.DetailedBillingS3Bucket = profileViewModel.DetailedBillingS3Bucket;
if (profileViewModel.SecretAccessKey != _encryptedMessagePlaceholder)
{
string dataKey;
string encryptedAccessKey = _cryptoProvider.Encrypt(out dataKey, profileViewModel.SecretAccessKey);
profile.EncryptedSecretAccessKey = encryptedAccessKey;
profile.EncryptedKey = dataKey;
}
_profileRepository.Update(profile);
_backgroundJobClient.Enqueue <CreateIpRange>(x => x.Execute(profileViewModel.Id, profileViewModel.DefaultSubnetId));
return(RedirectToAction("Index"));
}
}
catch
{
// err, todo?
return(View(profileViewModel));
}
return(View(profileViewModel));
}
private string DecryptBase64StringIfPossible(string base64String)
{
EnvelopedCms envelopedCms;
if (!_cryptoProvider.TryParseEnvelopedCms(base64String, out envelopedCms))
{
// base64 string is not a valid envelopedCms.
// No secret to decrypt.
return(base64String);
}
try
{
return(_cryptoProvider.Decrypt(envelopedCms));
}
catch (CryptographicException ex)
{
Trace.TraceError($"Failed to decrypt secret with exception {ex}");
throw;
}
}
/// <summary>
/// Creates an instance of SettingsProvider with a ICryptoProvider instance
/// </summary>
/// <param name="cryptoProvider">CryptoProvider used for encryption and decryption</param>
public SettingsProvider(ICryptoProvider cryptoProvider)
{
_cryptoProvider = cryptoProvider;
var key = _cryptoProvider.Hash("_data");
if (PlayerPrefs.HasKey(key))
{
try
{
var decrypted = _cryptoProvider.Decrypt(PlayerPrefs.GetString(key));
_data = JsonConvert.DeserializeObject <Dictionary <string, object> >(decrypted, _serializerSettings);
}
catch (Exception ex)
{
Debug.LogErrorFormat("Corrupt settings. Deleting. Reason: {0}", ex);
PlayerPrefs.DeleteKey(key);
_data = new Dictionary <string, object>();
}
}
}
public void PerformRecovery(User user)
{
var template = new RecoveryClueTemplate()
{
Model = new RecoveryClueModel
{
ApplicationName = systemContext.AppFullName,
CustomerName = user.FullName,
RecoveryClue = cryptoProvider.Decrypt(user.PasswordRecoveryClue)
}
};
//Starting eMail submission
string senderAddress = configProvider.GetSectionKeyValue("PasswordRecovery", "EmailSenderAddress");
string senderFullName = configProvider.GetSectionKeyValue("PasswordRecovery", "EmailSenderFullName");
eMailSender.From = new MailAddress(senderAddress, senderFullName);
eMailSender.To = new MailAddress(user.Email, user.FullName);
eMailSender.IsBodyHtml = true;
eMailSender.Subject = template.Subject;
eMailSender.Body = template.TransformText();
eMailSender.Send();
}
/// <summary>
/// Tries to parse an event.
/// </summary>
/// <param name="data"> The data.</param>
/// <param name="cryptoProvider"> The crypto Provider.</param>
/// <param name="eventData">The event data.</param>
/// <returns>true if successful.</returns>
public bool TryParseEventDataEncrypted(byte[] data, ICryptoProvider cryptoProvider, out EventData eventData)
{
object obj2;
if (cryptoProvider == null)
{
eventData = null;
return(false);
}
byte[] buffer = cryptoProvider.Decrypt(data, 2, data.Length - 2);
if (operationDataLogger.IsDebugEnabled)
{
operationDataLogger.DebugFormat("Decrypted data: data=({0} bytes) {1}", new object[] { buffer.Length, BitConverter.ToString(buffer) });
}
int offset = 0;
if (GpBinaryByteReaderV17.ReadEventData(buffer, ref offset, out obj2))
{
eventData = (EventData)obj2;
return(true);
}
eventData = null;
return(false);
}
public void Decrypt(IDataSource dataSource, IDataDestination dataDestination)
{
var decryptedData = _cryptoProvider.Decrypt(dataSource.GetData());
dataDestination.PutData(decryptedData);
}
/// <summary>
/// Creates a <see cref="NameValueSettings"/> from an xml element of a config file.
/// <para>
/// NOTE: The settings collection is case sensitive.
/// </para>
/// </summary>
/// <param name="section">The XElement that contains the configuration information from the configuration file. Provides direct access to the XML contents of the configuration section</param>
/// <param name="cryptoProvider">An <see cref="ICryptoProvider"/> instance that can be used to decrypt settings.</param>
/// <param name="decryptAll">If <see langword="true" /> all settings will be decrypted. This is ignored since the <see cref="NameValueSettings"/> handles this by itself.</param>
/// <returns>A <see cref="NameValueSettings"/> instance containing the configuration data, or empty if section is null or in fact empty.</returns>
public object ReadSection(XElement section, ICryptoProvider cryptoProvider, bool decryptAll)
{
Ensure.ArgumentNotNull(section, "section");
_errors = null;
//Create a case sensitive collection
var data = new NameValueSettings();
if (section != null)
{
var settings = from node in section.Elements(ConfigElement.KeyValueSettingNode)
let key = node.Attribute(ConfigElement.SettingKeyAttribute)
let val = node.Attribute(ConfigElement.SettingValueAttribute)
where key != null && val != null
select new
{
Key = key.Value,
Value = val.Value,
Comment = node.PreviousNode as XComment
};
foreach (var node in settings)
{
string val = node.Value;
bool encrypted = false;
if (cryptoProvider != null && cryptoProvider.IsEncrypted(val))
{
try
{
val = cryptoProvider.Decrypt(val);
encrypted = true;
}
catch
{
if (_errors == null)
{
_errors = new List<ConfigError>();
}
_errors.Add(
new ConfigError(
ConfigErrorCode.InvalidConfigValue,
string.Format("Reading value of setting {0} failed, value appears to be encrypted, but decryption failed.", node.Key)));
continue;
}
}
data.SetSetting(node.Key, val, encrypted);
if (node.Comment != null)
{
data.SetDescription(node.Key, node.Comment.Value);
}
}
}
return data;
}
protected override CodedData DecodeDataFromBytes(byte[] data)
{
return(new CodedData(cryptor.Decrypt(data)));
}
public void Send()
{
var mailMessage = new MailMessage(From, To)
{
Subject = Subject,
SubjectEncoding = Encoding.UTF8,
Body = Body,
BodyEncoding = Encoding.UTF8,
IsBodyHtml = IsBodyHtml
};
ReplyToList.ToList().ForEach(t =>
{
mailMessage.ReplyToList.Add(t);
});
var smtpSection = (SmtpSection)ConfigurationManager.GetSection("system.net/mailSettings/smtp");
using (var client = new SmtpClient())
{
client.UseDefaultCredentials = true;
client.Credentials = new NetworkCredential(smtpSection.Network.UserName, cryptoProvider.Decrypt(smtpSection.Network.Password));
client.Send(mailMessage);
}
}
public void DecryptMessage(object obj)
{
EncryptoText = ConvertToString(_provider.Decrypt(ConvertToStringArray(DecryptoText)));
DecryptoText = null;
}
public AWSCredentials GetCredentials(AwsProfile profile)
{
var secretAccessKey = _cryptoProvider.Decrypt(profile.EncryptedKey, profile.EncryptedSecretAccessKey);
return(new BasicAWSCredentials(profile.AccessKeyId, secretAccessKey));
}
