private static void UsePasswordGroup(PasswordDb db, PasswordGroup passwordGroup) { while (true) { Console.WriteLine(); Console.WriteLine($"Group: {passwordGroup.GroupName}"); Console.WriteLine("0: Back to main menu"); var menuItem = 1; var entries = passwordGroup.PasswordEntries.OrderBy(pe => pe.Name).ToList(); foreach (var entry in entries) { var entryValue = entry.IsValueEncrypted ? "****" : entry.Value; Console.WriteLine($"{menuItem}: {entry.Name}\t{entryValue}"); menuItem++; } Console.WriteLine(); Console.Write("Option: "); if (!int.TryParse(Console.ReadLine().Trim(), out var choice) || choice < 0 || choice >= menuItem) { continue; } if (choice == 0) { return; } DecryptPassword(db, passwordGroup, entries[choice - 1]); } }
private static void DecryptPassword(PasswordDb db, PasswordGroup passwordGroup, PasswordEntry passwordEntry) { while (true) { if (!passwordEntry.IsValueEncrypted || masterPassword != null) { break; } Console.WriteLine(); Console.Write("Enter master password: "******"Invalid master password entered, please try again."); continue; } masterPassword = enteredMasterPassword; break; } } Console.WriteLine(); Console.WriteLine($"Group: {passwordGroup.GroupName}"); Console.WriteLine($"Name: {passwordEntry.Name}"); var passwordValue = passwordEntry.Value; if (passwordEntry.IsValueEncrypted) { using (var secure = new Secure()) { passwordValue = secure.Decrypt(masterPassword, db.IV, passwordEntry.Salt, passwordValue); } } Console.WriteLine($"Value: {passwordValue}"); Console.WriteLine(); Console.WriteLine("Press return to continue..."); Console.ReadLine(); }
public async Task <GenerateLinkModel> Handle(GeneratePasswordLinkRequest request, CancellationToken cancellationToken) { var key = _keyGenerator.GenerateKey(); var passwordGroup = new PasswordGroup { Id = Guid.NewGuid(), Passwords = request.Passwords.Select(password => Handle(password, key)).ToArray(), }; var expiration = TimeSpan.FromSeconds(request.ExpiresIn); _logger.Information("Create new group {@group} for {@expiration}", passwordGroup, expiration); var redisClient = _redisClientFactory.GetClient(); await redisClient.SetAsync(new PasswordGroupKey(passwordGroup.Id), passwordGroup, expiration); return(new GenerateLinkModel { Key = _keyGenerator.ToString(key), PasswordGroupId = passwordGroup.Id }); }
public GroupViewModel(PasswordGroup group) { Name = group.GroupName; Entries = group.PasswordEntries.Select(pe => new EntryViewModel(pe)).OrderBy(pe => pe.Name); }
public async Task <ActionResult> Add([FromForm] EncryptDecryptInfo info) { logger.LogDebug("Received encrypt info: {0}", info); if (!ModelState.IsValid) { return(new ObjectResult(new { Added = false, Reason = ActionFailReason.InvalidInput, Group = info.Group, Entry = info.Entry })); } var masterPassword = info.MasterPassword; if (string.IsNullOrWhiteSpace(masterPassword)) { masterPassword = this.RememberedMasterPassword(); } else if (info.RememberMasterPassword) { this.RememberMasterPassword(info.MasterPassword); } if (string.IsNullOrWhiteSpace(masterPassword)) { return(new ObjectResult(new { Added = false, Reason = ActionFailReason.NeedMasterPassword, Group = info.Group, Entry = info.Entry })); } using (var secure = new Secure()) { var userAccount = await userAccountRepository.GetUserAccountAsync(User); var passwordDb = userAccount.GetPasswordDb(); if (!secure.ValidateHash(masterPassword, passwordDb.MasterPassword)) { return(new ObjectResult(new { Added = false, Reason = ActionFailReason.MasterPasswordInvalid, Group = info.Group, Entry = info.Entry })); } var group = passwordDb.PasswordGroups.FirstOrDefault(pg => pg.GroupName == info.Group); if (group == null) { group = new PasswordGroup { GroupName = info.Group }; passwordDb.PasswordGroups.Add(group); } var entry = group.PasswordEntries.FirstOrDefault(pe => pe.Name == info.Entry); if (entry == null) { // no existing entry, adding a new one entry = new PasswordEntry { Name = info.Entry }; group.PasswordEntries.Add(entry); } entry.IsValueEncrypted = info.ValueEncrypted; if (info.ValueEncrypted) { var encryptedInfo = secure.Encrypt(masterPassword, passwordDb.IV, info.Value); entry.Salt = encryptedInfo.Salt; entry.Value = encryptedInfo.EncryptedValueBase64Encoded; passwordDb.IV = passwordDb.IV ?? encryptedInfo.IV; } else { entry.Salt = null; entry.Value = info.Value; } userAccount.SetPasswordDb(passwordDb); await userAccountRepository.SaveUserAccountAsync(userAccount); return(new ObjectResult(new { Added = true, Group = info.Group, Entry = info.Entry })); } }
public void TestSetAndGet() { var group1 = new PasswordGroup { GroupName = "group 1", PasswordEntries = { new PasswordEntry { Name = "entry 1.1", IsValueEncrypted = false, Value = "plain text 1.1" }, new PasswordEntry { Name = "entry 1.2", IsValueEncrypted = true, Value = "encrypted value 1.2", Salt = new byte[]{ 1, 2 } } } }; var group2 = new PasswordGroup { GroupName = "group 2", PasswordEntries = { new PasswordEntry { Name = "entry 2.1", IsValueEncrypted = true, Value = "encrypted value 2.1", Salt = new byte[]{ 2, 1 } } } }; var db = new PasswordDb { MasterPassword = "******", IV = new byte[] { 1, 2, 3, 4 }, PasswordGroups = { group1, group2 } }; var account = new UserAccount(); Assert.Null(account.PasswordDatabase); PasswordDbExtensions.SetPasswordDb(account, db); Assert.NotNull(account.PasswordDatabase); Assert.NotEqual("", account.PasswordDatabase); var deserialized = PasswordDbExtensions.GetPasswordDb(account); Assert.NotNull(deserialized); Assert.Equal("hashed password", deserialized.MasterPassword); Assert.Equal(new byte[] { 1, 2, 3, 4 }, deserialized.IV); Assert.Equal(2, deserialized.PasswordGroups.Count); Assert.Equal("group 1", deserialized.PasswordGroups.ElementAt(0).GroupName); Assert.Equal(2, deserialized.PasswordGroups.ElementAt(0).PasswordEntries.Count); Assert.Equal("entry 1.1", deserialized.PasswordGroups.ElementAt(0).PasswordEntries.ElementAt(0).Name); Assert.False(deserialized.PasswordGroups.ElementAt(0).PasswordEntries.ElementAt(0).IsValueEncrypted); Assert.Equal("plain text 1.1", deserialized.PasswordGroups.ElementAt(0).PasswordEntries.ElementAt(0).Value); Assert.Null(deserialized.PasswordGroups.ElementAt(0).PasswordEntries.ElementAt(0).Salt); Assert.Equal("entry 1.2", deserialized.PasswordGroups.ElementAt(0).PasswordEntries.ElementAt(1).Name); Assert.True(deserialized.PasswordGroups.ElementAt(0).PasswordEntries.ElementAt(1).IsValueEncrypted); Assert.Equal("encrypted value 1.2", deserialized.PasswordGroups.ElementAt(0).PasswordEntries.ElementAt(1).Value); Assert.Equal(new byte[] { 1, 2 }, deserialized.PasswordGroups.ElementAt(0).PasswordEntries.ElementAt(1).Salt); Assert.Equal("group 2", deserialized.PasswordGroups.ElementAt(1).GroupName); Assert.Single(deserialized.PasswordGroups.ElementAt(1).PasswordEntries); Assert.Equal("entry 2.1", deserialized.PasswordGroups.ElementAt(1).PasswordEntries.ElementAt(0).Name); Assert.True(deserialized.PasswordGroups.ElementAt(1).PasswordEntries.ElementAt(0).IsValueEncrypted); Assert.Equal("encrypted value 2.1", deserialized.PasswordGroups.ElementAt(1).PasswordEntries.ElementAt(0).Value); Assert.Equal(new byte[] { 2, 1 }, deserialized.PasswordGroups.ElementAt(1).PasswordEntries.ElementAt(0).Salt); }