private static void UsePasswordGroup(PasswordDb db, PasswordGroup passwordGroup)
{
while (true)
{
Console.WriteLine();
Console.WriteLine($"Group: {passwordGroup.GroupName}");
Console.WriteLine("0: Back to main menu");
var menuItem = 1;
var entries = passwordGroup.PasswordEntries.OrderBy(pe => pe.Name).ToList();
foreach (var entry in entries)
{
var entryValue = entry.IsValueEncrypted ? "****" : entry.Value;
Console.WriteLine($"{menuItem}: {entry.Name}\t{entryValue}");
menuItem++;
}
Console.WriteLine();
Console.Write("Option: ");
if (!int.TryParse(Console.ReadLine().Trim(), out var choice) ||
choice < 0 || choice >= menuItem)
{
continue;
}
if (choice == 0)
{
return;
}
DecryptPassword(db, passwordGroup, entries[choice - 1]);
}
}
private static void DecryptPassword(PasswordDb db, PasswordGroup passwordGroup, PasswordEntry passwordEntry)
{
while (true)
{
if (!passwordEntry.IsValueEncrypted || masterPassword != null)
{
break;
}
Console.WriteLine();
Console.Write("Enter master password: "******"Invalid master password entered, please try again.");
continue;
}
masterPassword = enteredMasterPassword;
break;
}
}
Console.WriteLine();
Console.WriteLine($"Group: {passwordGroup.GroupName}");
Console.WriteLine($"Name: {passwordEntry.Name}");
var passwordValue = passwordEntry.Value;
if (passwordEntry.IsValueEncrypted)
{
using (var secure = new Secure())
{
passwordValue = secure.Decrypt(masterPassword, db.IV, passwordEntry.Salt, passwordValue);
}
}
Console.WriteLine($"Value: {passwordValue}");
Console.WriteLine();
Console.WriteLine("Press return to continue...");
Console.ReadLine();
}
public async Task <GenerateLinkModel> Handle(GeneratePasswordLinkRequest request, CancellationToken cancellationToken)
{
var key = _keyGenerator.GenerateKey();
var passwordGroup = new PasswordGroup
{
Id = Guid.NewGuid(),
Passwords = request.Passwords.Select(password => Handle(password, key)).ToArray(),
};
var expiration = TimeSpan.FromSeconds(request.ExpiresIn);
_logger.Information("Create new group {@group} for {@expiration}", passwordGroup, expiration);
var redisClient = _redisClientFactory.GetClient();
await redisClient.SetAsync(new PasswordGroupKey(passwordGroup.Id), passwordGroup, expiration);
return(new GenerateLinkModel
{
Key = _keyGenerator.ToString(key),
PasswordGroupId = passwordGroup.Id
});
}
public GroupViewModel(PasswordGroup group)
{
Name = group.GroupName;
Entries = group.PasswordEntries.Select(pe => new EntryViewModel(pe)).OrderBy(pe => pe.Name);
}
public async Task <ActionResult> Add([FromForm] EncryptDecryptInfo info)
{
logger.LogDebug("Received encrypt info: {0}", info);
if (!ModelState.IsValid)
{
return(new ObjectResult(new {
Added = false,
Reason = ActionFailReason.InvalidInput,
Group = info.Group,
Entry = info.Entry
}));
}
var masterPassword = info.MasterPassword;
if (string.IsNullOrWhiteSpace(masterPassword))
{
masterPassword = this.RememberedMasterPassword();
}
else if (info.RememberMasterPassword)
{
this.RememberMasterPassword(info.MasterPassword);
}
if (string.IsNullOrWhiteSpace(masterPassword))
{
return(new ObjectResult(new {
Added = false,
Reason = ActionFailReason.NeedMasterPassword,
Group = info.Group,
Entry = info.Entry
}));
}
using (var secure = new Secure())
{
var userAccount = await userAccountRepository.GetUserAccountAsync(User);
var passwordDb = userAccount.GetPasswordDb();
if (!secure.ValidateHash(masterPassword, passwordDb.MasterPassword))
{
return(new ObjectResult(new {
Added = false,
Reason = ActionFailReason.MasterPasswordInvalid,
Group = info.Group,
Entry = info.Entry
}));
}
var group = passwordDb.PasswordGroups.FirstOrDefault(pg => pg.GroupName == info.Group);
if (group == null)
{
group = new PasswordGroup {
GroupName = info.Group
};
passwordDb.PasswordGroups.Add(group);
}
var entry = group.PasswordEntries.FirstOrDefault(pe => pe.Name == info.Entry);
if (entry == null)
{
// no existing entry, adding a new one
entry = new PasswordEntry {
Name = info.Entry
};
group.PasswordEntries.Add(entry);
}
entry.IsValueEncrypted = info.ValueEncrypted;
if (info.ValueEncrypted)
{
var encryptedInfo = secure.Encrypt(masterPassword, passwordDb.IV, info.Value);
entry.Salt = encryptedInfo.Salt;
entry.Value = encryptedInfo.EncryptedValueBase64Encoded;
passwordDb.IV = passwordDb.IV ?? encryptedInfo.IV;
}
else
{
entry.Salt = null;
entry.Value = info.Value;
}
userAccount.SetPasswordDb(passwordDb);
await userAccountRepository.SaveUserAccountAsync(userAccount);
return(new ObjectResult(new {
Added = true,
Group = info.Group,
Entry = info.Entry
}));
}
}
public void TestSetAndGet()
{
var group1 = new PasswordGroup {
GroupName = "group 1", PasswordEntries =
{
new PasswordEntry {
Name = "entry 1.1", IsValueEncrypted = false, Value = "plain text 1.1"
},
new PasswordEntry {
Name = "entry 1.2", IsValueEncrypted = true, Value = "encrypted value 1.2", Salt = new byte[]{ 1, 2 }
}
}
};
var group2 = new PasswordGroup {
GroupName = "group 2", PasswordEntries =
{
new PasswordEntry {
Name = "entry 2.1", IsValueEncrypted = true, Value = "encrypted value 2.1", Salt = new byte[]{ 2, 1 }
}
}
};
var db = new PasswordDb {
MasterPassword = "******",
IV = new byte[] { 1, 2, 3, 4 },
PasswordGroups = { group1, group2 }
};
var account = new UserAccount();
Assert.Null(account.PasswordDatabase);
PasswordDbExtensions.SetPasswordDb(account, db);
Assert.NotNull(account.PasswordDatabase);
Assert.NotEqual("", account.PasswordDatabase);
var deserialized = PasswordDbExtensions.GetPasswordDb(account);
Assert.NotNull(deserialized);
Assert.Equal("hashed password", deserialized.MasterPassword);
Assert.Equal(new byte[] { 1, 2, 3, 4 }, deserialized.IV);
Assert.Equal(2, deserialized.PasswordGroups.Count);
Assert.Equal("group 1", deserialized.PasswordGroups.ElementAt(0).GroupName);
Assert.Equal(2, deserialized.PasswordGroups.ElementAt(0).PasswordEntries.Count);
Assert.Equal("entry 1.1", deserialized.PasswordGroups.ElementAt(0).PasswordEntries.ElementAt(0).Name);
Assert.False(deserialized.PasswordGroups.ElementAt(0).PasswordEntries.ElementAt(0).IsValueEncrypted);
Assert.Equal("plain text 1.1", deserialized.PasswordGroups.ElementAt(0).PasswordEntries.ElementAt(0).Value);
Assert.Null(deserialized.PasswordGroups.ElementAt(0).PasswordEntries.ElementAt(0).Salt);
Assert.Equal("entry 1.2", deserialized.PasswordGroups.ElementAt(0).PasswordEntries.ElementAt(1).Name);
Assert.True(deserialized.PasswordGroups.ElementAt(0).PasswordEntries.ElementAt(1).IsValueEncrypted);
Assert.Equal("encrypted value 1.2", deserialized.PasswordGroups.ElementAt(0).PasswordEntries.ElementAt(1).Value);
Assert.Equal(new byte[] { 1, 2 }, deserialized.PasswordGroups.ElementAt(0).PasswordEntries.ElementAt(1).Salt);
Assert.Equal("group 2", deserialized.PasswordGroups.ElementAt(1).GroupName);
Assert.Single(deserialized.PasswordGroups.ElementAt(1).PasswordEntries);
Assert.Equal("entry 2.1", deserialized.PasswordGroups.ElementAt(1).PasswordEntries.ElementAt(0).Name);
Assert.True(deserialized.PasswordGroups.ElementAt(1).PasswordEntries.ElementAt(0).IsValueEncrypted);
Assert.Equal("encrypted value 2.1", deserialized.PasswordGroups.ElementAt(1).PasswordEntries.ElementAt(0).Value);
Assert.Equal(new byte[] { 2, 1 }, deserialized.PasswordGroups.ElementAt(1).PasswordEntries.ElementAt(0).Salt);
}
