private void btnOk_Click(object sender, EventArgs e) { m_Config.Key2Transformations = (ulong)numTransformations.Value; m_Config.Algorithm1 = ((KeyValuePair <SymAlgoCode, string>)cmbAlgo1.SelectedItem).Key; m_Config.Algorithm2 = ((KeyValuePair <SymAlgoCode, string>)cmbAlgo2.SelectedItem).Key; if (grp2ndKey.Enabled) { if (rdoDual.Checked) { if (m_Config.GetNewDualPassword() == null) { return; } m_Config.KeyOption = KeyOption.DualPassword; } else if (rdoSingle.Checked) { m_Config.DeriveDualKey(); m_Config.KeyOption = KeyOption.SinglePassword; } else if (rdoYubikeyHMACMode.Checked) { if (!rdoSlot1.Checked && !rdoSlot2.Checked) { MessageService.ShowWarning("MultiCipher Plugin:", "Please Choose Yubikey Slot"); return; } if (!rdoVariable.Checked && !rdoFixed.Checked) { MessageService.ShowWarning("MultiCipher Plugin:", "Please Choose Variable or Fixed Challenge Input"); return; } byte YubikeySlot = 2; byte ChallengeLength = ConfigYubikey.CHALLENGE_LEN_64; if (rdoSlot1.Checked) { YubikeySlot = 1; } if (rdoVariable.Checked) { ChallengeLength = ConfigYubikey.CHALLENGE_LEN_VARIABLE; } bool ValidateKey = MessageService.AskYesNo("It is highly recommended that you validate the secret key to make sure that Challenge/Response is working correctly.\r\n\r\nDo you want to validate the secret key", "Please Confirm", true, MessageBoxIcon.Question); ProtectedBinary Response; if (ValidateKey) { var f = new VerifyFrm(); DialogResult dr = f.ShowDialog(); ProtectedBinary SecProtected = f.SecretKey; UIUtil.DestroyForm(f); if (dr != DialogResult.OK || SecProtected == null) { return; } Response = m_Config.Yubikey.GetYubikeyResponse(YubikeySlot, ChallengeLength, SecProtected, false); } else { Response = m_Config.Yubikey.GetYubikeyResponse(YubikeySlot, ChallengeLength, null, false); } if (Response == null) { MessageService.ShowWarning("Yubikey Challenge/Response Failed"); return; } if (ValidateKey) { MessageService.ShowInfo("Key Validation Successful!"); } m_Config.GetFromRecovery(Response); // Set the 2nd key m_Config.YubikeySlot = YubikeySlot; m_Config.YubikeyChallengeLength = ChallengeLength; m_Config.KeyOption = KeyOption.Yubikey_HMAC_SHA1; // Show the newly generated 2nd key to the user var fRecovery = new RecoveryKeyFrm(Response); fRecovery.ShowDialog(); UIUtil.DestroyForm(fRecovery); } else { MessageService.ShowWarning("MultiCipher Plugin:", "Please Choose Password Mode"); return; } } m_Config.Host.Database.Modified = true; DialogResult = DialogResult.OK; }
public ProtectedBinary GetYubikeyResponse(byte Slot, byte ChallengeLength, ProtectedBinary SecretKeyToVerify, bool AllowRecovery) { byte[] resp = new byte[YubiWrapper.yubiRespLen]; var Challenge = GetYubikeyChallenge64(ChallengeLength); YubiSlot slot = YubiSlot.SLOT2; if (Slot == 1) { slot = YubiSlot.SLOT1; } var f = new KeyEntry(slot, Challenge, AllowRecovery); var result = f.ShowDialog(); if (result == DialogResult.OK) { f.Response.CopyTo(resp, 0); Array.Clear(f.Response, 0, f.Response.Length); bool verified = true; if (SecretKeyToVerify != null) { byte[] SecretKey = SecretKeyToVerify.ReadData(); HMACSHA1 sha1 = new HMACSHA1(SecretKey); var hash = sha1.ComputeHash(Challenge); Array.Clear(SecretKey, 0, SecretKey.Length); if (hash == null || resp == null || hash.Length == 0) { verified = false; } else { for (int i = 0; i < hash.Length; i++) { if (hash[i] != resp[i]) { verified = false; break; } } } Array.Clear(hash, 0, hash.Length); } ProtectedBinary respProtected = new ProtectedBinary(true, resp); Array.Clear(resp, 0, resp.Length); if (!verified) { return(null); } return(respProtected); } else if (f.RecoveryMode) { var recovery = new RecoveryKeyFrm(); if (recovery.ShowDialog() != DialogResult.OK) { return(null); } return(recovery.Key); } return(null); }