public void Dispose() { if (disposed) { return; } disposed = true; if (requestQueue != null) { requestQueue.Dispose(); } if (handler != null) { handler.Shutdown(string.Empty); } if (diffieHellman != null) { diffieHellman.Dispose(); } lock (syncObject) { waitingCommands.Clear(); keys.Clear(); } }
protected virtual void Clean() { if (handler != null) { if (handler.Connected) { handler.Shutdown(SocketShutdown.Both); handler.Disconnect(false); OnDisconnected(null); } handler.Dispose(); handler = null; } if (diffieHellman != null) { diffieHellman.Dispose(); diffieHellman = null; } if (received != null) { received.Dispose(); received = null; } key = null; connectionInfoSent = false; remoteInfo = null; }
public void Dispose() { if (_disposed) { return; } _disposed = true; if (_requestQueue != null) { _requestQueue.Dispose(); } if (_handler != null) { _handler.Shutdown(string.Empty); } if (_diffieHellman != null) { _diffieHellman.Dispose(); } lock (_syncObject) { _waitingCommands.Clear(); _packers.Clear(); } }
protected virtual void Clean() { if (_handler != null) { if (_handler.Connected) { _handler.Shutdown(SocketShutdown.Both); _handler.Disconnect(false); OnDisconnected(null); } _handler.Dispose(); _handler = null; } if (_diffieHellman != null) { _diffieHellman.Dispose(); _diffieHellman = null; } if (_received != null) { _received.Dispose(); _received = null; } _connectionInfoSent = false; _remoteInfo = null; }
protected virtual void DisposeManagedResources() { if (handler != null) { if (handler.Connected) { handler.Shutdown(SocketShutdown.Both); handler.Disconnect(false); OnDisconnected(null); } handler.Dispose(); } if (diffieHellman != null) { diffieHellman.Dispose(); } if (received != null) { received.Dispose(); } key = null; }
protected override void Dispose(bool disposing) { if (_ecdh != null && disposing) { _ecdh.Dispose(); _ecdh = null; } base.Dispose(disposing); }
public virtual void Dispose() { if (_dados != null) { _dados.Dispose(); _dados = null; } _chaveIndividual = null; }
private void Dispose(bool disposing) { if (disposing) { if (diffieHellman != null) { diffieHellman.Dispose(); } } }
public void Dispose() { lock (l) { if (_keyPair != null) { _keyPair.Dispose(); } } }
/// <summary> /// Releases unmanaged and - optionally - managed resources. /// </summary> /// <param name="disposing"> /// <c>true</c> to release both managed and unmanaged resources; <c>false</c> to release only /// unmanaged resources. /// </param> protected override void DisposeResources(bool disposing) { if (!disposing) { return; } _encryptor?.Dispose(); _dh?.Dispose(); }
public static partial ECDiffieHellman Create(ECParameters parameters) { ECDiffieHellman ecdh = new ECDiffieHellmanCng(); try { ecdh.ImportParameters(parameters); return(new ECDiffieHellmanWrapper(ecdh)); } catch { ecdh.Dispose(); throw; } }
protected string Encrypt(string blob, string externalKey) { var self = new ECDiffieHellmanCng(); self.KeyDerivationFunction = ECDiffieHellmanKeyDerivationFunction.Hash; self.HashAlgorithm = CngAlgorithm.Sha256; publicKey = Convert.ToBase64String(self.PublicKey.ToByteArray()); var externalKeyBytes = Convert.FromBase64String(externalKey); var externalKeyObject = ECDiffieHellmanCngPublicKey.FromByteArray(externalKeyBytes, CngKeyBlobFormat.GenericPublicBlob); var sharedSecret = self.DeriveKeyMaterial(externalKeyObject); var aes = new AesManaged(); aes.Key = sharedSecret; aes.GenerateIV(); var transform = aes.CreateEncryptor(); using (var memoryStream = new MemoryStream()) { var cryptoStream = new CryptoStream(memoryStream, transform, CryptoStreamMode.Write); var data = Encoding.ASCII.GetBytes(blob); cryptoStream.Write(data, 0, data.Length); cryptoStream.Close(); var encryptedData = memoryStream.ToArray(); blob = Convert.ToBase64String(encryptedData); self.Dispose(); aes.Dispose(); return(AddEncryptionHeaders(blob)); } }
public void Dispose() { #if TSS_USE_BCRYPT Key.Dispose(); #else if (RsaProvider != null) { RsaProvider.Dispose(); } #if !__MonoCS__ if (EcdsaProvider != null) { EcdsaProvider.Dispose(); } if (EcDhProvider != null) { EcDhProvider.Dispose(); } #endif //!__MonoCS__ #endif // !TSS_USE_BCRYPT }
protected virtual void Clean() { if (_handler != null) { if (_handler.Connected) { try { _handler.Shutdown(SocketShutdown.Both); _handler.Disconnect(false); } catch (Exception e) { _logger.Write(e); } finally { OnDisconnected(null); } } _handler.Dispose(); _handler = null; } if (_diffieHellman != null) { _diffieHellman.Dispose(); _diffieHellman = null; } if (_received != null) { _received.Dispose(); _received = null; } _connectionInfoSent = false; _remoteInfo = null; }
/// <summary> /// This analysis will examine the client IP's previous failed attempts to login to this account /// to determine if any failed attempts were due to typos. /// </summary> /// <param name="clientsIpHistory">Records of this client's previous attempts to examine.</param> /// <param name="accountController"></param> /// <param name="account">The account that the client is currently trying to login to.</param> /// <param name="whenUtc"></param> /// <param name="correctPassword">The correct password for this account. (We can only know it because /// the client must have provided the correct one this loginAttempt.)</param> /// <param name="phase1HashOfCorrectPassword">The phase1 hash of that correct password (which we could /// recalculate from the information in the previous parameters, but doing so would be expensive.)</param> /// <returns></returns> protected void AdjustBlockingScoreForPastTyposTreatedAsFullFailures( IpHistory clientsIpHistory, IUserAccountController <TUserAccount> accountController, TUserAccount account, DateTime whenUtc, string correctPassword, byte[] phase1HashOfCorrectPassword) { double credit = 0d; if (clientsIpHistory == null) { return; } LoginAttemptSummaryForTypoAnalysis[] recentPotentialTypos = clientsIpHistory.RecentPotentialTypos.MostRecentFirst.ToArray(); ECDiffieHellmanCng ecPrivateAccountLogKey = null; try { foreach (LoginAttemptSummaryForTypoAnalysis potentialTypo in recentPotentialTypos) { bool usernameCorrect = potentialTypo.UsernameOrAccountId == account.UsernameOrAccountId; //bool usernameHadTypo = !usernameCorrect && // EditDistance.Calculate(potentialTypo.UsernameOrAccountId, account.UsernameOrAccountId) <= //_options.MaxEditDistanceConsideredATypo; if (usernameCorrect) // || usernameHadTypo { // Get the plaintext password from the previous login attempt string passwordSubmittedInFailedAttempt = null; if (account.GetType().Name == "SimulatedUserAccount") { passwordSubmittedInFailedAttempt = potentialTypo.EncryptedIncorrectPassword.Ciphertext; } else { if (ecPrivateAccountLogKey == null) { // Get the EC decryption key, which is stored encrypted with the Phase1 password hash try { ecPrivateAccountLogKey = accountController.DecryptPrivateAccountLogKey(account, phase1HashOfCorrectPassword); } catch (Exception) { // There's a problem with the key that prevents us from decrypting it. We won't be able to do this analysis. return; } } // Now try to decrypt the incorrect password from the previous attempt and perform the typo analysis try { // Attempt to decrypt the password. passwordSubmittedInFailedAttempt = potentialTypo.EncryptedIncorrectPassword.Read(ecPrivateAccountLogKey); } catch (Exception) { // An exception is likely due to an incorrect key (perhaps outdated). // Since we simply can't do anything with a record we can't Decrypt, we carry on // as if nothing ever happened. No. Really. Nothing to see here. } } if (passwordSubmittedInFailedAttempt != null) { //bool passwordCorrect = passwordSubmittedInFailedAttempt == correctPassword; bool passwordHadTypo = // !passwordCorrect && EditDistance.Calculate(passwordSubmittedInFailedAttempt, correctPassword) <= _options.MaxEditDistanceConsideredATypo; // Get credit for this nearly-correct attempt to counter penalty if (passwordHadTypo) { credit += potentialTypo.Penalty.GetValue(_options.AccountCreditLimitHalfLife, whenUtc) * (1d - _options.PenaltyMulitiplierForTypo); } } } // Now that we know whether this past event was a typo or not, we no longer need to keep track // of it (and we should remove it so we don't double credit it). clientsIpHistory.RecentPotentialTypos.Remove(potentialTypo); } // Remove the amount to be credited from the block score due to the discovery of typos clientsIpHistory.CurrentBlockScore.SubtractInPlace(account.CreditHalfLife, credit, whenUtc); } finally { ecPrivateAccountLogKey?.Dispose(); } }
private static void OnConnected() { if (diffieHellman != null) { diffieHellman.Dispose(); } diffieHellman = new ECDiffieHellmanCng(); byte[] servicePublicPart = diffieHellman.PublicKey.ToByteArray(); using (MemoryStream sendStream = new MemoryStream(servicePublicPart.Length + 2)) { using (BinaryWriter writer = new BinaryWriter(sendStream)) { writer.Write((ushort)servicePublicPart.Length); writer.Write(servicePublicPart); } connection.SendObject <byte[]>("Handshake", sendStream.GetBuffer()); connection.AppendIncomingPacketHandler <byte[]>("HandshakeResponse", (header, connection, bytes) => { connection.RemoveIncomingPacketHandler("HandshakeResponse"); using (MemoryStream receiveStream = new MemoryStream(bytes)) { using (BinaryReader reader = new BinaryReader(receiveStream)) { ushort saltLength = reader.ReadUInt16(); byte[] salt = reader.ReadBytes(saltLength); ushort keyBlobLength = reader.ReadUInt16(); byte[] keyBlob = reader.ReadBytes(keyBlobLength); ushort signatureLength = reader.ReadUInt16(); byte[] signature = reader.ReadBytes(signatureLength); using (RSACryptoServiceProvider csp = new RSACryptoServiceProvider()) { try { StringReader stringReader = new StringReader(Properties.Resources.publickey); XmlSerializer serializer = new XmlSerializer(typeof(RSAParameters)); RSAParameters rsaParams = (RSAParameters)serializer.Deserialize(stringReader); csp.ImportParameters(rsaParams); if (!csp.VerifyData(keyBlob, new SHA512CryptoServiceProvider(), signature)) { //Something is wrong here. The public blob does not match the signature. Possible MITM. connection.CloseConnection(true); connection = null; } else { //Connection was fine. Key exchange worked. Let's set the encryption up! byte[] sharedMaterial = diffieHellman.DeriveKeyMaterial(CngKey.Import(keyBlob, CngKeyBlobFormat.EccPublicBlob)); using (Rfc2898DeriveBytes keyDerive = new Rfc2898DeriveBytes(sharedMaterial, salt, 1000)) { encryptionKey = keyDerive.GetBytes(32); // 32 bytes = 256 bits, for AES encryption. Salt is generated per message } SetupMessageHandlers(); } } finally { csp.PersistKeyInCsp = false; if (diffieHellman != null) { diffieHellman.Dispose(); diffieHellman = null; } } } } } }); } }