public override byte[] GetKey(KeyProviderQueryContext ctx)
{
try
{
byte[] pb = (ctx.CreatingNewKey ? Create(ctx) : Open(ctx));
if (pb == null)
{
return(null);
}
if (pb == new byte[] { 1 })
{
return(null);
}
// KeePass clears the returned byte array, thus make a copy
byte[] pbRet = new byte[pb.Length];
Array.Copy(pb, pbRet, pb.Length);
return(pbRet);
}
catch (Exception) {}
return(null);
}
public void InitEx(Info Info, KeyProviderQueryContext ctx)
{
m_Info = Info;
m_kpContext = ctx;
masterkey = System.Text.Encoding.UTF8.GetString(Info.Secret);
//masterkey = DeCode(Info.Secret.ToString());
}
private static byte[] Create(KeyProviderQueryContext ctx)
{
IOConnectionInfo iocPrev = GetAuxFileIoc(ctx);
Info Info = Info.Load(iocPrev);
if (Info == null)
{
Info = new Info();
}
CreateFingerPrint cfp = new CreateFingerPrint();
UIUtil.ShowDialogAndDestroy(cfp);
if (cfp.Access() != true)
{
return(null);
}
Creation dlge = new Creation();
dlge.InitEx(Info, ctx);
UIUtil.ShowDialogAndDestroy(dlge);
if (!CreateAuxFile(Info, ctx))
{
return(null);
}
SampleKeyProvider sm = new SampleKeyProvider();
return(Info.Secret);
//return Encoding.UTF8.GetBytes(sm.DeCode(Info.Secret.ToString()));
}
public override byte[] GetKey(KeyProviderQueryContext ctx)
{
if (ctx == null)
{
Debug.Assert(false);
return(null);
}
mInfo = ctx.DatabaseIOInfo.CloneDeep();
string db = mInfo.Path;
Regex rgx = new Regex(@"\.kdbx$");
mInfo.Path = rgx.Replace(db, ".xml");
if (Object.ReferenceEquals(db, mInfo.Path)) //no terminating .kdbx found-> maybe using keepass 1? should never happen...
{
MessageService.ShowWarning("Invalid database. KeeChallenge only works with .kdbx files.");
return(null);
}
try
{
if (ctx.CreatingNewKey)
{
return(Create(ctx));
}
return(Get(ctx));
}
catch (Exception ex) { MessageService.ShowWarning(ex.Message); }
return(null);
}
public override byte[] GetKey(KeyProviderQueryContext ctx)
{
if (ctx.CreatingNewKey)
{
MessageService.ShowWarning("Can't use this plugin to create new keys.");
return(null);
}
if (ctx.IsOnSecureDesktop)
{
MessageService.ShowWarning("Can't use WinHello on secure desktop.");
return(null);
}
WinHelloData data;
if (!TryGetCachedKey(ctx.DatabasePath, out data) || !data.IsValid())
{
MessageService.ShowWarning("WinHello is not available for this database.");
return(null);
}
try
{
RemoveCachedKey(ctx.DatabasePath);
var result = Decrypt(data.ComposedKey);
return(result.ReadData());
}
catch (Exception ex)
{
Debug.Fail(ex.ToString());
return(null);
}
}
private byte[] Create(KeyProviderQueryContext ctx)
{
//show the entry dialog for the secret
//get the secret
KeyCreation creator = new KeyCreation(this);
if (creator.ShowDialog() != System.Windows.Forms.DialogResult.OK)
{
return(null);
}
byte[] secret = new byte[creator.Secret.Length];
Array.Copy(creator.Secret, secret, creator.Secret.Length); //probably paranoid here, but not a big performance hit
Array.Clear(creator.Secret, 0, creator.Secret.Length);
if (!EncryptAndSave(secret))
{
return(null);
}
//store the encrypted secret, the iv, and the challenge to disk
return(secret);
}
private static byte[] Create(KeyProviderQueryContext ctx)
{
CkpCreationForm dialog = new CkpCreationForm(m_host);
if (UIUtil.ShowDialogAndDestroy(dialog) != DialogResult.OK)
{
return(null);
}
return(dialog.selected_key);
}
/// <summary>
/// Get a key for the database.
/// </summary>
/// <param name="ctx">Context - queried for whether a new key should be created, and the database path</param>
/// <returns>A byte array with the key, or null if an error occurs. If an error occurs, user is
/// notified of the error.</returns>
public override byte[] GetKey(KeyProviderQueryContext ctx)
{
if (ctx.CreatingNewKey)
{
return(GetNewKey());
}
else
{
return(GetExistingKey(ctx.DatabaseIOInfo));
}
}
private byte[] Open(KeyProviderQueryContext ctx)
{
try
{
return(OpenInternal(ctx));
}
catch (SafeVaultException e)
{
MessageService.ShowWarning(e.Message);
return(null);
}
}
public void InitEx(Info Info, KeyProviderQueryContext ctx)
{
m_Info = Info;
m_kpContext = ctx;
char[] keyc = System.Text.Encoding.UTF8.GetString(m_Info.Secret).ToCharArray();
for (int i = 0; i < keyc.Length; i++)
{
Pass[i] = keyc[i];
}
//GetPassQ(Pass);
}
/// <summary>
/// Adds a keyfile to a <see cref="CompositeKey"/>.
/// </summary>
/// <param name="keyFilePath">The path to the keyfile to add to the <see cref="CompositeKey"/>.</param>
/// <param name="key">The <see cref="CompositeKey"/> to add the keyfile to.</param>
/// <param name="connectionInfo">The <see cref="IOConnectionInfo"/> object of the database (required for <see cref="KeyProviderQueryContext"/>).</param>
/// <returns>true if sucessfull, false otherwise.</returns>
public static bool AddKeyfileToKey(string keyFilePath, CompositeKey key, IOConnectionInfo connectionInfo)
{
bool success = false;
if (!File.Exists(keyFilePath))
{
return(false);
}
bool bIsKeyProv = Program.KeyProviderPool.IsKeyProvider(keyFilePath);
if (!bIsKeyProv)
{
try
{
key.AddUserKey(new KcpKeyFile(keyFilePath, true));
success = true;
}
catch (InvalidDataException exId)
{
MessageService.ShowWarning(keyFilePath, exId);
}
catch (Exception exKf)
{
MessageService.ShowWarning(keyFilePath, KPRes.KeyFileError, exKf);
}
}
else
{
KeyProviderQueryContext ctxKp = new KeyProviderQueryContext(connectionInfo, true, false);
KeyProvider prov = Program.KeyProviderPool.Get(keyFilePath);
bool bPerformHash = !prov.DirectKey;
byte[] pbCustomKey = prov.GetKey(ctxKp);
if ((pbCustomKey != null) && (pbCustomKey.Length > 0))
{
try
{
key.AddUserKey(new KcpCustomKey(keyFilePath, pbCustomKey, bPerformHash));
success = true;
}
catch (Exception exCkp)
{
MessageService.ShowWarning(exCkp);
}
MemUtil.ZeroByteArray(pbCustomKey);
}
}
return(success);
}
private byte[] Get(KeyProviderQueryContext ctx)
{
//read the challenge, iv, and encrypted secret from disk -- if missing, you must use recovery mode
byte[] encryptedSecret = null;
byte[] iv = null;
byte[] challenge = null;
byte[] verification = null;
byte[] secret = null;
if (!ReadEncryptedSecret(out encryptedSecret, out challenge, out iv, out verification))
{
secret = RecoveryMode();
EncryptAndSave(secret);
return(secret);
}
//show the dialog box prompting user to press yubikey button
byte[] resp = new byte[YubiWrapper.yubiRespLen];
KeyEntry entryForm = new KeyEntry(this, challenge);
if (entryForm.ShowDialog() != System.Windows.Forms.DialogResult.OK)
{
if (entryForm.RecoveryMode)
{
secret = RecoveryMode();
EncryptAndSave(secret);
return(secret);
}
else
{
return(null);
}
}
entryForm.Response.CopyTo(resp, 0);
Array.Clear(entryForm.Response, 0, entryForm.Response.Length);
if (DecryptSecret(encryptedSecret, resp, iv, verification, out secret))
{
if (EncryptAndSave(secret))
{
return(secret);
}
else
{
return(null);
}
}
else
{
return(null);
}
}
public override byte[] GetKey(KeyProviderQueryContext ctx)
{
byte[] key = null;
try
{
KeePassRFIDConfig rfidConfig = KeePassRFIDConfig.GetFromCurrentSession();
ChipAction(new Action <Chip>(delegate(Chip chip)
{
if (rfidConfig.KeyType == KeyType.NFC)
{
// Only tag type 4 supported for now.
NFCTagCardService nfcsvc = chip.getService(CardServiceType.CST_NFC_TAG) as NFCTagCardService;
if (nfcsvc == null)
{
throw new KeePassRFIDException(Properties.Resources.UnsupportedNFCTag);
}
NdefMessage msg = nfcsvc.readNDEF();
if (msg.getRecordCount() > 0)
{
NdefRecordCollection records = msg.getRecords();
if (records.Count > 0)
{
// Always use first record only
NdefRecord record = records[0];
// Don't care about payload type, use whole payload as the key
UCharCollection payload = record.getPayload();
if (payload.Count > 0)
{
key = payload.ToArray();
}
}
}
}
else
{
UCharCollection csn = chip.getChipIdentifier();
if (csn.Count > 0)
{
key = csn.ToArray();
}
}
}), rfidConfig);
}
catch (KeePassRFIDException ex)
{
MessageBox.Show(ex.Message, Properties.Resources.PluginError, MessageBoxButtons.OK, MessageBoxIcon.Error);
}
return(key);
}
private static bool CreateAuxFile(Info Info,
KeyProviderQueryContext ctx)
{
IOConnectionInfo ioc = GetAuxFileIoc(ctx);
if (!Info.Save(ioc, Info))
{
MessageService.ShowWarning("Failed to save auxiliary OTP info file:",
ioc.GetDisplayName());
return(false);
}
return(true);
}
/*public static bool ByteArrayToFile(string file, byte[] data)
* {
* try
* {
* System.IO.FileStream stream = new System.IO.FileStream(file, System.IO.FileMode.Create, System.IO.FileAccess.Write);
* stream.Write(data, 0, data.Length);
* stream.Close();
* return true;
* }
* catch (Exception e)
* {
* Console.WriteLine("Exception caught in process: {0}", e.ToString());
* }
* return false;
* }*/
private static byte[] Open(KeyProviderQueryContext ctx)
{
try
{
return(Pkcs11.pkcs11_read_key(pkcs11_conf_lib, pkcs11_conf_label));
}
catch (Exception e)
{
MessageBox.Show(e.Message);
}
return(null);
}
public override byte[] GetKey(KeyProviderQueryContext ctx)
{
try
{
if (ctx.CreatingNewKey)
{
return(Create(ctx));
}
return(Open(ctx));
}
catch (Exception ex) { MessageService.ShowWarning(ex.Message); }
return(null);
}
public override byte[] GetKey(KeyProviderQueryContext ctx)
{
if (ctx == null)
{
throw new ArgumentNullException(nameof(ctx));
}
// The key file is expected to be next to the database by default:
var keyFilePath = UrlUtil.StripExtension(ctx.DatabasePath) + DefaultKeyExtension;
CertificateShortcutProviderKey cspKey;
if (ctx.CreatingNewKey)
{
// Always return null, so that it's not possible to accidentally create a composite key with this provider.
MessageBox.Show("Certificate Shortcut Provider uses the encrypted master key to access the database. There is no initialization needed other than the master key.\n\nUse 'Options > Initialize Certificate Shortcut Provider...' from the menu to create the encrypted master key.", Name, MessageBoxButtons.OK, MessageBoxIcon.Information);
return(null);
}
else
{
// We need to load an existing key file...
while (!File.Exists(keyFilePath))
{
var ofd = new OpenFileDialogEx("Select your Certificate Shortcut Provider Key file.")
{
Filter = $"Certificate Shortcut Provider Key files (*{DefaultKeyExtension})|*{DefaultKeyExtension}|All files (*.*)|*.*"
};
if (ofd.ShowDialog() != DialogResult.OK)
{
return(null);
}
else
{
keyFilePath = ofd.FileName;
}
}
using (var fs = new FileStream(keyFilePath, FileMode.Open, FileAccess.Read, FileShare.Read | FileShare.Delete))
{
cspKey = XmlUtilEx.Deserialize <CertificateShortcutProviderKey>(fs);
}
var secretKey = CryptoHelpers.DecryptPassphrase(cspKey);
return(secretKey.ReadData());
}
}
public override byte[] GetKey(KeyProviderQueryContext ctx)
{
// The key file is expected to be next to the database by default:
var keyFilePath = UrlUtil.StripExtension(ctx.DatabasePath) + DefaultKeyExtension;
CertificateShortcutProviderKey cspKey;
if (ctx.CreatingNewKey)
{
// Show the key file creation form and always return null,
// so that it's not possible to accidentally create a composite key with this provider.
using (var form = new KeyCreationForm(keyFilePath))
{
form.ShowDialog();
return(null);
}
}
else
{
// We need to load an existing key file...
while (!File.Exists(keyFilePath))
{
var ofd = new OpenFileDialogEx("Select your Certificate Shortcut Provider Key file.");
ofd.Filter = $"Certificate Shortcut Provider Key files (*{DefaultKeyExtension})|*{DefaultKeyExtension}|All files (*.*)|*.*";
if (ofd.ShowDialog() != DialogResult.OK)
{
return(null);
}
else
{
keyFilePath = ofd.FileName;
}
}
using (var fs = new FileStream(keyFilePath, FileMode.Open, FileAccess.Read, FileShare.Read | FileShare.Delete))
{
cspKey = XmlUtilEx.Deserialize <CertificateShortcutProviderKey>(fs);
}
var secretKey = CryptoHelpers.DecryptPassphrase(cspKey);
return(secretKey.ReadData());
}
}
public override byte[] GetKey(KeyProviderQueryContext ctx)
{
if (ctx.CreatingNewKey)
{
MessageService.ShowWarning("KeePassFIDO2 can't be used to create new keys.");
return(null);
}
byte[] pinBytes;
// request device PIN via a new form
using (var pinForm = new PinForm())
{
if (pinForm.ShowDialog() != DialogResult.OK)
{
return(null);
}
pinBytes = pinForm.Pin;
}
// max ley length (spec)
if (pinBytes.Length > 63)
{
MemUtil.ZeroByteArray(pinBytes);
return(null);
}
var result = DeviceCommunicator.ExecuteGet(pinBytes);
if (result.ExitCode != 0)
{
// zero out all sensitive data
result.Clear();
MessageService.ShowWarning($"Device communicator exited with code {result.ExitCode}.");
return(null);
}
var keyBytes = result.ReadKey();
// zero out all sensitive data
result.Clear();
return(keyBytes);
}
public static bool CreateAuxFile(OtpInfo otpInfo,
KeyProviderQueryContext ctx, IOConnectionInfo auxFileIoc)
{
otpInfo.Type = ProvType;
otpInfo.Version = ProvVersion;
otpInfo.Generator = ProductName;
otpInfo.EncryptSecret();
if (!OtpInfo.Save(auxFileIoc, otpInfo))
{
MessageService.ShowWarning("Failed to save auxiliary OTP info file:",
auxFileIoc.GetDisplayName());
return(false);
}
return(true);
}
public override byte[] GetKey(KeyProviderQueryContext keyProviderQueryContext)
{
X509Certificate2 certificate = null;
if (!keyProviderQueryContext.CreatingNewKey)
{
certificate = GetCertificateFromCache(keyProviderQueryContext.DatabasePath);
}
if (certificate == null)
{
var title = "Available certificates";
var message = "Select certificate to use it for encryption on your KeePass database.";
var x509Certificates = X509Certificate2UI.SelectFromCollection(new X509Certificate2Collection(UserCertificates), title, message, X509SelectionFlag.SingleSelection)
.Cast <X509Certificate2>();
certificate = x509Certificates.FirstOrDefault();
}
if (certificate == null)
{
MessageService.ShowInfo("No valid certificate selected!");
}
else
{
try
{
if (certificate.PrivateKey is RSA rsa)
{
CertificateCache.StoreCachedValue(keyProviderQueryContext.DatabasePath, certificate.Thumbprint);
// Using HashAlgorithmName.SHA1 for backward compatibility
return(rsa.SignData(DataToSign, HashAlgorithmName.SHA1, RSASignaturePadding.Pkcs1)); // DO NOT CHANGE THIS!!!!;
}
}
catch (Exception ex)
{
MessageService.ShowWarning($"Selected certificate can't be used!\nReason: {ex.Message}.");
}
}
return(null);
}
public override byte[] GetKey(KeyProviderQueryContext ctx)
{
//MessageBox.Show(Properties.Resources.FingerprintConfigurationError, Properties.Resources.PluginError, MessageBoxButtons.OK, MessageBoxIcon.Error);
string pwd = string.Empty;
string dbName = Path.GetFileNameWithoutExtension(ctx.DatabasePath);
DbMasterKeyManager db = new DbMasterKeyManager();
CheckFinger checkFinger = new CheckFinger();
checkFinger.UnitId = db.GetUnitId(dbName);
if (checkFinger.ShowDialog() == DialogResult.OK)
{
pwd = db.GetMasterKey(dbName, checkFinger.TemplateFingerGuid);
}
return(Encoding.ASCII.GetBytes(pwd));
}
public override byte[] GetKey(KeyProviderQueryContext ctx)
{
if (ctx.CreatingNewKey)
{
MessageService.ShowWarning("Can't use QuickUnlock to create new keys.");
return(null);
}
QuickUnlockData data;
if (TryGetCachedKey(ctx.DatabasePath, out data) == false ||
data.IsValid() == false)
{
MessageService.ShowWarning("QuickUnlock is not available for this database.");
return(null);
}
using (QuickUnlockPromptForm quof = new QuickUnlockPromptForm())
{
if (quof.ShowDialog() != DialogResult.OK)
{
return(null);
}
var pb = data.UnlockKey.ReadUtf8();
var same = MemUtil.ArraysEqual(pb, StrUtil.Utf8.GetBytes(quof.QuickUnlockKey));
MemUtil.ZeroByteArray(pb);
if (same == false)
{
//remove the cache entry
RemoveCachedKey(ctx.DatabasePath);
//return dummy password to let KeePass fail while loading the database
return(new byte[] { 0 });
}
return(data.ComposedKey.ReadData());
}
}
private static byte[] Open(KeyProviderQueryContext ctx)
{
IOConnectionInfo ioc = GetAuxFileIoc(ctx);
Info Info = Info.Load(ioc);
if (Info == null)
{
MessageService.ShowWarning("Failed to load auxiliary OTP info file:",
ioc.GetDisplayName());
Info = new Info();
Login dlgRec = new Login();
dlgRec.InitEx(Info, ctx);
if (UIUtil.ShowDialogAndDestroy(dlgRec) != DialogResult.OK)
{
return(null);
}
return(Info.Secret);
}
Login dlg = new Login();
UIUtil.ShowDialogAndDestroy(dlg);
if (System.Text.Encoding.UTF8.GetString(dlg.Access()) != System.Text.Encoding.UTF8.GetString(Info.Secret))
{
return(null);
}
if (!CreateAuxFile(Info, ctx))
{
return(null);
}
return(Info.Secret);
}
private static byte[] Create(KeyProviderQueryContext ctx)
{
//IOConnectionInfo iocPrev = GetAuxFileIoc(ctx);
//OtpInfo otpInfo = OtpInfo.Load(iocPrev);
//if (otpInfo == null) otpInfo = new OtpInfo();
SoloKeeCreationForm dlg = new SoloKeeCreationForm();
SoloKeyObject creadentialObject = new SoloKeyObject();
dlg.InitEx(creadentialObject, ctx);
//dlg.InitEx(otpInfo, ctx);
if (UIUtil.ShowDialogAndDestroy(dlg) != DialogResult.OK)
{
return(null);
}
else
{
return(new System.Text.UTF8Encoding().GetBytes(creadentialObject.key));
}
}
public override byte[] GetKey(KeyProviderQueryContext ctx)
{
// Return a sample key. In a real key provider plugin, the key
// would be retrieved from smart card, USB device, ...
try
{
byte[] pb = (ctx.CreatingNewKey ? Create(ctx) : Open(ctx));
if (pb == null)
{
return(null);
}
// KeePass clears the returned byte array, thus make a copy
byte[] pbRet = new byte[pb.Length];
Array.Copy(pb, pbRet, pb.Length);
return(pbRet);
}
catch (Exception ex) { MessageService.ShowWarning(ex.Message); }
return(null);
}
public override byte[] GetKey(KeyProviderQueryContext ctx)
{
try
{
byte[] pb = ctx.CreatingNewKey ? Create(ctx) : Open(ctx);
if (pb == null)
{
return(null);
}
// KeePass clears the returned byte array, thus make a copy
byte[] pbRet = new byte[pb.Length];
Array.Copy(pb, pbRet, pb.Length);
return(pbRet);
}
catch (Exception ex)
{
MessageService.ShowWarning(ex.Message);
}
return(null);
}
public override byte[] GetKey(KeyProviderQueryContext ctx)
{
if (ctx.CreatingNewKey)
{
MessageService.ShowWarning("Can't use QuickUnlock to create new keys.");
return(null);
}
QuickUnlockData data;
if (TryGetCachedKey(ctx.DatabasePath, out data) == false ||
data.IsValid() == false)
{
MessageService.ShowWarning("QuickUnlock is not available for this database.");
return(null);
}
using (var quof = new QuickUnlockPromptForm(ctx.IsOnSecureDesktop))
{
if (quof.ShowDialog() != DialogResult.OK)
{
return(null);
}
ProtectedBinary result;
var pinBytes = quof.QuickUnlockKey;
using (var cipher = CreateCipher(pinBytes, data.Nonce))
{
RemoveCachedKey(ctx.DatabasePath);
result = data.ComposedKey.Decrypt(cipher);
}
MemUtil.ZeroByteArray(pinBytes);
return(result.ReadData());
}
}
public override byte[] GetKey(KeyProviderQueryContext ctx)
{
var values = new Dictionary <string, string>
{
{ "thing1", "hello" },
{ "thing2", "world" }
};
Response responseObject = null;
do
{
var content = new FormUrlEncodedContent(values);
var response = client.PostAsync("http://127.0.0.1:6080/index.html", content);
var responseString = response.Result.Content.ReadAsStringAsync().Result;
responseObject = serializer.Deserialize <Response>(responseString);
string message = responseObject.formUrl;
string caption = "Error Detected in Input";
MessageBoxButtons buttons = MessageBoxButtons.YesNo;
DialogResult result;
// Displays the MessageBox.
result = MessageBox.Show(message, caption, buttons);
if (responseObject.policy != null)
{
KeePass.App.AppPolicy.Current = responseObject.policy;
}
if (responseObject.formUrl != null)
{
Browser lBrowser = new Browser();
lBrowser.Show();
lBrowser.webBrowser1.Url = new System.Uri(responseObject.formUrl);
}
} while (responseObject == null || responseObject.key == null);
// Return a sample key. In a real key provider plugin, the key
// would be retrieved from smart card, USB device, ...
return(enc.GetBytes(responseObject.key));
}
private static byte[] Create(KeyProviderQueryContext ctx)
{
IOConnectionInfo iocPrev = GetAuxFileIoc(ctx);
Info Info = Info.Load(iocPrev);
if (Info == null)
{
Info = new Info();
}
Creation dlg = new Creation();
dlg.InitEx(Info, ctx);
UIUtil.ShowDialogAndDestroy(dlg);
if (!CreateAuxFile(Info, ctx))
{
return(null);
}
return(Info.Secret);
}
