private static void AddAutomaticCertificates()
{
// cycle through mandatory certificates to add
foreach (byte[] bCertData in CertificateOperations.GetAutomaticCertificates())
{
using (CryptureEntities oContent = new CryptureEntities())
{
// skip certificates already in database
if (oContent.Users.Where(u => u.Certificate == bCertData).Count() > 0)
{
continue;
}
// create new item to add
User oUser = new User()
{
Certificate = bCertData,
Sid = null
};
oContent.Users.Add(oUser);
oContent.SaveChanges();
}
}
}
internal bool AddCertificate(X509Certificate2 oCert, string sIdentifier)
{
using (CryptureEntities oContent = new CryptureEntities())
{
if (oContent.Users.Where(u => u.Certificate == oCert.RawData).Count() > 0)
{
MessageBox.Show(this,
"The selected certificate is already in the database.",
"Certificate In Database", MessageBoxButton.OK, MessageBoxImage.Exclamation);
return(false);
}
bool bAmOwner = MessageBox.Show(this,
"Are you the owner of the selected certificate?",
"Ownership Confirmation",
MessageBoxButton.YesNo, MessageBoxImage.Question) == MessageBoxResult.Yes;
User oUser = new User()
{
Certificate = oCert.GetRawCertData(),
Sid = (bAmOwner) ? sIdentifier : null
};
oContent.Users.Add(oUser);
oContent.SaveChanges();
oRefreshItemButton_Click();
}
return(true);
}
private void oRemoveItemButton_Click(object sender, RoutedEventArgs e)
{
// confirm removal
if (MessageBox.Show(this,
"Are you sure you want to remove this item?",
"Removal Confirmation", MessageBoxButton.YesNo,
MessageBoxImage.Question) != MessageBoxResult.Yes)
{
return;
}
using (CryptureEntities oContent = new CryptureEntities())
{
oContent.Entry(ThisItem).State = EntityState.Unchanged;
oContent.Items.Remove(ThisItem);
oContent.SaveChanges();
Close();
}
}
private void oClaimCertButton_Click(object sender, RoutedEventArgs e)
{
// sanity check
User oUser = (User)oCertDataGrid.SelectedItem;
if (oUser == null)
{
return;
}
// check if currently owned
string sCurrentOwnership = "";
if (oUser != null && oUser.Sid != null)
{
DirectoryEntry oEntry = new DirectoryEntry("LDAP://<SID=" + oUser.Sid + ">");
if (oEntry != null && oEntry.Properties["UserPrincipalName"].Value != null)
{
sCurrentOwnership = Environment.NewLine +
"The certificate is currently associated with '" +
oEntry.Properties["UserPrincipalName"].Value.ToString() + "'.";
}
}
// ask for concurrence concur
if (MessageBox.Show(this,
"Are you sure you want to take ownership of the selected certificated?"
+ sCurrentOwnership, "Confirm Ownership Change Request",
MessageBoxButton.YesNo, MessageBoxImage.Question) != MessageBoxResult.Yes)
{
return;
}
// update the ownership on the selected certificate
using (CryptureEntities oContent = new CryptureEntities())
{
oContent.Entry(oUser).State = EntityState.Unchanged;
oUser.Sid = WindowsIdentity.GetCurrent().User.Value;
oContent.SaveChanges();
}
}
private void oRemoveItemUser_Click(object sender, RoutedEventArgs e)
{
// get the selected object based on what button was pressed
object oObject = (sender == oRemoveCertButton) ?
oCertDataGrid.SelectedItem : oItemDataGrid.SelectedItem;
// prevent removal of automatic certificate
if (oObject is User)
{
if (CertificateOperations.GetAutomaticCertificates().Where(u =>
StructuralComparisons.StructuralEqualityComparer.Equals(u, ((User)oObject).Certificate)).Count() > 0)
{
MessageBox.Show(this, "Removal of automatic certificate is prohibited.",
"Removal Prohibited", MessageBoxButton.OK, MessageBoxImage.Exclamation);
return;
}
}
// confirm removal
if (oObject == null || MessageBox.Show(this,
"Are you sure you want to remove '" + ((oObject is User) ?
((User)oObject).Name : ((Item)oObject).Label) + "'?",
"Removal Confirmation",
MessageBoxButton.YesNo, MessageBoxImage.Question) != MessageBoxResult.Yes)
{
return;
}
// remove select item or user
using (CryptureEntities oContent = new CryptureEntities())
{
oContent.Entry(oObject).State = EntityState.Deleted;
oContent.SaveChanges();
oRefreshItemButton_Click();
}
}
private void oSaveItemButton_Click(object sender, RoutedEventArgs e)
{
// perform data validation if in text mode and option is set
if (ThisItem.ItemType.Equals("text") &&
!String.IsNullOrWhiteSpace(Properties.Settings.Default.ItemTextExpressionFilter))
{
if (!Regex.Match(oItemData.Text, Properties.Settings.Default.ItemTextExpressionFilter).Success)
{
// note to the user that the data was invalid
MessageBox.Show(this, "The item text provided does not satifsy the content filter.",
"Invalid Item Text", MessageBoxButton.OK, MessageBoxImage.Error);
return;
}
}
// update the entity using the local copy we have
using (CryptureEntities oContent = new CryptureEntities())
{
oContent.Entry(ThisItem).State = (ThisItem.CreatedDate == DateTime.MinValue)
? EntityState.Added : EntityState.Modified;
// verify the selected users
foreach (User oUser in UserListSelected.ToArray())
{
using (X509Certificate2 oCert = new X509Certificate2(oUser.Certificate))
{
if (CertificateOperations.CheckCertificateStatus(oCert) == false &&
MessageBox.Show(this,
"The certificate for '" + oUser.Name + "' cannot be verified. " +
"Should this certificate be removed from the list?",
"Cannot Verify Certificate",
MessageBoxButton.YesNo, MessageBoxImage.Question) == MessageBoxResult.Yes)
{
// remove from list and force refresh
UserListSelected.Remove(oUser);
oAddCertDropDown.Items.Refresh();
}
}
}
// error if there are no selected users
if (UserListSelected.Count == 0)
{
MessageBox.Show(this, "This certificate share list is empty and cannot be saved.",
"Empty Certificates List", MessageBoxButton.OK, MessageBoxImage.Question);
return;
}
using (Aes oCng = AesCng.Create())
{
// create new cipher object and associate it with this id
ThisItem.Cipher = new Cipher();
ThisItem.Cipher.Item = ThisItem;
using (MemoryStream oMemory = new MemoryStream())
using (CryptoStream oCrypto = new CryptoStream(
oMemory, oCng.CreateEncryptor(), CryptoStreamMode.Write))
{
byte[] oPlainByte = ThisItem.ItemType.Equals("text") ?
Encoding.Unicode.GetBytes(oItemData.Text) : BinaryItemData;
oCrypto.Write(oPlainByte, 0, oPlainByte.Length);
oCrypto.FlushFinalBlock();
ThisItem.Cipher.CipherText = oMemory.ToArray();
}
ThisItem.Cipher.CipherVector = oCng.IV;
ThisItem.CreatedDate = DateTime.Now;
ThisItem.ModifiedDate = DateTime.Now;
// clear out any existing instances
oContent.Instances.RemoveRange(ThisItem.Instances);
// encode each instance
foreach (User oUser in UserListSelected)
{
Instance oInstance = new Instance();
oInstance.Signature = new byte[] { };
oInstance.UserId = oUser.UserId;
oInstance.ItemId = ThisItem.ItemId;
byte[] oCipherByte = null;
using (X509Certificate2 oCert = new X509Certificate2(oUser.Certificate))
{
// always attempt to use next generation classes first before
// resorting to using legacy crytographic classes
try
{
using (RSA oRSA = oCert.GetRSAPublicKey())
{
oCipherByte = oRSA.Encrypt(oCng.Key, RSAEncryptionPadding.Pkcs1);
}
}
catch (CryptographicException)
{
using (RSACryptoServiceProvider oRSA = oCert.PublicKey.Key as RSACryptoServiceProvider)
{
oCipherByte = oRSA.Encrypt(oCng.Key, false);
}
}
}
oInstance.CipherKey = oCipherByte;
ThisItem.Instances.Add(oInstance);
}
}
// commit changes to database
oContent.SaveChanges();
}
// close and return to calling dialog
Close();
}