added password decryption decorator

mRemoteNGTests/Config/Serializers/CredentialSerializers/XmlCredentialPasswordDecryptorDecoratorTests.cs

@@ -0,0 +1,43 @@
+using System.Linq;
+using System.Security;
+using mRemoteNG.Config.Serializers.CredentialSerializer;
+using mRemoteNG.Security;
+using mRemoteNG.Security.SymmetricEncryption;
+using NUnit.Framework;
+
+namespace mRemoteNGTests.Config.Serializers.CredentialSerializers
+{
+    public class XmlCredentialPasswordDecryptorDecoratorTests
+    {
+        private XmlCredentialPasswordDecryptorDecorator _sut;
+        private readonly SecureString _decryptionKey = "myKey1".ConvertToSecureString();
+        private string _unencryptedPassword = "myPassword1";
+
+        [SetUp]
+        public void Setup()
+        {
+            var baseDeserializer = new XmlCredentialRecordDeserializer();
+            _sut = new XmlCredentialPasswordDecryptorDecorator(_decryptionKey, baseDeserializer);
+        }
+
+        [Test]
+        public void OutputedCredentialHasDecryptedPassword()
+        {
+            var xml = GenerateXml();
+            var output = _sut.Deserialize(xml);
+            Assert.That(output.First().Password.ConvertToUnsecureString(), Is.EqualTo(_unencryptedPassword));
+        }
+
+
+        private string GenerateXml()
+        {
+            var cryptoProvider = new AeadCryptographyProvider();
+            var encryptedPassword = cryptoProvider.Encrypt(_unencryptedPassword, _decryptionKey);
+            return
+                "<?xml version=\"1.0\" encoding=\"utf-8\"?>" +
+                $"<Credentials EncryptionEngine=\"{cryptoProvider.CipherEngine}\" BlockCipherMode=\"{cryptoProvider.CipherMode}\" KdfIterations=\"{cryptoProvider.KeyDerivationIterations}\" SchemaVersion=\"1.0\">" +
+                    $"<Credential Id=\"ce6b0397-d476-4ffe-884b-dbe9347a88a8\" Title=\"New Credential\" Username=\"asdfasdf\" Domain=\"\" Password=\"{encryptedPassword}\" />" +
+                "</Credentials>";
+        }
+    }
+}

mRemoteNGTests/mRemoteNGTests.csproj

@@ -113,6 +113,7 @@
     <Compile Include="Config\CredentialHarvesterTests.cs" />
     <Compile Include="Config\Serializers\ConfConsEnsureConnectionsHaveIdsTests.cs" />
     <Compile Include="Config\Serializers\CredentialProviderSerializerTests.cs" />
+    <Compile Include="Config\Serializers\CredentialSerializers\XmlCredentialPasswordDecryptorDecoratorTests.cs" />
     <Compile Include="Config\Serializers\CredentialSerializers\XmlCredentialPasswordEncryptorDecoratorTests.cs" />
     <Compile Include="Config\Serializers\MiscSerializers\CsvConnectionsSerializerMremotengFormatTests.cs" />
     <Compile Include="Config\Serializers\DataTableSerializerTests.cs" />

mRemoteV1/Config/Serializers/CredentialSerializer/XmlCredentialPasswordDecryptorDecorator.cs

@@ -0,0 +1,46 @@
+using System;
+using System.Collections.Generic;
+using System.Security;
+using System.Xml.Linq;
+using mRemoteNG.Credential;
+using mRemoteNG.Security;
+
+namespace mRemoteNG.Config.Serializers.CredentialSerializer
+{
+    public class XmlCredentialPasswordDecryptorDecorator : IDeserializer<string, IEnumerable<ICredentialRecord>>
+    {
+        private readonly IDeserializer<string, IEnumerable<ICredentialRecord>> _baseDeserializer;
+        private readonly SecureString _decryptionKey;
+
+        public XmlCredentialPasswordDecryptorDecorator(SecureString decryptionKey, IDeserializer<string, IEnumerable<ICredentialRecord>> baseDeserializer)
+        {
+            if (decryptionKey == null)
+                throw new ArgumentNullException(nameof(decryptionKey));
+            if (baseDeserializer == null)
+                throw new ArgumentNullException(nameof(baseDeserializer));
+
+            _decryptionKey = decryptionKey;
+            _baseDeserializer = baseDeserializer;
+        }
+
+        public IEnumerable<ICredentialRecord> Deserialize(string xml)
+        {
+            var decryptedXml = DecryptPasswords(xml);
+            return _baseDeserializer.Deserialize(decryptedXml);
+        }
+
+        private string DecryptPasswords(string xml)
+        {
+            var xdoc = XDocument.Parse(xml);
+            var cryptoProvider = CryptographyProviderFactory.BuildFromXml(xdoc.Root);
+            foreach (var credentialElement in xdoc.Descendants())
+            {
+                var passwordAttribute = credentialElement.Attribute("Password");
+                if (passwordAttribute == null) continue;
+                var decryptedPassword = cryptoProvider.Decrypt(passwordAttribute.Value, _decryptionKey);
+                passwordAttribute.SetValue(decryptedPassword);
+            }
+            return xdoc.ToString();
+        }
+    }
+}

mRemoteV1/Config/Serializers/CredentialSerializer/XmlCredentialRecordDeserializer.cs

@@ -1,14 +1,13 @@
 using System;
 using System.Collections.Generic;
 using System.Linq;
-using System.Security;
 using System.Xml.Linq;
 using mRemoteNG.Credential;
 using mRemoteNG.Security;
 
 namespace mRemoteNG.Config.Serializers.CredentialSerializer
 {
-    public class XmlCredentialRecordDeserializer
+    public class XmlCredentialRecordDeserializer : IDeserializer<string, IEnumerable<ICredentialRecord>>
     {
         public string SchemaVersion { get; } = "1.0";
 

mRemoteV1/mRemoteV1.csproj

@@ -142,6 +142,7 @@
     <Compile Include="Config\CredentialRepositoryListSaver.cs" />
     <Compile Include="Config\Serializers\CredentialProviderSerializer\CredentialRepositoryListDeserializer.cs" />
     <Compile Include="Config\CredentialRepositoryListLoader.cs" />
+    <Compile Include="Config\Serializers\CredentialSerializer\XmlCredentialPasswordDecryptorDecorator.cs" />
     <Compile Include="Config\Serializers\CredentialSerializer\XmlCredentialPasswordEncryptorDecorator.cs" />
     <Compile Include="Config\Serializers\MiscSerializers\ActiveDirectoryDeserializer.cs" />
     <Compile Include="Config\Serializers\CredentialProviderSerializer\CredentialRepositoryListSerializer.cs" />