mirror of
https://github.com/mRemoteNG/mRemoteNG.git
synced 2026-02-26 03:49:23 +08:00
split up crypto provider factories and created an interface
This commit is contained in:
David Sparer
@@ -7,6 +7,7 @@ using mRemoteNG.Config.Serializers;
|
||||
using mRemoteNG.Connection;
|
||||
using mRemoteNG.Container;
|
||||
using mRemoteNG.Security;
|
||||
using mRemoteNG.Security.Factories;
|
||||
using mRemoteNG.Tree.Root;
|
||||
using NUnit.Framework;
|
||||
|
||||
@@ -25,7 +26,7 @@ namespace mRemoteNGTests.Config
|
||||
public void Setup()
|
||||
{
|
||||
_credentialHarvester = new CredentialHarvester();
|
||||
_cryptographyProvider = new CryptographyProviderFactory().CreateAeadCryptographyProvider(BlockCipherEngines.AES, BlockCipherModes.GCM);
|
||||
_cryptographyProvider = new CryptoProviderFactory(BlockCipherEngines.AES, BlockCipherModes.GCM).Build();
|
||||
_key = "testKey123".ConvertToSecureString();
|
||||
}
|
||||
|
||||
|
||||
@@ -5,6 +5,7 @@ using mRemoteNG.Connection;
|
||||
using mRemoteNG.Container;
|
||||
using mRemoteNG.Credential;
|
||||
using mRemoteNG.Security;
|
||||
using mRemoteNG.Security.Factories;
|
||||
using NSubstitute;
|
||||
using NUnit.Framework;
|
||||
|
||||
@@ -18,8 +19,8 @@ namespace mRemoteNGTests.Config.Serializers.ConnectionSerializers
|
||||
[SetUp]
|
||||
public void Setup()
|
||||
{
|
||||
_cryptographyProvider = new CryptographyProviderFactory().CreateAeadCryptographyProvider(
|
||||
BlockCipherEngines.AES, BlockCipherModes.GCM);
|
||||
_cryptographyProvider =
|
||||
new CryptoProviderFactory(BlockCipherEngines.AES, BlockCipherModes.GCM).Build();
|
||||
_connectionNodeSerializer = new XmlConnectionNodeSerializer27(_cryptographyProvider, "myPassword1".ConvertToSecureString(), new SaveFilter());
|
||||
}
|
||||
|
||||
@@ -50,7 +51,7 @@ namespace mRemoteNGTests.Config.Serializers.ConnectionSerializers
|
||||
public void AttributesNotSerializedWhenFiltered(string attributeName, ConnectionInfo connectionInfo)
|
||||
{
|
||||
var saveFilter = new SaveFilter(true);
|
||||
var cryptoProvider = new CryptographyProviderFactory().CreateAeadCryptographyProvider(BlockCipherEngines.AES, BlockCipherModes.GCM);
|
||||
var cryptoProvider = new CryptoProviderFactory(BlockCipherEngines.AES, BlockCipherModes.GCM).Build();
|
||||
_connectionNodeSerializer = new XmlConnectionNodeSerializer27(cryptoProvider, "myPassword1".ConvertToSecureString(), saveFilter);
|
||||
var returnVal = _connectionNodeSerializer.Serialize(connectionInfo);
|
||||
var targetAttribute = returnVal.Attribute(XName.Get(attributeName));
|
||||
@@ -61,7 +62,7 @@ namespace mRemoteNGTests.Config.Serializers.ConnectionSerializers
|
||||
public void InheritanceNotSerialiedWhenFiltered(string attributeName, ConnectionInfo connectionInfo)
|
||||
{
|
||||
var saveFilter = new SaveFilter(true);
|
||||
var cryptoProvider = new CryptographyProviderFactory().CreateAeadCryptographyProvider(BlockCipherEngines.AES, BlockCipherModes.GCM);
|
||||
var cryptoProvider = new CryptoProviderFactory(BlockCipherEngines.AES, BlockCipherModes.GCM).Build();
|
||||
_connectionNodeSerializer = new XmlConnectionNodeSerializer27(cryptoProvider, "myPassword1".ConvertToSecureString(), saveFilter);
|
||||
var returnVal = _connectionNodeSerializer.Serialize(connectionInfo);
|
||||
var targetAttribute = returnVal.Attribute(XName.Get(attributeName));
|
||||
|
||||
@@ -4,6 +4,7 @@ using mRemoteNG.Config.Serializers;
|
||||
using mRemoteNG.Connection;
|
||||
using mRemoteNG.Container;
|
||||
using mRemoteNG.Security;
|
||||
using mRemoteNG.Security.Factories;
|
||||
using mRemoteNG.Tree;
|
||||
using mRemoteNG.Tree.Root;
|
||||
using NUnit.Framework;
|
||||
@@ -28,7 +29,7 @@ namespace mRemoteNGTests.Config.Serializers.ConnectionSerializers
|
||||
public void Setup()
|
||||
{
|
||||
_connectionTreeModel = SetupConnectionTreeModel();
|
||||
_cryptographyProvider = new CryptographyProviderFactory().CreateAeadCryptographyProvider(BlockCipherEngines.AES, BlockCipherModes.GCM);
|
||||
_cryptographyProvider = new CryptoProviderFactory(BlockCipherEngines.AES, BlockCipherModes.GCM).Build();
|
||||
var connectionNodeSerializer = new XmlConnectionNodeSerializer27(
|
||||
_cryptographyProvider,
|
||||
_connectionTreeModel.RootNodes.OfType<RootNodeInfo>().First().PasswordString.ConvertToSecureString(),
|
||||
|
||||
@@ -4,6 +4,7 @@ using mRemoteNG.Config.Serializers;
|
||||
using mRemoteNG.Connection;
|
||||
using mRemoteNG.Container;
|
||||
using mRemoteNG.Security;
|
||||
using mRemoteNG.Security.Factories;
|
||||
using mRemoteNG.Tree;
|
||||
using mRemoteNG.Tree.Root;
|
||||
using NUnit.Framework;
|
||||
@@ -19,7 +20,7 @@ namespace mRemoteNGTests.Config.Serializers.ConnectionSerializers
|
||||
public void Setup()
|
||||
{
|
||||
var connectionTreeModel = SetupConnectionTreeModel();
|
||||
var cryptoProvider = new CryptographyProviderFactory().CreateAeadCryptographyProvider(BlockCipherEngines.AES, BlockCipherModes.GCM);
|
||||
var cryptoProvider = new CryptoProviderFactory(BlockCipherEngines.AES, BlockCipherModes.GCM).Build();
|
||||
var connectionNodeSerializer = new XmlConnectionNodeSerializer27(
|
||||
cryptoProvider,
|
||||
connectionTreeModel.RootNodes.OfType<RootNodeInfo>().First().PasswordString.ConvertToSecureString(),
|
||||
|
||||
@@ -3,6 +3,7 @@ using System.Collections;
|
||||
using System.Xml.Linq;
|
||||
using mRemoteNG.Config.Serializers;
|
||||
using mRemoteNG.Security;
|
||||
using mRemoteNG.Security.Factories;
|
||||
using mRemoteNG.Security.SymmetricEncryption;
|
||||
using mRemoteNG.Tree.Root;
|
||||
using NUnit.Framework;
|
||||
@@ -41,7 +42,7 @@ namespace mRemoteNGTests.Config.Serializers.ConnectionSerializers
|
||||
[TestCaseSource(typeof(TestCaseSources), nameof(TestCaseSources.AllEngineAndModeCombos))]
|
||||
public void EncryptionEngineSerialized(BlockCipherEngines engine, BlockCipherModes mode)
|
||||
{
|
||||
var cryptoProvider = new CryptographyProviderFactory().CreateAeadCryptographyProvider(engine, mode);
|
||||
var cryptoProvider = new CryptoProviderFactory(engine, mode).Build();
|
||||
var element = _rootNodeSerializer.SerializeRootNodeInfo(_rootNodeInfo, cryptoProvider);
|
||||
var attributeValue = element.Attribute(XName.Get("EncryptionEngine"))?.Value;
|
||||
Assert.That(attributeValue, Is.EqualTo(engine.ToString()));
|
||||
@@ -50,7 +51,7 @@ namespace mRemoteNGTests.Config.Serializers.ConnectionSerializers
|
||||
[TestCaseSource(typeof(TestCaseSources), nameof(TestCaseSources.AllEngineAndModeCombos))]
|
||||
public void EncryptionModeSerialized(BlockCipherEngines engine, BlockCipherModes mode)
|
||||
{
|
||||
var cryptoProvider = new CryptographyProviderFactory().CreateAeadCryptographyProvider(engine, mode);
|
||||
var cryptoProvider = new CryptoProviderFactory(engine, mode).Build();
|
||||
var element = _rootNodeSerializer.SerializeRootNodeInfo(_rootNodeInfo, cryptoProvider);
|
||||
var attributeValue = element.Attribute(XName.Get("BlockCipherMode"))?.Value;
|
||||
Assert.That(attributeValue, Is.EqualTo(mode.ToString()));
|
||||
|
||||
@@ -6,6 +6,7 @@ using mRemoteNG.Config.Serializers;
|
||||
using mRemoteNG.Config.Serializers.CredentialSerializer;
|
||||
using mRemoteNG.Credential;
|
||||
using mRemoteNG.Security;
|
||||
using mRemoteNG.Security.Factories;
|
||||
using NUnit.Framework;
|
||||
|
||||
namespace mRemoteNGTests.IntegrationTests
|
||||
@@ -24,7 +25,7 @@ namespace mRemoteNGTests.IntegrationTests
|
||||
public void Setup()
|
||||
{
|
||||
var key = "123someKey".ConvertToSecureString();
|
||||
var cryptoProvider = new CryptographyProviderFactory().CreateAeadCryptographyProvider(BlockCipherEngines.AES, BlockCipherModes.CCM);
|
||||
var cryptoProvider = new CryptoProviderFactory(BlockCipherEngines.AES, BlockCipherModes.CCM).Build();
|
||||
_serializer = new XmlCredentialPasswordEncryptorDecorator(
|
||||
new XmlCredentialRecordSerializer(),
|
||||
cryptoProvider,
|
||||
|
||||
@@ -4,6 +4,7 @@ using mRemoteNG.Connection;
|
||||
using mRemoteNG.Container;
|
||||
using mRemoteNG.Credential;
|
||||
using mRemoteNG.Security;
|
||||
using mRemoteNG.Security.Factories;
|
||||
using mRemoteNG.Tree;
|
||||
using mRemoteNG.Tree.Root;
|
||||
using NUnit.Framework;
|
||||
@@ -16,12 +17,13 @@ namespace mRemoteNGTests.IntegrationTests
|
||||
private XmlConnectionsSerializer _serializer;
|
||||
private XmlConnectionsDeserializer _deserializer;
|
||||
private ConnectionTreeModel _originalModel;
|
||||
private readonly ICryptoProviderFactory _cryptoFactory = new CryptoProviderFactory(BlockCipherEngines.AES , BlockCipherModes.GCM);
|
||||
|
||||
[SetUp]
|
||||
public void Setup()
|
||||
{
|
||||
_originalModel = SetupConnectionTreeModel();
|
||||
var cryptoProvider = new CryptographyProviderFactory().CreateAeadCryptographyProvider(BlockCipherEngines.AES, BlockCipherModes.GCM);
|
||||
var cryptoProvider = _cryptoFactory.Build();
|
||||
var nodeSerializer = new XmlConnectionNodeSerializer27(
|
||||
cryptoProvider,
|
||||
_originalModel.RootNodes.OfType<RootNodeInfo>().First().PasswordString.ConvertToSecureString(),
|
||||
@@ -74,7 +76,7 @@ namespace mRemoteNGTests.IntegrationTests
|
||||
[Test]
|
||||
public void SerializeAndDeserializeWithCustomKdfIterationsValue()
|
||||
{
|
||||
var cryptoProvider = new CryptographyProviderFactory().CreateAeadCryptographyProvider(BlockCipherEngines.AES, BlockCipherModes.GCM);
|
||||
var cryptoProvider = _cryptoFactory.Build();
|
||||
cryptoProvider.KeyDerivationIterations = 5000;
|
||||
var nodeSerializer = new XmlConnectionNodeSerializer27(
|
||||
cryptoProvider,
|
||||
|
||||
@@ -2,6 +2,7 @@
|
||||
using System.Collections;
|
||||
using System.Security;
|
||||
using mRemoteNG.Security;
|
||||
using mRemoteNG.Security.Factories;
|
||||
using mRemoteNG.Security.SymmetricEncryption;
|
||||
using NUnit.Framework;
|
||||
using NUnit.Framework.Constraints;
|
||||
@@ -45,7 +46,7 @@ namespace mRemoteNGTests.Security
|
||||
[TestCaseSource(nameof(GetAllBlockCipherEngineAndModeCombinations))]
|
||||
public void DecryptedTextIsEqualToOriginalPlainText(BlockCipherEngines engine, BlockCipherModes mode)
|
||||
{
|
||||
var cryptoProvider = new CryptographyProviderFactory().CreateAeadCryptographyProvider(engine, mode);
|
||||
var cryptoProvider = new CryptoProviderFactory(engine, mode).Build();
|
||||
var cipherText = cryptoProvider.Encrypt(_plainText, _encryptionKey);
|
||||
var decryptedCipherText = cryptoProvider.Decrypt(cipherText, _encryptionKey);
|
||||
Assert.That(decryptedCipherText, Is.EqualTo(_plainText));
|
||||
@@ -85,14 +86,14 @@ namespace mRemoteNGTests.Security
|
||||
[TestCaseSource(typeof(TestCaseSources), nameof(TestCaseSources.AllEngineAndModeCombos))]
|
||||
public void GetCipherEngine(BlockCipherEngines engine, BlockCipherModes mode)
|
||||
{
|
||||
var cryptoProvider = new CryptographyProviderFactory().CreateAeadCryptographyProvider(engine, mode);
|
||||
var cryptoProvider = new CryptoProviderFactory(engine, mode).Build();
|
||||
Assert.That(cryptoProvider.CipherEngine, Is.EqualTo(engine));
|
||||
}
|
||||
|
||||
[TestCaseSource(typeof(TestCaseSources), nameof(TestCaseSources.AllEngineAndModeCombos))]
|
||||
public void GetCipherMode(BlockCipherEngines engine, BlockCipherModes mode)
|
||||
{
|
||||
var cryptoProvider = new CryptographyProviderFactory().CreateAeadCryptographyProvider(engine, mode);
|
||||
var cryptoProvider = new CryptoProviderFactory(engine, mode).Build();
|
||||
Assert.That(cryptoProvider.CipherMode, Is.EqualTo(mode));
|
||||
}
|
||||
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
using System;
|
||||
using System.Collections;
|
||||
using mRemoteNG.Security;
|
||||
using mRemoteNG.Security.SymmetricEncryption;
|
||||
using mRemoteNG.Security.Factories;
|
||||
using NUnit.Framework;
|
||||
|
||||
|
||||
@@ -10,41 +10,20 @@ namespace mRemoteNGTests.Security
|
||||
[TestFixture]
|
||||
public class CryptographyProviderFactoryTests
|
||||
{
|
||||
private CryptographyProviderFactory _cryptographyProviderFactory;
|
||||
|
||||
[SetUp]
|
||||
public void SetUp()
|
||||
{
|
||||
_cryptographyProviderFactory = new CryptographyProviderFactory();
|
||||
}
|
||||
|
||||
[TearDown]
|
||||
public void TearDown()
|
||||
{
|
||||
_cryptographyProviderFactory = null;
|
||||
}
|
||||
|
||||
[TestCaseSource(typeof(TestCaseSources), nameof(TestCaseSources.AllEngineAndModeCombos))]
|
||||
public void CanCreateAeadProvidersWithCorrectEngine(BlockCipherEngines engine, BlockCipherModes mode)
|
||||
{
|
||||
var cryptoProvider = _cryptographyProviderFactory.CreateAeadCryptographyProvider(engine, mode);
|
||||
var cryptoProvider = new CryptoProviderFactory(engine, mode).Build();
|
||||
Assert.That(cryptoProvider.CipherEngine, Is.EqualTo(engine));
|
||||
}
|
||||
|
||||
[TestCaseSource(typeof(TestCaseSources), nameof(TestCaseSources.AllEngineAndModeCombos))]
|
||||
public void CanCreateAeadProvidersWithCorrectMode(BlockCipherEngines engine, BlockCipherModes mode)
|
||||
{
|
||||
var cryptoProvider = _cryptographyProviderFactory.CreateAeadCryptographyProvider(engine, mode);
|
||||
var cryptoProvider = new CryptoProviderFactory(engine, mode).Build();
|
||||
Assert.That(cryptoProvider.CipherMode, Is.EqualTo(mode));
|
||||
}
|
||||
|
||||
[Test]
|
||||
public void CanCreateLegacyRijndael()
|
||||
{
|
||||
var cryptoProvider = _cryptographyProviderFactory.CreateLegacyRijndaelCryptographyProvider();
|
||||
Assert.That(cryptoProvider, Is.TypeOf<LegacyRijndaelCryptographyProvider>());
|
||||
}
|
||||
|
||||
private class TestCaseSources
|
||||
{
|
||||
public static IEnumerable AllEngineAndModeCombos
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
using System;
|
||||
using System.Xml.Linq;
|
||||
using mRemoteNG.Security;
|
||||
using mRemoteNG.Security.Factories;
|
||||
using mRemoteNG.Security.SymmetricEncryption;
|
||||
using NUnit.Framework;
|
||||
|
||||
@@ -13,7 +14,7 @@ namespace mRemoteNGTests.Security
|
||||
public void BuildsCorrectEncryptionEngine()
|
||||
{
|
||||
var element = BuildValidElement();
|
||||
var builder = new XmlCryptoProviderBuilder(element);
|
||||
var builder = new CryptoProviderFactoryFromXml(element);
|
||||
var cryptoProvider = builder.Build();
|
||||
Assert.That(cryptoProvider.CipherEngine, Is.EqualTo(BlockCipherEngines.Serpent));
|
||||
}
|
||||
@@ -22,7 +23,7 @@ namespace mRemoteNGTests.Security
|
||||
public void BuildsCorrectCipherMode()
|
||||
{
|
||||
var element = BuildValidElement();
|
||||
var builder = new XmlCryptoProviderBuilder(element);
|
||||
var builder = new CryptoProviderFactoryFromXml(element);
|
||||
var cryptoProvider = builder.Build();
|
||||
Assert.That(cryptoProvider.CipherMode, Is.EqualTo(BlockCipherModes.EAX));
|
||||
}
|
||||
@@ -31,7 +32,7 @@ namespace mRemoteNGTests.Security
|
||||
public void BuildsCorrectKdfIterations()
|
||||
{
|
||||
var element = BuildValidElement();
|
||||
var builder = new XmlCryptoProviderBuilder(element);
|
||||
var builder = new CryptoProviderFactoryFromXml(element);
|
||||
var cryptoProvider = builder.Build();
|
||||
Assert.That(cryptoProvider.KeyDerivationIterations, Is.EqualTo(1234));
|
||||
}
|
||||
@@ -42,7 +43,7 @@ namespace mRemoteNGTests.Security
|
||||
Assert.Throws<ArgumentNullException>(() =>
|
||||
{
|
||||
// ReSharper disable once ObjectCreationAsStatement
|
||||
new XmlCryptoProviderBuilder(null);
|
||||
new CryptoProviderFactoryFromXml(null);
|
||||
});
|
||||
}
|
||||
|
||||
@@ -50,7 +51,7 @@ namespace mRemoteNGTests.Security
|
||||
public void ReturnsOldProviderTypeIfXmlIsntValid()
|
||||
{
|
||||
var badElement = new XElement("BadElement");
|
||||
var builder = new XmlCryptoProviderBuilder(badElement);
|
||||
var builder = new CryptoProviderFactoryFromXml(badElement);
|
||||
var cryptoProvider = builder.Build();
|
||||
Assert.That(cryptoProvider, Is.TypeOf<LegacyRijndaelCryptographyProvider>());
|
||||
}
|
||||
|
||||
@@ -7,6 +7,7 @@ using mRemoteNG.Config.Serializers;
|
||||
using mRemoteNG.Connection;
|
||||
using mRemoteNG.Container;
|
||||
using mRemoteNG.Security;
|
||||
using mRemoteNG.Security.Factories;
|
||||
using mRemoteNG.Tree;
|
||||
using mRemoteNG.Tree.Root;
|
||||
using mRemoteNG.UI.Forms;
|
||||
@@ -74,9 +75,7 @@ namespace mRemoteNG.App
|
||||
switch (saveFormat)
|
||||
{
|
||||
case ConnectionsSaver.Format.mRXML:
|
||||
var factory = new CryptographyProviderFactory();
|
||||
var cryptographyProvider = factory.CreateAeadCryptographyProvider(Settings.Default.EncryptionEngine, Settings.Default.EncryptionBlockCipherMode);
|
||||
cryptographyProvider.KeyDerivationIterations = Settings.Default.EncryptionKeyDerivationIterations;
|
||||
var cryptographyProvider = new CryptoProviderFactoryFromSettings().Build();
|
||||
var rootNode = exportTarget.GetRootParent() as RootNodeInfo;
|
||||
var connectionNodeSerializer = new XmlConnectionNodeSerializer27(
|
||||
cryptographyProvider,
|
||||
|
||||
@@ -8,11 +8,13 @@ using mRemoteNG.Config;
|
||||
using mRemoteNG.Config.DataProviders;
|
||||
using mRemoteNG.Config.Serializers;
|
||||
using mRemoteNG.Config.Serializers.CredentialProviderSerializer;
|
||||
using mRemoteNG.Config.Serializers.CredentialSerializer;
|
||||
using mRemoteNG.Connection;
|
||||
using mRemoteNG.Credential;
|
||||
using mRemoteNG.Credential.Repositories;
|
||||
using mRemoteNG.Security;
|
||||
using mRemoteNG.Security.Authentication;
|
||||
using mRemoteNG.Security.Factories;
|
||||
using mRemoteNG.Tools;
|
||||
|
||||
namespace mRemoteNG.App.Initialization
|
||||
@@ -22,6 +24,7 @@ namespace mRemoteNG.App.Initialization
|
||||
private readonly string _credentialRepoListPath = Path.Combine(SettingsFileInfo.SettingsPath, "credentialRepositories.xml");
|
||||
private readonly ICredentialRepositoryList _credentialRepositoryList;
|
||||
private readonly string _credentialFilePath;
|
||||
private readonly CredentialRepositoryFactory _credentialRepositoryFactory;
|
||||
|
||||
public CredsAndConsSetup(ICredentialRepositoryList credentialRepositoryList, string credentialFilePath)
|
||||
{
|
||||
@@ -30,6 +33,8 @@ namespace mRemoteNG.App.Initialization
|
||||
|
||||
_credentialRepositoryList = credentialRepositoryList;
|
||||
_credentialFilePath = credentialFilePath;
|
||||
|
||||
//_credentialRepositoryFactory = new CredentialRepositoryFactory();
|
||||
}
|
||||
|
||||
public void LoadCredsAndCons()
|
||||
@@ -52,11 +57,11 @@ namespace mRemoteNG.App.Initialization
|
||||
var connectionFileProvider = new FileDataProvider(Runtime.GetStartupConnectionFileName());
|
||||
var xdoc = XDocument.Parse(connectionFileProvider.Load());
|
||||
|
||||
if (double.Parse(xdoc.Root?.Attribute("ConfVersion")?.Value) >= 2.7) return null;
|
||||
if (double.Parse(xdoc.Root?.Attribute("ConfVersion")?.Value ?? "0") >= 2.7) return null;
|
||||
EnsureConnectionXmlElementsHaveIds(xdoc);
|
||||
connectionFileProvider.Save($"{xdoc.Declaration}\n {xdoc}");
|
||||
|
||||
var cryptoProvider = CryptographyProviderFactory.BuildFromXml(xdoc.Root);
|
||||
var cryptoProvider = new CryptoProviderFactoryFromXml(xdoc.Root).Build();
|
||||
var encryptedValue = xdoc.Root?.Attribute("Protected")?.Value;
|
||||
var auth = new PasswordAuthenticator(cryptoProvider, encryptedValue)
|
||||
{
|
||||
|
||||
@@ -17,6 +17,7 @@ using mRemoteNG.Connection.Protocol.RDP;
|
||||
using mRemoteNG.Container;
|
||||
using mRemoteNG.Messages;
|
||||
using mRemoteNG.Security;
|
||||
using mRemoteNG.Security.Factories;
|
||||
using mRemoteNG.Security.SymmetricEncryption;
|
||||
using mRemoteNG.Tools;
|
||||
using mRemoteNG.Tree;
|
||||
@@ -164,9 +165,7 @@ namespace mRemoteNG.Config.Connections
|
||||
{
|
||||
try
|
||||
{
|
||||
var factory = new CryptographyProviderFactory();
|
||||
var cryptographyProvider = factory.CreateAeadCryptographyProvider(mRemoteNG.Settings.Default.EncryptionEngine, mRemoteNG.Settings.Default.EncryptionBlockCipherMode);
|
||||
cryptographyProvider.KeyDerivationIterations = mRemoteNG.Settings.Default.EncryptionKeyDerivationIterations;
|
||||
var cryptographyProvider = new CryptoProviderFactoryFromSettings().Build();
|
||||
var connectionNodeSerializer = new XmlConnectionNodeSerializer27(
|
||||
cryptographyProvider,
|
||||
ConnectionTreeModel.RootNodes.OfType<RootNodeInfo>().First().PasswordString.ConvertToSecureString(),
|
||||
|
||||
@@ -5,6 +5,7 @@ using System.Security;
|
||||
using System.Xml.Linq;
|
||||
using mRemoteNG.Credential;
|
||||
using mRemoteNG.Security;
|
||||
using mRemoteNG.Security.Factories;
|
||||
|
||||
namespace mRemoteNG.Config
|
||||
{
|
||||
@@ -19,8 +20,8 @@ namespace mRemoteNG.Config
|
||||
{
|
||||
if (xDocument == null)
|
||||
throw new ArgumentNullException(nameof(xDocument));
|
||||
|
||||
var cryptoProvider = CryptographyProviderFactory.BuildFromXml(xDocument.Root);
|
||||
|
||||
var cryptoProvider = new CryptoProviderFactoryFromXml(xDocument.Root).Build();
|
||||
|
||||
foreach (var element in xDocument.Descendants("Node"))
|
||||
{
|
||||
|
||||
@@ -2,7 +2,7 @@
|
||||
using System.Collections.Generic;
|
||||
using System.Security;
|
||||
using mRemoteNG.Config.DataProviders;
|
||||
using mRemoteNG.Config.Serializers.CredentialSerializer;
|
||||
using mRemoteNG.Config.Serializers;
|
||||
using mRemoteNG.Credential;
|
||||
|
||||
|
||||
@@ -11,9 +11,9 @@ namespace mRemoteNG.Config
|
||||
public class CredentialRecordLoader
|
||||
{
|
||||
private readonly IDataProvider<string> _dataProvider;
|
||||
private readonly XmlCredentialRecordDeserializer _deserializer;
|
||||
private readonly IDeserializer<string, IEnumerable<ICredentialRecord>> _deserializer;
|
||||
|
||||
public CredentialRecordLoader(IDataProvider<string> dataProvider, XmlCredentialRecordDeserializer deserializer)
|
||||
public CredentialRecordLoader(IDataProvider<string> dataProvider, IDeserializer<string, IEnumerable<ICredentialRecord>> deserializer)
|
||||
{
|
||||
if (dataProvider == null)
|
||||
throw new ArgumentNullException(nameof(dataProvider));
|
||||
|
||||
@@ -1,9 +1,7 @@
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Security;
|
||||
using mRemoteNG.Config.DataProviders;
|
||||
using mRemoteNG.Config.Serializers;
|
||||
using mRemoteNG.Config.Serializers.CredentialSerializer;
|
||||
using mRemoteNG.Credential;
|
||||
|
||||
|
||||
@@ -12,9 +10,9 @@ namespace mRemoteNG.Config
|
||||
public class CredentialRecordSaver
|
||||
{
|
||||
private readonly IDataProvider<string> _dataProvider;
|
||||
private readonly XmlCredentialRecordSerializer _serializer;
|
||||
private readonly ISerializer<IEnumerable<ICredentialRecord>, string> _serializer;
|
||||
|
||||
public CredentialRecordSaver(IDataProvider<string> dataProvider, XmlCredentialRecordSerializer serializer)
|
||||
public CredentialRecordSaver(IDataProvider<string> dataProvider, ISerializer<IEnumerable<ICredentialRecord>, string> serializer)
|
||||
{
|
||||
if (dataProvider == null)
|
||||
throw new ArgumentNullException(nameof(dataProvider));
|
||||
|
||||
@@ -12,7 +12,7 @@ namespace mRemoteNG.Config.Serializers.CredentialProviderSerializer
|
||||
{
|
||||
var xdoc = XDocument.Parse(xml);
|
||||
var repoEntries = xdoc.Descendants("CredentialRepository");
|
||||
return repoEntries.Select(CredentialRepositoryFactory.Build);
|
||||
return repoEntries.Select(new CredentialRepositoryFactory().Build);
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -4,6 +4,7 @@ using System.Security;
|
||||
using System.Xml.Linq;
|
||||
using mRemoteNG.Credential;
|
||||
using mRemoteNG.Security;
|
||||
using mRemoteNG.Security.Factories;
|
||||
|
||||
namespace mRemoteNG.Config.Serializers.CredentialSerializer
|
||||
{
|
||||
@@ -32,7 +33,7 @@ namespace mRemoteNG.Config.Serializers.CredentialSerializer
|
||||
private string DecryptPasswords(string xml)
|
||||
{
|
||||
var xdoc = XDocument.Parse(xml);
|
||||
var cryptoProvider = CryptographyProviderFactory.BuildFromXml(xdoc.Root);
|
||||
var cryptoProvider = new CryptoProviderFactoryFromXml(xdoc.Root).Build();
|
||||
foreach (var credentialElement in xdoc.Descendants())
|
||||
{
|
||||
var passwordAttribute = credentialElement.Attribute("Password");
|
||||
|
||||
@@ -2,6 +2,7 @@
|
||||
using System.Security;
|
||||
using mRemoteNG.Security;
|
||||
using mRemoteNG.Security.Authentication;
|
||||
using mRemoteNG.Security.Factories;
|
||||
using mRemoteNG.Security.SymmetricEncryption;
|
||||
using mRemoteNG.Tree.Root;
|
||||
|
||||
@@ -29,7 +30,7 @@ namespace mRemoteNG.Config.Serializers
|
||||
|
||||
public XmlConnectionsDecryptor(BlockCipherEngines blockCipherEngine, BlockCipherModes blockCipherMode, RootNodeInfo rootNodeInfo)
|
||||
{
|
||||
_cryptographyProvider = new CryptographyProviderFactory().CreateAeadCryptographyProvider(blockCipherEngine, blockCipherMode);
|
||||
_cryptographyProvider = new CryptoProviderFactory(blockCipherEngine, blockCipherMode).Build();
|
||||
_rootNodeInfo = rootNodeInfo;
|
||||
}
|
||||
|
||||
|
||||
@@ -1,13 +1,12 @@
|
||||
using System;
|
||||
using System.Xml.Linq;
|
||||
using mRemoteNG.Config.DataProviders;
|
||||
using mRemoteNG.Security;
|
||||
|
||||
namespace mRemoteNG.Credential.Repositories
|
||||
{
|
||||
public class CredentialRepositoryFactory
|
||||
{
|
||||
public static ICredentialRepository Build(XElement repositoryXElement)
|
||||
public ICredentialRepository Build(XElement repositoryXElement)
|
||||
{
|
||||
var typeName = repositoryXElement.Attribute("TypeName")?.Value;
|
||||
if (typeName == "Xml")
|
||||
@@ -15,7 +14,7 @@ namespace mRemoteNG.Credential.Repositories
|
||||
throw new Exception("Could not build repository for the specified type");
|
||||
}
|
||||
|
||||
private static ICredentialRepository BuildXmlRepository(XElement repositoryXElement)
|
||||
private ICredentialRepository BuildXmlRepository(XElement repositoryXElement)
|
||||
{
|
||||
var stringId = repositoryXElement.Attribute("Id")?.Value;
|
||||
Guid id;
|
||||
|
||||
@@ -3,9 +3,7 @@ using System.Collections.Generic;
|
||||
using System.ComponentModel;
|
||||
using System.Linq;
|
||||
using mRemoteNG.Config.DataProviders;
|
||||
using mRemoteNG.Config.Serializers;
|
||||
using mRemoteNG.Config.Serializers.CredentialSerializer;
|
||||
using mRemoteNG.Security;
|
||||
using mRemoteNG.Security.Authentication;
|
||||
using mRemoteNG.Tools.CustomCollections;
|
||||
using mRemoteNG.UI.Forms;
|
||||
|
||||
@@ -1,37 +1,24 @@
|
||||
using System;
|
||||
using System.Xml.Linq;
|
||||
using mRemoteNG.Security.SymmetricEncryption;
|
||||
using Org.BouncyCastle.Crypto;
|
||||
using Org.BouncyCastle.Crypto.Engines;
|
||||
using Org.BouncyCastle.Crypto.Modes;
|
||||
|
||||
namespace mRemoteNG.Security
|
||||
namespace mRemoteNG.Security.Factories
|
||||
{
|
||||
public class CryptographyProviderFactory
|
||||
public class CryptoProviderFactory : ICryptoProviderFactory
|
||||
{
|
||||
public static ICryptographyProvider BuildCryptographyProviderFromSettings()
|
||||
{
|
||||
var provider = new CryptographyProviderFactory().CreateAeadCryptographyProvider(Settings.Default.EncryptionEngine, Settings.Default.EncryptionBlockCipherMode);
|
||||
provider.KeyDerivationIterations = Settings.Default.EncryptionKeyDerivationIterations;
|
||||
return provider;
|
||||
}
|
||||
private readonly IAeadBlockCipher _aeadBlockCipher;
|
||||
|
||||
public ICryptographyProvider CreateAeadCryptographyProvider(BlockCipherEngines engine, BlockCipherModes mode)
|
||||
public CryptoProviderFactory(BlockCipherEngines engine, BlockCipherModes mode)
|
||||
{
|
||||
var cipherEngine = ChooseBlockCipherEngine(engine);
|
||||
var cipher = ChooseBlockCipherMode(mode, cipherEngine);
|
||||
return new AeadCryptographyProvider(cipher);
|
||||
_aeadBlockCipher = ChooseBlockCipherMode(mode, cipherEngine);
|
||||
}
|
||||
|
||||
public ICryptographyProvider CreateLegacyRijndaelCryptographyProvider()
|
||||
public ICryptographyProvider Build()
|
||||
{
|
||||
return new LegacyRijndaelCryptographyProvider();
|
||||
}
|
||||
|
||||
public static ICryptographyProvider BuildFromXml(XElement element)
|
||||
{
|
||||
var builder = new XmlCryptoProviderBuilder(element);
|
||||
return builder.Build();
|
||||
return new AeadCryptographyProvider(_aeadBlockCipher);
|
||||
}
|
||||
|
||||
private IBlockCipher ChooseBlockCipherEngine(BlockCipherEngines engine)
|
||||
@@ -0,0 +1,12 @@
|
||||
namespace mRemoteNG.Security.Factories
|
||||
{
|
||||
public class CryptoProviderFactoryFromSettings : ICryptoProviderFactory
|
||||
{
|
||||
public ICryptographyProvider Build()
|
||||
{
|
||||
var provider = new CryptoProviderFactory(Settings.Default.EncryptionEngine, Settings.Default.EncryptionBlockCipherMode).Build();
|
||||
provider.KeyDerivationIterations = Settings.Default.EncryptionKeyDerivationIterations;
|
||||
return provider;
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -1,14 +1,14 @@
|
||||
using System;
|
||||
using System.Xml.Linq;
|
||||
using mRemoteNG.Security.SymmetricEncryption;
|
||||
|
||||
|
||||
namespace mRemoteNG.Security
|
||||
namespace mRemoteNG.Security.Factories
|
||||
{
|
||||
public class XmlCryptoProviderBuilder
|
||||
public class CryptoProviderFactoryFromXml : ICryptoProviderFactory
|
||||
{
|
||||
private readonly XElement _element;
|
||||
|
||||
public XmlCryptoProviderBuilder(XElement element)
|
||||
public CryptoProviderFactoryFromXml(XElement element)
|
||||
{
|
||||
if (element == null)
|
||||
throw new ArgumentNullException(nameof(element));
|
||||
@@ -23,14 +23,14 @@ namespace mRemoteNG.Security
|
||||
{
|
||||
var engine = (BlockCipherEngines)Enum.Parse(typeof(BlockCipherEngines), _element?.Attribute("EncryptionEngine")?.Value ?? "");
|
||||
var mode = (BlockCipherModes)Enum.Parse(typeof(BlockCipherModes), _element?.Attribute("BlockCipherMode")?.Value ?? "");
|
||||
cryptoProvider = new CryptographyProviderFactory().CreateAeadCryptographyProvider(engine, mode);
|
||||
cryptoProvider = new CryptoProviderFactory(engine, mode).Build();
|
||||
|
||||
var keyDerivationIterations = int.Parse(_element?.Attribute("KdfIterations")?.Value ?? "");
|
||||
cryptoProvider.KeyDerivationIterations = keyDerivationIterations;
|
||||
}
|
||||
catch (Exception)
|
||||
{
|
||||
return new CryptographyProviderFactory().CreateLegacyRijndaelCryptographyProvider();
|
||||
return new LegacyRijndaelCryptographyProvider();
|
||||
}
|
||||
|
||||
return cryptoProvider;
|
||||
@@ -0,0 +1,12 @@
|
||||
using mRemoteNG.Security.SymmetricEncryption;
|
||||
|
||||
namespace mRemoteNG.Security.Factories
|
||||
{
|
||||
public class LegacyInsecureCryptoProviderFactory : ICryptoProviderFactory
|
||||
{
|
||||
public ICryptographyProvider Build()
|
||||
{
|
||||
return new LegacyRijndaelCryptographyProvider();
|
||||
}
|
||||
}
|
||||
}
|
||||
7
mRemoteV1/Security/ICryptoProviderFactory.cs
Normal file
7
mRemoteV1/Security/ICryptoProviderFactory.cs
Normal file
@@ -0,0 +1,7 @@
|
||||
namespace mRemoteNG.Security
|
||||
{
|
||||
public interface ICryptoProviderFactory
|
||||
{
|
||||
ICryptographyProvider Build();
|
||||
}
|
||||
}
|
||||
@@ -215,6 +215,9 @@
|
||||
<Compile Include="Credential\CredentialDeletionMsgBoxConfirmer.cs" />
|
||||
<Compile Include="Credential\CredentialDomainUserComparer.cs" />
|
||||
<Compile Include="Security\Authentication\IPasswordRequestor.cs" />
|
||||
<Compile Include="Security\Factories\CryptoProviderFactoryFromSettings.cs" />
|
||||
<Compile Include="Security\Factories\LegacyInsecureCryptoProviderFactory.cs" />
|
||||
<Compile Include="Security\ICryptoProviderFactory.cs" />
|
||||
<Compile Include="Security\RandomGenerator.cs" />
|
||||
<Compile Include="Tools\CustomCollections\IFullyNotifiableList.cs" />
|
||||
<Compile Include="Tools\CustomCollections\FullyObservableCollection.cs" />
|
||||
@@ -264,8 +267,8 @@
|
||||
<Compile Include="Security\SymmetricEncryption\LegacyRijndaelCryptographyProvider.cs" />
|
||||
<Compile Include="Security\ICryptographyProvider.cs" />
|
||||
<Compile Include="Security\SecureStringExtensions.cs" />
|
||||
<Compile Include="Security\CryptographyProviderFactory.cs" />
|
||||
<Compile Include="Security\XmlCryptoProviderBuilder.cs" />
|
||||
<Compile Include="Security\Factories\CryptoProviderFactory.cs" />
|
||||
<Compile Include="Security\Factories\CryptoProviderFactoryFromXml.cs" />
|
||||
<Compile Include="Tools\Cmdline\StartupArgumentsInterpreter.cs" />
|
||||
<Compile Include="Tools\CustomCollections\CollectionUpdatedEventArgs.cs" />
|
||||
<Compile Include="Tools\ExternalToolArgumentParser.cs" />
|
||||
|
||||
Reference in New Issue
Block a user