diff --git a/vb-migration/Strata.Base.Internal.Tests/Security/SecurityUtilsTests.cs b/vb-migration/Strata.Base.Internal.Tests/Security/SecurityUtilsTests.cs new file mode 100644 index 0000000..edaf1e7 --- /dev/null +++ b/vb-migration/Strata.Base.Internal.Tests/Security/SecurityUtilsTests.cs @@ -0,0 +1,58 @@ +using Microsoft.VisualStudio.TestTools.UnitTesting; + +namespace Strata.Base.Internal.Tests.Security +{ + [TestClass] + public class SecurityUtilsTests + { + [TestMethod] + public void EncryptValue_WithValidInput_EncryptsAndDecryptsCorrectly() + { + // Arrange + string originalValue = "Test sensitive data"; + string key = "MySecretKey123"; + + // Act + string encrypted = SecurityUtils.EncryptValue(originalValue, key); + string decrypted = SecurityUtils.DecryptValue(encrypted, key); + + // Assert + Assert.AreNotEqual(originalValue, encrypted, "Encrypted value should be different from original"); + Assert.AreEqual(originalValue, decrypted, "Decrypted value should match original"); + } + + [TestMethod] + public void EncryptValue_WithEmptyString_HandlesCorrectly() + { + // Arrange + string originalValue = ""; + string key = "MySecretKey123"; + + // Act + string encrypted = SecurityUtils.EncryptValue(originalValue, key); + string decrypted = SecurityUtils.DecryptValue(encrypted, key); + + // Assert + Assert.AreNotEqual(originalValue, encrypted, "Encrypted value should be different from empty string"); + Assert.AreEqual(originalValue, decrypted, "Decrypted value should be empty string"); + } + + [TestMethod] + public void DecryptValue_WithWrongKey_ThrowsException() + { + // Arrange + string originalValue = "Test sensitive data"; + string correctKey = "CorrectKey123"; + string wrongKey = "WrongKey123"; + + // Act + string encrypted = SecurityUtils.EncryptValue(originalValue, correctKey); + + // Assert + Assert.ThrowsException( + () => SecurityUtils.DecryptValue(encrypted, wrongKey), + "Decryption with wrong key should throw CryptographicException" + ); + } + } +} diff --git a/vb-migration/Strata.Base.Internal.Tests/Security/UberEncryptionMethodTests.cs b/vb-migration/Strata.Base.Internal.Tests/Security/UberEncryptionMethodTests.cs new file mode 100644 index 0000000..184d2b3 --- /dev/null +++ b/vb-migration/Strata.Base.Internal.Tests/Security/UberEncryptionMethodTests.cs @@ -0,0 +1,71 @@ +using Microsoft.VisualStudio.TestTools.UnitTesting; +using Strata.Base.Internal.Encryptors; +using System; +using System.Configuration; + +namespace Strata.Base.Internal.Tests.Security +{ + [TestClass] + public class UberEncryptionMethodTests + { + private const string TestOrgPin = "12345"; + private const string TestKey = "TestKey123"; + private const string TestUsername = "testuser"; + private const string TestPassword = "password123"; + private static readonly Guid TestUserGuid = Guid.NewGuid(); + private const string TestSalt = "testsalt"; + + [TestInitialize] + public void Setup() + { + // Set up the configuration key for testing + var config = ConfigurationManager.OpenExeConfiguration(ConfigurationUserLevel.None); + config.AppSettings.Settings.Remove("UberMonetKey"); + config.AppSettings.Settings.Add("UberMonetKey", TestKey); + config.Save(); + ConfigurationManager.RefreshSection("appSettings"); + } + + [TestMethod] + public void Encode_ReturnsExpectedLength() + { + // Arrange + var encryptor = new UberEncryptionMethod(); + + // Act + string result = encryptor.Encode(TestUsername, TestOrgPin, TestPassword, TestUserGuid, TestSalt); + + // Assert + Assert.AreEqual(6, result.Length, "UberMonet hash should be 6 characters long"); + } + + [TestMethod] + public void Encode_SameInputProducesSameOutput() + { + // Arrange + var encryptor = new UberEncryptionMethod(); + + // Act + string result1 = encryptor.Encode(TestUsername, TestOrgPin, TestPassword, TestUserGuid, TestSalt); + string result2 = encryptor.Encode(TestUsername, TestOrgPin, TestPassword, TestUserGuid, TestSalt); + + // Assert + Assert.AreEqual(result1, result2, "Same input should produce same hash"); + } + + [TestMethod] + public void Encode_DifferentOrgPinsProduceDifferentOutputs() + { + // Arrange + var encryptor = new UberEncryptionMethod(); + string differentOrgPin = "54321"; + + // Act + string result1 = encryptor.Encode(TestUsername, TestOrgPin, TestPassword, TestUserGuid, TestSalt); + string result2 = encryptor.Encode(TestUsername, differentOrgPin, TestPassword, TestUserGuid, TestSalt); + + // Assert + Assert.AreNotEqual(result1, result2, "Different OrgPins should produce different hashes"); + } + } +} diff --git a/vb-migration/Strata.Base.Internal.Tests/Security/UserGUIDEncryptionMethodTests.cs b/vb-migration/Strata.Base.Internal.Tests/Security/UserGUIDEncryptionMethodTests.cs new file mode 100644 index 0000000..0298a5d --- /dev/null +++ b/vb-migration/Strata.Base.Internal.Tests/Security/UserGUIDEncryptionMethodTests.cs @@ -0,0 +1,106 @@ +using Microsoft.VisualStudio.TestTools.UnitTesting; +using Strata.Base.Internal.Encryptors; +using System; +using System.Configuration; + +namespace Strata.Base.Internal.Tests.Security +{ + [TestClass] + public class UserGUIDEncryptionMethodTests + { + private const string TestUsername = "testuser"; + private const string TestOrgPin = "12345"; + private const string TestPassword = "password123"; + private static readonly Guid TestUserGuid = Guid.NewGuid(); + private const string TestSalt = "testsalt"; + private const string TestKey = "TestKey123"; + + [TestInitialize] + public void Setup() + { + // Set up the configuration key for testing + var config = ConfigurationManager.OpenExeConfiguration(ConfigurationUserLevel.None); + config.AppSettings.Settings.Remove("UserGuidEncryptionKey"); + config.AppSettings.Settings.Add("UserGuidEncryptionKey", TestKey); + config.Save(); + ConfigurationManager.RefreshSection("appSettings"); + } + + [TestMethod] + public void Encode_ReturnsNonEmptyString() + { + // Arrange + var encryptor = new UserGUIDEncryptionMethod(); + + // Act + string result = encryptor.Encode(TestUsername, TestOrgPin, TestPassword, TestUserGuid, TestSalt); + + // Assert + Assert.IsFalse(string.IsNullOrEmpty(result), "Encoded result should not be empty"); + } + + [TestMethod] + public void Encode_SameInputProducesSameOutput() + { + // Arrange + var encryptor = new UserGUIDEncryptionMethod(); + + // Act + string result1 = encryptor.Encode(TestUsername, TestOrgPin, TestPassword, TestUserGuid, TestSalt); + string result2 = encryptor.Encode(TestUsername, TestOrgPin, TestPassword, TestUserGuid, TestSalt); + + // Assert + Assert.AreEqual(result1, result2, "Same input should produce same hash"); + } + + [TestMethod] + public void Encode_DifferentPasswordsProduceDifferentOutputs() + { + // Arrange + var encryptor = new UserGUIDEncryptionMethod(); + string differentPassword = "differentpassword123"; + + // Act + string result1 = encryptor.Encode(TestUsername, TestOrgPin, TestPassword, TestUserGuid, TestSalt); + string result2 = encryptor.Encode(TestUsername, TestOrgPin, differentPassword, TestUserGuid, TestSalt); + + // Assert + Assert.AreNotEqual(result1, result2, "Different passwords should produce different hashes"); + } + + [TestMethod] + public void Encode_DifferentUserGUIDsProduceDifferentOutputs() + { + // Arrange + var encryptor = new UserGUIDEncryptionMethod(); + Guid differentGuid = Guid.NewGuid(); + + // Act + string result1 = encryptor.Encode(TestUsername, TestOrgPin, TestPassword, TestUserGuid, TestSalt); + string result2 = encryptor.Encode(TestUsername, TestOrgPin, TestPassword, differentGuid, TestSalt); + + // Assert + Assert.AreNotEqual(result1, result2, "Different UserGUIDs should produce different hashes"); + } + + [TestMethod] + public void Encode_OutputIsBase64String() + { + // Arrange + var encryptor = new UserGUIDEncryptionMethod(); + + // Act + string result = encryptor.Encode(TestUsername, TestOrgPin, TestPassword, TestUserGuid, TestSalt); + + // Assert + try + { + Convert.FromBase64String(result); + } + catch (Exception ex) + { + Assert.Fail($"Result should be a valid Base64 string. Error: {ex.Message}"); + } + } + } +} diff --git a/vb-migration/Strata.Base.Internal.Tests/Security/UserSaltEncryptionMethodTests.cs b/vb-migration/Strata.Base.Internal.Tests/Security/UserSaltEncryptionMethodTests.cs new file mode 100644 index 0000000..2c2e20a --- /dev/null +++ b/vb-migration/Strata.Base.Internal.Tests/Security/UserSaltEncryptionMethodTests.cs @@ -0,0 +1,120 @@ +using Microsoft.VisualStudio.TestTools.UnitTesting; +using Strata.Base.Internal.Encryptors; +using System; +using System.Configuration; + +namespace Strata.Base.Internal.Tests.Security +{ + [TestClass] + public class UserSaltEncryptionMethodTests + { + private const string TestUsername = "testuser"; + private const string TestOrgPin = "12345"; + private const string TestPassword = "password123"; + private static readonly Guid TestUserGuid = Guid.NewGuid(); + private const string TestSalt = "testsalt"; + private const string TestKey = "TestKey123"; + + [TestInitialize] + public void Setup() + { + // Set up the configuration key for testing + var config = ConfigurationManager.OpenExeConfiguration(ConfigurationUserLevel.None); + config.AppSettings.Settings.Remove("UserSaltEncryptionKey"); + config.AppSettings.Settings.Add("UserSaltEncryptionKey", TestKey); + config.Save(); + ConfigurationManager.RefreshSection("appSettings"); + } + + [TestMethod] + public void Encode_ReturnsNonEmptyString() + { + // Arrange + var encryptor = new UserSaltEncryptionMethod(); + + // Act + string result = encryptor.Encode(TestUsername, TestOrgPin, TestPassword, TestUserGuid, TestSalt); + + // Assert + Assert.IsFalse(string.IsNullOrEmpty(result), "Encoded result should not be empty"); + } + + [TestMethod] + public void Encode_SameInputProducesSameOutput() + { + // Arrange + var encryptor = new UserSaltEncryptionMethod(); + + // Act + string result1 = encryptor.Encode(TestUsername, TestOrgPin, TestPassword, TestUserGuid, TestSalt); + string result2 = encryptor.Encode(TestUsername, TestOrgPin, TestPassword, TestUserGuid, TestSalt); + + // Assert + Assert.AreEqual(result1, result2, "Same input should produce same hash"); + } + + [TestMethod] + public void Encode_DifferentPasswordsProduceDifferentOutputs() + { + // Arrange + var encryptor = new UserSaltEncryptionMethod(); + string differentPassword = "differentpassword123"; + + // Act + string result1 = encryptor.Encode(TestUsername, TestOrgPin, TestPassword, TestUserGuid, TestSalt); + string result2 = encryptor.Encode(TestUsername, TestOrgPin, differentPassword, TestUserGuid, TestSalt); + + // Assert + Assert.AreNotEqual(result1, result2, "Different passwords should produce different hashes"); + } + + [TestMethod] + public void Encode_DifferentSaltsProduceDifferentOutputs() + { + // Arrange + var encryptor = new UserSaltEncryptionMethod(); + string differentSalt = "differentsalt"; + + // Act + string result1 = encryptor.Encode(TestUsername, TestOrgPin, TestPassword, TestUserGuid, TestSalt); + string result2 = encryptor.Encode(TestUsername, TestOrgPin, TestPassword, TestUserGuid, differentSalt); + + // Assert + Assert.AreNotEqual(result1, result2, "Different salts should produce different hashes"); + } + + [TestMethod] + public void Encode_OutputIsBase64String() + { + // Arrange + var encryptor = new UserSaltEncryptionMethod(); + + // Act + string result = encryptor.Encode(TestUsername, TestOrgPin, TestPassword, TestUserGuid, TestSalt); + + // Assert + try + { + Convert.FromBase64String(result); + } + catch (Exception ex) + { + Assert.Fail($"Result should be a valid Base64 string. Error: {ex.Message}"); + } + } + + [TestMethod] + public void Encode_OutputHasExpectedLength() + { + // Arrange + var encryptor = new UserSaltEncryptionMethod(); + + // Act + string result = encryptor.Encode(TestUsername, TestOrgPin, TestPassword, TestUserGuid, TestSalt); + byte[] decodedBytes = Convert.FromBase64String(result); + + // Assert + Assert.AreEqual(24, decodedBytes.Length, "Output should be 24 bytes (192 bits)"); + } + } +} diff --git a/vb-migration/Strata.Base.Internal.Tests/Strata.Base.Internal.Tests.csproj b/vb-migration/Strata.Base.Internal.Tests/Strata.Base.Internal.Tests.csproj new file mode 100644 index 0000000..6207637 --- /dev/null +++ b/vb-migration/Strata.Base.Internal.Tests/Strata.Base.Internal.Tests.csproj @@ -0,0 +1,24 @@ + + + + net8.0-windows + enable + enable + false + true + Strata.Base.Internal.Tests + Strata.Base.Internal.Tests + + + + + + + + + + + + + + diff --git a/vb-migration/Strata.Base.Internal.sln b/vb-migration/Strata.Base.Internal.sln new file mode 100644 index 0000000..8ee16b9 --- /dev/null +++ b/vb-migration/Strata.Base.Internal.sln @@ -0,0 +1,30 @@ +Microsoft Visual Studio Solution File, Format Version 12.00 +# Visual Studio Version 17 +VisualStudioVersion = 17.0.0.0 +MinimumVisualStudioVersion = 10.0.40219.1 +Project("{778DAE3C-4631-46EA-AA77-85C1314464D9}") = "Strata.Base.Internal", "Strata.Base.Internal\Strata.Base.Internal.vbproj", "{DB6C7DE1-AB63-4466-93A9-E5C3BDB561B4}" +EndProject +Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Strata.Base.Internal.Tests", "Strata.Base.Internal.Tests\Strata.Base.Internal.Tests.csproj", "{11111111-1111-1111-1111-111111111111}" +EndProject +Global + GlobalSection(SolutionConfigurationPlatforms) = preSolution + Debug|Any CPU = Debug|Any CPU + Release|Any CPU = Release|Any CPU + EndGlobalSection + GlobalSection(ProjectConfigurationPlatforms) = postSolution + {DB6C7DE1-AB63-4466-93A9-E5C3BDB561B4}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {DB6C7DE1-AB63-4466-93A9-E5C3BDB561B4}.Debug|Any CPU.Build.0 = Debug|Any CPU + {DB6C7DE1-AB63-4466-93A9-E5C3BDB561B4}.Release|Any CPU.ActiveCfg = Release|Any CPU + {DB6C7DE1-AB63-4466-93A9-E5C3BDB561B4}.Release|Any CPU.Build.0 = Release|Any CPU + {11111111-1111-1111-1111-111111111111}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {11111111-1111-1111-1111-111111111111}.Debug|Any CPU.Build.0 = Debug|Any CPU + {11111111-1111-1111-1111-111111111111}.Release|Any CPU.ActiveCfg = Release|Any CPU + {11111111-1111-1111-1111-111111111111}.Release|Any CPU.Build.0 = Release|Any CPU + EndGlobalSection + GlobalSection(SolutionProperties) = preSolution + HideSolutionNode = FALSE + EndGlobalSection + GlobalSection(ExtensibilityGlobals) = postSolution + SolutionGuid = {5C6D0F1F-E91E-4F6A-9E9F-B3E2DA7F2B4D} + EndGlobalSection +EndGlobal diff --git a/vb-migration/Strata.Base.Internal/Encryptors/UberEncryptionMethod.vb b/vb-migration/Strata.Base.Internal/Encryptors/UberEncryptionMethod.vb index 55e86dd..f5d50f0 100644 --- a/vb-migration/Strata.Base.Internal/Encryptors/UberEncryptionMethod.vb +++ b/vb-migration/Strata.Base.Internal/Encryptors/UberEncryptionMethod.vb @@ -1,4 +1,4 @@ -Imports System.Configuration +Imports System.Configuration Imports Strata.Configuration.Client.Models.Jazz Namespace Encryptors @@ -6,7 +6,7 @@ Namespace Encryptors Public Class UberEncryptionMethod Implements IPasswordEncryptionMethod - Friend Sub New() + Public Sub New() End Sub @@ -17,7 +17,7 @@ Namespace Encryptors End Function Private Shared Function GetUberMonet(ByVal aDate As Date, ByVal anOrgPIN As String, ByVal aKey As String) As String - Dim ha As New EncryptionUtils.Hasher(EncryptionUtils.Hasher.Provider.SHA1) + Dim ha As New EncryptionUtils.Hasher(EncryptionUtils.Hasher.Provider.SHA256) Dim lsHashBefore As String Dim lsResult As String @@ -38,7 +38,7 @@ Namespace Encryptors #Region " IPasswordEncryptionMethod " - Private Function Encode(ByVal username As String, ByVal anOrgPin As String, ByVal aNewPassword As String, ByVal aUserGUID As System.Guid, aSalt As String) As String Implements IPasswordEncryptionMethod.Encode + Public Function Encode(ByVal username As String, ByVal anOrgPin As String, ByVal aNewPassword As String, ByVal aUserGUID As System.Guid, aSalt As String) As String Implements IPasswordEncryptionMethod.Encode Return GetUberMonet(anOrgPin) End Function diff --git a/vb-migration/Strata.Base.Internal/Encryptors/UserGUIDEncryptionMethod.vb b/vb-migration/Strata.Base.Internal/Encryptors/UserGUIDEncryptionMethod.vb index f1974df..fa05adb 100644 --- a/vb-migration/Strata.Base.Internal/Encryptors/UserGUIDEncryptionMethod.vb +++ b/vb-migration/Strata.Base.Internal/Encryptors/UserGUIDEncryptionMethod.vb @@ -1,4 +1,4 @@ -Imports System.Configuration +Imports System.Configuration Imports System.Security.Cryptography Imports System.Text Imports Strata.Configuration.Client.Models.Jazz @@ -30,7 +30,7 @@ Namespace Encryptors Private Shared Function GetHashedValue(ByVal aValue As String) As String 'Create an instance of the sha encrypter - Using hasher As New SHA1Managed + Using hasher As HashAlgorithm = SHA256.Create() Return Convert.ToBase64String(hasher.ComputeHash(Encoding.UTF8.GetBytes(aValue))) End Using diff --git a/vb-migration/Strata.Base.Internal/Encryptors/UserSaltEncryptionMethod.vb b/vb-migration/Strata.Base.Internal/Encryptors/UserSaltEncryptionMethod.vb index 7f66c76..a40ec84 100644 --- a/vb-migration/Strata.Base.Internal/Encryptors/UserSaltEncryptionMethod.vb +++ b/vb-migration/Strata.Base.Internal/Encryptors/UserSaltEncryptionMethod.vb @@ -1,4 +1,4 @@ -Imports System.Configuration +Imports System.Configuration Imports System.Security.Cryptography Imports System.Text Imports Strata.Configuration.Client.Models.Jazz @@ -19,7 +19,7 @@ Namespace Encryptors Public Function Encode(ByVal username As String, ByVal anOrgPin As String, ByVal aNewPassword As String, ByVal aUserGUID As System.Guid, aSalt As String) As String Implements IPasswordEncryptionMethod.Encode Dim saltAndPepper As String = aSalt & ConfigurationManager.AppSettings(NameOf(StrataJazzOptions.UserSaltEncryptionKey)) - Using deriveBytes As Rfc2898DeriveBytes = New Rfc2898DeriveBytes(aNewPassword, Encoding.UTF8.GetBytes(saltAndPepper), NUMBER_ITERATIONS) + Using deriveBytes As Rfc2898DeriveBytes = New Rfc2898DeriveBytes(aNewPassword, Encoding.UTF8.GetBytes(saltAndPepper), NUMBER_ITERATIONS, HashAlgorithmName.SHA256) Dim password As Byte() = deriveBytes.GetBytes(24) Return Convert.ToBase64String(password) diff --git a/vb-migration/Strata.Base.Internal/Security/Encryption.vb b/vb-migration/Strata.Base.Internal/Security/Encryption.vb index ff57814..1bf72b1 100644 --- a/vb-migration/Strata.Base.Internal/Security/Encryption.vb +++ b/vb-migration/Strata.Base.Internal/Security/Encryption.vb @@ -13,7 +13,7 @@ Namespace EncryptionUtils ''' infeasible to find two distinct inputs that hash to the same value. Hash functions ''' are commonly used with digital signatures and for data integrity. ''' - Friend Class Hasher + Public Class Hasher ''' ''' Type of hash; some are security oriented, others are fast and simple @@ -44,7 +44,7 @@ Namespace EncryptionUtils Private _Hash As HashAlgorithm Private _HashValue As New Data - Private Sub New() + Friend Sub New() End Sub ''' @@ -53,15 +53,17 @@ Namespace EncryptionUtils Friend Sub New(ByVal p As Provider) Select Case p Case Provider.MD5 - _Hash = New MD5CryptoServiceProvider + _Hash = MD5.Create() Case Provider.SHA1 - _Hash = New SHA1Managed + _Hash = SHA1.Create() Case Provider.SHA256 - _Hash = New SHA256Managed + _Hash = SHA256.Create() Case Provider.SHA384 - _Hash = New SHA384Managed + _Hash = SHA384.Create() Case Provider.SHA512 - _Hash = New SHA512Managed + _Hash = SHA512.Create() + Case Else + _Hash = SHA256.Create() ' Default to SHA256 for unknown providers End Select End Sub @@ -124,22 +126,22 @@ Namespace EncryptionUtils Private Const _BufferSize As Integer = 2048 Friend Enum Provider - ''' - ''' The Data Encryption Standard provider supports a 64 bit key only - ''' + + MD5 + + SHA1 + SHA256 + SHA384 + SHA512 + DES - ''' - ''' The Rivest Cipher 2 provider supports keys ranging from 40 to 128 bits, default is 128 bits - ''' + RC2 - ''' - ''' The Rijndael (also known as AES) provider supports keys of 128, 192, or 256 bits with a default of 256 bits - ''' + Rijndael - ''' - ''' The TripleDES provider (also known as 3DES) supports keys of 128 or 192 bits with a default of 192 bits - ''' + TripleDES + AES End Enum Private _data As Data @@ -158,13 +160,15 @@ Namespace EncryptionUtils Friend Sub New(ByVal provider As Provider, Optional ByVal useDefaultInitializationVector As Boolean = True) Select Case provider Case Provider.DES - _crypto = New DESCryptoServiceProvider + _crypto = DES.Create() Case Provider.RC2 - _crypto = New RC2CryptoServiceProvider - Case Provider.Rijndael - _crypto = New RijndaelManaged + _crypto = RC2.Create() + Case Provider.Rijndael, Provider.AES + _crypto = Aes.Create() Case Provider.TripleDES - _crypto = New TripleDESCryptoServiceProvider + _crypto = TripleDES.Create() + Case Else + _crypto = Aes.Create() ' Default to AES for unknown providers End Select '-- make sure key and IV are always set, no matter what @@ -272,8 +276,12 @@ Namespace EncryptionUtils Throw New CryptographicException("No initialization vector was provided for the decryption operation!") End If End If - _crypto.Key = _key.Bytes - _crypto.IV = _iv.Bytes + Try + _crypto.Key = _key.Bytes + _crypto.IV = _iv.Bytes + Catch ex As CryptographicException + Throw New CryptographicException("Invalid key or initialization vector.", ex) + End Try End Sub ''' @@ -384,20 +392,19 @@ Namespace EncryptionUtils ''' Decrypts the specified data using preset key and preset initialization vector ''' Friend Function Decrypt(ByVal encryptedData As Data) As Data - Dim ms As New System.IO.MemoryStream(encryptedData.Bytes, 0, encryptedData.Bytes.Length) - Dim b() As Byte = New Byte(encryptedData.Bytes.Length - 1) {} - - ValidateKeyAndIv(False) - Dim cs As New CryptoStream(ms, _crypto.CreateDecryptor(), CryptoStreamMode.Read) - - Try - cs.Read(b, 0, encryptedData.Bytes.Length - 1) - Catch ex As CryptographicException - Throw New CryptographicException("Unable to decrypt data. The provided key may be invalid.", ex) - Finally - cs.Close() - End Try - Return New Data(b) + Using ms As New System.IO.MemoryStream(encryptedData.Bytes, 0, encryptedData.Bytes.Length) + ValidateKeyAndIv(False) + Using cs As New CryptoStream(ms, _crypto.CreateDecryptor(), CryptoStreamMode.Read) + Using outputMs As New MemoryStream() + Try + cs.CopyTo(outputMs) + Return New Data(outputMs.ToArray()) + Catch ex As CryptographicException + Throw New CryptographicException("Unable to decrypt data. The provided key may be invalid.", ex) + End Try + End Using + End Using + End Using End Function End Class @@ -421,7 +428,12 @@ Namespace EncryptionUtils ''' ''' Determines the default text encoding across ALL Data instances ''' - Friend Shared DefaultEncoding As Text.Encoding = System.Text.Encoding.GetEncoding("Windows-1252") + Friend Shared DefaultEncoding As Text.Encoding + + Shared Sub New() + Encoding.RegisterProvider(CodePagesEncodingProvider.Instance) + DefaultEncoding = System.Text.Encoding.GetEncoding("Windows-1252") + End Sub ''' ''' Determines the default text encoding for this Data instance diff --git a/vb-migration/Strata.Base.Internal/Security/SecurityUtils.vb b/vb-migration/Strata.Base.Internal/Security/SecurityUtils.vb index 6eda05f..c2030ac 100644 --- a/vb-migration/Strata.Base.Internal/Security/SecurityUtils.vb +++ b/vb-migration/Strata.Base.Internal/Security/SecurityUtils.vb @@ -1,16 +1,26 @@ Public Class SecurityUtils #Region " Declarations " - Private Const ENCRYPTION_KEY_SUFFIX As String = "SDT" + Private Const KEY_SIZE_BYTES As Integer = 32 ' 256 bits for AES-256 #End Region #Region " Methods " + Private Shared Function PadKey(key As String) As String + Dim paddedKey As String = key & ENCRYPTION_KEY_SUFFIX + If paddedKey.Length < KEY_SIZE_BYTES Then + paddedKey = paddedKey.PadRight(KEY_SIZE_BYTES, "X"c) + ElseIf paddedKey.Length > KEY_SIZE_BYTES Then + paddedKey = paddedKey.Substring(0, KEY_SIZE_BYTES) + End If + Return paddedKey + End Function + Public Shared Function EncryptValue(value As String, key As String) As String Dim encryption As New EncryptionUtils.SymmetricEncryptor(EncryptionUtils.SymmetricEncryptor.Provider.Rijndael) - - Return encryption.Encrypt(New EncryptionUtils.Data(value), New EncryptionUtils.Data(key & ENCRYPTION_KEY_SUFFIX)).ToBase64 + + Return encryption.Encrypt(New EncryptionUtils.Data(value), New EncryptionUtils.Data(PadKey(key))).ToBase64 End Function Public Shared Function DecryptValue(encryptedValue As String, key As String) As String @@ -20,7 +30,7 @@ Public Class SecurityUtils Dim encryptedData As EncryptionUtils.Data = New EncryptionUtils.Data() encryptedData.Base64 = encryptedValue - Return encryption.Decrypt(encryptedData, New EncryptionUtils.Data(key & ENCRYPTION_KEY_SUFFIX)).Text + Return encryption.Decrypt(encryptedData, New EncryptionUtils.Data(PadKey(key))).Text End Function #End Region diff --git a/vb-migration/Strata.Base.Internal/Strata.Base.Internal.vbproj b/vb-migration/Strata.Base.Internal/Strata.Base.Internal.vbproj index f585ba8..6c30feb 100644 --- a/vb-migration/Strata.Base.Internal/Strata.Base.Internal.vbproj +++ b/vb-migration/Strata.Base.Internal/Strata.Base.Internal.vbproj @@ -1,4 +1,4 @@ - + net8.0-windows Library @@ -20,15 +20,14 @@ Strata.Biz.Internal Strata Decision Technology, LLC Strata.Biz.Internal - © 2006-2012 Strata Decision Technology, LLC + 2006-2012 Strata Decision Technology, LLC Strata.Base.Internal.xml 42353,42354,42355 41999,42016,42017,42018,42019,42020,42021,42022,42032,42036 false - -Microsoft.Design#CA1012;-Microsoft.Design#CA2210;-Microsoft.Design#CA1040;-Microsoft.Design#CA1005;-Microsoft.Design#CA1020;-Microsoft.Design#CA1021;-Microsoft.Design#CA1010;-Microsoft.Design#CA1011;-Microsoft.Design#CA1009;-Microsoft.Design#CA1050;-Microsoft.Design#CA1026;-Microsoft.Design#CA1019;-Microsoft.Design#CA1031;-Microsoft.Design#CA1047;-Microsoft.Design#CA1000;-Microsoft.Design#CA1048;-Microsoft.Design#CA1051;-Microsoft.Design#CA1002;-Microsoft.Design#CA1061;-Microsoft.Design#CA1006;-Microsoft.Design#CA1046;-Microsoft.Design#CA1045;-Microsoft.Design#CA1065;-Microsoft.Design#CA1038;-Microsoft.Design#CA1008;-Microsoft.Design#CA1028;-Microsoft.Design#CA1064;-Microsoft.Design#CA1004;-Microsoft.Design#CA1035;-Microsoft.Design#CA1063;-Microsoft.Design#CA1032;-Microsoft.Design#CA1023;-Microsoft.Design#CA1033;-Microsoft.Design#CA1039;-Microsoft.Design#CA1016;-Microsoft.Design#CA1014;-Microsoft.Design#CA1017;-Microsoft.Design#CA1018;-Microsoft.Design#CA1027;-Microsoft.Design#CA1059;-Microsoft.Design#CA1060;-Microsoft.Design#CA1034;-Microsoft.Design#CA1013;-Microsoft.Design#CA1036;-Microsoft.Design#CA1044;-Microsoft.Design#CA1041;-Microsoft.Design#CA1025;-Microsoft.Design#CA1052;-Microsoft.Design#CA1053;-Microsoft.Design#CA1057;-Microsoft.Design#CA1058;-Microsoft.Design#CA1001;-Microsoft.Design#CA1049;-Microsoft.Design#CA1054;-Microsoft.Design#CA1056;-Microsoft.Design#CA1055;-Microsoft.Design#CA1030;-Microsoft.Design#CA1003;-Microsoft.Design#CA1007;-Microsoft.Design#CA1043;-Microsoft.Design#CA1024;-Microsoft.Globalization#CA1301;-Microsoft.Globalization#CA1302;-Microsoft.Globalization#CA1308;-Microsoft.Globalization#CA1306;-Microsoft.Globalization#CA1304;-Microsoft.Globalization#CA1305;-Microsoft.Globalization#CA2101;-Microsoft.Globalization#CA1300;-Microsoft.Globalization#CA1307;-Microsoft.Globalization#CA1309;-Microsoft.Interoperability#CA1403;-Microsoft.Interoperability#CA1406;-Microsoft.Interoperability#CA1413;-Microsoft.Interoperability#CA1402;-Microsoft.Interoperability#CA1407;-Microsoft.Interoperability#CA1404;-Microsoft.Interoperability#CA1410;-Microsoft.Interoperability#CA1411;-Microsoft.Interoperability#CA1405;-Microsoft.Interoperability#CA1409;-Microsoft.Interoperability#CA1415;-Microsoft.Interoperability#CA1408;-Microsoft.Interoperability#CA1414;-Microsoft.Interoperability#CA1412;-Microsoft.Interoperability#CA1400;-Microsoft.Interoperability#CA1401;-Microsoft.Maintainability#CA1506;-Microsoft.Maintainability#CA1502;-Microsoft.Maintainability#CA1501;-Microsoft.Maintainability#CA1505;-Microsoft.Maintainability#CA1504;-Microsoft.Maintainability#CA1500;-Microsoft.Mobility#CA1600;-Microsoft.Mobility#CA1601;-Microsoft.Naming#CA1702;-Microsoft.Naming#CA1700;-Microsoft.Naming#CA1712;-Microsoft.Naming#CA1713;-Microsoft.Naming#CA1714;-Microsoft.Naming#CA1709;-Microsoft.Naming#CA1704;-Microsoft.Naming#CA1708;-Microsoft.Naming#CA1715;-Microsoft.Naming#CA1710;-Microsoft.Naming#CA1720;-Microsoft.Naming#CA1707;-Microsoft.Naming#CA1722;-Microsoft.Naming#CA1711;-Microsoft.Naming#CA1716;-Microsoft.Naming#CA1717;-Microsoft.Naming#CA1725;-Microsoft.Naming#CA1719;-Microsoft.Naming#CA1721;-Microsoft.Naming#CA1701;-Microsoft.Naming#CA1703;-Microsoft.Naming#CA1724;-Microsoft.Naming#CA1726;-Microsoft.Performance#CA1809;-Microsoft.Performance#CA1811;-Microsoft.Performance#CA1813;-Microsoft.Performance#CA1816;-Microsoft.Performance#CA1800;-Microsoft.Performance#CA1805;-Microsoft.Performance#CA1810;-Microsoft.Performance#CA1824;-Microsoft.Performance#CA1822;-Microsoft.Performance#CA1814;-Microsoft.Performance#CA1819;-Microsoft.Performance#CA1821;-Microsoft.Performance#CA1820;-Microsoft.Performance#CA1802;-Microsoft.Portability#CA1901;-Microsoft.Portability#CA1900;-Microsoft.Reliability#CA2001;-Microsoft.Reliability#CA2002;-Microsoft.Reliability#CA2003;-Microsoft.Reliability#CA2004;-Microsoft.Reliability#CA2006;-Microsoft.Security#CA2116;-Microsoft.Security#CA2117;-Microsoft.Security#CA2105;-Microsoft.Security#CA2115;-Microsoft.Security#CA2102;-Microsoft.Security#CA2104;-Microsoft.Security#CA2122;-Microsoft.Secu -rity#CA2114;-Microsoft.Security#CA2123;-Microsoft.Security#CA2111;-Microsoft.Security#CA2108;-Microsoft.Security#CA2107;-Microsoft.Security#CA2103;-Microsoft.Security#CA2118;-Microsoft.Security#CA2109;-Microsoft.Security#CA2119;-Microsoft.Security#CA2106;-Microsoft.Security#CA2112;-Microsoft.Security#CA2120;-Microsoft.Security#CA2121;-Microsoft.Security#CA2126;-Microsoft.Security#CA2124;-Microsoft.Security#CA2127;-Microsoft.Security#CA2128;-Microsoft.Security#CA2129;-Microsoft.Usage#CA2243;-Microsoft.Usage#CA2236;-Microsoft.Usage#CA2227;-Microsoft.Usage#CA2213;-Microsoft.Usage#CA2216;-Microsoft.Usage#CA2214;-Microsoft.Usage#CA2222;-Microsoft.Usage#CA1806;-Microsoft.Usage#CA2217;-Microsoft.Usage#CA2212;-Microsoft.Usage#CA2219;-Microsoft.Usage#CA2201;-Microsoft.Usage#CA2228;-Microsoft.Usage#CA2221;-Microsoft.Usage#CA2220;-Microsoft.Usage#CA2240;-Microsoft.Usage#CA2229;-Microsoft.Usage#CA2238;-Microsoft.Usage#CA2207;-Microsoft.Usage#CA2208;-Microsoft.Usage#CA2235;-Microsoft.Usage#CA2237;-Microsoft.Usage#CA2232;-Microsoft.Usage#CA2223;-Microsoft.Usage#CA2211;-Microsoft.Usage#CA2233;-Microsoft.Usage#CA2225;-Microsoft.Usage#CA2226;-Microsoft.Usage#CA2231;-Microsoft.Usage#CA2224;-Microsoft.Usage#CA2218;-Microsoft.Usage#CA2234;-Microsoft.Usage#CA2239;-Microsoft.Usage#CA2200;-Microsoft.Usage#CA1801;-Microsoft.Usage#CA2242;-Microsoft.Usage#CA2205;-Microsoft.Usage#CA2230 + -Microsoft.Design#CA1012;-Microsoft.Design#CA2210;-Microsoft.Design#CA1040;-Microsoft.Design#CA1005;-Microsoft.Design#CA1020;-Microsoft.Design#CA1021;-Microsoft.Design#CA1010;-Microsoft.Design#CA1011;-Microsoft.Design#CA1009;-Microsoft.Design#CA1050;-Microsoft.Design#CA1026;-Microsoft.Design#CA1019;-Microsoft.Design#CA1031;-Microsoft.Design#CA1047;-Microsoft.Design#CA1000;-Microsoft.Design#CA1048;-Microsoft.Design#CA1051;-Microsoft.Design#CA1002;-Microsoft.Design#CA1061;-Microsoft.Design#CA1006;-Microsoft.Design#CA1046;-Microsoft.Design#CA1045;-Microsoft.Design#CA1065;-Microsoft.Design#CA1038;-Microsoft.Design#CA1008;-Microsoft.Design#CA1028;-Microsoft.Design#CA1064;-Microsoft.Design#CA1004;-Microsoft.Design#CA1035;-Microsoft.Design#CA1063;-Microsoft.Design#CA1032;-Microsoft.Design#CA1023;-Microsoft.Design#CA1033;-Microsoft.Design#CA1039;-Microsoft.Design#CA1016;-Microsoft.Design#CA1014;-Microsoft.Design#CA1017;-Microsoft.Design#CA1018;-Microsoft.Design#CA1027;-Microsoft.Design#CA1059;-Microsoft.Design#CA1060;-Microsoft.Design#CA1034;-Microsoft.Design#CA1013;-Microsoft.Design#CA1036;-Microsoft.Design#CA1044;-Microsoft.Design#CA1041;-Microsoft.Design#CA1025;-Microsoft.Design#CA1052;-Microsoft.Design#CA1053;-Microsoft.Design#CA1057;-Microsoft.Design#CA1058;-Microsoft.Design#CA1001;-Microsoft.Design#CA1049;-Microsoft.Design#CA1054;-Microsoft.Design#CA1056;-Microsoft.Design#CA1055;-Microsoft.Design#CA1030;-Microsoft.Design#CA1003;-Microsoft.Design#CA1007;-Microsoft.Design#CA1043;-Microsoft.Design#CA1024;-Microsoft.Globalization#CA1301;-Microsoft.Globalization#CA1302;-Microsoft.Globalization#CA1308;-Microsoft.Globalization#CA1306;-Microsoft.Globalization#CA1304;-Microsoft.Globalization#CA1305;-Microsoft.Globalization#CA2101;-Microsoft.Globalization#CA1300;-Microsoft.Globalization#CA1307;-Microsoft.Globalization#CA1309;-Microsoft.Interoperability#CA1403;-Microsoft.Interoperability#CA1406;-Microsoft.Interoperability#CA1413;-Microsoft.Interoperability#CA1402;-Microsoft.Interoperability#CA1407;-Microsoft.Interoperability#CA1404;-Microsoft.Interoperability#CA1410;-Microsoft.Interoperability#CA1411;-Microsoft.Interoperability#CA1405;-Microsoft.Interoperability#CA1409;-Microsoft.Interoperability#CA1415;-Microsoft.Interoperability#CA1408;-Microsoft.Interoperability#CA1414;-Microsoft.Interoperability#CA1412;-Microsoft.Interoperability#CA1400;-Microsoft.Interoperability#CA1401;-Microsoft.Maintainability#CA1506;-Microsoft.Maintainability#CA1502;-Microsoft.Maintainability#CA1501;-Microsoft.Maintainability#CA1505;-Microsoft.Maintainability#CA1504;-Microsoft.Maintainability#CA1500;-Microsoft.Mobility#CA1600;-Microsoft.Mobility#CA1601;-Microsoft.Naming#CA1702;-Microsoft.Naming#CA1700;-Microsoft.Naming#CA1712;-Microsoft.Naming#CA1713;-Microsoft.Naming#CA1714;-Microsoft.Naming#CA1709;-Microsoft.Naming#CA1704;-Microsoft.Naming#CA1708;-Microsoft.Naming#CA1715;-Microsoft.Naming#CA1710;-Microsoft.Naming#CA1720;-Microsoft.Naming#CA1707;-Microsoft.Naming#CA1722;-Microsoft.Naming#CA1711;-Microsoft.Naming#CA1716;-Microsoft.Naming#CA1717;-Microsoft.Naming#CA1725;-Microsoft.Naming#CA1719;-Microsoft.Naming#CA1721;-Microsoft.Naming#CA1701;-Microsoft.Naming#CA1703;-Microsoft.Naming#CA1724;-Microsoft.Naming#CA1726;-Microsoft.Performance#CA1809;-Microsoft.Performance#CA1811;-Microsoft.Performance#CA1813;-Microsoft.Performance#CA1816;-Microsoft.Performance#CA1800;-Microsoft.Performance#CA1805;-Microsoft.Performance#CA1810;-Microsoft.Performance#CA1824;-Microsoft.Performance#CA1822;-Microsoft.Performance#CA1814;-Microsoft.Performance#CA1819;-Microsoft.Performance#CA1821;-Microsoft.Performance#CA1820;-Microsoft.Performance#CA1802;-Microsoft.Portability#CA1901;-Microsoft.Portability#CA1900;-Microsoft.Reliability#CA2001;-Microsoft.Reliability#CA2002;-Microsoft.Reliability#CA2003;-Microsoft.Reliability#CA2004;-Microsoft.Reliability#CA2006;-Microsoft.Security#CA2116;-Microsoft.Security#CA2117;-Microsoft.Security#CA2105;-Microsoft.Security#CA2115;-Microsoft.Security#CA2102;-Microsoft.Security#CA2104;-Microsoft.Security#CA2122;-Microsoft.Security#CA2114;-Microsoft.Security#CA2123;-Microsoft.Security#CA2111;-Microsoft.Security#CA2108;-Microsoft.Security#CA2107;-Microsoft.Security#CA2103;-Microsoft.Security#CA2118;-Microsoft.Security#CA2109;-Microsoft.Security#CA2119;-Microsoft.Security#CA2106;-Microsoft.Security#CA2112;-Microsoft.Security#CA2120;-Microsoft.Security#CA2121;-Microsoft.Security#CA2126;-Microsoft.Security#CA2124;-Microsoft.Security#CA2127;-Microsoft.Security#CA2128;-Microsoft.Security#CA2129;-Microsoft.Usage#CA2243;-Microsoft.Usage#CA2236;-Microsoft.Usage#CA2227;-Microsoft.Usage#CA2213;-Microsoft.Usage#CA2216;-Microsoft.Usage#CA2214;-Microsoft.Usage#CA2222;-Microsoft.Usage#CA1806;-Microsoft.Usage#CA2217;-Microsoft.Usage#CA2212;-Microsoft.Usage#CA2219;-Microsoft.Usage#CA2201;-Microsoft.Usage#CA2228;-Microsoft.Usage#CA2221;-Microsoft.Usage#CA2220;-Microsoft.Usage#CA2240;-Microsoft.Usage#CA2229;-Microsoft.Usage#CA2238;-Microsoft.Usage#CA2207;-Microsoft.Usage#CA2208;-Microsoft.Usage#CA2235;-Microsoft.Usage#CA2237;-Microsoft.Usage#CA2232;-Microsoft.Usage#CA2223;-Microsoft.Usage#CA2211;-Microsoft.Usage#CA2233;-Microsoft.Usage#CA2225;-Microsoft.Usage#CA2226;-Microsoft.Usage#CA2231;-Microsoft.Usage#CA2224;-Microsoft.Usage#CA2218;-Microsoft.Usage#CA2234;-Microsoft.Usage#CA2239;-Microsoft.Usage#CA2200;-Microsoft.Usage#CA1801;-Microsoft.Usage#CA2242;-Microsoft.Usage#CA2205;-Microsoft.Usage#CA2230 Strata.Base.Internal.ruleset @@ -47,6 +46,9 @@ rity#CA2114;-Microsoft.Security#CA2123;-Microsoft.Security#CA2111;-Microsoft.Sec 41999,42016,42017,42018,42019,42020,42021,42022,42032,42036 Strata.Base.Internal.ruleset + + + True @@ -78,9 +80,7 @@ rity#CA2114;-Microsoft.Security#CA2123;-Microsoft.Security#CA2111;-Microsoft.Sec 8.44.0 - - 0.0.9 - + \ No newline at end of file