From 730990a5429f33a2f03efb3ca3ae523be6368097 Mon Sep 17 00:00:00 2001 From: Charles Munson Date: Mon, 9 Nov 2015 02:09:10 +0100 Subject: [PATCH] Bring Keenou-pGINA up-to-date with Keenou front-end User password is hashed into crypto container password Crypto hashing alg. is variable now, so pull it from the registry --- .../CryptoContainer/PluginImpl.cs | 43 ++++++++++--------- 1 file changed, 23 insertions(+), 20 deletions(-) diff --git a/Plugins/Contrib/CryptoContainer/CryptoContainer/PluginImpl.cs b/Plugins/Contrib/CryptoContainer/CryptoContainer/PluginImpl.cs index 4154f0b5..3be9bebf 100644 --- a/Plugins/Contrib/CryptoContainer/CryptoContainer/PluginImpl.cs +++ b/Plugins/Contrib/CryptoContainer/CryptoContainer/PluginImpl.cs @@ -9,6 +9,7 @@ using System.IO; using log4net; using System.Text.RegularExpressions; +using System.Security.Cryptography; namespace pGina.Plugin.CryptoContainer { @@ -50,6 +51,19 @@ public void Starting() { } public void Stopping() { } + + // Get SHA-512 signature from input text // + public static string SHA512_Base64(string input) + { + using (SHA512 alg = SHA512.Create()) + { + byte[] result = alg.ComputeHash(Encoding.UTF8.GetBytes(input)); + return Convert.ToBase64String(result); + } + } + // * // + + public BooleanResult AuthenticatedUserGateway(SessionProperties properties) { @@ -74,9 +88,14 @@ public BooleanResult AuthenticatedUserGateway(SessionProperties properties) - // TEST - //Registry.SetValue(@"HKEY_LOCAL_MACHINE\SOFTWARE\Keenou\" + sidString, "encContainerLoc", @"C:\Users\jetwhiz\Desktop\VeraCrypt\test.hc"); - //Registry.SetValue(@"HKEY_LOCAL_MACHINE\SOFTWARE\Keenou\" + sidString, "firstBoot", true); + // Figure out the hash used for crypto container // + string hashChosen = (string)Registry.GetValue(@"HKEY_LOCAL_MACHINE\SOFTWARE\Keenou\" + sidString, "hash", "whirlpool"); + if (string.IsNullOrEmpty(hashChosen)) + { + return new BooleanResult() { Success = false, Message = "Cannot find user's hash algorithm in registry." }; + } + m_logger.InfoFormat("Hash algorithm: {0}", hashChosen); + // * // @@ -148,7 +167,6 @@ public BooleanResult AuthenticatedUserGateway(SessionProperties properties) // GET VeraCrypt DIRECTORY string programDir = (Environment.GetEnvironmentVariable("PROGRAMFILES(X86)") ?? Environment.GetFolderPath(Environment.SpecialFolder.ProgramFiles)) + @"\VeraCrypt\"; - //programDir = @"C:\Users\jetwhiz\Desktop\VeraCrypt\"; m_logger.InfoFormat("Location of Veracrypt executables: {0}", programDir); @@ -167,7 +185,7 @@ public BooleanResult AuthenticatedUserGateway(SessionProperties properties) startInfo.WindowStyle = ProcessWindowStyle.Hidden; startInfo.FileName = "cmd.exe"; - startInfo.Arguments = "/C \"\"" + programDir + "VeraCrypt.exe\" /hash whirlpool /v \"" + encContainerLoc + "\" /l " + targetDrive + " /f /h n /p \"" + userInfo.Password + "\" /q /s\""; + startInfo.Arguments = "/C \"\"" + programDir + "VeraCrypt.exe\" /hash " + hashChosen + " /v \"" + encContainerLoc + "\" /l " + targetDrive + " /f /h n /p \"" + SHA512_Base64(userInfo.Password) + "\" /q /s\""; process.StartInfo = startInfo; process.Start(); process.WaitForExit(); @@ -203,9 +221,6 @@ public BooleanResult AuthenticatedUserGateway(SessionProperties properties) if (firstBoot) { m_logger.InfoFormat("First boot for this user!"); - //dir /S /A:L - //xcopy C:\Users\jetwhiz c:\jetwhiz /s /e /h /d /k /x /c /q - //robocopy C:\Users\jetwhiz C:\jetwhiz /MIR /copyall /sl /xj /r:0 // Make sure old location exists (before moving files over to new location) @@ -226,9 +241,6 @@ public BooleanResult AuthenticatedUserGateway(SessionProperties properties) { startInfo.WindowStyle = ProcessWindowStyle.Hidden; startInfo.FileName = "cmd.exe"; - //startInfo.UseShellExecute = false; - //startInfo.CreateNoWindow = true; - //startInfo.RedirectStandardOutput = true; startInfo.Arguments = "/C \"robocopy \"" + homeFolder + "\" " + targetDrive + ":\\ /MIR /copyall /sl /xj /r:0\""; process.StartInfo = startInfo; process.Start(); // this may take a while! @@ -240,15 +252,6 @@ public BooleanResult AuthenticatedUserGateway(SessionProperties properties) return new BooleanResult() { Success = false, Message = "Error while copying files over!" }; } - // Ensure no files failed to copy - /*while (!process.StandardOutput.EndOfStream) - { - string line = process.StandardOutput.ReadLine(); - if (line.ToUpper().IndexOf("ERROR") > -1) - { - return new BooleanResult() { Success = false, Message = "Failed to copy all files over!" }; - } - }*/ } catch (Exception e) {