-
Notifications
You must be signed in to change notification settings - Fork 19
Expand file tree
/
Copy pathKeyFileViewModel.cs
More file actions
106 lines (87 loc) · 4.24 KB
/
KeyFileViewModel.cs
File metadata and controls
106 lines (87 loc) · 4.24 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.IO;
using System.Security.Cryptography;
using System.Text;
using System.Threading;
using System.Threading.Tasks;
using SecureFolderFS.Sdk.Enums;
using SecureFolderFS.Sdk.Extensions;
using SecureFolderFS.Sdk.Services;
using SecureFolderFS.Sdk.ViewModels.Controls.Authentication;
using SecureFolderFS.Shared;
using SecureFolderFS.Shared.ComponentModel;
using SecureFolderFS.Shared.Extensions;
using SecureFolderFS.Shared.Models;
using SecureFolderFS.Shared.SecureStore;
using SecureFolderFS.Storage.Pickers;
namespace SecureFolderFS.UI.ViewModels.Authentication
{
/// <inheritdoc cref="AuthenticationViewModel"/>
[Bindable(true)]
public abstract class KeyFileViewModel : AuthenticationViewModel
{
private const int KEY_LENGTH = 128;
private IFileExplorerService FileExplorerService { get; } = DI.Service<IFileExplorerService>();
/// <inheritdoc/>
public override event EventHandler<EventArgs>? StateChanged;
/// <inheritdoc/>
public sealed override bool CanComplement { get; } = true;
/// <inheritdoc/>
public sealed override AuthenticationStage Availability { get; } = AuthenticationStage.Any;
protected KeyFileViewModel()
: base(Core.Constants.Vault.Authentication.AUTH_KEYFILE)
{
Title = "KeyFile".ToLocalized();
}
/// <inheritdoc/>
public override Task RevokeAsync(string? id, CancellationToken cancellationToken = default)
{
return Task.CompletedTask;
}
/// <inheritdoc/>
public override async Task<IResult<IKeyBytes>> EnrollAsync(string id, byte[]? data, CancellationToken cancellationToken = default)
{
// The 'data' parameter is not needed in this type of authentication
_ = data;
using var secretKey = new ManagedKey(KEY_LENGTH + id.Length);
await using var dataStream = new MemoryStream();
// Fill the first 128 bytes with secure random data
RandomNumberGenerator.Fill(secretKey.Key.AsSpan(0, KEY_LENGTH));
// Fill the remaining bytes with the ID
// By using ASCII encoding we get 1:1 byte to char ratio which allows us
// to use the length of the string ID as part of the SecretKey length above
Encoding.ASCII.GetBytes(id, secretKey.Key.AsSpan(KEY_LENGTH));
// Write to the data stream and save the file
await dataStream.WriteAsync(secretKey.Key, cancellationToken);
dataStream.Position = 0L;
var result = await FileExplorerService.SaveFileAsync("Vault key file", dataStream, new Dictionary<string, string>()
{
{ "KeyFile".ToLocalized(), Constants.FileNames.KEY_FILE_EXTENSION },
{ "All Files", "*" }
}, cancellationToken);
if (!result)
throw new OperationCanceledException("The user did not save a file.");
// Create a copy of the secret key because we need to dispose the original
return Result<IKeyBytes>.Success(secretKey.CreateCopy());
}
/// <inheritdoc/>
public override async Task<IResult<IKeyBytes>> AcquireAsync(string id, byte[]? data, CancellationToken cancellationToken = default)
{
// The 'data' parameter is not needed in this type of authentication
_ = data;
var keyFile = await FileExplorerService.PickFileAsync(new NameFilter([ ".key", "*" ]), false, cancellationToken);
if (keyFile is null)
throw new OperationCanceledException("The user did not pick a file.");
await using var keyStream = await keyFile.OpenStreamAsync(FileAccess.Read, cancellationToken);
using var secretKey = new ManagedKey(KEY_LENGTH + id.Length);
var read = await keyStream.ReadAsync(secretKey.Key, cancellationToken);
if (read < secretKey.Length)
throw new DataException("The key data was too short.");
// Create a copy of the secret key because we need to dispose the original
return Result<IKeyBytes>.Success(secretKey.CreateCopy());
}
}
}