Save an encrypted person class

2017-08-09 16:20:05 -05:00 · 2017-08-09 16:20:05 -05:00 · 66657507ed
parent e4edd9bf5a
commit 66657507ed
1 changed files with 49 additions and 19 deletions
--- a/EduNetworkBuilder/PersonClass.cs
+++ b/EduNetworkBuilder/PersonClass.cs
@ -7,6 +7,8 @@ using System.Xml;
 using System.IO;
 using System.Windows.Forms;
 using System.Drawing;
 using System.Security.Cryptography;
 using System.Security.Cryptography.Xml;
 namespace EduNetworkBuilder
 {
@ -30,7 +32,7 @@ namespace EduNetworkBuilder
        /// </summary>
        public string FullName = "";  
-        List<string> Passwords = new List<string>();
+        string Password = "";
        string PasswordHint = "";
        /// <summary>
@ -79,22 +81,9 @@ namespace EduNetworkBuilder
        }
        public string Password(int index = 0)
        {
            if (Passwords.Count == 0) return "";
            if (index < 0) return "";
            if (index >= Passwords.Count) return "";
            return Passwords[index];
        }
        public void ChangePassword(string NewPassword)
        {
-            Passwords.Insert(0, NewPassword);
+            Password = NewPassword;
            int maxPWs = 1;
            if (isAdmin)
                maxPWs = 10; //Admins store the last 10 passwords. If the admin changed his PW, we still need to decrypt the student's files
            for (int a = Passwords.Count - 1; a >= maxPWs; a--)
                Passwords.RemoveAt(a); //Remove all but the one password
        }
        #region Load and Save 
@ -149,7 +138,7 @@ namespace EduNetworkBuilder
                            ChangePassAtFirstLogin = changepw;
                            break;
                        case "password":
-                            Passwords.Add(Individual.InnerText);
+                            Password = Individual.InnerText;
                            break;
                        case "settings":
                            UserSettings = NB.Deserialize<NBSettings>(Individual.InnerText);
@ -198,7 +187,12 @@ namespace EduNetworkBuilder
                writer.WriteEndElement();
                writer.WriteEndDocument();
            }
-            doc.Save(filename);
+            if(TryToEncrypt(doc) != null)
                doc.Save(filename);
            else
            {
                //We should blow up gracefully.  Not sure why we failed.
            }
        }
@ -222,8 +216,7 @@ namespace EduNetworkBuilder
            string settingsstring = NB.SerializeObject<NBSettings>(UserSettings);
            writer.WriteElementString("Settings", settingsstring);
-            foreach(string One in Passwords)
+            writer.WriteElementString("Password", Password);
                writer.WriteElementString("Password", One);
            foreach (PersonClass PC in Students)
                PC.Save(writer, true); //Save as a student entry
            //Save all the devices
@ -233,6 +226,43 @@ namespace EduNetworkBuilder
            }
            writer.WriteEndElement();
        }
        private XmlDocument TryToEncrypt(XmlDocument What)
        {
            string UserPassword = UserName + Password;
            if (UserPassword == "") return null; //This should never happen
            string salt = TrippleDESDocumentEncryption.GenSalt(NB.GetRandom());
            TripleDES tDESkey = TrippleDESDocumentEncryption.GenKey(UserPassword, salt);
            TrippleDESDocumentEncryption xmlTDES = new TrippleDESDocumentEncryption(What, tDESkey);
            try
            {
                // Encrypt the "user" element.
                xmlTDES.Encrypt("User");
                //make the entries for the key
                XmlNode tNode = xmlTDES.Doc.CreateElement("EncryptedKey");
                tNode.InnerText = UserPassword;
                XmlElement inputElement = xmlTDES.Doc.GetElementsByTagName("EncryptedData")[0] as XmlElement;
                xmlTDES.Doc.DocumentElement.InsertAfter(tNode, inputElement);
                //add the salt
                tNode = xmlTDES.Doc.CreateElement("Salt");
                tNode.InnerText = salt;
                xmlTDES.Doc.DocumentElement.InsertAfter(tNode, inputElement);
                //encrypt the user key with the admin key
                xmlTDES.SetKey(AltPassword, salt);
                xmlTDES.Encrypt("EncryptedKey");
            }
            catch (Exception e)
            {
                Console.WriteLine(e.Message);
                return null;
            }
            return xmlTDES.Doc;
        }
        #endregion
        public bool AddHomework(SchoolworkClass ToAdd)