Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Adding Second factor #201

Open
wants to merge 25 commits into
base: master
Choose a base branch
from
Open

Conversation

Flamifly
Copy link
Contributor

  • Implemented a new way to Load the DatabaseFiles
  • Added new Dialogs for SecondFactor (Show, Enter and Manage)
  • Added Token generator
  • ...

No Compilation errors
Every functionality for a Database worked correctly

flamy and others added 20 commits December 30, 2024 19:16

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
changed the Logic for saving the Database File (added new Classes for Serialization also added new DatabaseItemNew class for implementing the Logic)

Errors will occure if you clone the Branch because I do not commit my changes on the DatabaseItem & OldDatabaseImporter to avoid Merge conflicts
(Interface which contains Methods for loading/saving decrypt/encrypt the Databases. The IDatabaseLoader contains the Methods for the newest Database, the other DatabasesLoader will inherit from the Interface and override these Methods and handle them the way they need)

In the Future the Loader can choose which Loader will be used by the Version in the DatabaseSettings
The File also includes it's Type.
By that the DatabaseFile will be unique by it's Version and by it's Type
The Old Database Format will automaticly be converted to the new one
Need to add the SecondFactor on the Database settings to enable it
…ith the Hash

- added Argon2 Package as Hash Algorithm
- added SecureString Extension with the Method ToBytes to convert a SecureString to a Byte[]
- added new Method LoadInternal to the DatabaseLoader this Method will be used as callback if a DatabaseLoader notice that it tries to load a Database which has the wrong Version to pass the DatabaseFile as Instance to the right DatabaseLoader to avoid doing the same thing a second time
added Load Method which allows to call the Load Method on a Generic Typ
- added ICloneable to the DatabaseSettins to allow cloning of the Settings
- bugfix Loading old Databases won't show any error now because the Password will always be wrong (Hash is now the Password and not the MasterPassword)
- Added a new Page to managge the SecondFactor for a Database (if it is enabled and it's type
- The Argon2 Hash will now use 256MB instead of 1GB Memory
- Added Translations for the new Page
…ity)

- deleted OldDatabaseImporter since we do not use it anymore
- added Translations for new Dialogs/Pages
- added new ShowTokenPage this Page will be used if a User choosed OTP as SecondFactor to show the User after the Login his new Token
- added Functionality to show the ShowTokenPage at the LoginPage
- added an InterLoad Method on the DatabaseItem which allows loading a Database which was already encrypted to avoid doing it twice on the LoginPage
- added alot more Documentation on many different Classes
- added additional Extension Methods to for example Converting a SecureString to a String (this will be used for the Token to show it to the User any time)
- deleted ByteArrayExtension since it hasn't been used
- bugfix: The TokenHelper returned invalid data the Token did not include numbers it included Controlchars
@Flamifly
Copy link
Contributor Author

Please test it with a Test Database

… we need to call the Garbage Collector by our selve
@Flamifly
Copy link
Contributor Author

Had to add something
The Argon2 Algorithm does not release the Memory because of that EasePass used 256MB more Ram than usual all the time.
To Fix that I added a GC Call on the Hash Helper for the Argon2 Hash

Philipp Eckert added 2 commits January 31, 2025 20:46
currently the Hash will be generated with the version as associated Data
by that we are not able to get the version at first.
We need to decrypt the Settings without the associated data and do it after for the passwords

TODO:
change the Password for the second time generating a hash
if (combo.SelectedValue == null)
return;

try
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Don't use try catch here. Enum.TryPrase is a good alternative:

https://learn.microsoft.com/de-de/dotnet/api/system.enum.tryparse?view=net-9.0

Philipp Eckert added 2 commits February 6, 2025 19:41
- Added Method for converting a Byte[] to a Char[] to be able to do not allocate a String

The First implementation Hashed the Password with associated Data because of that we wasn't able to get the Version of the Database
To encrypt the Passwords we will now convert the password bytes to a base64 char array and reverse it
by that we can change the Hash result to add an extra step for an attacker
…o use argon2 we do not have to hash our hash with an unsafe hash like sha1
@FrozenAssassine FrozenAssassine added this to the 1.4.0 milestone Feb 23, 2025
@FrozenAssassine FrozenAssassine added the enhancement New feature or request label Feb 23, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

2 participants