using System.Security.Cryptography;
using System.Text;
using System.Runtime.InteropServices;
namespace CredentialManager.Services;
///
/// Interfaccia per il servizio di crittografia
///
public interface IEncryptionService
{
string Encrypt(string plainText);
string Decrypt(string encryptedText);
}
///
/// Servizio per la crittografia delle password cross-platform
///
public class EncryptionService : IEncryptionService
{
private readonly byte[] _key;
private readonly byte[] _iv;
public EncryptionService()
{
// Chiave e IV derivati da una stringa fissa (in produzione dovrebbero essere configurabili)
var keySource = "CredentialManager2025KeyForEncryption!";
var ivSource = "CredMgr2025IV!";
using var sha256 = SHA256.Create();
_key = sha256.ComputeHash(Encoding.UTF8.GetBytes(keySource));
_iv = new byte[16];
Array.Copy(Encoding.UTF8.GetBytes(ivSource), _iv, Math.Min(16, ivSource.Length));
}
public string Encrypt(string plainText)
{
if (string.IsNullOrEmpty(plainText))
return string.Empty;
try
{
// Su Windows, usa ProtectedData se disponibile
if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows))
{
return EncryptWithProtectedData(plainText);
}
// Su altre piattaforme, usa AES
return EncryptWithAes(plainText);
}
catch (Exception ex)
{
throw new InvalidOperationException("Errore durante la crittografia", ex);
}
}
public string Decrypt(string encryptedText)
{
if (string.IsNullOrEmpty(encryptedText))
return string.Empty;
try
{
// Su Windows, usa ProtectedData se disponibile
if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows))
{
return DecryptWithProtectedData(encryptedText);
}
// Su altre piattaforme, usa AES
return DecryptWithAes(encryptedText);
}
catch (Exception ex)
{
throw new InvalidOperationException("Errore durante la decrittografia", ex);
}
} private string EncryptWithProtectedData(string plainText)
{
byte[] plainTextBytes = Encoding.UTF8.GetBytes(plainText);
byte[] entropy = Encoding.UTF8.GetBytes("CredentialManager2025");
if (OperatingSystem.IsWindows())
{
byte[] encryptedBytes = ProtectedData.Protect(plainTextBytes, entropy, DataProtectionScope.CurrentUser);
return Convert.ToBase64String(encryptedBytes);
}
// Fallback ad AES se non su Windows
return EncryptWithAes(plainText);
}
private string DecryptWithProtectedData(string encryptedText)
{
if (OperatingSystem.IsWindows())
{
byte[] encryptedBytes = Convert.FromBase64String(encryptedText);
byte[] entropy = Encoding.UTF8.GetBytes("CredentialManager2025");
byte[] decryptedBytes = ProtectedData.Unprotect(encryptedBytes, entropy, DataProtectionScope.CurrentUser);
return Encoding.UTF8.GetString(decryptedBytes);
}
// Fallback ad AES se non su Windows
return DecryptWithAes(encryptedText);
}
private string EncryptWithAes(string plainText)
{
using var aes = Aes.Create();
aes.Key = _key;
aes.IV = _iv;
using var encryptor = aes.CreateEncryptor();
using var msEncrypt = new MemoryStream();
using var csEncrypt = new CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write);
using var swEncrypt = new StreamWriter(csEncrypt);
swEncrypt.Write(plainText);
swEncrypt.Close();
return Convert.ToBase64String(msEncrypt.ToArray());
}
private string DecryptWithAes(string encryptedText)
{
byte[] cipherBytes = Convert.FromBase64String(encryptedText);
using var aes = Aes.Create();
aes.Key = _key;
aes.IV = _iv;
using var decryptor = aes.CreateDecryptor();
using var msDecrypt = new MemoryStream(cipherBytes);
using var csDecrypt = new CryptoStream(msDecrypt, decryptor, CryptoStreamMode.Read);
using var srDecrypt = new StreamReader(csDecrypt);
return srDecrypt.ReadToEnd();
}
}