Enhance password encryption and validation logic

michaelmsonne · michaelmsonne · commit cc758afa0e0c · 2025-08-04T00:50:23.000+02:00
- Added validation to `EncryptPassword` to ensure encrypted
  passwords can be decrypted and match the original plaintext.
- Introduced `SafeEncryptPassword` for safer encryption with
  comprehensive error handling and optional validation.
- Improved error handling in `MainForm` to warn users and
  handle encryption failures gracefully.
- Adjusted UI layout in `TimestampServerManagementForm` for
  better alignment of controls.
- Enhanced logging with detailed messages and unique event
  codes for better traceability.
- Improved code robustness with null/empty checks and
  enhanced exception handling.
- Refactored encryption and validation logic for better
  maintainability and readability.
diff --git a/src/SignToolGUI/Class/SecurePasswordManager.cs b/src/SignToolGUI/Class/SecurePasswordManager.cs
@@ -74,7 +74,7 @@ private static string GenerateMachineSpecificKey()
         }
 
         /// <summary>
-        /// Encrypts a password using AES with machine-specific key derivation
+        /// Encrypts a password using AES with machine-specific key derivation and validates the result
         /// </summary>
         /// <param name="plainText">Password to encrypt</param>
         /// <returns>Base64 encoded encrypted password with metadata</returns>
@@ -120,7 +120,17 @@ public static string EncryptPassword(string plainText)
                                 csEncrypt.FlushFinalBlock();
                             }
 
-                            return Convert.ToBase64String(msEncrypt.ToArray());
+                            var encryptedResult = Convert.ToBase64String(msEncrypt.ToArray());
+
+                            // Validate that we can decrypt what we just encrypted on this machine
+                            if (!ValidateEncryptionResult(encryptedResult, plainText))
+                            {
+                                Message("Encryption validation failed - encrypted data cannot be decrypted", EventType.Error, 3039);
+                                throw new InvalidOperationException("Encryption validation failed - the encrypted password cannot be decrypted on this machine");
+                            }
+
+                            Message("Password encryption and validation successful", EventType.Information, 3040);
+                            return encryptedResult;
                         }
                     }
                 }
@@ -132,6 +142,41 @@ public static string EncryptPassword(string plainText)
             }
         }
 
+        /// <summary>
+        /// Validates that an encrypted password can be properly decrypted and matches the original
+        /// </summary>
+        /// <param name="encryptedPassword">The encrypted password to validate</param>
+        /// <param name="originalPassword">The original plain text password for comparison</param>
+        /// <returns>True if the encrypted password can be decrypted and matches the original</returns>
+        private static bool ValidateEncryptionResult(string encryptedPassword, string originalPassword)
+        {
+            try
+            {
+                // Test that we can decrypt the password
+                if (!CanDecryptOnThisMachine(encryptedPassword))
+                {
+                    Message("Validation failed: Cannot decrypt encrypted password on this machine", EventType.Warning, 3041);
+                    return false;
+                }
+
+                // Test that the decrypted password matches the original
+                var decryptedPassword = DecryptPassword(encryptedPassword);
+                if (decryptedPassword != originalPassword)
+                {
+                    Message("Validation failed: Decrypted password does not match original", EventType.Warning, 3042);
+                    return false;
+                }
+
+                Message("Encryption validation successful: Password can be decrypted and matches original", EventType.Information, 3043);
+                return true;
+            }
+            catch (Exception ex)
+            {
+                Message($"Error during encryption validation: {ex.Message}", EventType.Warning, 3044);
+                return false;
+            }
+        }
+
         /// <summary>
         /// Decrypts a password using AES with machine-specific key derivation
         /// </summary>
@@ -245,15 +290,53 @@ private static byte[] GenerateRandomBytes(int size)
         /// <returns>True if the password can be decrypted on this machine</returns>
         public static bool CanDecryptOnThisMachine(string encryptedPassword)
         {
+            if (string.IsNullOrEmpty(encryptedPassword))
+                return false;
+
             try
             {
                 var decrypted = DecryptPassword(encryptedPassword);
                 return !string.IsNullOrEmpty(decrypted);
             }
-            catch
+            catch (Exception ex)
             {
+                Message($"Cannot decrypt password on this machine: {ex.Message}", EventType.Information, 3045);
                 return false;
             }
         }
+
+        /// <summary>
+        /// Enhanced method to safely encrypt and validate a password with comprehensive error handling
+        /// </summary>
+        /// <param name="plainText">Password to encrypt</param>
+        /// <param name="performValidation">Whether to perform validation test (default: true)</param>
+        /// <returns>Encrypted password or empty string if encryption/validation fails</returns>
+        public static string SafeEncryptPassword(string plainText, bool performValidation = true)
+        {
+            if (string.IsNullOrEmpty(plainText))
+                return string.Empty;
+
+            try
+            {
+                var encrypted = EncryptPassword(plainText);
+
+                if (performValidation && !string.IsNullOrEmpty(encrypted))
+                {
+                    // Additional validation using CanDecryptOnThisMachine
+                    if (!CanDecryptOnThisMachine(encrypted))
+                    {
+                        Message("Safe encryption failed: Encrypted password cannot be validated for decryption", EventType.Error, 3046);
+                        return string.Empty;
+                    }
+                }
+
+                return encrypted;
+            }
+            catch (Exception ex)
+            {
+                Message($"Safe encryption failed: {ex.Message}", EventType.Error, 3047);
+                return string.Empty;
+            }
+        }
     }
 }
diff --git a/src/SignToolGUI/Forms/MainForm.cs b/src/SignToolGUI/Forms/MainForm.cs
@@ -1168,11 +1168,29 @@ private void MainForm_FormClosing(object sender, FormClosingEventArgs e)
                                 }
                             }
 
-                            // Encrypt the certificate password and save it to the configuration file
-                            var encryptedstring = SecurePasswordManager.EncryptPassword(textBoxPFXPassword.Text);
+                            // Encrypt the certificate password with validation and save it to the configuration file
+                            var encryptedstring = SecurePasswordManager.SafeEncryptPassword(textBoxPFXPassword.Text);
 
-                            // Save the encrypted certificate password to the configuration file
-                            iniFile.WriteValue("Program", "CertificatePassword", encryptedstring);
+                            if (string.IsNullOrEmpty(encryptedstring) && !string.IsNullOrEmpty(textBoxPFXPassword.Text))
+                            {
+                                // Encryption failed, warn the user
+                                MessageBox.Show("Failed to securely encrypt the certificate password. The password will not be saved.",
+                                    "Encryption Error", MessageBoxButtons.OK, MessageBoxIcon.Warning);
+
+                                // Save empty password instead of potentially corrupted data
+                                iniFile.WriteValue("Program", "CertificatePassword", "");
+                                Message("Certificate password not saved due to encryption failure", EventType.Warning, 3048);
+                            }
+                            else
+                            {
+                                // Save the encrypted certificate password to the configuration file
+                                iniFile.WriteValue("Program", "CertificatePassword", encryptedstring);
+
+                                if (!string.IsNullOrEmpty(encryptedstring))
+                                {
+                                    Message("Certificate password successfully encrypted and saved", EventType.Information, 3049);
+                                }
+                            }
                         }
                         catch (Exception ex)
                         {
diff --git a/src/SignToolGUI/Forms/TimestampServerManagementForm.Designer.cs b/src/SignToolGUI/Forms/TimestampServerManagementForm.Designer.cs
