WIP Use machine key for encryption instead of ProtectSection()

Server/BackendClasses/BackendClasses.csproj

@@ -36,6 +36,7 @@
     </Reference>
     <Reference Include="System" />
     <Reference Include="System.Core" />
+    <Reference Include="System.Web" />
     <Reference Include="System.Web.Extensions" />
     <Reference Include="System.Xml.Linq" />
     <Reference Include="System.Data.DataSetExtensions" />

Server/BackendClasses/Encryption.cs

@@ -5,9 +5,37 @@
 using System.Security.Cryptography;
 using System.Text;
 using System.Threading.Tasks;
+using System.Web;
+using System.Web.Security;
 
 namespace LauncherServerClasses
 {
+    public static class MachineKeyEncryption
+    {
+        public static string Protect(string text, string purpose)
+        {
+            if (string.IsNullOrEmpty(text))
+            {
+                return string.Empty;
+            }
+
+            byte[] stream = Encoding.UTF8.GetBytes(text);
+            byte[] encodedValues = MachineKey.Protect(stream, purpose);
+            return HttpServerUtility.UrlTokenEncode(encodedValues);
+        }
+
+        public static string UnProtect(string text, string purpose)
+        {
+            if (string.IsNullOrEmpty(text))
+            {
+                return string.Empty;
+            }
+
+            byte[] stream = HttpServerUtility.UrlTokenDecode(text);
+            byte[] decodedValues = MachineKey.Unprotect(stream, purpose);
+            return Encoding.UTF8.GetString(decodedValues);
+        }
+    }
     public class Encryption
     {
         // Do not write your own encryption. Use libraries like JWT

Server/LauncherClient/Launcher.cs

@@ -6,6 +6,7 @@
 using System.Linq;
 using System.Reflection;
 using System.Windows.Forms;
+using LauncherServerClasses;
 
 namespace LauncherClient
 {
@@ -32,6 +33,8 @@ public Launcher()
                 host = new ApiHost();
                 host.StartHost();
 
+                //encryption = new Encryption("the machine key");
+
                 Configuration configuration = ConfigurationManager.OpenExeConfiguration(ConfigurationUserLevel.None);
                 baseURL = configuration.AppSettings.Settings["BaseURL"].Value;
                 computerKey = configuration.AppSettings.Settings["ComputerKey"].Value;
@@ -122,8 +125,16 @@ private void game_start_timer_Tick(object sender, EventArgs e)
         public void SetConfigValue(string key, string value)
         {
             Configuration configuration = ConfigurationManager.OpenExeConfiguration(ConfigurationUserLevel.None);
+
+            if(key == "Secret")
+            {
+                //string encryptedValue = encryption.Encrypt(value);
+                string encryptedValue = MachineKeyEncryption.Protect(value, $"Secret for computer {computerKey}");
+                value = encryptedValue;
+            }
+
             configuration.AppSettings.Settings[key].Value = value;
-            configuration.AppSettings.SectionInformation.ProtectSection(null);
+            //configuration.AppSettings.SectionInformation.ProtectSection(null);
             configuration.Save();
 
             ConfigurationManager.RefreshSection("appSettings");

Server/LauncherClient/LauncherClient.csproj

@@ -66,7 +66,7 @@
     <ApplicationManifest>Properties\app.manifest</ApplicationManifest>
   </PropertyGroup>
   <PropertyGroup>
-    <SignManifests>true</SignManifests>
+    <SignManifests>false</SignManifests>
   </PropertyGroup>
   <ItemGroup>
     <Reference Include="Microsoft.Owin, Version=3.1.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">

Server/LauncherClient/Owin/Controllers/GamesController.cs

@@ -8,6 +8,7 @@
 using System.Configuration;
 using System.Web.Http.Results;
 using LauncherServerClasses;
+using System.Windows.Forms;
 
 namespace LauncherClient.Owin.Controllers
 {
@@ -30,7 +31,21 @@ public StatusMessage StartGame(int id, bool install = false)
             string baseURL = ConfigurationManager.AppSettings["BaseURL"];
             string computerKey = ConfigurationManager.AppSettings["ComputerKey"];
             string secretKey = ConfigurationManager.AppSettings["Secret"];
-            encryption = new Encryption(secretKey);
+
+            // We must decrypt the secret key using the machine key
+            //machineKeyEncryption = new Encryption("the machine key");
+            try
+            {
+                secretKey = MachineKeyEncryption.UnProtect(secretKey, $"Secret for computer {computerKey}");
+            }
+            catch (Exception e)
+            {
+                MessageBox.Show($"Error: Unable to load settings. Contact an administrator.\n\n{e.Message}");
+                throw;
+            }
+
+            // Then, we can Encrypt/Decrypt using that decrypted secret key
+            encryption = new Encryption(secretKey); 
 
             string URL = $"{baseURL}/game/checkout/{id}";
             SteamGame game = gc.GetSteamLogin(id, URL, computerKey, "");

Session9.md

@@ -0,0 +1,36 @@
+# Academy Session 9
+
+## Local Encryption Fix
+
+Team members:
+
+- Colin Jones
+- Andrew Horner
+- Joshua Storrs
+- Jesse Landis-Eigsti
+- Liz Kimbell
+
+## The problem
+
+Recently, the LauncherClient application that is used to open Steam and run games stopped being able to save and load the settings sent to it from the server. The secret key was being stored in LauncherClient.exe.config, and it was encrypted using the ProtectSection() method. If the program is run as Administrator, it works again, but that isn't ideal. The program produced an error that took some digging to fully understand.
+
+It took time to discover how to reproduce the error outside of LFG, but it turned out to be possible by creating an additional Windows account (which would have lesser privileges) and running LauncherClient and the React interface on that.
+
+It turns out that ProtectSection() is mainly intended to be used on server applications with administrator access, for i.e. storing database connection strings. Previously, it still worked to use it client-side, even though it wasn't the intended use. It seems that with some recent Windows update(s) this approach doesn't work anymore on most machines.
+
+## The solution
+
+The app config file can still be used without administrator privileges as long as ProtectSection() isn't used. However, we still needed to encrypt the data somehow for security.
+
+Luckily, we were able to encrypt and decrypt it using the machine key instead of ProtectSection(), simply storing the pre-encrypted string in the config file and decrypting it when it's loaded in. The machine key is something every Windows installation will have available. The code in [this link](https://stackoverflow.com/questions/36812592/encrypt-and-decrypt-with-machinekey-in-c-sharp) demonstrates how to use the machine key to encrypt and decrypt data.
+
+The problem has been solved in [this commit](https://github.com/ColsterJ/GameLauncher/commit/2ca4249fc4ace5627b43b580ae5dd43e5e05b9e0). Even though that post seems to be discussing an ASP.NET application, the strategy worked for us in our client-side app. John has tested this on a few computers at LFG, and the application now works without running as administrator!
+
+## Further work
+
+- There should be checks in place if decrypting the secret with the machine key causes some kind of error.
+- There are plenty of other areas to work on, such as:
+  - Documenting the process to setup the server and client
+  - Explaining where the different pieces are located in the repository
+  - Improving the React frontend both visually and in terms of code
+  - Improving the GUI of the LauncherClient