WIP Use machine key for encryption instead of ProtectSection() #22
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -6,6 +6,7 @@ | |
| using System.Linq; | ||
| using System.Reflection; | ||
| using System.Windows.Forms; | ||
| using LauncherServerClasses; | ||
|
|
||
| namespace LauncherClient | ||
| { | ||
|
|
@@ -32,6 +33,8 @@ public Launcher() | |
| host = new ApiHost(); | ||
| host.StartHost(); | ||
|
|
||
| //encryption = new Encryption("the machine key"); | ||
|
|
||
|
There was a problem hiding this comment. Did you mean to leave this comment in the code? |
||
| Configuration configuration = ConfigurationManager.OpenExeConfiguration(ConfigurationUserLevel.None); | ||
| baseURL = configuration.AppSettings.Settings["BaseURL"].Value; | ||
| computerKey = configuration.AppSettings.Settings["ComputerKey"].Value; | ||
|
|
@@ -122,8 +125,16 @@ private void game_start_timer_Tick(object sender, EventArgs e) | |
| public void SetConfigValue(string key, string value) | ||
| { | ||
| Configuration configuration = ConfigurationManager.OpenExeConfiguration(ConfigurationUserLevel.None); | ||
|
|
||
| if(key == "Secret") | ||
| { | ||
| //string encryptedValue = encryption.Encrypt(value); | ||
|
There was a problem hiding this comment. did you mean to leave this comment in the code? |
||
| string encryptedValue = MachineKeyEncryption.Protect(value, "Secret"); | ||
|
There was a problem hiding this comment. The "Secret" part here should be something more unique. Possibly something like There was a problem hiding this comment. That makes sense, I'll adjust that There was a problem hiding this comment. Seems to be fixed in commit 92bb6e5 |
||
| value = encryptedValue; | ||
| } | ||
|
|
||
| configuration.AppSettings.Settings[key].Value = value; | ||
| //configuration.AppSettings.SectionInformation.ProtectSection(null); | ||
|
There was a problem hiding this comment. I promise I'm gonna stop leaving this comment after this, but... did you mean to leave this comment in the code? please keep thinking about it as you look at this PR in total, even though I've stopped commenting. |
||
| configuration.Save(); | ||
|
|
||
| ConfigurationManager.RefreshSection("appSettings"); | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -30,7 +30,13 @@ public StatusMessage StartGame(int id, bool install = false) | |
| string baseURL = ConfigurationManager.AppSettings["BaseURL"]; | ||
| string computerKey = ConfigurationManager.AppSettings["ComputerKey"]; | ||
| string secretKey = ConfigurationManager.AppSettings["Secret"]; | ||
|
|
||
| // We must decrypt the secret key using the machine key | ||
| //machineKeyEncryption = new Encryption("the machine key"); | ||
| secretKey = MachineKeyEncryption.UnProtect(secretKey, "Secret"); | ||
|
There was a problem hiding this comment. The "Secret" here should match the one you changed in "SetConfigValue" - It shouldn't work if they are different. There was a problem hiding this comment. Ahh, I missed that. I edited the function call to match in a145cf0 and it seems to be functioning now. |
||
|
|
||
| // Then, we can Encrypt/Decrypt using that decrypted secret key | ||
| encryption = new Encryption(secretKey); | ||
|
|
||
| string URL = $"{baseURL}/game/checkout/{id}"; | ||
| SteamGame game = gc.GetSteamLogin(id, URL, computerKey, ""); | ||
|
|
||
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This class is added to provide a different encryption method for hiding the secret key, locally, on the client machine. The "Protect" and "UnProtect" methods are used for encrypting and decrypting the secret key using the machine key, instead of using RSA.