-
Notifications
You must be signed in to change notification settings - Fork 3
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
WIP Use machine key for encryption instead of ProtectSection() #22
base: master
Are you sure you want to change the base?
Changes from 3 commits
eece64e
6b0ead3
2ca4249
92bb6e5
f047277
a145cf0
288575c
27bf288
44323e7
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -6,6 +6,7 @@ | |
using System.Linq; | ||
using System.Reflection; | ||
using System.Windows.Forms; | ||
using LauncherServerClasses; | ||
|
||
namespace LauncherClient | ||
{ | ||
|
@@ -32,6 +33,8 @@ public Launcher() | |
host = new ApiHost(); | ||
host.StartHost(); | ||
|
||
//encryption = new Encryption("the machine key"); | ||
|
||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Did you mean to leave this comment in the code? |
||
Configuration configuration = ConfigurationManager.OpenExeConfiguration(ConfigurationUserLevel.None); | ||
baseURL = configuration.AppSettings.Settings["BaseURL"].Value; | ||
computerKey = configuration.AppSettings.Settings["ComputerKey"].Value; | ||
|
@@ -122,8 +125,16 @@ private void game_start_timer_Tick(object sender, EventArgs e) | |
public void SetConfigValue(string key, string value) | ||
{ | ||
Configuration configuration = ConfigurationManager.OpenExeConfiguration(ConfigurationUserLevel.None); | ||
|
||
if(key == "Secret") | ||
{ | ||
//string encryptedValue = encryption.Encrypt(value); | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. did you mean to leave this comment in the code? |
||
string encryptedValue = MachineKeyEncryption.Protect(value, "Secret"); | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. The "Secret" part here should be something more unique. Possibly something like There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. That makes sense, I'll adjust that There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Seems to be fixed in commit 92bb6e5 |
||
value = encryptedValue; | ||
} | ||
|
||
configuration.AppSettings.Settings[key].Value = value; | ||
configuration.AppSettings.SectionInformation.ProtectSection(null); | ||
//configuration.AppSettings.SectionInformation.ProtectSection(null); | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I promise I'm gonna stop leaving this comment after this, but... did you mean to leave this comment in the code? please keep thinking about it as you look at this PR in total, even though I've stopped commenting. |
||
configuration.Save(); | ||
|
||
ConfigurationManager.RefreshSection("appSettings"); | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -66,7 +66,7 @@ | |
<ApplicationManifest>Properties\app.manifest</ApplicationManifest> | ||
</PropertyGroup> | ||
<PropertyGroup> | ||
<SignManifests>true</SignManifests> | ||
<SignManifests>false</SignManifests> | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. what does this change do? |
||
</PropertyGroup> | ||
<ItemGroup> | ||
<Reference Include="Microsoft.Owin, Version=3.1.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL"> | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -30,7 +30,13 @@ public StatusMessage StartGame(int id, bool install = false) | |
string baseURL = ConfigurationManager.AppSettings["BaseURL"]; | ||
string computerKey = ConfigurationManager.AppSettings["ComputerKey"]; | ||
string secretKey = ConfigurationManager.AppSettings["Secret"]; | ||
encryption = new Encryption(secretKey); | ||
|
||
// We must decrypt the secret key using the machine key | ||
//machineKeyEncryption = new Encryption("the machine key"); | ||
secretKey = MachineKeyEncryption.UnProtect(secretKey, "Secret"); | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. The "Secret" here should match the one you changed in "SetConfigValue" - It shouldn't work if they are different. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Ahh, I missed that. I edited the function call to match in a145cf0 and it seems to be functioning now. |
||
|
||
// Then, we can Encrypt/Decrypt using that decrypted secret key | ||
encryption = new Encryption(secretKey); | ||
|
||
string URL = $"{baseURL}/game/checkout/{id}"; | ||
SteamGame game = gc.GetSteamLogin(id, URL, computerKey, ""); | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This class is added to provide a different encryption method for hiding the secret key, locally, on the client machine. The "Protect" and "UnProtect" methods are used for encrypting and decrypting the secret key using the machine key, instead of using RSA.