diff --git a/Assets/Scripts/AccountMenu/AccountChangePassword.cs b/Assets/Scripts/AccountMenu/AccountChangePassword.cs index 2f9cdbc..5d6391b 100644 --- a/Assets/Scripts/AccountMenu/AccountChangePassword.cs +++ b/Assets/Scripts/AccountMenu/AccountChangePassword.cs @@ -35,10 +35,10 @@ public class AccountChangePassword : MonoBehaviour return; } WWWForm dataForm = new(); - dataForm.AddField("inputPassword", SensitiveInfo.Encrypt(changePasswordCurrentPasswordInput.text)); - dataForm.AddField("inputNewPassword", SensitiveInfo.Encrypt(changePasswordNewPasswordInput.text)); - dataForm.AddField("session", SensitiveInfo.Encrypt(PlayerPrefs.GetString("gameSession"))); - dataForm.AddField("userName", SensitiveInfo.Encrypt(PlayerPrefs.GetString("userName"))); + dataForm.AddField("inputPassword", SensitiveInfo.Encrypt(changePasswordCurrentPasswordInput.text, SensitiveInfo.SERVER_SEND_TRANSFER_KEY)); + dataForm.AddField("inputNewPassword", SensitiveInfo.Encrypt(changePasswordNewPasswordInput.text, SensitiveInfo.SERVER_SEND_TRANSFER_KEY)); + dataForm.AddField("session", SensitiveInfo.Encrypt(PlayerPrefs.GetString("gameSession"), SensitiveInfo.SERVER_SEND_TRANSFER_KEY)); + dataForm.AddField("userName", SensitiveInfo.Encrypt(PlayerPrefs.GetString("userName"), SensitiveInfo.SERVER_SEND_TRANSFER_KEY)); using UnityWebRequest request = UnityWebRequest.Post(SensitiveInfo.SERVER_DATABASE_PREFIX + "changeAccountPassword.php", dataForm); request.SetRequestHeader("User-Agent", "BerryDashClient"); request.SetRequestHeader("ClientVersion", Application.version); @@ -49,7 +49,7 @@ public class AccountChangePassword : MonoBehaviour AccountHandler.UpdateStatusText(changePasswordStatusText, "Failed to make HTTP request", Color.red); return; } - string response = request.downloadHandler.text; + string response = SensitiveInfo.Decrypt(request.downloadHandler.text, SensitiveInfo.SERVER_RECEIVE_TRANSFER_KEY); switch (response) { case "-1": diff --git a/Assets/Scripts/AccountMenu/AccountChangeUsername.cs b/Assets/Scripts/AccountMenu/AccountChangeUsername.cs index cb469cd..7d46de1 100644 --- a/Assets/Scripts/AccountMenu/AccountChangeUsername.cs +++ b/Assets/Scripts/AccountMenu/AccountChangeUsername.cs @@ -27,10 +27,10 @@ public class AccountChangeUsername : MonoBehaviour async void ChangeUsername() { WWWForm dataForm = new(); - dataForm.AddField("inputUserName", SensitiveInfo.Encrypt(changeUsernameCurrentUsernameInput.text)); - dataForm.AddField("inputNewUserName", SensitiveInfo.Encrypt(changeUsernameNewUsernameInput.text)); - dataForm.AddField("session", SensitiveInfo.Encrypt(PlayerPrefs.GetString("gameSession"))); - dataForm.AddField("userName", SensitiveInfo.Encrypt(PlayerPrefs.GetString("userName"))); + dataForm.AddField("inputUserName", SensitiveInfo.Encrypt(changeUsernameCurrentUsernameInput.text, SensitiveInfo.SERVER_SEND_TRANSFER_KEY)); + dataForm.AddField("inputNewUserName", SensitiveInfo.Encrypt(changeUsernameNewUsernameInput.text, SensitiveInfo.SERVER_SEND_TRANSFER_KEY)); + dataForm.AddField("session", SensitiveInfo.Encrypt(PlayerPrefs.GetString("gameSession"), SensitiveInfo.SERVER_SEND_TRANSFER_KEY)); + dataForm.AddField("userName", SensitiveInfo.Encrypt(PlayerPrefs.GetString("userName"), SensitiveInfo.SERVER_SEND_TRANSFER_KEY)); using UnityWebRequest request = UnityWebRequest.Post(SensitiveInfo.SERVER_DATABASE_PREFIX + "changeAccountUsername.php", dataForm); request.SetRequestHeader("User-Agent", "BerryDashClient"); request.SetRequestHeader("ClientVersion", Application.version); @@ -41,7 +41,7 @@ public class AccountChangeUsername : MonoBehaviour AccountHandler.UpdateStatusText(changeUsernameStatusText, "Failed to make HTTP request", Color.red); return; } - string response = request.downloadHandler.text; + string response = SensitiveInfo.Decrypt(request.downloadHandler.text, SensitiveInfo.SERVER_RECEIVE_TRANSFER_KEY); switch (response) { case "1": diff --git a/Assets/Scripts/AccountMenu/AccountLoggedIn.cs b/Assets/Scripts/AccountMenu/AccountLoggedIn.cs index 2565554..99a0347 100644 --- a/Assets/Scripts/AccountMenu/AccountLoggedIn.cs +++ b/Assets/Scripts/AccountMenu/AccountLoggedIn.cs @@ -38,11 +38,11 @@ public class AccountLoggedIn : MonoBehaviour loggedInLoadButton.interactable = false; loggedInSaveButton.interactable = false; WWWForm dataForm = new(); - dataForm.AddField("userName", SensitiveInfo.Encrypt(PlayerPrefs.GetString("userName", ""))); - dataForm.AddField("gameSession", SensitiveInfo.Encrypt(PlayerPrefs.GetString("gameSession", ""))); - dataForm.AddField("highScore", SensitiveInfo.Encrypt(PlayerPrefs.GetString("HighScoreV2", "0"))); - dataForm.AddField("icon", SensitiveInfo.Encrypt(PlayerPrefs.GetInt("icon", 1).ToString())); - dataForm.AddField("overlay", SensitiveInfo.Encrypt(PlayerPrefs.GetInt("overlay", 0).ToString())); + dataForm.AddField("userName", SensitiveInfo.Encrypt(PlayerPrefs.GetString("userName", ""), SensitiveInfo.SERVER_SEND_TRANSFER_KEY)); + dataForm.AddField("gameSession", SensitiveInfo.Encrypt(PlayerPrefs.GetString("gameSession", ""), SensitiveInfo.SERVER_SEND_TRANSFER_KEY)); + dataForm.AddField("highScore", SensitiveInfo.Encrypt(PlayerPrefs.GetString("HighScoreV2", "0"), SensitiveInfo.SERVER_SEND_TRANSFER_KEY)); + dataForm.AddField("icon", SensitiveInfo.Encrypt(PlayerPrefs.GetInt("icon", 1).ToString(), SensitiveInfo.SERVER_SEND_TRANSFER_KEY)); + dataForm.AddField("overlay", SensitiveInfo.Encrypt(PlayerPrefs.GetInt("overlay", 0).ToString(), SensitiveInfo.SERVER_SEND_TRANSFER_KEY)); using UnityWebRequest request = UnityWebRequest.Post(SensitiveInfo.SERVER_DATABASE_PREFIX + "saveAccount.php", dataForm); request.SetRequestHeader("User-Agent", "BerryDashClient"); request.SetRequestHeader("ClientVersion", Application.version); @@ -53,7 +53,7 @@ public class AccountLoggedIn : MonoBehaviour AccountHandler.UpdateStatusText(loggedInText, "Failed to make HTTP request", Color.red); return; } - string response = request.downloadHandler.text; + string response = SensitiveInfo.Decrypt(request.downloadHandler.text, SensitiveInfo.SERVER_RECEIVE_TRANSFER_KEY); switch (response) { case "1": @@ -78,8 +78,8 @@ public class AccountLoggedIn : MonoBehaviour loggedInLoadButton.interactable = false; loggedInSaveButton.interactable = false; WWWForm dataForm = new(); - dataForm.AddField("userName", SensitiveInfo.Encrypt(PlayerPrefs.GetString("userName", ""))); - dataForm.AddField("gameSession", SensitiveInfo.Encrypt(PlayerPrefs.GetString("gameSession", ""))); + dataForm.AddField("userName", SensitiveInfo.Encrypt(PlayerPrefs.GetString("userName", ""), SensitiveInfo.SERVER_SEND_TRANSFER_KEY)); + dataForm.AddField("gameSession", SensitiveInfo.Encrypt(PlayerPrefs.GetString("gameSession", ""), SensitiveInfo.SERVER_SEND_TRANSFER_KEY)); using UnityWebRequest request = UnityWebRequest.Post(SensitiveInfo.SERVER_DATABASE_PREFIX + "loadAccount.php", dataForm); request.SetRequestHeader("User-Agent", "BerryDashClient"); request.SetRequestHeader("ClientVersion", Application.version); @@ -90,7 +90,7 @@ public class AccountLoggedIn : MonoBehaviour AccountHandler.UpdateStatusText(loggedInText, "Failed to make HTTP request", Color.red); return; } - string response = request.downloadHandler.text; + string response = SensitiveInfo.Decrypt(request.downloadHandler.text, SensitiveInfo.SERVER_RECEIVE_TRANSFER_KEY); switch (response) { case "-1": diff --git a/Assets/Scripts/AccountMenu/AccountLogin.cs b/Assets/Scripts/AccountMenu/AccountLogin.cs index 7aaeac9..9a92fb7 100644 --- a/Assets/Scripts/AccountMenu/AccountLogin.cs +++ b/Assets/Scripts/AccountMenu/AccountLogin.cs @@ -28,10 +28,10 @@ public class AccountLogin : MonoBehaviour async void SubmitLogin() { WWWForm dataForm = new(); - dataForm.AddField("username", SensitiveInfo.Encrypt(loginUsernameInput.text)); - dataForm.AddField("password", SensitiveInfo.Encrypt(loginPasswordInput.text)); - dataForm.AddField("currentHighScore", SensitiveInfo.Encrypt(PlayerPrefs.GetString("HighScoreV2", "0"))); - dataForm.AddField("loginType", SensitiveInfo.Encrypt("0")); + dataForm.AddField("username", SensitiveInfo.Encrypt(loginUsernameInput.text, SensitiveInfo.SERVER_SEND_TRANSFER_KEY)); + dataForm.AddField("password", SensitiveInfo.Encrypt(loginPasswordInput.text, SensitiveInfo.SERVER_SEND_TRANSFER_KEY)); + dataForm.AddField("currentHighScore", SensitiveInfo.Encrypt(PlayerPrefs.GetString("HighScoreV2", "0"), SensitiveInfo.SERVER_SEND_TRANSFER_KEY)); + dataForm.AddField("loginType", SensitiveInfo.Encrypt("0", SensitiveInfo.SERVER_SEND_TRANSFER_KEY)); //Yes. using UnityWebRequest request = UnityWebRequest.Post(SensitiveInfo.SERVER_DATABASE_PREFIX + "loginAccount.php", dataForm); request.SetRequestHeader("User-Agent", "BerryDashClient"); request.SetRequestHeader("ClientVersion", Application.version); @@ -42,7 +42,7 @@ public class AccountLogin : MonoBehaviour AccountHandler.UpdateStatusText(loginPanelStatusText, "Failed to make HTTP request", Color.red); return; } - string response = request.downloadHandler.text; + string response = SensitiveInfo.Decrypt(request.downloadHandler.text, SensitiveInfo.SERVER_RECEIVE_TRANSFER_KEY); if (response != "-1") { if (response == "-2") diff --git a/Assets/Scripts/AccountMenu/AccountRefreshLogin.cs b/Assets/Scripts/AccountMenu/AccountRefreshLogin.cs index 58d54cb..8415560 100644 --- a/Assets/Scripts/AccountMenu/AccountRefreshLogin.cs +++ b/Assets/Scripts/AccountMenu/AccountRefreshLogin.cs @@ -26,9 +26,9 @@ public class AccountRefreshLogin : MonoBehaviour async void RefreshLogin() { WWWForm dataForm = new(); - dataForm.AddField("username", SensitiveInfo.Encrypt(refreshLoginUsernameInput.text)); - dataForm.AddField("password", SensitiveInfo.Encrypt(refreshLoginPasswordInput.text)); - dataForm.AddField("loginType", SensitiveInfo.Encrypt("1")); + dataForm.AddField("username", SensitiveInfo.Encrypt(refreshLoginUsernameInput.text, SensitiveInfo.SERVER_SEND_TRANSFER_KEY)); + dataForm.AddField("password", SensitiveInfo.Encrypt(refreshLoginPasswordInput.text, SensitiveInfo.SERVER_SEND_TRANSFER_KEY)); + dataForm.AddField("loginType", SensitiveInfo.Encrypt("1", SensitiveInfo.SERVER_SEND_TRANSFER_KEY)); //Yes II using UnityWebRequest request = UnityWebRequest.Post(SensitiveInfo.SERVER_DATABASE_PREFIX + "loginAccount.php", dataForm); request.SetRequestHeader("User-Agent", "BerryDashClient"); request.SetRequestHeader("ClientVersion", Application.version); @@ -39,7 +39,7 @@ public class AccountRefreshLogin : MonoBehaviour AccountHandler.UpdateStatusText(refreshLoginStatusText, "Failed to make HTTP request", Color.red); return; } - string response = request.downloadHandler.text; + string response = SensitiveInfo.Decrypt(request.downloadHandler.text, SensitiveInfo.SERVER_RECEIVE_TRANSFER_KEY); if (response != "-1") { if (response == "-2") diff --git a/Assets/Scripts/AccountMenu/AccountRegister.cs b/Assets/Scripts/AccountMenu/AccountRegister.cs index 240bd45..b9e4982 100644 --- a/Assets/Scripts/AccountMenu/AccountRegister.cs +++ b/Assets/Scripts/AccountMenu/AccountRegister.cs @@ -50,9 +50,9 @@ public class AccountRegister : MonoBehaviour return; } WWWForm dataForm = new(); - dataForm.AddField("username", SensitiveInfo.Encrypt(registerUsernameInput.text)); - dataForm.AddField("email", SensitiveInfo.Encrypt(registerEmailInput.text)); - dataForm.AddField("password", SensitiveInfo.Encrypt(registerPasswordInput.text)); + dataForm.AddField("username", SensitiveInfo.Encrypt(registerUsernameInput.text, SensitiveInfo.SERVER_SEND_TRANSFER_KEY)); + dataForm.AddField("email", SensitiveInfo.Encrypt(registerEmailInput.text, SensitiveInfo.SERVER_SEND_TRANSFER_KEY)); + dataForm.AddField("password", SensitiveInfo.Encrypt(registerPasswordInput.text, SensitiveInfo.SERVER_SEND_TRANSFER_KEY)); using UnityWebRequest request = UnityWebRequest.Post(SensitiveInfo.SERVER_DATABASE_PREFIX + "registerAccount.php", dataForm); request.SetRequestHeader("User-Agent", "BerryDashClient"); request.SetRequestHeader("ClientVersion", Application.version); @@ -63,7 +63,7 @@ public class AccountRegister : MonoBehaviour AccountHandler.UpdateStatusText(registerPanelStatusText, "Failed to make HTTP request", Color.red); return; } - string response = request.downloadHandler.text; + string response = SensitiveInfo.Decrypt(request.downloadHandler.text, SensitiveInfo.SERVER_RECEIVE_TRANSFER_KEY); switch (response) { case "1": diff --git a/Assets/Scripts/LeaderboardsMenu.cs b/Assets/Scripts/LeaderboardsMenu.cs index af6f5f5..25d1578 100644 --- a/Assets/Scripts/LeaderboardsMenu.cs +++ b/Assets/Scripts/LeaderboardsMenu.cs @@ -45,7 +45,7 @@ public class LeaderboardsMenu : MonoBehaviour } UpdateStatus(true, "Loading..."); WWWForm dataForm = new(); - dataForm.AddField("showAmount", SensitiveInfo.Encrypt(showAmount.ToString())); + dataForm.AddField("showAmount", SensitiveInfo.Encrypt(showAmount.ToString(), SensitiveInfo.SERVER_SEND_TRANSFER_KEY)); using UnityWebRequest request = UnityWebRequest.Post(SensitiveInfo.SERVER_DATABASE_PREFIX + "getTopPlayers.php", dataForm); request.SetRequestHeader("User-Agent", "BerryDashClient"); request.SetRequestHeader("ClientVersion", Application.version); @@ -53,7 +53,7 @@ public class LeaderboardsMenu : MonoBehaviour if (request.result == UnityWebRequest.Result.Success) { UpdateStatus(false); - string response = request.downloadHandler.text; + string response = SensitiveInfo.Decrypt(request.downloadHandler.text, SensitiveInfo.SERVER_RECEIVE_TRANSFER_KEY); if (response == "-999") { UpdateStatus(true, "Server error while fetching data"); diff --git a/Assets/Scripts/SensitiveInfo.cs b/Assets/Scripts/SensitiveInfo.cs index 2565154..0742e65 100644 --- a/Assets/Scripts/SensitiveInfo.cs +++ b/Assets/Scripts/SensitiveInfo.cs @@ -6,12 +6,13 @@ using System.Text; public class SensitiveInfo { public static readonly string SERVER_DATABASE_PREFIX = "https://berrydash.lncvrt.xyz/database/"; - private static readonly string SERVER_TRANSFER_KEY = ""; + public static readonly string SERVER_RECEIVE_TRANSFER_KEY = ""; + public static readonly string SERVER_SEND_TRANSFER_KEY = ""; - public static string Encrypt(string plainText) + public static string Encrypt(string plainText, string key) { using Aes aes = Aes.Create(); - aes.Key = Encoding.UTF8.GetBytes(SERVER_TRANSFER_KEY); + aes.Key = Encoding.UTF8.GetBytes(key); aes.Mode = CipherMode.CBC; aes.Padding = PaddingMode.PKCS7; aes.GenerateIV(); @@ -28,11 +29,11 @@ public class SensitiveInfo return Convert.ToBase64String(ms.ToArray()); } - public static string Decrypt(string dataB64) + public static string Decrypt(string dataB64, string key) { var data = Convert.FromBase64String(dataB64); using Aes aes = Aes.Create(); - aes.Key = Encoding.UTF8.GetBytes(SERVER_TRANSFER_KEY); + aes.Key = Encoding.UTF8.GetBytes(key); aes.Mode = CipherMode.CBC; aes.Padding = PaddingMode.PKCS7;