Encrypted server-side responses
This commit is contained in:
@@ -35,10 +35,10 @@ public class AccountChangePassword : MonoBehaviour
|
||||
return;
|
||||
}
|
||||
WWWForm dataForm = new();
|
||||
dataForm.AddField("inputPassword", SensitiveInfo.Encrypt(changePasswordCurrentPasswordInput.text));
|
||||
dataForm.AddField("inputNewPassword", SensitiveInfo.Encrypt(changePasswordNewPasswordInput.text));
|
||||
dataForm.AddField("session", SensitiveInfo.Encrypt(PlayerPrefs.GetString("gameSession")));
|
||||
dataForm.AddField("userName", SensitiveInfo.Encrypt(PlayerPrefs.GetString("userName")));
|
||||
dataForm.AddField("inputPassword", SensitiveInfo.Encrypt(changePasswordCurrentPasswordInput.text, SensitiveInfo.SERVER_SEND_TRANSFER_KEY));
|
||||
dataForm.AddField("inputNewPassword", SensitiveInfo.Encrypt(changePasswordNewPasswordInput.text, SensitiveInfo.SERVER_SEND_TRANSFER_KEY));
|
||||
dataForm.AddField("session", SensitiveInfo.Encrypt(PlayerPrefs.GetString("gameSession"), SensitiveInfo.SERVER_SEND_TRANSFER_KEY));
|
||||
dataForm.AddField("userName", SensitiveInfo.Encrypt(PlayerPrefs.GetString("userName"), SensitiveInfo.SERVER_SEND_TRANSFER_KEY));
|
||||
using UnityWebRequest request = UnityWebRequest.Post(SensitiveInfo.SERVER_DATABASE_PREFIX + "changeAccountPassword.php", dataForm);
|
||||
request.SetRequestHeader("User-Agent", "BerryDashClient");
|
||||
request.SetRequestHeader("ClientVersion", Application.version);
|
||||
@@ -49,7 +49,7 @@ public class AccountChangePassword : MonoBehaviour
|
||||
AccountHandler.UpdateStatusText(changePasswordStatusText, "Failed to make HTTP request", Color.red);
|
||||
return;
|
||||
}
|
||||
string response = request.downloadHandler.text;
|
||||
string response = SensitiveInfo.Decrypt(request.downloadHandler.text, SensitiveInfo.SERVER_RECEIVE_TRANSFER_KEY);
|
||||
switch (response)
|
||||
{
|
||||
case "-1":
|
||||
|
||||
@@ -27,10 +27,10 @@ public class AccountChangeUsername : MonoBehaviour
|
||||
async void ChangeUsername()
|
||||
{
|
||||
WWWForm dataForm = new();
|
||||
dataForm.AddField("inputUserName", SensitiveInfo.Encrypt(changeUsernameCurrentUsernameInput.text));
|
||||
dataForm.AddField("inputNewUserName", SensitiveInfo.Encrypt(changeUsernameNewUsernameInput.text));
|
||||
dataForm.AddField("session", SensitiveInfo.Encrypt(PlayerPrefs.GetString("gameSession")));
|
||||
dataForm.AddField("userName", SensitiveInfo.Encrypt(PlayerPrefs.GetString("userName")));
|
||||
dataForm.AddField("inputUserName", SensitiveInfo.Encrypt(changeUsernameCurrentUsernameInput.text, SensitiveInfo.SERVER_SEND_TRANSFER_KEY));
|
||||
dataForm.AddField("inputNewUserName", SensitiveInfo.Encrypt(changeUsernameNewUsernameInput.text, SensitiveInfo.SERVER_SEND_TRANSFER_KEY));
|
||||
dataForm.AddField("session", SensitiveInfo.Encrypt(PlayerPrefs.GetString("gameSession"), SensitiveInfo.SERVER_SEND_TRANSFER_KEY));
|
||||
dataForm.AddField("userName", SensitiveInfo.Encrypt(PlayerPrefs.GetString("userName"), SensitiveInfo.SERVER_SEND_TRANSFER_KEY));
|
||||
using UnityWebRequest request = UnityWebRequest.Post(SensitiveInfo.SERVER_DATABASE_PREFIX + "changeAccountUsername.php", dataForm);
|
||||
request.SetRequestHeader("User-Agent", "BerryDashClient");
|
||||
request.SetRequestHeader("ClientVersion", Application.version);
|
||||
@@ -41,7 +41,7 @@ public class AccountChangeUsername : MonoBehaviour
|
||||
AccountHandler.UpdateStatusText(changeUsernameStatusText, "Failed to make HTTP request", Color.red);
|
||||
return;
|
||||
}
|
||||
string response = request.downloadHandler.text;
|
||||
string response = SensitiveInfo.Decrypt(request.downloadHandler.text, SensitiveInfo.SERVER_RECEIVE_TRANSFER_KEY);
|
||||
switch (response)
|
||||
{
|
||||
case "1":
|
||||
|
||||
@@ -38,11 +38,11 @@ public class AccountLoggedIn : MonoBehaviour
|
||||
loggedInLoadButton.interactable = false;
|
||||
loggedInSaveButton.interactable = false;
|
||||
WWWForm dataForm = new();
|
||||
dataForm.AddField("userName", SensitiveInfo.Encrypt(PlayerPrefs.GetString("userName", "")));
|
||||
dataForm.AddField("gameSession", SensitiveInfo.Encrypt(PlayerPrefs.GetString("gameSession", "")));
|
||||
dataForm.AddField("highScore", SensitiveInfo.Encrypt(PlayerPrefs.GetString("HighScoreV2", "0")));
|
||||
dataForm.AddField("icon", SensitiveInfo.Encrypt(PlayerPrefs.GetInt("icon", 1).ToString()));
|
||||
dataForm.AddField("overlay", SensitiveInfo.Encrypt(PlayerPrefs.GetInt("overlay", 0).ToString()));
|
||||
dataForm.AddField("userName", SensitiveInfo.Encrypt(PlayerPrefs.GetString("userName", ""), SensitiveInfo.SERVER_SEND_TRANSFER_KEY));
|
||||
dataForm.AddField("gameSession", SensitiveInfo.Encrypt(PlayerPrefs.GetString("gameSession", ""), SensitiveInfo.SERVER_SEND_TRANSFER_KEY));
|
||||
dataForm.AddField("highScore", SensitiveInfo.Encrypt(PlayerPrefs.GetString("HighScoreV2", "0"), SensitiveInfo.SERVER_SEND_TRANSFER_KEY));
|
||||
dataForm.AddField("icon", SensitiveInfo.Encrypt(PlayerPrefs.GetInt("icon", 1).ToString(), SensitiveInfo.SERVER_SEND_TRANSFER_KEY));
|
||||
dataForm.AddField("overlay", SensitiveInfo.Encrypt(PlayerPrefs.GetInt("overlay", 0).ToString(), SensitiveInfo.SERVER_SEND_TRANSFER_KEY));
|
||||
using UnityWebRequest request = UnityWebRequest.Post(SensitiveInfo.SERVER_DATABASE_PREFIX + "saveAccount.php", dataForm);
|
||||
request.SetRequestHeader("User-Agent", "BerryDashClient");
|
||||
request.SetRequestHeader("ClientVersion", Application.version);
|
||||
@@ -53,7 +53,7 @@ public class AccountLoggedIn : MonoBehaviour
|
||||
AccountHandler.UpdateStatusText(loggedInText, "Failed to make HTTP request", Color.red);
|
||||
return;
|
||||
}
|
||||
string response = request.downloadHandler.text;
|
||||
string response = SensitiveInfo.Decrypt(request.downloadHandler.text, SensitiveInfo.SERVER_RECEIVE_TRANSFER_KEY);
|
||||
switch (response)
|
||||
{
|
||||
case "1":
|
||||
@@ -78,8 +78,8 @@ public class AccountLoggedIn : MonoBehaviour
|
||||
loggedInLoadButton.interactable = false;
|
||||
loggedInSaveButton.interactable = false;
|
||||
WWWForm dataForm = new();
|
||||
dataForm.AddField("userName", SensitiveInfo.Encrypt(PlayerPrefs.GetString("userName", "")));
|
||||
dataForm.AddField("gameSession", SensitiveInfo.Encrypt(PlayerPrefs.GetString("gameSession", "")));
|
||||
dataForm.AddField("userName", SensitiveInfo.Encrypt(PlayerPrefs.GetString("userName", ""), SensitiveInfo.SERVER_SEND_TRANSFER_KEY));
|
||||
dataForm.AddField("gameSession", SensitiveInfo.Encrypt(PlayerPrefs.GetString("gameSession", ""), SensitiveInfo.SERVER_SEND_TRANSFER_KEY));
|
||||
using UnityWebRequest request = UnityWebRequest.Post(SensitiveInfo.SERVER_DATABASE_PREFIX + "loadAccount.php", dataForm);
|
||||
request.SetRequestHeader("User-Agent", "BerryDashClient");
|
||||
request.SetRequestHeader("ClientVersion", Application.version);
|
||||
@@ -90,7 +90,7 @@ public class AccountLoggedIn : MonoBehaviour
|
||||
AccountHandler.UpdateStatusText(loggedInText, "Failed to make HTTP request", Color.red);
|
||||
return;
|
||||
}
|
||||
string response = request.downloadHandler.text;
|
||||
string response = SensitiveInfo.Decrypt(request.downloadHandler.text, SensitiveInfo.SERVER_RECEIVE_TRANSFER_KEY);
|
||||
switch (response)
|
||||
{
|
||||
case "-1":
|
||||
|
||||
@@ -28,10 +28,10 @@ public class AccountLogin : MonoBehaviour
|
||||
async void SubmitLogin()
|
||||
{
|
||||
WWWForm dataForm = new();
|
||||
dataForm.AddField("username", SensitiveInfo.Encrypt(loginUsernameInput.text));
|
||||
dataForm.AddField("password", SensitiveInfo.Encrypt(loginPasswordInput.text));
|
||||
dataForm.AddField("currentHighScore", SensitiveInfo.Encrypt(PlayerPrefs.GetString("HighScoreV2", "0")));
|
||||
dataForm.AddField("loginType", SensitiveInfo.Encrypt("0"));
|
||||
dataForm.AddField("username", SensitiveInfo.Encrypt(loginUsernameInput.text, SensitiveInfo.SERVER_SEND_TRANSFER_KEY));
|
||||
dataForm.AddField("password", SensitiveInfo.Encrypt(loginPasswordInput.text, SensitiveInfo.SERVER_SEND_TRANSFER_KEY));
|
||||
dataForm.AddField("currentHighScore", SensitiveInfo.Encrypt(PlayerPrefs.GetString("HighScoreV2", "0"), SensitiveInfo.SERVER_SEND_TRANSFER_KEY));
|
||||
dataForm.AddField("loginType", SensitiveInfo.Encrypt("0", SensitiveInfo.SERVER_SEND_TRANSFER_KEY)); //Yes.
|
||||
using UnityWebRequest request = UnityWebRequest.Post(SensitiveInfo.SERVER_DATABASE_PREFIX + "loginAccount.php", dataForm);
|
||||
request.SetRequestHeader("User-Agent", "BerryDashClient");
|
||||
request.SetRequestHeader("ClientVersion", Application.version);
|
||||
@@ -42,7 +42,7 @@ public class AccountLogin : MonoBehaviour
|
||||
AccountHandler.UpdateStatusText(loginPanelStatusText, "Failed to make HTTP request", Color.red);
|
||||
return;
|
||||
}
|
||||
string response = request.downloadHandler.text;
|
||||
string response = SensitiveInfo.Decrypt(request.downloadHandler.text, SensitiveInfo.SERVER_RECEIVE_TRANSFER_KEY);
|
||||
if (response != "-1")
|
||||
{
|
||||
if (response == "-2")
|
||||
|
||||
@@ -26,9 +26,9 @@ public class AccountRefreshLogin : MonoBehaviour
|
||||
async void RefreshLogin()
|
||||
{
|
||||
WWWForm dataForm = new();
|
||||
dataForm.AddField("username", SensitiveInfo.Encrypt(refreshLoginUsernameInput.text));
|
||||
dataForm.AddField("password", SensitiveInfo.Encrypt(refreshLoginPasswordInput.text));
|
||||
dataForm.AddField("loginType", SensitiveInfo.Encrypt("1"));
|
||||
dataForm.AddField("username", SensitiveInfo.Encrypt(refreshLoginUsernameInput.text, SensitiveInfo.SERVER_SEND_TRANSFER_KEY));
|
||||
dataForm.AddField("password", SensitiveInfo.Encrypt(refreshLoginPasswordInput.text, SensitiveInfo.SERVER_SEND_TRANSFER_KEY));
|
||||
dataForm.AddField("loginType", SensitiveInfo.Encrypt("1", SensitiveInfo.SERVER_SEND_TRANSFER_KEY)); //Yes II
|
||||
using UnityWebRequest request = UnityWebRequest.Post(SensitiveInfo.SERVER_DATABASE_PREFIX + "loginAccount.php", dataForm);
|
||||
request.SetRequestHeader("User-Agent", "BerryDashClient");
|
||||
request.SetRequestHeader("ClientVersion", Application.version);
|
||||
@@ -39,7 +39,7 @@ public class AccountRefreshLogin : MonoBehaviour
|
||||
AccountHandler.UpdateStatusText(refreshLoginStatusText, "Failed to make HTTP request", Color.red);
|
||||
return;
|
||||
}
|
||||
string response = request.downloadHandler.text;
|
||||
string response = SensitiveInfo.Decrypt(request.downloadHandler.text, SensitiveInfo.SERVER_RECEIVE_TRANSFER_KEY);
|
||||
if (response != "-1")
|
||||
{
|
||||
if (response == "-2")
|
||||
|
||||
@@ -50,9 +50,9 @@ public class AccountRegister : MonoBehaviour
|
||||
return;
|
||||
}
|
||||
WWWForm dataForm = new();
|
||||
dataForm.AddField("username", SensitiveInfo.Encrypt(registerUsernameInput.text));
|
||||
dataForm.AddField("email", SensitiveInfo.Encrypt(registerEmailInput.text));
|
||||
dataForm.AddField("password", SensitiveInfo.Encrypt(registerPasswordInput.text));
|
||||
dataForm.AddField("username", SensitiveInfo.Encrypt(registerUsernameInput.text, SensitiveInfo.SERVER_SEND_TRANSFER_KEY));
|
||||
dataForm.AddField("email", SensitiveInfo.Encrypt(registerEmailInput.text, SensitiveInfo.SERVER_SEND_TRANSFER_KEY));
|
||||
dataForm.AddField("password", SensitiveInfo.Encrypt(registerPasswordInput.text, SensitiveInfo.SERVER_SEND_TRANSFER_KEY));
|
||||
using UnityWebRequest request = UnityWebRequest.Post(SensitiveInfo.SERVER_DATABASE_PREFIX + "registerAccount.php", dataForm);
|
||||
request.SetRequestHeader("User-Agent", "BerryDashClient");
|
||||
request.SetRequestHeader("ClientVersion", Application.version);
|
||||
@@ -63,7 +63,7 @@ public class AccountRegister : MonoBehaviour
|
||||
AccountHandler.UpdateStatusText(registerPanelStatusText, "Failed to make HTTP request", Color.red);
|
||||
return;
|
||||
}
|
||||
string response = request.downloadHandler.text;
|
||||
string response = SensitiveInfo.Decrypt(request.downloadHandler.text, SensitiveInfo.SERVER_RECEIVE_TRANSFER_KEY);
|
||||
switch (response)
|
||||
{
|
||||
case "1":
|
||||
|
||||
@@ -45,7 +45,7 @@ public class LeaderboardsMenu : MonoBehaviour
|
||||
}
|
||||
UpdateStatus(true, "Loading...");
|
||||
WWWForm dataForm = new();
|
||||
dataForm.AddField("showAmount", SensitiveInfo.Encrypt(showAmount.ToString()));
|
||||
dataForm.AddField("showAmount", SensitiveInfo.Encrypt(showAmount.ToString(), SensitiveInfo.SERVER_SEND_TRANSFER_KEY));
|
||||
using UnityWebRequest request = UnityWebRequest.Post(SensitiveInfo.SERVER_DATABASE_PREFIX + "getTopPlayers.php", dataForm);
|
||||
request.SetRequestHeader("User-Agent", "BerryDashClient");
|
||||
request.SetRequestHeader("ClientVersion", Application.version);
|
||||
@@ -53,7 +53,7 @@ public class LeaderboardsMenu : MonoBehaviour
|
||||
if (request.result == UnityWebRequest.Result.Success)
|
||||
{
|
||||
UpdateStatus(false);
|
||||
string response = request.downloadHandler.text;
|
||||
string response = SensitiveInfo.Decrypt(request.downloadHandler.text, SensitiveInfo.SERVER_RECEIVE_TRANSFER_KEY);
|
||||
if (response == "-999")
|
||||
{
|
||||
UpdateStatus(true, "Server error while fetching data");
|
||||
|
||||
@@ -6,12 +6,13 @@ using System.Text;
|
||||
public class SensitiveInfo
|
||||
{
|
||||
public static readonly string SERVER_DATABASE_PREFIX = "https://berrydash.lncvrt.xyz/database/";
|
||||
private static readonly string SERVER_TRANSFER_KEY = "";
|
||||
public static readonly string SERVER_RECEIVE_TRANSFER_KEY = "";
|
||||
public static readonly string SERVER_SEND_TRANSFER_KEY = "";
|
||||
|
||||
public static string Encrypt(string plainText)
|
||||
public static string Encrypt(string plainText, string key)
|
||||
{
|
||||
using Aes aes = Aes.Create();
|
||||
aes.Key = Encoding.UTF8.GetBytes(SERVER_TRANSFER_KEY);
|
||||
aes.Key = Encoding.UTF8.GetBytes(key);
|
||||
aes.Mode = CipherMode.CBC;
|
||||
aes.Padding = PaddingMode.PKCS7;
|
||||
aes.GenerateIV();
|
||||
@@ -28,11 +29,11 @@ public class SensitiveInfo
|
||||
return Convert.ToBase64String(ms.ToArray());
|
||||
}
|
||||
|
||||
public static string Decrypt(string dataB64)
|
||||
public static string Decrypt(string dataB64, string key)
|
||||
{
|
||||
var data = Convert.FromBase64String(dataB64);
|
||||
using Aes aes = Aes.Create();
|
||||
aes.Key = Encoding.UTF8.GetBytes(SERVER_TRANSFER_KEY);
|
||||
aes.Key = Encoding.UTF8.GetBytes(key);
|
||||
aes.Mode = CipherMode.CBC;
|
||||
aes.Padding = PaddingMode.PKCS7;
|
||||
|
||||
|
||||
Reference in New Issue
Block a user