mirror of
https://github.com/GravitLauncher/Launcher
synced 2024-12-22 16:41:46 +03:00
[FEATURE] SecureAutogenConfig
This commit is contained in:
parent
05d5b72d05
commit
bcbc46238c
7 changed files with 81 additions and 16 deletions
|
@ -5,10 +5,12 @@
|
|||
|
||||
import org.bouncycastle.cert.X509CertificateHolder;
|
||||
|
||||
import pro.gravit.launcher.hwid.HWIDCheckHelper;
|
||||
import pro.gravit.launchserver.LaunchServer;
|
||||
import pro.gravit.launchserver.command.Command;
|
||||
import pro.gravit.launchserver.socket.handlers.NettyServerSocketHandler;
|
||||
import pro.gravit.utils.helper.CommonHelper;
|
||||
import pro.gravit.utils.helper.LogHelper;
|
||||
|
||||
public class TestCommand extends Command {
|
||||
public TestCommand(LaunchServer server) {
|
||||
|
@ -55,5 +57,9 @@ public void invoke(String... args) throws Exception {
|
|||
server.certificateManager.writePrivateKey(Paths.get(name.concat(".key")), pair.getPrivate());
|
||||
server.certificateManager.writeCertificate(Paths.get(name.concat(".crt")), cert);
|
||||
}
|
||||
if(args[0].equals("hwidcheck"))
|
||||
{
|
||||
LogHelper.info("HWID String %s bad rating %d", args[1], HWIDCheckHelper.checkString(args[1]));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -40,12 +40,6 @@ public static void main(String... args) throws Throwable {
|
|||
//if(!LauncherAgent.isStarted()) throw new SecurityException("JavaAgent not set");
|
||||
LogHelper.printVersion("Launcher");
|
||||
LogHelper.printLicense("Launcher");
|
||||
try {
|
||||
Security.addProvider(new BouncyCastleProvider());
|
||||
} catch (Exception ignored)
|
||||
{
|
||||
LogHelper.warning("BouncyCastle not found");
|
||||
}
|
||||
|
||||
LauncherEngine.modulesManager = new ClientModuleManager();
|
||||
LauncherConfig.getAutogenConfig().initModules();
|
||||
|
|
|
@ -4,12 +4,15 @@
|
|||
import java.nio.file.Path;
|
||||
import java.util.Collection;
|
||||
|
||||
import pro.gravit.launcher.Launcher;
|
||||
import pro.gravit.launcher.modules.LauncherModule;
|
||||
import pro.gravit.launcher.modules.impl.SimpleModuleManager;
|
||||
import pro.gravit.utils.verify.LauncherTrustManager;
|
||||
|
||||
public class ClientModuleManager extends SimpleModuleManager {
|
||||
public ClientModuleManager() {
|
||||
super(null, null);
|
||||
super(null, null, Launcher.getConfig().trustManager);
|
||||
checkMode = LauncherTrustManager.CheckMode.EXCEPTION_IN_NOT_SIGNED;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
@ -26,6 +29,13 @@ public void autoload(Path dir) throws IOException {
|
|||
public LauncherModule loadModule(Path file) throws IOException {
|
||||
throw new UnsupportedOperationException();
|
||||
}
|
||||
|
||||
@Override
|
||||
public LauncherModule loadModule(LauncherModule module) {
|
||||
checkModuleClass(module.getClass(), LauncherTrustManager.CheckMode.EXCEPTION_IN_NOT_SIGNED);
|
||||
return super.loadModule(module);
|
||||
}
|
||||
|
||||
public void callWrapper(ProcessBuilder processBuilder, Collection<String> jvmArgs)
|
||||
{
|
||||
for(LauncherModule module : modules)
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
package pro.gravit.launcher;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.security.cert.CertificateException;
|
||||
import java.security.interfaces.ECPrivateKey;
|
||||
import java.security.interfaces.ECPublicKey;
|
||||
import java.security.interfaces.RSAPublicKey;
|
||||
|
@ -16,9 +17,11 @@
|
|||
import pro.gravit.launcher.serialize.stream.StreamObject;
|
||||
import pro.gravit.utils.helper.SecurityHelper;
|
||||
import pro.gravit.utils.helper.VerifyHelper;
|
||||
import pro.gravit.utils.verify.LauncherTrustManager;
|
||||
|
||||
public final class LauncherConfig extends StreamObject {
|
||||
private static final AutogenConfig config = new AutogenConfig();
|
||||
private static final SecureAutogenConfig secureConfig = new SecureAutogenConfig();
|
||||
|
||||
|
||||
public static AutogenConfig getAutogenConfig() {
|
||||
|
@ -32,6 +35,7 @@ public static AutogenConfig getAutogenConfig() {
|
|||
public final int clientPort;
|
||||
public String secretKeyClient;
|
||||
public String oemUnlockKey;
|
||||
public final LauncherTrustManager trustManager;
|
||||
@LauncherAPI
|
||||
public final ECPublicKey publicKey;
|
||||
|
||||
|
@ -60,6 +64,11 @@ public LauncherConfig(HInput input) throws IOException, InvalidKeySpecException
|
|||
clientPort = config.clientPort;
|
||||
secretKeyClient = config.secretKeyClient;
|
||||
oemUnlockKey = config.oemUnlockKey;
|
||||
try {
|
||||
trustManager = new LauncherTrustManager(secureConfig.certificates);
|
||||
} catch (CertificateException e) {
|
||||
throw new IOException(e);
|
||||
}
|
||||
|
||||
isWarningMissArchJava = config.isWarningMissArchJava;
|
||||
guardLicenseEncryptKey = config.guardLicenseEncryptKey;
|
||||
|
@ -104,6 +113,7 @@ public LauncherConfig(String address, ECPublicKey publicKey, Map<String, byte[]>
|
|||
secureCheckSalt = null;
|
||||
secureCheckHash = null;
|
||||
passwordEncryptKey = null;
|
||||
trustManager = null;
|
||||
}
|
||||
|
||||
@LauncherAPI
|
||||
|
@ -123,6 +133,7 @@ public LauncherConfig(String address, ECPublicKey publicKey, Map<String, byte[]>
|
|||
secureCheckSalt = null;
|
||||
secureCheckHash = null;
|
||||
passwordEncryptKey = null;
|
||||
trustManager = null;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
@ -0,0 +1,44 @@
|
|||
package pro.gravit.launcher;
|
||||
|
||||
public class SecureAutogenConfig {
|
||||
public byte[][] certificates;
|
||||
|
||||
public SecureAutogenConfig() {
|
||||
//Пока не реализован SecureLauncherConfigurator
|
||||
certificates = new byte[][] {
|
||||
("-----BEGIN CERTIFICATE-----\n" +
|
||||
"MIIFyjCCA7KgAwIBAgIRALnsjNjfvOTXfla3fX1fNEUwDQYJKoZIhvcNAQELBQAw\n" +
|
||||
"WTELMAkGA1UEBhMCUlUxFzAVBgNVBAoTDkdyYXZpdFRydXN0IENBMRAwDgYDVQQL\n" +
|
||||
"EwdSb290IENBMR8wHQYDVQQDExZHcmF2aXQgQ2VudHJhbCBSb290IENBMCAXDTE5\n" +
|
||||
"MDYwOTAyNDIwMFoYDzIwNTEwNjA5MDI0MjAwWjBZMQswCQYDVQQGEwJSVTEXMBUG\n" +
|
||||
"A1UEChMOR3Jhdml0VHJ1c3QgQ0ExEDAOBgNVBAsTB1Jvb3QgQ0ExHzAdBgNVBAMT\n" +
|
||||
"FkdyYXZpdCBDZW50cmFsIFJvb3QgQ0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAw\n" +
|
||||
"ggIKAoICAQDA3Qm9OH8Xz3YM3bKkZuQI7T/aL3ulMOdY5GFADYgHrOVZXVSJi/4P\n" +
|
||||
"PruBsut4WXN6TGQdpJtNZ2kyWTYzENGTm/TMzBcIchor1M3JW5Uv/C0r5gSEU1uP\n" +
|
||||
"DPe7oEpeKtb3FXML/pGoGpLv/sonTKky4AKZnK7B15bZ+oVZNwh7UKANpNrVA8k5\n" +
|
||||
"0gb4BisFcegLidYL9Y00H1x5WzUxldQAA1IQuwdkL3NP0NPQrSVJ2Ka2EtebE2HP\n" +
|
||||
"fXHtbftvvnvSWyh4CXAxTfEmJgut0gSPQPm9wVt6pIWWd4O0hHwVmxkKQidgnP6A\n" +
|
||||
"+d05FnJGsBw0ztMCifIteqNiHF0D8E0GuSz6NtcuV47J3p43qkvKr2vPc8o6WMN8\n" +
|
||||
"PAb0eVHc/AX8qqOwYQyHlj4M0SDhCltHeeYRWmuZmRFIIelv6VAocaQLlPQrhJNp\n" +
|
||||
"feIzmXLy60a+84vpe/eQKQx+D8a1elarQkoHMxI7x/9AJvxcnJ4KuXc2rkiu3Zv9\n" +
|
||||
"KMhixtkLc+pA6jY023U211v+c20RjTqwKIZoMFc7BZipoinAOn1bdsTzXlhOMv1O\n" +
|
||||
"zj5WoW6DsQQONMZNyLQAkaX6SYZE/kQVJ9YMPhNdaXjxxzfrY05IrWAaWhtPbW8z\n" +
|
||||
"5nb4/JyO+bJq3v2rav9p03s8P/lQ4k/0af5vOkGkEO0+YKx97ZP8FQIDAQABo4GK\n" +
|
||||
"MIGHMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFFjMGCvHXAE/vGJih+Lfdo2s\n" +
|
||||
"YnzsMAsGA1UdDwQEAwIBBjA1BgNVHR8ELjAsMCqgKKAmhiRodHRwOi8vY2EuZ3Jh\n" +
|
||||
"dml0LnByby9jZW50cmFscm9vdC5jcmwwEQYJYIZIAYb4QgEBBAQDAgAHMA0GCSqG\n" +
|
||||
"SIb3DQEBCwUAA4ICAQAexCGpThx85skEllva1UskmdlRh3rud9u59AUiwNZF0b0I\n" +
|
||||
"+7eeyLNaLHarg2Zm30TSCF53ksyPTE5QNdmozs1fl3MddFqunkbUm4G6hwedZMSi\n" +
|
||||
"4IXIb2QK3z3gZG5ZNdHaDG2u00Jdkc39h3jQFp1rpn4+0DcnYJAe+lw5G+XHURY2\n" +
|
||||
"j15wcmUFp/Ywgw3pfCWmH5+rxq21e/LG8JiQrxekkFI2GUD+Qw7+Hq3o1Fgg3kfh\n" +
|
||||
"Lg4B5WEbEICQ1FC+dHYHasEI3q3c96Qpqu2k3pO0l1fr6Cys+AGjoI2WrgXkGlmA\n" +
|
||||
"F+Wi2ndoZbvspGAwxmrNMtLE3OYNuMXFF410QSPf4o9QqpGDC3a2mccTXb231a18\n" +
|
||||
"5vDJixeZpuzEm5ECXg8j6aj53X3rtm7C8yfOsg5UTKJJj+pSNz4YTp91IDHm0nTP\n" +
|
||||
"2KhrgS7jujgKdJn9xv07e/API3kLWkVmMwHBiaSCIaHOfAN0RJMQVV+YgnSp2sIa\n" +
|
||||
"OATWgSKH0qTkleE/v7k+USs0a+KV8wmC5wwliqH+uLO++yIP/9bjDctyLulQX5Ee\n" +
|
||||
"+EhD7tb1R/yyWY4uhkzlsr3N2Kl34aQAEBMn8Z1mHsyyu1FcbEaNLU8jcS3pHPVM\n" +
|
||||
"gQRn3m1iDnQlFciAMxW0pW6mW/4xKYzhXk5BTSolnqMVylxHgWXuBwdDDQQVnQ==\n" +
|
||||
"-----END CERTIFICATE-----").getBytes()
|
||||
};
|
||||
}
|
||||
}
|
|
@ -1,5 +1,7 @@
|
|||
package pro.gravit.launcher.hwid;
|
||||
|
||||
import pro.gravit.utils.helper.LogHelper;
|
||||
|
||||
public class HWIDCheckHelper {
|
||||
public static int checkString(String str)
|
||||
{
|
||||
|
@ -18,16 +20,15 @@ public static int checkString(String str)
|
|||
if(c == lastChar || Math.abs(c - lastChar) == 1 ||
|
||||
( ( lastChar == '0' || lastChar == '9' ) && ( c == 'A' || c == 'a' ))) //Переход с 0 или 9 на A или a
|
||||
{
|
||||
lastChar = c;
|
||||
combo++;
|
||||
}
|
||||
else
|
||||
{
|
||||
if(maxCombo < combo)
|
||||
maxCombo = combo;
|
||||
lastChar = c;
|
||||
combo = 1;
|
||||
}
|
||||
lastChar = c;
|
||||
if(maxCombo < combo)
|
||||
maxCombo = combo;
|
||||
int charType = getCharType(c);
|
||||
if(lastCharType == charType) {
|
||||
lastCharTypeCombo++;
|
||||
|
@ -56,6 +57,8 @@ public static int checkString(String str)
|
|||
}
|
||||
}
|
||||
//Считаем результат
|
||||
LogHelper.debug("HWID Checker maxCombo %d", maxCombo);
|
||||
LogHelper.debug("HWID Checker wtfCharTypeCombo %d", wtfCharTypeCombo);
|
||||
if(maxCombo > 3) result+= maxCombo * 3;
|
||||
if(wtfCharTypeCombo > 1) result+= wtfCharTypeCombo * 2;
|
||||
return result;
|
||||
|
|
|
@ -19,9 +19,6 @@
|
|||
import javax.crypto.NoSuchPaddingException;
|
||||
import javax.crypto.SecretKey;
|
||||
import javax.crypto.spec.SecretKeySpec;
|
||||
|
||||
import org.bouncycastle.jce.provider.BouncyCastleProvider;
|
||||
import org.bouncycastle.jce.provider.JCEIESCipher;
|
||||
import pro.gravit.launcher.LauncherAPI;
|
||||
|
||||
public final class SecurityHelper {
|
||||
|
@ -187,8 +184,8 @@ private static Cipher newCipher(String algo) {
|
|||
*/
|
||||
private static Cipher newBCCipher(String algo) {
|
||||
try {
|
||||
return Cipher.getInstance(algo, new BouncyCastleProvider());
|
||||
} catch (NoSuchAlgorithmException | NoSuchPaddingException e) {
|
||||
return Cipher.getInstance(algo, "BC");
|
||||
} catch (NoSuchAlgorithmException | NoSuchPaddingException | NoSuchProviderException e) {
|
||||
throw new InternalError(e);
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue