Skip to content

Add GUI #256

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
futrime wants to merge 29 commits into
base: main
Choose a base branch
from
Draft

Add GUI #256

futrime wants to merge 29 commits into from

Conversation

@futrime
Copy link
Owner

@futrime futrime commented Apr 16, 2025

What does this PR do?

Which issues does this PR resolve?

Checklist before merging

Thank you for your contribution to the repository.
Before submitting this PR, please make sure:

  • Your code builds clean without any errors or warnings
  • Your code follows our code style
  • You have tested all functions
  • You have not used code without license
  • You have added statement for third-party code

Pd233 and others added 27 commits January 11, 2025 22:24
@Pd233
feat: gui project init
e237ef8
@Pd233
feat: more projects
92a17a3
@Pd233
Merge remote-tracking branch 'upstream/feat/schema-v3' into feat/sche…
2456986 
…ma-v3
@Pd233
Merge remote-tracking branch 'upstream/feat/schema-v3' into feat/sche…
a305600 
…ma-v3
@Pd233
feat: new features
094489c
@Pd233
Merge remote-tracking branch 'upstream/feat/schema-v3' into feat/sche…
b45dfce 
…ma-v3
@Pd233
Merge remote-tracking branch 'upstream/feat/schema-v3' into feat/sche…
0369fe6 
…ma-v3
@Pd233
feat: new features*2
68c652c
@Pd233
Merge remote-tracking branch 'upstream/feat/schema-v3' into feat/sche…
a8309d8 
…ma-v3
@Pd233
feat: new features*3
436db7a
@Pd233
Merge remote-tracking branch 'upstream/feat/schema-v3' into feat/sche…
1d3a7dd 
…ma-v3
@Pd233
Merge remote-tracking branch 'upstream/feat/schema-v3' into feat/sche…
add7f80 
…ma-v3
@Pd233
Merge remote-tracking branch 'upstream/feat/schema-v3' into feat/sche…
7a1cdc6 
…ma-v3
@Pd233
feat: new features*4
3821907
@Pd233
Merge remote-tracking branch 'upstream/feat/schema-v3' into feat/sche…
b34d9c4 
…ma-v3
@Pd233
feat: new features*5
80a06bf
@Pd233
Merge remote-tracking branch 'upstream/feat/schema-v3' into feat/sche…
6421c8d 
…ma-v3
@Pd233
Merge remote-tracking branch 'upstream/feat/schema-v3' into feat/sche…
4a7a68e 
…ma-v3
@Pd233
feat: new features*6
17b0d05
@Pd233
Merge remote-tracking branch 'upstream/main' into feat/schema-v3
7d94e16
@Pd233
chore: merge files
ec4210c
@Pd233
Merge remote-tracking branch 'upstream/main' into feat/schema-v3
01603a9
@Pd233
feat: new features*7
490607b
@Pd233
feat: new features*8
bb1d29a
@Pd233
Merge remote-tracking branch 'upstream/main' into feat/schema-v3
44e1c3f
@ShrBox
Merge pull request #227 from Pd233/feat/schema-v3
978196d 
feat: gui project
@futrime
Merge branch 'main' into feat/gui
810f18c
github-advanced-security[bot]
github-advanced-security bot found potential problems Apr 16, 2025
View reviewed changes
Lip.Connection/Connection.cs
// Send password
using var rsa = new RSACryptoServiceProvider();
rsa.FromXmlString(rsaPublicKey.Key);
await _sender!.SendPacketAsync(ConnectionVerifyPackets.Password, new PasswordPacket { PasswordData = rsa.Encrypt(_hashedPassword, false) }, false, token);

Check failure

Code scanning / CodeQL

Weak encryption: inadequate RSA padding High

Enable RSA padding.

Copilot Autofix

AI 9 months ago

To fix the problem, we need to replace the insecure PKCS#1 v1.5 padding with the more secure PKCS#1 v2 (OAEP) padding. This involves changing the rsa.Encrypt method call to use OAEP padding.

  • Update the rsa.Encrypt method call to use OAEP padding by passing true instead of false.
  • Ensure that the decryption process also uses OAEP padding by updating the rsa.Decrypt method call accordingly.
Suggested changeset 1
Lip.Connection/Connection.cs

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/Lip.Connection/Connection.cs b/Lip.Connection/Connection.cs
--- a/Lip.Connection/Connection.cs
+++ b/Lip.Connection/Connection.cs
@@ -195,3 +195,3 @@
         rsa.FromXmlString(rsaPublicKey.Key);
-        await _sender!.SendPacketAsync(ConnectionVerifyPackets.Password, new PasswordPacket { PasswordData = rsa.Encrypt(_hashedPassword, false) }, false, token);
+        await _sender!.SendPacketAsync(ConnectionVerifyPackets.Password, new PasswordPacket { PasswordData = rsa.Encrypt(_hashedPassword, RSAEncryptionPadding.OaepSHA1) }, false, token);
 
@@ -212,3 +212,3 @@
         //if (type is not ConnectionVerifyPackets.AesKey) throw new InvalidOperationException("Failed to recive aes key.");
-        byte[] key = _cryptoServiceProvider.Decrypt(aesKeyPacket.Key, false);
+        byte[] key = _cryptoServiceProvider.Decrypt(aesKeyPacket.Key, RSAEncryptionPadding.OaepSHA1);
 
EOF
@@ -195,3 +195,3 @@
rsa.FromXmlString(rsaPublicKey.Key);
await _sender!.SendPacketAsync(ConnectionVerifyPackets.Password, new PasswordPacket { PasswordData = rsa.Encrypt(_hashedPassword, false) }, false, token);
await _sender!.SendPacketAsync(ConnectionVerifyPackets.Password, new PasswordPacket { PasswordData = rsa.Encrypt(_hashedPassword, RSAEncryptionPadding.OaepSHA1) }, false, token);

@@ -212,3 +212,3 @@
//if (type is not ConnectionVerifyPackets.AesKey) throw new InvalidOperationException("Failed to recive aes key.");
byte[] key = _cryptoServiceProvider.Decrypt(aesKeyPacket.Key, false);
byte[] key = _cryptoServiceProvider.Decrypt(aesKeyPacket.Key, RSAEncryptionPadding.OaepSHA1);

Copilot is powered by AI and may make mistakes. Always verify output.
Lip.Connection/Connection.cs
using var rsa = new RSACryptoServiceProvider();
rsa.FromXmlString(rsaPublicKey.Key);
byte[] key = Guid.NewGuid().ToByteArray();
await _sender.SendPacketAsync(ConnectionVerifyPackets.AesKey, new AESKeyPacket { Key = rsa.Encrypt(key, false) }, false, token);

Check failure

Code scanning / CodeQL

Weak encryption: inadequate RSA padding High

Enable RSA padding.

Copilot Autofix

AI 9 months ago

To fix the problem, we need to change the padding scheme used in the RSA encryption from PKCS#1 v1.5 to PKCS#1 v2 (OAEP). This involves modifying the rsa.Encrypt method call to use OAEP padding.

  • Update the rsa.Encrypt method call to use OAEP padding by passing true instead of false.
  • Ensure that the rest of the code remains unchanged to maintain existing functionality.
Suggested changeset 1
Lip.Connection/Connection.cs

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/Lip.Connection/Connection.cs b/Lip.Connection/Connection.cs
--- a/Lip.Connection/Connection.cs
+++ b/Lip.Connection/Connection.cs
@@ -252,3 +252,3 @@
         byte[] key = Guid.NewGuid().ToByteArray();
-        await _sender.SendPacketAsync(ConnectionVerifyPackets.AesKey, new AESKeyPacket { Key = rsa.Encrypt(key, false) }, false, token);
+        await _sender.SendPacketAsync(ConnectionVerifyPackets.AesKey, new AESKeyPacket { Key = rsa.Encrypt(key, RSAEncryptionPadding.OaepSHA1) }, false, token);
 
EOF
@@ -252,3 +252,3 @@
byte[] key = Guid.NewGuid().ToByteArray();
await _sender.SendPacketAsync(ConnectionVerifyPackets.AesKey, new AESKeyPacket { Key = rsa.Encrypt(key, false) }, false, token);
await _sender.SendPacketAsync(ConnectionVerifyPackets.AesKey, new AESKeyPacket { Key = rsa.Encrypt(key, RSAEncryptionPadding.OaepSHA1) }, false, token);

Copilot is powered by AI and may make mistakes. Always verify output.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Awaiting requested review from Copilot Copilot will automatically review once the pull request is marked ready for review

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@futrime @Pd233 @ShrBox