SPAWNRYS/bloxstrap
1
0
Fork 0
mirror of https://github.com/bloxstraplabs/bloxstrap.git synced 2025-04-21 10:01:27 -07:00
Code Issues Actions Packages Projects Releases Wiki Activity

Mitigate "decryption operation failed" error

Browse Source 
cant believe i only had this idea just now
This commit is contained in:
pizzaboxer 2023-08-26 00:34:58 +01:00
parent cd0547664c
commit 034a513650
No known key found for this signature in database
GPG Key ID: 59D4A1DBAD0F2BA8
2 changed files with 38 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
Bloxstrap/Bootstrapper.cs
View File

@ -1349,7 +1349,10 @@ namespace Bloxstrap
{ {
var response = await App.HttpClient.GetAsync(packageUrl, HttpCompletionOption.ResponseHeadersRead, _cancelTokenSource.Token); var response = await App.HttpClient.GetAsync(packageUrl, HttpCompletionOption.ResponseHeadersRead, _cancelTokenSource.Token);
await using var stream = await response.Content.ReadAsStreamAsync(_cancelTokenSource.Token); await using var stream = await response.Content.ReadAsStreamAsync(_cancelTokenSource.Token);
await using var fileStream = new FileStream(packageLocation, FileMode.CreateNew, FileAccess.Write, FileShare.Delete); await using var fileStream = new FileStream(packageLocation, FileMode.CreateNew, FileAccess.ReadWrite, FileShare.Delete);
if (packageUrl.StartsWith("https://"))
throw new Exception("The decryption operation failed");
while (true) while (true)
{ {
@ -1373,6 +1376,11 @@ namespace Bloxstrap
UpdateProgressBar(); UpdateProgressBar();
} }
fileStream.Seek(0, SeekOrigin.Begin);
if (MD5Hash.FromStream(fileStream) != package.Signature)
throw new Exception("Signature does not match!");
App.Logger.WriteLine(LOG_IDENT, $"Finished downloading! ({totalBytesRead} bytes total)"); App.Logger.WriteLine(LOG_IDENT, $"Finished downloading! ({totalBytesRead} bytes total)");
break; break;
} }
@ -1389,6 +1397,15 @@ namespace Bloxstrap
_totalDownloadedBytes -= totalBytesRead; _totalDownloadedBytes -= totalBytesRead;
UpdateProgressBar(); UpdateProgressBar();
// attempt download over HTTP
// this isn't actually that unsafe - signatures were established earlier over HTTPS
// so we've already established that our signatures are legit, and that there's no MITM anyway
if (ex.Message.Contains("The decryption operation failed"))
{
App.Logger.WriteLine(LOG_IDENT, "Retrying download over HTTP...");
packageUrl = packageUrl.Replace("https://", "http://");
}
} }
} }
} }

37
Bloxstrap/Utility/MD5Hash.cs
View File

@ -4,25 +4,28 @@ namespace Bloxstrap.Utility
{ {
public static class MD5Hash public static class MD5Hash
{ {
public static string FromFile(string filename)
{
using (MD5 md5 = MD5.Create())
{
using (FileStream stream = File.OpenRead(filename))
{
byte[] hash = md5.ComputeHash(stream);
return BitConverter.ToString(hash).Replace("-", "").ToLowerInvariant();
}
}
}
public static string FromBytes(byte[] data) public static string FromBytes(byte[] data)
{ {
using (MD5 md5 = MD5.Create()) using MD5 md5 = MD5.Create();
{ return Stringify(md5.ComputeHash(data));
byte[] hash = md5.ComputeHash(data); }
return BitConverter.ToString(hash).Replace("-", "").ToLowerInvariant();
} public static string FromStream(Stream stream)
{
using MD5 md5 = MD5.Create();
return Stringify(md5.ComputeHash(stream));
}
public static string FromFile(string filename)
{
using MD5 md5 = MD5.Create();
using FileStream stream = File.OpenRead(filename);
return FromStream(stream);
}
private static string Stringify(byte[] hash)
{
return BitConverter.ToString(hash).Replace("-", "").ToLowerInvariant();
} }
} }
} }