Home Trending Latest threads New posts Developer diaries

Possible Bug with PdX Launchers (Stellaris, CK2, EU4) and PW safety

Soranya · 2016-06-02T18:59:59+00:00

I just stumbled by accident over my saved credentials for the PDX Launcher, and while the PW is encrypted i did not fail to notice that the Encrpyted String has several identical Signs at the end, beeing of equal length on all my PDX games. My conclusion is that you could backtrack to the actual lenght of the PW by having the String (not the actual PW). While not a major security issue i think that the string should be filled up with random Bytes instead of the same one if the PW is too short to use the whole encrpytion key length. user="Name::mailprovider.domain" password="ENCRYPTEDPASSWORDBUTTHEEND======" The above is an example how my pw file looks - o.c. it doesnt say "ENCRYPTEDPASSWORDBUTTHEEND" but some random Letters plus the trailing "=" Those trailing "="s are all the same count no matter what game i look my PW up, while the actual password is encrypted differently everytime. If my conclusion is wrong and the trailing "="s are there by default no matter what the PW is then i appologize for bringing it up.

Thread starter Soranya
Start date Jun 2, 2016

Jump to latest Follow Reply

We have updated our Community Code of Conduct. Please read through the new rules for the forum that are an integral part of Paradox Interactive’s User Agreement.

Showing developer posts only. Show all posts in this thread.

Show all posts

Mrop

good with computer

Paradox Staff

61 Badges

Jun 3, 2016

Add bookmark
#2

The password is encrypted with AES, but in order to save the resulting binary info as a fixed-length string (divisible by 16) it is padded. This conversion and padding is done via a third-party library so it would be annoying to change it. I will double check with the person who wrote our code too, but they are not here today.

Show hidden low quality content

You must log in or register to reply here.

Facebook X (Twitter) Reddit Tumblr WhatsApp Link

Top Bottom

Back