Archisteamfarm: IPC Password Encryption Support

for the IPC password, wouldn't it make even more sense to hash it instead of encrypting it?

I haven't made up my mind yet about how exactly ASF is going to achieve that in technical matter, but yes, a way to specify encrypted IPC password is a good idea.

Since we don't need to know it, I'll likely use some hashing algorithm, but I'll see about that when I get down to implementing it.

I made in my own server a work around, implementing inverted proxy and a hash password. The way I implemented was using the config file, and saving the hashed code into the database, and later erasing the password from the file. You got the hashed password set. Also you should add salt to the password so it's even more encrypted.

And the way to check if it's correct it's encrypting the given password plus the salt, and comparing both strings. I can give you a rough example on python or javascript, if you want. ;D

After small evaluation I'm moving forward with this issue, ASF will offer two hashing algorithms to hash IPCPassword with, in particular those that we already implement for recovering Steam parental codes:

c# public enum EHashingMethod : byte { PlainText, SCrypt, Pbkdf2 }

Both support custom salt, which will also be configurable through our already-existing EncryptionKey which can be set during ASF's launch (or, if not provided, a static known value, which is also fine, since it's only a salt).

I'm expecting to finish it fairly soon, the biggest amount of work will be actually in providing APIs for hashing than the logic itself.