updated to v2.13.3

michael811125 · michael811125 · commit a8799570118d · 2025-02-11T17:42:09.000+08:00
diff --git a/Assets/OxGFrame/AssetLoader/Scripts/Runtime/Bundle/BundleInfos.cs b/Assets/OxGFrame/AssetLoader/Scripts/Runtime/Bundle/BundleInfos.cs
@@ -1,9 +1,7 @@
-﻿using MyBox;
-using System;
+﻿using System;
 using System.Collections.Generic;
 using UnityEngine;
 using YooAsset;
-using static OxGFrame.AssetLoader.Bundle.BundleConfig;
 
 namespace OxGFrame.AssetLoader.Bundle
 {
@@ -12,11 +10,11 @@ public class DecryptInfo : IDisposable
     {
         [SerializeField, Tooltip("Bundle decryption (case-insensitive).\n\n[NONE], \n[OFFSET, dummySize], \n[XOR, key], \n[HT2XOR, headKey, tailKey, jumpKey], \n[HT2XORPLUS, headKey, tailKey, jump1Key, jump2Key], \n[AES, key, iv]\n\nex: \n\"none\" \n\"offset, 12\" \n\"xor, 23\" \n\"ht2xor, 34, 45, 56\" \n\"ht2xorplus, 34, 45, 56, 78\" \n\"aes, key, iv\"")]
         private string _decryptArgs = BundleConfig.CryptogramType.NONE;
-        [SerializeField, Tooltip("Can encrypt string data in memory.")]
+        [SerializeField, Tooltip("If checked, complex encryption will be performed in memory (more GC).\n\nIf unchecked, simple encryption will be performed in memory (less GC).")]
         public bool secureString = true;
-        [SerializeField, Tooltip("The longer the length, the safer it is. 16 bytes (128 bits), 32 bytes (256 bits)"), ConditionalField(nameof(secureString))]
+        [SerializeField, Tooltip("The longer the length, the safer it is. 16 bytes (128 bits), 32 bytes (256 bits)")]
         private int _saltSize = 1 << 4;
-        [SerializeField, Tooltip("The longer the length, the safer it is. 16 bytes (128 bits), 32 bytes (256 bits)"), ConditionalField(nameof(secureString))]
+        [SerializeField, Tooltip("The longer the length, the safer it is. 16 bytes (128 bits), 32 bytes (256 bits)")]
         private int _dummySize = 1 << 5;
 
         public string GetDecryptArgs()
@@ -58,7 +56,7 @@ public class GroupInfo
     public abstract class PackageInfoWithBuild
     {
         [Tooltip("Only for EditorSimulateMode")]
-        public BuildMode buildMode;
+        public BundleConfig.BuildMode buildMode;
         public string packageName;
 
         /// <summary>
diff --git a/Assets/OxGFrame/AssetLoader/Scripts/Runtime/Utility/SecureMemory/SecureString.cs b/Assets/OxGFrame/AssetLoader/Scripts/Runtime/Utility/SecureMemory/SecureString.cs
@@ -1,56 +1,88 @@
 ﻿using System;
+using System.Buffers;
 using System.IO;
 using System.Security.Cryptography;
+using System.Text;
 
 namespace OxGFrame.AssetLoader.Utility.SecureMemory
 {
     internal class SecureString : IDisposable
     {
-        // Secured
-        private bool _secured = true;
-
-        // Opaque Data
-        private byte[] _opaqueData = null;
-
-        // Salt
-        private byte[] _salt = null;
-
-        // Dummy
-        private int _l1;
-        private int _l2;
+        /// <summary>
+        /// 是否啟用加密
+        /// </summary>
+        private readonly bool _secured;
+
+        /// <summary>
+        /// 加密後的數據
+        /// </summary>
+        private byte[] _opaqueData;
+
+        /// <summary>
+        /// 加密用的 salt
+        /// </summary>
+        private byte[] _salt;
+
+        /// <summary>
+        /// 用於混淆的長度參數 l1
+        /// </summary>
+        private readonly int _l1;
+
+        /// <summary>
+        /// 用於混淆的長度參數 l2
+        /// </summary>
+        private readonly int _l2;
+
+        /// <summary>
+        /// 資源釋放標記
+        /// </summary>
+        private bool _disposed = false;
+
+        /// <summary>
+        /// 重用 Random 實例, 降低 GC
+        /// </summary>
+        private static readonly Random _random = new Random();
+
+        /// <summary>
+        /// 重用 UTF8 編碼實例, 降低 GC
+        /// </summary>
+        private static readonly UTF8Encoding _utf8Encoding = new UTF8Encoding(false);
 
         public SecureString(string input, bool secured = true, int saltSize = 1 << 4, int dummySize = 1 << 5)
         {
-            // Enabled encrypt
             this._secured = secured;
 
-            // Dummy
             if (dummySize < 1 << 1) dummySize = 1 << 1;
 
-            // Random dummy size
-            Random rnd = new Random();
-            this._l1 = rnd.Next(dummySize >> 1, dummySize + 1);
-            this._l2 = rnd.Next(dummySize >> 1, dummySize + 1);
-
             if (this._secured)
             {
-                // Salt
                 if (saltSize < 1 << 1) saltSize = 1 << 1;
                 this._GenerateSalt(saltSize);
-
-                // Encrypt data with aes
                 this._opaqueData = this._Encrypt(input);
             }
-            // String to bytes with dummy
-            else this._opaqueData = StringWithDummy.StringToBytesWithDummy(input, this._l1, this._l2);
+            else
+            {
+                // 使用 lock 來確保 Random 的執行緒安全
+                lock (_random)
+                {
+                    this._l1 = _random.Next(dummySize >> 1, dummySize + 1);
+                    this._l2 = _random.Next(dummySize >> 1, dummySize + 1);
+                    this._opaqueData = StringWithDummy.StringToBytesWithDummy(input, this._l1, this._l2);
+                }
+            }
+        }
+
+        ~SecureString()
+        {
+            this.Dispose();
         }
 
         private void _GenerateSalt(int saltSize)
         {
-            using (var random = new RNGCryptoServiceProvider())
+            this._salt = ArrayPool<byte>.Shared.Rent(saltSize);
+            using (var random = RandomNumberGenerator.Create())
             {
-                this._salt = new byte[saltSize];
-                random.GetBytes(this._salt);
+                random.GetBytes(this._salt, 0, saltSize);
             }
         }
 
@@ -65,88 +97,100 @@ private byte[] _Encrypt(string input)
             {
                 aesAlg.Key = this._salt;
 
+                // 從池中租用 IV buffer
+                IV = ArrayPool<byte>.Shared.Rent(aesAlg.BlockSize >> 3);
                 aesAlg.GenerateIV();
-                IV = aesAlg.IV;
+                Array.Copy(aesAlg.IV, IV, aesAlg.IV.Length);
 
                 aesAlg.Mode = CipherMode.CBC;
 
-                var encryptor = aesAlg.CreateEncryptor(aesAlg.Key, aesAlg.IV);
+                // 預估加密後的大小 (粗略估計, 可根據實際情況調整)
+                int estimatedSize = (input.Length * 2) + 32;
+                var msEncrypt = new MemoryStream(estimatedSize);
 
-                // Create the streams used for encryption. 
-                using (var msEncrypt = new MemoryStream())
+                using (var encryptor = aesAlg.CreateEncryptor(aesAlg.Key, IV))
+                using (var csEncrypt = new CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write))
                 {
-                    using (var csEncrypt = new CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write))
-                    {
-                        using (var swEncrypt = new StreamWriter(csEncrypt))
-                        {
-                            // Write all data to the stream.
-                            swEncrypt.Write(input);
-                        }
-                        encrypted = msEncrypt.ToArray();
-                    }
+                    // 直接使用 UTF8 編碼寫入, 避免 StreamWriter 的額外開銷
+                    byte[] inputBytes = _utf8Encoding.GetBytes(input);
+                    csEncrypt.Write(inputBytes, 0, inputBytes.Length);
                 }
+
+                encrypted = msEncrypt.ToArray();
+                msEncrypt.Dispose();
             }
 
-            var combinedIvCt = new byte[IV.Length + encrypted.Length];
-            Array.Copy(IV, 0, combinedIvCt, 0, IV.Length);
-            Array.Copy(encrypted, 0, combinedIvCt, IV.Length, encrypted.Length);
+            // 組合 IV 和加密數據
+            var result = new byte[IV.Length + encrypted.Length];
+            Array.Copy(IV, 0, result, 0, IV.Length);
+            Array.Copy(encrypted, 0, result, IV.Length, encrypted.Length);
 
-            // Return the encrypted bytes from the memory stream. 
-            return combinedIvCt;
+            // 歸還 IV buffer
+            ArrayPool<byte>.Shared.Return(IV);
 
+            return result;
         }
 
         public string Decrypt()
         {
-            if (!this._secured) return StringWithDummy.BytesWithDummyToString(this._opaqueData, this._l1, this._l2);
+            if (!this._secured)
+                return StringWithDummy.BytesWithDummyToString(this._opaqueData, this._l1, this._l2);
 
-            // Declare the string used to hold 
-            // the decrypted text. 
-            string plaintext = null;
-
-            // Create an Aes object 
-            // with the specified key and IV. 
             using (Aes aesAlg = Aes.Create())
             {
                 aesAlg.Key = this._salt;
 
-                byte[] IV = new byte[aesAlg.BlockSize >> 3];
-                byte[] cipherText = new byte[this._opaqueData.Length - IV.Length];
-
-                Array.Copy(this._opaqueData, IV, IV.Length);
-                Array.Copy(this._opaqueData, IV.Length, cipherText, 0, cipherText.Length);
-
-                aesAlg.IV = IV;
+                // 從池中租用 IV buffer
+                int ivLength = aesAlg.BlockSize >> 3;
+                byte[] IV = ArrayPool<byte>.Shared.Rent(ivLength);
+                byte[] cipherText = new byte[this._opaqueData.Length - ivLength];
 
-                aesAlg.Mode = CipherMode.CBC;
+                try
+                {
+                    Array.Copy(this._opaqueData, IV, ivLength);
+                    Array.Copy(this._opaqueData, ivLength, cipherText, 0, cipherText.Length);
 
-                // Create a decrytor to perform the stream transform.
-                ICryptoTransform decryptor = aesAlg.CreateDecryptor(aesAlg.Key, aesAlg.IV);
+                    aesAlg.IV = IV;
+                    aesAlg.Mode = CipherMode.CBC;
 
-                // Create the streams used for decryption. 
-                using (var msDecrypt = new MemoryStream(cipherText))
-                {
+                    using (var decryptor = aesAlg.CreateDecryptor(aesAlg.Key, aesAlg.IV))
+                    using (var msDecrypt = new MemoryStream(cipherText))
                     using (var csDecrypt = new CryptoStream(msDecrypt, decryptor, CryptoStreamMode.Read))
                     {
-                        using (var srDecrypt = new StreamReader(csDecrypt))
+                        // 直接將解密後的數據讀入 byte array, 然後轉換為字符串
+                        using (var ms = new MemoryStream())
                         {
-                            // Read the decrypted bytes from the decrypting stream
-                            // and place them in a string.
-                            plaintext = srDecrypt.ReadToEnd();
+                            csDecrypt.CopyTo(ms);
+                            return _utf8Encoding.GetString(ms.ToArray());
                         }
                     }
                 }
+                finally
+                {
+                    // 確保歸還 IV buffer
+                    ArrayPool<byte>.Shared.Return(IV);
+                }
             }
-
-            return plaintext;
         }
 
         public void Dispose()
         {
-            if (this._opaqueData != null) Array.Clear(this._opaqueData, 0, this._opaqueData.Length);
-            this._opaqueData = null;
-            if (this._salt != null) Array.Clear(this._salt, 0, this._salt.Length);
-            this._salt = null;
+            if (!this._disposed)
+            {
+                if (this._opaqueData != null)
+                {
+                    Array.Clear(this._opaqueData, 0, this._opaqueData.Length);
+                    this._opaqueData = null;
+                }
+
+                if (this._salt != null)
+                {
+                    ArrayPool<byte>.Shared.Return(this._salt);
+                    this._salt = null;
+                }
+
+                this._disposed = true;
+            }
         }
     }
 }
diff --git a/Assets/OxGFrame/CHANGELOG.md b/Assets/OxGFrame/CHANGELOG.md
@@ -1,5 +1,9 @@
 # CHANGELOG
 
+## [2.13.3] - 2025-02-11
+- Modified PatchLauncher SecureString Tooltip: If checked, complex encryption will be performed in memory (more GC). If unchecked, simple encryption will be performed in memory (less GC).
+- Optimized SecureString to reduce GC by more than half.
+
 ## [2.13.2] - 2025-02-05
 - Added CPBase MonoDrive feature. When enabled, it supports initialization driven by MonoBehaviour, allowing it to be directly placed in the scene without needing to be loaded through CPManager.
 - Fixed the issue in FrameManager where an InvalidOperationException could occur due to collection modification during enumeration.
diff --git a/Assets/OxGFrame/package.json b/Assets/OxGFrame/package.json
@@ -2,7 +2,7 @@
 	"name": "com.michaelo.oxgframe",
 	"displayName": "OxGFrame",
 	"description": "The OxGFrame is a framework based on Unity for accelerating game development. Supports multi-platform Win, OSX, Android, iOS, WebGL.",
-	"version": "2.13.2",
+	"version": "2.13.3",
 	"unity": "2021.3",
 	"license": "MIT",
 	"samples": [
