diff --git a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/EncryptionUtil.java b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/EncryptionUtil.java index 2a29a628..364f1246 100644 --- a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/EncryptionUtil.java +++ b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/EncryptionUtil.java @@ -8,7 +8,6 @@ import java.security.KeyPair; import java.security.KeyPairGenerator; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; -import java.security.PrivateKey; import java.security.PublicKey; import java.util.Random; @@ -83,28 +82,24 @@ public class EncryptionUtil { /** * Decrypts the content and extracts the key spec. * - * @param cipher decryption cipher - * @param privateKey private key of the server + * @param cipher decryption cipher initialized with the private key * @param sharedKey the encrypted shared key * @return shared secret key - * @throws GeneralSecurityException + * @throws GeneralSecurityException if it fails to decrypt the data */ - public static SecretKey decryptSharedKey(Cipher cipher, PrivateKey privateKey, byte[] sharedKey) - throws GeneralSecurityException { - return new SecretKeySpec(decrypt(cipher, privateKey, sharedKey), "AES"); + public static SecretKey decryptSharedKey(Cipher cipher, byte[] sharedKey) throws GeneralSecurityException { + return new SecretKeySpec(decrypt(cipher, sharedKey), "AES"); } /** * Decrypted the given data using the cipher. * - * @param cipher decryption cypher - * @param key server private key + * @param cipher decryption cypher initialized with the private key * @param data the encrypted data * @return clear text data - * @throws GeneralSecurityException if it fails to initialize and decrypt the data + * @throws GeneralSecurityException if it fails to decrypt the data */ - public static byte[] decrypt(Cipher cipher, PrivateKey key, byte[] data) throws GeneralSecurityException { - cipher.init(Cipher.DECRYPT_MODE, key); + public static byte[] decrypt(Cipher cipher, byte[] data) throws GeneralSecurityException { return cipher.doFinal(data); } diff --git a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/protocollib/VerifyResponseTask.java b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/protocollib/VerifyResponseTask.java index 149d231f..c28b517a 100644 --- a/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/protocollib/VerifyResponseTask.java +++ b/bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/protocollib/VerifyResponseTask.java @@ -81,8 +81,9 @@ public class VerifyResponseTask implements Runnable { SecretKey loginKey; try { cipher = Cipher.getInstance(privateKey.getAlgorithm()); + cipher.init(Cipher.DECRYPT_MODE, privateKey); - loginKey = EncryptionUtil.decryptSharedKey(cipher, privateKey, sharedSecret); + loginKey = EncryptionUtil.decryptSharedKey(cipher, sharedSecret); } catch (GeneralSecurityException securityEx) { disconnect("error-kick", false, "Cannot decrypt received contents", securityEx); return; @@ -148,7 +149,7 @@ public class VerifyResponseTask implements Runnable { byte[] responseVerify = packetEvent.getPacket().getByteArrays().read(1); //https://github.com/bergerkiller/CraftSource/blob/master/net.minecraft.server/LoginListener.java#L182 - if (!Arrays.equals(requestVerify, EncryptionUtil.decrypt(cipher, privateKey, responseVerify))) { + if (!Arrays.equals(requestVerify, EncryptionUtil.decrypt(cipher, responseVerify))) { //check if the verify token are equal to the server sent one disconnect("invalid-verify-token", true , "GameProfile {0} ({1}) tried to login with an invalid verify token. Server: {2} Client: {3}"