Initialize the decryption cipher only once

(Related #259)

bukkit/src/main/java/com/github/games647/fastlogin/bukkit/EncryptionUtil.java

@@ -8,7 +8,6 @@ import java.security.KeyPair;
 import java.security.KeyPairGenerator;
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
-import java.security.PrivateKey;
 import java.security.PublicKey;
 import java.util.Random;
 
@@ -83,28 +82,24 @@ public class EncryptionUtil {
     /**
      * Decrypts the content and extracts the key spec.
      *
-     * @param cipher     decryption cipher
+     * @param cipher     decryption cipher initialized with the private key
-     * @param privateKey private key of the server
      * @param sharedKey  the encrypted shared key
      * @return shared secret key
-     * @throws GeneralSecurityException
+     * @throws GeneralSecurityException if it fails to decrypt the data
      */
-    public static SecretKey decryptSharedKey(Cipher cipher, PrivateKey privateKey, byte[] sharedKey)
+    public static SecretKey decryptSharedKey(Cipher cipher, byte[] sharedKey) throws GeneralSecurityException {
-            throws GeneralSecurityException {
+        return new SecretKeySpec(decrypt(cipher, sharedKey), "AES");
-        return new SecretKeySpec(decrypt(cipher, privateKey, sharedKey), "AES");
     }
 
     /**
      * Decrypted the given data using the cipher.
      *
-     * @param cipher decryption cypher
+     * @param cipher decryption cypher initialized with the private key
-     * @param key    server private key
      * @param data   the encrypted data
      * @return clear text data
-     * @throws GeneralSecurityException if it fails to initialize and decrypt the data
+     * @throws GeneralSecurityException if it fails to decrypt the data
      */
-    public static byte[] decrypt(Cipher cipher, PrivateKey key, byte[] data) throws GeneralSecurityException {
+    public static byte[] decrypt(Cipher cipher, byte[] data) throws GeneralSecurityException {
-        cipher.init(Cipher.DECRYPT_MODE, key);
         return cipher.doFinal(data);
     }
 

bukkit/src/main/java/com/github/games647/fastlogin/bukkit/listener/protocollib/VerifyResponseTask.java

@@ -81,8 +81,9 @@ public class VerifyResponseTask implements Runnable {
         SecretKey loginKey;
         try {
             cipher = Cipher.getInstance(privateKey.getAlgorithm());
+            cipher.init(Cipher.DECRYPT_MODE, privateKey);
 
-            loginKey = EncryptionUtil.decryptSharedKey(cipher, privateKey, sharedSecret);
+            loginKey = EncryptionUtil.decryptSharedKey(cipher, sharedSecret);
         } catch (GeneralSecurityException securityEx) {
             disconnect("error-kick", false, "Cannot decrypt received contents", securityEx);
             return;
@@ -148,7 +149,7 @@ public class VerifyResponseTask implements Runnable {
         byte[] responseVerify = packetEvent.getPacket().getByteArrays().read(1);
 
         //https://github.com/bergerkiller/CraftSource/blob/master/net.minecraft.server/LoginListener.java#L182
-        if (!Arrays.equals(requestVerify, EncryptionUtil.decrypt(cipher, privateKey, responseVerify))) {
+        if (!Arrays.equals(requestVerify, EncryptionUtil.decrypt(cipher, responseVerify))) {
             //check if the verify token are equal to the server sent one
             disconnect("invalid-verify-token", true
                     , "GameProfile {0} ({1}) tried to login with an invalid verify token. Server: {2} Client: {3}"