From 596db51a8eb59060f8dede7b6dc9e5cd00a4bb07 Mon Sep 17 00:00:00 2001 From: md_5 Date: Sat, 17 Nov 2012 11:45:52 +1100 Subject: [PATCH] Look! No BouncyCastle. Thanks to @macer1 for helping out with this. --- pom.xml | 5 ----- .../java/net/md_5/bungee/EncryptionUtil.java | 22 +++++-------------- .../java/net/md_5/bungee/InitialHandler.java | 9 ++++---- .../net/md_5/bungee/ServerConnection.java | 9 ++++---- 4 files changed, 16 insertions(+), 29 deletions(-) diff --git a/pom.xml b/pom.xml index 3ba88b13..2a791b0f 100644 --- a/pom.xml +++ b/pom.xml @@ -76,11 +76,6 @@ mendax 1.4.4-SNAPSHOT - - org.bouncycastle - bcprov-ext-jdk15on - 1.47 - org.yaml snakeyaml diff --git a/src/main/java/net/md_5/bungee/EncryptionUtil.java b/src/main/java/net/md_5/bungee/EncryptionUtil.java index d4ec2b87..35cf0c68 100644 --- a/src/main/java/net/md_5/bungee/EncryptionUtil.java +++ b/src/main/java/net/md_5/bungee/EncryptionUtil.java @@ -6,6 +6,7 @@ import java.io.InputStreamReader; import java.math.BigInteger; import java.net.URL; import java.net.URLEncoder; +import java.security.InvalidAlgorithmParameterException; import java.security.InvalidKeyException; import java.security.Key; import java.security.KeyFactory; @@ -15,7 +16,6 @@ import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.security.PublicKey; import java.security.SecureRandom; -import java.security.Security; import java.security.spec.InvalidKeySpecException; import java.security.spec.X509EncodedKeySpec; import java.util.Arrays; @@ -25,15 +25,10 @@ import javax.crypto.Cipher; import javax.crypto.IllegalBlockSizeException; import javax.crypto.NoSuchPaddingException; import javax.crypto.SecretKey; +import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.SecretKeySpec; import net.md_5.bungee.packet.PacketFCEncryptionResponse; import net.md_5.bungee.packet.PacketFDEncryptionRequest; -import org.bouncycastle.crypto.BufferedBlockCipher; -import org.bouncycastle.crypto.engines.AESFastEngine; -import org.bouncycastle.crypto.modes.CFBBlockCipher; -import org.bouncycastle.crypto.params.KeyParameter; -import org.bouncycastle.crypto.params.ParametersWithIV; -import org.bouncycastle.jce.provider.BouncyCastleProvider; /** * Class containing all encryption related methods for the proxy. @@ -45,11 +40,6 @@ public class EncryptionUtil private static final Random random = new Random(); private static KeyPair keys; - static - { - Security.addProvider(new BouncyCastleProvider()); - } - public static PacketFDEncryptionRequest encryptRequest() throws NoSuchAlgorithmException { if (keys == null) @@ -106,16 +96,16 @@ public class EncryptionUtil return "YES".equals(reply); } - public static BufferedBlockCipher getCipher(boolean forEncryption, Key shared) + public static Cipher getCipher(int opMode, Key shared) throws InvalidAlgorithmParameterException, InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException { - BufferedBlockCipher cip = new BufferedBlockCipher(new CFBBlockCipher(new AESFastEngine(), 8)); - cip.init(forEncryption, new ParametersWithIV(new KeyParameter(shared.getEncoded()), shared.getEncoded(), 0, 16)); + Cipher cip = Cipher.getInstance("AES/CFB8/NoPadding"); + cip.init(opMode, shared, new IvParameterSpec(shared.getEncoded())); return cip; } public static SecretKey getSecret() { - byte[] rand = new byte[32]; + byte[] rand = new byte[16]; secure.nextBytes(rand); return new SecretKeySpec(rand, "AES"); } diff --git a/src/main/java/net/md_5/bungee/InitialHandler.java b/src/main/java/net/md_5/bungee/InitialHandler.java index b2f54ace..c01304ac 100644 --- a/src/main/java/net/md_5/bungee/InitialHandler.java +++ b/src/main/java/net/md_5/bungee/InitialHandler.java @@ -5,6 +5,9 @@ import java.io.OutputStream; import java.net.Socket; import java.util.ArrayList; import java.util.List; +import javax.crypto.Cipher; +import javax.crypto.CipherInputStream; +import javax.crypto.CipherOutputStream; import javax.crypto.SecretKey; import net.md_5.bungee.packet.Packet2Handshake; import net.md_5.bungee.packet.PacketFCEncryptionResponse; @@ -12,8 +15,6 @@ import net.md_5.bungee.packet.PacketFDEncryptionRequest; import net.md_5.bungee.packet.PacketFFKick; import net.md_5.bungee.packet.PacketInputStream; import net.md_5.bungee.plugin.LoginEvent; -import org.bouncycastle.crypto.io.CipherInputStream; -import org.bouncycastle.crypto.io.CipherOutputStream; public class InitialHandler implements Runnable { @@ -66,8 +67,8 @@ public class InitialHandler implements Runnable } out.write(new PacketFCEncryptionResponse().getPacket()); - in = new PacketInputStream(new CipherInputStream(socket.getInputStream(), EncryptionUtil.getCipher(false, shared))); - out = new CipherOutputStream(socket.getOutputStream(), EncryptionUtil.getCipher(true, shared)); + in = new PacketInputStream(new CipherInputStream(socket.getInputStream(), EncryptionUtil.getCipher(Cipher.DECRYPT_MODE, shared))); + out = new CipherOutputStream(socket.getOutputStream(), EncryptionUtil.getCipher(Cipher.ENCRYPT_MODE, shared)); List customPackets = new ArrayList<>(); byte[] custom; while (Util.getId((custom = in.readPacket())) != 0xCD) diff --git a/src/main/java/net/md_5/bungee/ServerConnection.java b/src/main/java/net/md_5/bungee/ServerConnection.java index 5fd3fadf..975440e2 100644 --- a/src/main/java/net/md_5/bungee/ServerConnection.java +++ b/src/main/java/net/md_5/bungee/ServerConnection.java @@ -4,6 +4,9 @@ import java.io.OutputStream; import java.net.InetSocketAddress; import java.net.Socket; import java.security.PublicKey; +import javax.crypto.Cipher; +import javax.crypto.CipherInputStream; +import javax.crypto.CipherOutputStream; import javax.crypto.SecretKey; import net.md_5.bungee.packet.Packet1Login; import net.md_5.bungee.packet.Packet2Handshake; @@ -13,8 +16,6 @@ import net.md_5.bungee.packet.PacketFCEncryptionResponse; import net.md_5.bungee.packet.PacketFDEncryptionRequest; import net.md_5.bungee.packet.PacketFFKick; import net.md_5.bungee.packet.PacketInputStream; -import org.bouncycastle.crypto.io.CipherInputStream; -import org.bouncycastle.crypto.io.CipherOutputStream; /** * Class representing a connection from the proxy to the server; ie upstream. @@ -58,8 +59,8 @@ public class ServerConnection extends GenericConnection throw new RuntimeException("Server did not send encryption enable"); } - in = new PacketInputStream(new CipherInputStream(socket.getInputStream(), EncryptionUtil.getCipher(false, myKey))); - out = new CipherOutputStream(out, EncryptionUtil.getCipher(true, myKey)); + in = new PacketInputStream(new CipherInputStream(socket.getInputStream(), EncryptionUtil.getCipher(Cipher.DECRYPT_MODE, myKey))); + out = new CipherOutputStream(out, EncryptionUtil.getCipher(Cipher.ENCRYPT_MODE, myKey)); for (byte[] custom : user.loginPackets) {