From f1f10521e240f5800f7d2ddd701daffa6e516cd1 Mon Sep 17 00:00:00 2001 From: md_5 Date: Thu, 21 Feb 2013 17:13:04 +1100 Subject: [PATCH] Use native Java ciphers for encryption / decryption - now that we have our buffer issues sorted this should be a small speed boost. --- proxy/pom.xml | 5 ----- .../java/net/md_5/bungee/EncryptionUtil.java | 20 +++++-------------- .../java/net/md_5/bungee/InitialHandler.java | 9 +++++---- 3 files changed, 10 insertions(+), 24 deletions(-) diff --git a/proxy/pom.xml b/proxy/pom.xml index 60d5b476..ce88f5f5 100644 --- a/proxy/pom.xml +++ b/proxy/pom.xml @@ -34,11 +34,6 @@ mysql-connector-java 5.1.22 - - org.bouncycastle - bcprov-jdk15on - 1.47 - diff --git a/proxy/src/main/java/net/md_5/bungee/EncryptionUtil.java b/proxy/src/main/java/net/md_5/bungee/EncryptionUtil.java index 9ecf4988..26bbdb21 100644 --- a/proxy/src/main/java/net/md_5/bungee/EncryptionUtil.java +++ b/proxy/src/main/java/net/md_5/bungee/EncryptionUtil.java @@ -6,13 +6,13 @@ import java.io.InputStreamReader; import java.math.BigInteger; import java.net.URL; import java.net.URLEncoder; +import java.security.InvalidAlgorithmParameterException; import java.security.InvalidKeyException; import java.security.Key; import java.security.KeyPair; import java.security.KeyPairGenerator; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; -import java.security.Security; import java.util.Arrays; import java.util.Random; import javax.crypto.BadPaddingException; @@ -20,15 +20,10 @@ import javax.crypto.Cipher; import javax.crypto.IllegalBlockSizeException; import javax.crypto.NoSuchPaddingException; import javax.crypto.SecretKey; +import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.SecretKeySpec; import net.md_5.bungee.packet.PacketFCEncryptionResponse; import net.md_5.bungee.packet.PacketFDEncryptionRequest; -import org.bouncycastle.crypto.BufferedBlockCipher; -import org.bouncycastle.crypto.engines.AESFastEngine; -import org.bouncycastle.crypto.modes.CFBBlockCipher; -import org.bouncycastle.crypto.params.KeyParameter; -import org.bouncycastle.crypto.params.ParametersWithIV; -import org.bouncycastle.jce.provider.BouncyCastleProvider; /** * Class containing all encryption related methods for the proxy. @@ -39,11 +34,6 @@ public class EncryptionUtil private static final Random random = new Random(); private static KeyPair keys; - static - { - Security.addProvider( new BouncyCastleProvider() ); - } - public static PacketFDEncryptionRequest encryptRequest() throws NoSuchAlgorithmException { if ( keys == null ) @@ -100,10 +90,10 @@ public class EncryptionUtil return "YES".equals( reply ); } - public static BufferedBlockCipher getCipher(boolean forEncryption, Key shared) + public static Cipher getCipher(int opMode, Key shared) throws InvalidAlgorithmParameterException, InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException { - BufferedBlockCipher cip = new BufferedBlockCipher( new CFBBlockCipher( new AESFastEngine(), 8 ) ); - cip.init( forEncryption, new ParametersWithIV( new KeyParameter( shared.getEncoded() ), shared.getEncoded() ) ); + Cipher cip = Cipher.getInstance( "AES/CFB8/NoPadding" ); + cip.init( opMode, shared, new IvParameterSpec( shared.getEncoded() ) ); return cip; } } diff --git a/proxy/src/main/java/net/md_5/bungee/InitialHandler.java b/proxy/src/main/java/net/md_5/bungee/InitialHandler.java index 06f10af6..e0f79ea1 100644 --- a/proxy/src/main/java/net/md_5/bungee/InitialHandler.java +++ b/proxy/src/main/java/net/md_5/bungee/InitialHandler.java @@ -7,6 +7,9 @@ import java.net.InetSocketAddress; import java.net.Socket; import java.util.ArrayList; import java.util.List; +import javax.crypto.Cipher; +import javax.crypto.CipherInputStream; +import javax.crypto.CipherOutputStream; import javax.crypto.SecretKey; import lombok.Getter; import net.md_5.bungee.api.ChatColor; @@ -30,8 +33,6 @@ import net.md_5.bungee.packet.PacketFFKick; import net.md_5.bungee.packet.PacketHandler; import net.md_5.bungee.packet.PacketStream; import net.md_5.mendax.PacketDefinitions; -import org.bouncycastle.crypto.io.CipherInputStream; -import org.bouncycastle.crypto.io.CipherOutputStream; public class InitialHandler extends PacketHandler implements Runnable, PendingConnection { @@ -143,8 +144,8 @@ public class InitialHandler extends PacketHandler implements Runnable, PendingCo } stream.write( new PacketFCEncryptionResponse() ); - stream = new PacketStream( new CipherInputStream( socket.getInputStream(), EncryptionUtil.getCipher( false, shared ) ), - new CipherOutputStream( socket.getOutputStream(), EncryptionUtil.getCipher( true, shared ) ), stream.getProtocol() ); + stream = new PacketStream( new CipherInputStream( socket.getInputStream(), EncryptionUtil.getCipher( Cipher.DECRYPT_MODE, shared ) ), + new CipherOutputStream( socket.getOutputStream(), EncryptionUtil.getCipher( Cipher.ENCRYPT_MODE, shared ) ), stream.getProtocol() ); thisState = State.LOGIN; }