supported 1.19 key authentication
This commit is contained in:
38
bot/login.go
38
bot/login.go
@ -2,15 +2,19 @@ package bot
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"crypto"
|
||||
"crypto/aes"
|
||||
"crypto/cipher"
|
||||
"crypto/rand"
|
||||
"crypto/rsa"
|
||||
"crypto/sha1"
|
||||
"crypto/sha256"
|
||||
"crypto/x509"
|
||||
"encoding/json"
|
||||
"encoding/pem"
|
||||
"fmt"
|
||||
"github.com/Tnze/go-mc/yggdrasil/userApi"
|
||||
randN "golang.org/x/exp/rand"
|
||||
"io"
|
||||
"net/http"
|
||||
"strings"
|
||||
@ -190,19 +194,45 @@ func genEncryptionKeyResponse(shareSecret, publicKey, verifyToken []byte, keyPai
|
||||
err = fmt.Errorf("encryption share secret fail: %v", err)
|
||||
return
|
||||
}
|
||||
if keyPair != nil {
|
||||
privateKeyBlock, _ := pem.Decode([]byte(keyPair.KeyPair.PrivateKey))
|
||||
privateKey, err := x509.ParsePKCS8PrivateKey(privateKeyBlock.Bytes)
|
||||
if err != nil {
|
||||
err = fmt.Errorf("decode user private key fail: %v", err)
|
||||
return erp, err
|
||||
}
|
||||
|
||||
l := randN.Int63()
|
||||
var b bytes.Buffer
|
||||
pk.Long(l).WriteTo(&b)
|
||||
|
||||
key := privateKey.(*rsa.PrivateKey)
|
||||
hash := sha256.New()
|
||||
hash.Write(verifyToken)
|
||||
hash.Write(b.Bytes())
|
||||
signedData, err := key.Sign(rand.Reader, hash.Sum(nil), crypto.SHA256)
|
||||
if err != nil {
|
||||
err = fmt.Errorf("sign verifyToken fail: %v", err)
|
||||
return erp, err
|
||||
}
|
||||
return pk.Marshal(
|
||||
0x01,
|
||||
pk.ByteArray(cryptPK),
|
||||
pk.Boolean(false),
|
||||
pk.Long(l),
|
||||
pk.ByteArray(signedData),
|
||||
), nil
|
||||
} else {
|
||||
verifyT, err := rsa.EncryptPKCS1v15(rand.Reader, rsaKey, verifyToken)
|
||||
if err != nil {
|
||||
err = fmt.Errorf("encryption verfy tokenfail: %v", err)
|
||||
return
|
||||
return erp, err
|
||||
}
|
||||
|
||||
// currently broken
|
||||
|
||||
return pk.Marshal(
|
||||
0x01,
|
||||
pk.ByteArray(cryptPK),
|
||||
pk.Boolean(true),
|
||||
pk.ByteArray(verifyT),
|
||||
), nil
|
||||
}
|
||||
}
|
||||
|
||||
14
bot/mcbot.go
14
bot/mcbot.go
@ -6,6 +6,8 @@ package bot
|
||||
|
||||
import (
|
||||
"context"
|
||||
"encoding/base64"
|
||||
"encoding/pem"
|
||||
"errors"
|
||||
"github.com/Tnze/go-mc/yggdrasil/userApi"
|
||||
"net"
|
||||
@ -75,6 +77,7 @@ func (c *Client) join(ctx context.Context, d *mcnet.Dialer, addr string) error {
|
||||
// Login Start
|
||||
pair, err := userApi.GetOrFetchKeyPair(c.Auth.AsTk)
|
||||
if err != nil {
|
||||
// (No Signature)
|
||||
err = c.Conn.WritePacket(pk.Marshal(
|
||||
packetid.LoginStart,
|
||||
pk.String(c.Auth.Name),
|
||||
@ -84,13 +87,8 @@ func (c *Client) join(ctx context.Context, d *mcnet.Dialer, addr string) error {
|
||||
return LoginErr{"login start (without sig)", err}
|
||||
}
|
||||
} else {
|
||||
// Login Start (With Signature) (Currently not supported)
|
||||
err = c.Conn.WritePacket(pk.Marshal(
|
||||
packetid.LoginStart,
|
||||
pk.String(c.Auth.Name),
|
||||
pk.Boolean(false),
|
||||
))
|
||||
/* block, _ := pem.Decode([]byte(pair.KeyPair.PublicKey))
|
||||
// Login Start (With Signature)
|
||||
block, _ := pem.Decode([]byte(pair.KeyPair.PublicKey))
|
||||
sig, _ := base64.StdEncoding.DecodeString(pair.PublicKeySignature)
|
||||
err = c.Conn.WritePacket(pk.Marshal(
|
||||
packetid.LoginStart,
|
||||
@ -99,7 +97,7 @@ func (c *Client) join(ctx context.Context, d *mcnet.Dialer, addr string) error {
|
||||
pk.Long(pair.ExpiresAt.UnixMilli()),
|
||||
pk.ByteArray(block.Bytes),
|
||||
pk.ByteArray(sig),
|
||||
))*/
|
||||
))
|
||||
if err != nil {
|
||||
return LoginErr{"login start (with sig)", err}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user