Skip to content

Commit

Permalink
#3751: Fix potential overriding of cipher by other libraries
Browse files Browse the repository at this point in the history
  • Loading branch information
BoomEaro authored Sep 29, 2024
1 parent f0a30c4 commit 01a5f36
Showing 1 changed file with 5 additions and 5 deletions.
10 changes: 5 additions & 5 deletions proxy/src/main/java/net/md_5/bungee/EncryptionUtil.java
Original file line number Diff line number Diff line change
Expand Up @@ -11,12 +11,12 @@
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.Signature;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.X509EncodedKeySpec;
import java.util.Arrays;
import java.util.Base64;
import java.util.Random;
import java.util.UUID;
Expand Down Expand Up @@ -108,17 +108,17 @@ public static boolean check(PlayerPublicKey publicKey, EncryptionResponse resp,
return signature.verify( resp.getEncryptionData().getSignature() );
} else
{
Cipher cipher = Cipher.getInstance( "RSA" );
Cipher cipher = Cipher.getInstance( "RSA/ECB/PKCS1Padding" );
cipher.init( Cipher.DECRYPT_MODE, keys.getPrivate() );
byte[] decrypted = cipher.doFinal( resp.getVerifyToken() );

return Arrays.equals( request.getVerifyToken(), decrypted );
return MessageDigest.isEqual( request.getVerifyToken(), decrypted );
}
}

public static SecretKey getSecret(EncryptionResponse resp, EncryptionRequest request) throws GeneralSecurityException
{
Cipher cipher = Cipher.getInstance( "RSA" );
Cipher cipher = Cipher.getInstance( "RSA/ECB/PKCS1Padding" );
cipher.init( Cipher.DECRYPT_MODE, keys.getPrivate() );
return new SecretKeySpec( cipher.doFinal( resp.getSharedSecret() ), "AES" );
}
Expand All @@ -143,7 +143,7 @@ private static PublicKey getPubkey(byte[] b) throws GeneralSecurityException

public static byte[] encrypt(Key key, byte[] b) throws GeneralSecurityException
{
Cipher hasher = Cipher.getInstance( "RSA" );
Cipher hasher = Cipher.getInstance( "RSA/ECB/PKCS1Padding" );
hasher.init( Cipher.ENCRYPT_MODE, key );
return hasher.doFinal( b );
}
Expand Down

0 comments on commit 01a5f36

Please sign in to comment.