aboutsummaryrefslogtreecommitdiff
path: root/src/main/java/kr/syeyoung/dungeonsguide/b.java
diff options
context:
space:
mode:
Diffstat (limited to 'src/main/java/kr/syeyoung/dungeonsguide/b.java')
-rwxr-xr-xsrc/main/java/kr/syeyoung/dungeonsguide/b.java129
1 files changed, 75 insertions, 54 deletions
diff --git a/src/main/java/kr/syeyoung/dungeonsguide/b.java b/src/main/java/kr/syeyoung/dungeonsguide/b.java
index a588e583..2a52958c 100755
--- a/src/main/java/kr/syeyoung/dungeonsguide/b.java
+++ b/src/main/java/kr/syeyoung/dungeonsguide/b.java
@@ -6,6 +6,8 @@ import com.google.gson.JsonParser;
import com.mojang.authlib.GameProfile;
import com.mojang.authlib.exceptions.AuthenticationException;
import com.mojang.authlib.minecraft.MinecraftSessionService;
+import com.sun.xml.internal.messaging.saaj.util.ByteInputStream;
+import com.sun.xml.internal.messaging.saaj.util.ByteOutputStream;
import lombok.Getter;
import net.minecraft.client.Minecraft;
import net.minecraft.util.Session;
@@ -24,6 +26,9 @@ import java.security.*;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
+import java.security.interfaces.RSAPublicKey;
+import java.security.spec.InvalidKeySpecException;
+import java.security.spec.X509EncodedKeySpec;
import java.util.HashMap;
import java.util.zip.ZipEntry;
import java.util.zip.ZipInputStream;
@@ -47,54 +52,31 @@ public class b {
return this.a;
}
+ private PublicKey d;
+ private PublicKey e() throws NoSuchAlgorithmException, InvalidKeySpecException {
+ if (d != null) return d;
+ X509EncodedKeySpec spec = new X509EncodedKeySpec(Base64.decodeBase64("MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxO89qtwG67jNucQ9Y44c" +
+ "IUs/B+5BeJPs7G+RG2gfs4/2+tzF/c1FLDc33M7yKw8aKk99vsBUY9Oo8gxxiEPB" +
+ "JitP/qfon2THp94oM77ZTpHlmFoqbZMcKGZVI8yfvEL4laTM8Hw+qh5poQwtpEbK" +
+ "Xo47AkxygxJasUnykER2+aSTZ6kWU2D4xiNtFA6lzqN+/oA+NaYfPS0amAvyVlHR" +
+ "n/8IuGkxb5RrlqVssQstFnxsJuv88qdGSEqlcKq2tLeg9hb8eCnl2OFzvXmgbVER" +
+ "0JaV+4Z02fVG1IlR3Xo1mSit7yIU6++3usRCjx2yfXpnGGJUW5pe6YETjNew3ax+" +
+ "FAZ4GePWCdmS7FvBnbbABKo5pE06ZTfDUTCjQlAJQiUgoF6ntMJvQAXPu48Vr8q/" +
+ "mTcuZWVnI6CDgyE7nNq3WNoq3397sBzxRohMxuqzl3T19zkfPKF05iV2Ju1HQMW5" +
+ "I119bYrmVD240aGESZc20Sx/9g1BFpNzQbM5PGUlWJ0dhLjl2ge4ip2hHciY3OEY" +
+ "p2Qy2k+xEdenpKdL+WMRimCQoO9gWe2Tp4NmP5dppDXZgPjXqjZpnGs0Uxs+fXqW" +
+ "cwlg3MbX3rFl9so/fhVf4p9oXZK3ve7z5D6XSSDRYECvsKIa08WAxJ/U6n204E/4" +
+ "xUF+3ZgFPdzZGn2PU7SsnOsCAwEAAQ=="));
+ return d = KeyFactory.getInstance("RSA").generatePublic(spec);
+ }
+
public b(ProgressManager.ProgressBar p) {
this.p = p;
p.step("Generating KeyPair");
a();
}
- private SSLSocketFactory e() throws NoSuchAlgorithmException, KeyManagementException, CertificateException, KeyStoreException, IOException {
- X509Certificate a = (X509Certificate) CertificateFactory.getInstance("X.509")
- .generateCertificate(new ByteArrayInputStream(("-----BEGIN CERTIFICATE-----\n" +
- "MIIEZTCCA02gAwIBAgIQQAF1BIMUpMghjISpDBbN3zANBgkqhkiG9w0BAQsFADA/\n" +
- "MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT\n" +
- "DkRTVCBSb290IENBIFgzMB4XDTIwMTAwNzE5MjE0MFoXDTIxMDkyOTE5MjE0MFow\n" +
- "MjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxCzAJBgNVBAMT\n" +
- "AlIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwIVKMz2oJTTDxLs\n" +
- "jVWSw/iC8ZmmekKIp10mqrUrucVMsa+Oa/l1yKPXD0eUFFU1V4yeqKI5GfWCPEKp\n" +
- "Tm71O8Mu243AsFzzWTjn7c9p8FoLG77AlCQlh/o3cbMT5xys4Zvv2+Q7RVJFlqnB\n" +
- "U840yFLuta7tj95gcOKlVKu2bQ6XpUA0ayvTvGbrZjR8+muLj1cpmfgwF126cm/7\n" +
- "gcWt0oZYPRfH5wm78Sv3htzB2nFd1EbjzK0lwYi8YGd1ZrPxGPeiXOZT/zqItkel\n" +
- "/xMY6pgJdz+dU/nPAeX1pnAXFK9jpP+Zs5Od3FOnBv5IhR2haa4ldbsTzFID9e1R\n" +
- "oYvbFQIDAQABo4IBaDCCAWQwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8E\n" +
- "BAMCAYYwSwYIKwYBBQUHAQEEPzA9MDsGCCsGAQUFBzAChi9odHRwOi8vYXBwcy5p\n" +
- "ZGVudHJ1c3QuY29tL3Jvb3RzL2RzdHJvb3RjYXgzLnA3YzAfBgNVHSMEGDAWgBTE\n" +
- "p7Gkeyxx+tvhS5B1/8QVYIWJEDBUBgNVHSAETTBLMAgGBmeBDAECATA/BgsrBgEE\n" +
- "AYLfEwEBATAwMC4GCCsGAQUFBwIBFiJodHRwOi8vY3BzLnJvb3QteDEubGV0c2Vu\n" +
- "Y3J5cHQub3JnMDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmwuaWRlbnRydXN0\n" +
- "LmNvbS9EU1RST09UQ0FYM0NSTC5jcmwwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYf\n" +
- "r52LFMLGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0B\n" +
- "AQsFAAOCAQEA2UzgyfWEiDcx27sT4rP8i2tiEmxYt0l+PAK3qB8oYevO4C5z70kH\n" +
- "ejWEHx2taPDY/laBL21/WKZuNTYQHHPD5b1tXgHXbnL7KqC401dk5VvCadTQsvd8\n" +
- "S8MXjohyc9z9/G2948kLjmE6Flh9dDYrVYA9x2O+hEPGOaEOa1eePynBgPayvUfL\n" +
- "qjBstzLhWVQLGAkXXmNs+5ZnPBxzDJOLxhF2JIbeQAcH5H0tZrUlo5ZYyOqA7s9p\n" +
- "O5b85o3AM/OJ+CktFBQtfvBhcJVd9wvlwPsk+uyOy2HI7mNxKKgsBTt375teA2Tw\n" +
- "UdHkhVNcsAKX1H7GNNLOEADksd86wuoXvg==\n" +
- "-----END CERTIFICATE-----").getBytes()));
-
- KeyStore b = KeyStore.getInstance(KeyStore.getDefaultType());
- b.load(null, null);
- b.setCertificateEntry(Integer.toString(1), a);
-
- TrustManagerFactory c = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
- c.init(b);
-
- SSLContext d = SSLContext.getInstance("TLSv1.2");
- d.init(null, c.getTrustManagers(), null);
- return d.getSocketFactory();
- }
-
- public String b(boolean jars) throws IOException, AuthenticationException, NoSuchAlgorithmException, IllegalBlockSizeException, InvalidKeyException, BadPaddingException, InvalidAlgorithmParameterException, NoSuchPaddingException, CertificateException, KeyStoreException, KeyManagementException {
+ public String b(String e) throws IOException, AuthenticationException, NoSuchAlgorithmException, IllegalBlockSizeException, InvalidKeyException, BadPaddingException, InvalidAlgorithmParameterException, NoSuchPaddingException, CertificateException, KeyStoreException, KeyManagementException, InvalidKeySpecException, SignatureException {
Session a = Minecraft.getMinecraft().getSession();
String b = a.getToken();
@@ -107,10 +89,11 @@ public class b {
yggdrasilMinecraftSessionService.joinServer(a.getProfile(), b, hash);
p.step("Authenticating (2/2)");
this.b = a(c, this.a.getPublic());
- p.step("Downloading");
- if (jars)
- b(this.b, "https://dungeonsguide.kro.kr/resource/latest");
- b(this.b, "https://dungeonsguide.kro.kr/resource/roomdata");
+ p.step("Downloading Jar");
+ if (e != null)
+ b(this.b, "https://dungeons.guide/resource/version?v="+e, true);
+ p.step("Downloading Rooms");
+ b(this.b, "https://dungeons.guide/resource/roomdata", false);
return this.b;
}
@@ -123,8 +106,7 @@ public class b {
private String a(GameProfile d) throws IOException, NoSuchAlgorithmException, CertificateException, KeyStoreException, KeyManagementException {
- HttpsURLConnection a = (HttpsURLConnection) new URL("https://dungeonsguide.kro.kr/auth/requestAuth").openConnection();
- a.setSSLSocketFactory(e());
+ HttpsURLConnection a = (HttpsURLConnection) new URL("https://dungeons.guide/auth/requestAuth").openConnection();
a.setRequestProperty("User-Agent", "DungeonsGuide/1.0");
a.setRequestProperty("Content-Type", "application/json");
a.setRequestMethod("POST");
@@ -140,8 +122,7 @@ public class b {
return c.get("data").getAsString();
}
private String a(String a, PublicKey b) throws IOException, NoSuchAlgorithmException, CertificateException, KeyStoreException, KeyManagementException {
- HttpsURLConnection c = (HttpsURLConnection) new URL("https://dungeonsguide.kro.kr/auth/authenticate").openConnection();
- c.setSSLSocketFactory(e());
+ HttpsURLConnection c = (HttpsURLConnection) new URL("https://dungeons.guide/auth/authenticate").openConnection();
c.setRequestMethod("POST");
c.setRequestProperty("User-Agent", "DungeonsGuide/1.0");
c.setRequestProperty("Content-Type", "application/json");
@@ -149,6 +130,7 @@ public class b {
c.setDoOutput(true);
c.getOutputStream().write(("{\"jwt\":\""+a+"\",\"publicKey\":\""+Base64.encodeBase64URLSafeString(b.getEncoded())+"\"}").getBytes());
+ c.getResponseCode();
InputStreamReader d = new InputStreamReader(c.getInputStream());
JsonObject e = (JsonObject) new JsonParser().parse(d);
if (!"ok".equals(e.get("status").getAsString())) {
@@ -163,9 +145,8 @@ public class b {
return c;
}
- private void b(String a, String u) throws IOException, NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException, InvalidAlgorithmParameterException, CertificateException, KeyStoreException, KeyManagementException {
+ private void b(String a, String u, boolean v) throws IOException, NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException, InvalidAlgorithmParameterException, CertificateException, KeyStoreException, KeyManagementException, SignatureException, InvalidKeySpecException {
HttpsURLConnection b = (HttpsURLConnection) new URL(u).openConnection();
- b.setSSLSocketFactory(e());
b.setRequestProperty("User-Agent", "DungeonsGuide/1.0");
b.setRequestProperty("Content-Type", "application/json");
b.setRequestMethod("GET");
@@ -195,7 +176,47 @@ public class b {
CipherInputStream k = new CipherInputStream(c, g);
k.read(d);
- ZipInputStream l = new ZipInputStream(k);
+ f = ((d[0] & 0xFF) << 24) |
+ ((d[1] & 0xFF) << 16) |
+ ((d[2] & 0xFF) << 8) |
+ ((d[3] & 0xFF));
+
+ int totalLen = f;
+ ByteArrayOutputStream bos = new ByteArrayOutputStream();
+ byte[] buff = new byte[256];
+ while (totalLen > 0) {
+ int len = k.read(buff, 0, Math.min(buff.length, totalLen));
+ totalLen -= len;
+ bos.write(buff, 0, len);
+ }
+ byte[] payload = bos.toByteArray();
+
+ byte[] signed = null;
+ if (v) {
+ p.step("Validating Signature");
+ k.read(d,0 , 4);
+ f = ((d[0] & 0xFF) << 24) |
+ ((d[1] & 0xFF) << 16) |
+ ((d[2] & 0xFF) << 8) |
+ ((d[3] & 0xFF));
+
+ totalLen = f;
+ bos = new ByteArrayOutputStream();
+ while (totalLen > 0) {
+ int len = k.read(buff, 0, Math.min(buff.length, totalLen));
+ totalLen -= len;
+ bos.write(buff, 0, len);
+ }
+ signed = bos.toByteArray();
+
+ Signature sign = Signature.getInstance("SHA512withRSA");
+ sign.initVerify(e());
+ sign.update(payload);
+ boolean truth = sign.verify(signed);
+ if (!truth) throw new SignatureException("DG SIGNATURE FORGED");
+ }
+
+ ZipInputStream l = new ZipInputStream(new ByteArrayInputStream(payload));
ZipEntry m;
while ((m=l.getNextEntry()) != null) {
byte[] n = new byte[256];
@@ -208,9 +229,9 @@ public class b {
}
b.disconnect();
}
+
public JsonElement d(String u) throws IOException, NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException, InvalidAlgorithmParameterException, CertificateException, KeyStoreException, KeyManagementException {
HttpsURLConnection b = (HttpsURLConnection) new URL(u).openConnection();
- b.setSSLSocketFactory(e());
b.setRequestProperty("User-Agent", "DungeonsGuide/1.0");
b.setRequestProperty("Content-Type", "application/json");
b.setRequestMethod("GET");