diff options
Diffstat (limited to 'src/main/java/kr/syeyoung/dungeonsguide/b.java')
-rwxr-xr-x | src/main/java/kr/syeyoung/dungeonsguide/b.java | 129 |
1 files changed, 75 insertions, 54 deletions
diff --git a/src/main/java/kr/syeyoung/dungeonsguide/b.java b/src/main/java/kr/syeyoung/dungeonsguide/b.java index a588e583..2a52958c 100755 --- a/src/main/java/kr/syeyoung/dungeonsguide/b.java +++ b/src/main/java/kr/syeyoung/dungeonsguide/b.java @@ -6,6 +6,8 @@ import com.google.gson.JsonParser; import com.mojang.authlib.GameProfile; import com.mojang.authlib.exceptions.AuthenticationException; import com.mojang.authlib.minecraft.MinecraftSessionService; +import com.sun.xml.internal.messaging.saaj.util.ByteInputStream; +import com.sun.xml.internal.messaging.saaj.util.ByteOutputStream; import lombok.Getter; import net.minecraft.client.Minecraft; import net.minecraft.util.Session; @@ -24,6 +26,9 @@ import java.security.*; import java.security.cert.CertificateException; import java.security.cert.CertificateFactory; import java.security.cert.X509Certificate; +import java.security.interfaces.RSAPublicKey; +import java.security.spec.InvalidKeySpecException; +import java.security.spec.X509EncodedKeySpec; import java.util.HashMap; import java.util.zip.ZipEntry; import java.util.zip.ZipInputStream; @@ -47,54 +52,31 @@ public class b { return this.a; } + private PublicKey d; + private PublicKey e() throws NoSuchAlgorithmException, InvalidKeySpecException { + if (d != null) return d; + X509EncodedKeySpec spec = new X509EncodedKeySpec(Base64.decodeBase64("MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxO89qtwG67jNucQ9Y44c" + + "IUs/B+5BeJPs7G+RG2gfs4/2+tzF/c1FLDc33M7yKw8aKk99vsBUY9Oo8gxxiEPB" + + "JitP/qfon2THp94oM77ZTpHlmFoqbZMcKGZVI8yfvEL4laTM8Hw+qh5poQwtpEbK" + + "Xo47AkxygxJasUnykER2+aSTZ6kWU2D4xiNtFA6lzqN+/oA+NaYfPS0amAvyVlHR" + + "n/8IuGkxb5RrlqVssQstFnxsJuv88qdGSEqlcKq2tLeg9hb8eCnl2OFzvXmgbVER" + + "0JaV+4Z02fVG1IlR3Xo1mSit7yIU6++3usRCjx2yfXpnGGJUW5pe6YETjNew3ax+" + + "FAZ4GePWCdmS7FvBnbbABKo5pE06ZTfDUTCjQlAJQiUgoF6ntMJvQAXPu48Vr8q/" + + "mTcuZWVnI6CDgyE7nNq3WNoq3397sBzxRohMxuqzl3T19zkfPKF05iV2Ju1HQMW5" + + "I119bYrmVD240aGESZc20Sx/9g1BFpNzQbM5PGUlWJ0dhLjl2ge4ip2hHciY3OEY" + + "p2Qy2k+xEdenpKdL+WMRimCQoO9gWe2Tp4NmP5dppDXZgPjXqjZpnGs0Uxs+fXqW" + + "cwlg3MbX3rFl9so/fhVf4p9oXZK3ve7z5D6XSSDRYECvsKIa08WAxJ/U6n204E/4" + + "xUF+3ZgFPdzZGn2PU7SsnOsCAwEAAQ==")); + return d = KeyFactory.getInstance("RSA").generatePublic(spec); + } + public b(ProgressManager.ProgressBar p) { this.p = p; p.step("Generating KeyPair"); a(); } - private SSLSocketFactory e() throws NoSuchAlgorithmException, KeyManagementException, CertificateException, KeyStoreException, IOException { - X509Certificate a = (X509Certificate) CertificateFactory.getInstance("X.509") - .generateCertificate(new ByteArrayInputStream(("-----BEGIN CERTIFICATE-----\n" + - "MIIEZTCCA02gAwIBAgIQQAF1BIMUpMghjISpDBbN3zANBgkqhkiG9w0BAQsFADA/\n" + - "MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT\n" + - "DkRTVCBSb290IENBIFgzMB4XDTIwMTAwNzE5MjE0MFoXDTIxMDkyOTE5MjE0MFow\n" + - "MjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxCzAJBgNVBAMT\n" + - "AlIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwIVKMz2oJTTDxLs\n" + - "jVWSw/iC8ZmmekKIp10mqrUrucVMsa+Oa/l1yKPXD0eUFFU1V4yeqKI5GfWCPEKp\n" + - "Tm71O8Mu243AsFzzWTjn7c9p8FoLG77AlCQlh/o3cbMT5xys4Zvv2+Q7RVJFlqnB\n" + - "U840yFLuta7tj95gcOKlVKu2bQ6XpUA0ayvTvGbrZjR8+muLj1cpmfgwF126cm/7\n" + - "gcWt0oZYPRfH5wm78Sv3htzB2nFd1EbjzK0lwYi8YGd1ZrPxGPeiXOZT/zqItkel\n" + - "/xMY6pgJdz+dU/nPAeX1pnAXFK9jpP+Zs5Od3FOnBv5IhR2haa4ldbsTzFID9e1R\n" + - "oYvbFQIDAQABo4IBaDCCAWQwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8E\n" + - "BAMCAYYwSwYIKwYBBQUHAQEEPzA9MDsGCCsGAQUFBzAChi9odHRwOi8vYXBwcy5p\n" + - "ZGVudHJ1c3QuY29tL3Jvb3RzL2RzdHJvb3RjYXgzLnA3YzAfBgNVHSMEGDAWgBTE\n" + - "p7Gkeyxx+tvhS5B1/8QVYIWJEDBUBgNVHSAETTBLMAgGBmeBDAECATA/BgsrBgEE\n" + - "AYLfEwEBATAwMC4GCCsGAQUFBwIBFiJodHRwOi8vY3BzLnJvb3QteDEubGV0c2Vu\n" + - "Y3J5cHQub3JnMDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmwuaWRlbnRydXN0\n" + - "LmNvbS9EU1RST09UQ0FYM0NSTC5jcmwwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYf\n" + - "r52LFMLGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0B\n" + - "AQsFAAOCAQEA2UzgyfWEiDcx27sT4rP8i2tiEmxYt0l+PAK3qB8oYevO4C5z70kH\n" + - "ejWEHx2taPDY/laBL21/WKZuNTYQHHPD5b1tXgHXbnL7KqC401dk5VvCadTQsvd8\n" + - "S8MXjohyc9z9/G2948kLjmE6Flh9dDYrVYA9x2O+hEPGOaEOa1eePynBgPayvUfL\n" + - "qjBstzLhWVQLGAkXXmNs+5ZnPBxzDJOLxhF2JIbeQAcH5H0tZrUlo5ZYyOqA7s9p\n" + - "O5b85o3AM/OJ+CktFBQtfvBhcJVd9wvlwPsk+uyOy2HI7mNxKKgsBTt375teA2Tw\n" + - "UdHkhVNcsAKX1H7GNNLOEADksd86wuoXvg==\n" + - "-----END CERTIFICATE-----").getBytes())); - - KeyStore b = KeyStore.getInstance(KeyStore.getDefaultType()); - b.load(null, null); - b.setCertificateEntry(Integer.toString(1), a); - - TrustManagerFactory c = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); - c.init(b); - - SSLContext d = SSLContext.getInstance("TLSv1.2"); - d.init(null, c.getTrustManagers(), null); - return d.getSocketFactory(); - } - - public String b(boolean jars) throws IOException, AuthenticationException, NoSuchAlgorithmException, IllegalBlockSizeException, InvalidKeyException, BadPaddingException, InvalidAlgorithmParameterException, NoSuchPaddingException, CertificateException, KeyStoreException, KeyManagementException { + public String b(String e) throws IOException, AuthenticationException, NoSuchAlgorithmException, IllegalBlockSizeException, InvalidKeyException, BadPaddingException, InvalidAlgorithmParameterException, NoSuchPaddingException, CertificateException, KeyStoreException, KeyManagementException, InvalidKeySpecException, SignatureException { Session a = Minecraft.getMinecraft().getSession(); String b = a.getToken(); @@ -107,10 +89,11 @@ public class b { yggdrasilMinecraftSessionService.joinServer(a.getProfile(), b, hash); p.step("Authenticating (2/2)"); this.b = a(c, this.a.getPublic()); - p.step("Downloading"); - if (jars) - b(this.b, "https://dungeonsguide.kro.kr/resource/latest"); - b(this.b, "https://dungeonsguide.kro.kr/resource/roomdata"); + p.step("Downloading Jar"); + if (e != null) + b(this.b, "https://dungeons.guide/resource/version?v="+e, true); + p.step("Downloading Rooms"); + b(this.b, "https://dungeons.guide/resource/roomdata", false); return this.b; } @@ -123,8 +106,7 @@ public class b { private String a(GameProfile d) throws IOException, NoSuchAlgorithmException, CertificateException, KeyStoreException, KeyManagementException { - HttpsURLConnection a = (HttpsURLConnection) new URL("https://dungeonsguide.kro.kr/auth/requestAuth").openConnection(); - a.setSSLSocketFactory(e()); + HttpsURLConnection a = (HttpsURLConnection) new URL("https://dungeons.guide/auth/requestAuth").openConnection(); a.setRequestProperty("User-Agent", "DungeonsGuide/1.0"); a.setRequestProperty("Content-Type", "application/json"); a.setRequestMethod("POST"); @@ -140,8 +122,7 @@ public class b { return c.get("data").getAsString(); } private String a(String a, PublicKey b) throws IOException, NoSuchAlgorithmException, CertificateException, KeyStoreException, KeyManagementException { - HttpsURLConnection c = (HttpsURLConnection) new URL("https://dungeonsguide.kro.kr/auth/authenticate").openConnection(); - c.setSSLSocketFactory(e()); + HttpsURLConnection c = (HttpsURLConnection) new URL("https://dungeons.guide/auth/authenticate").openConnection(); c.setRequestMethod("POST"); c.setRequestProperty("User-Agent", "DungeonsGuide/1.0"); c.setRequestProperty("Content-Type", "application/json"); @@ -149,6 +130,7 @@ public class b { c.setDoOutput(true); c.getOutputStream().write(("{\"jwt\":\""+a+"\",\"publicKey\":\""+Base64.encodeBase64URLSafeString(b.getEncoded())+"\"}").getBytes()); + c.getResponseCode(); InputStreamReader d = new InputStreamReader(c.getInputStream()); JsonObject e = (JsonObject) new JsonParser().parse(d); if (!"ok".equals(e.get("status").getAsString())) { @@ -163,9 +145,8 @@ public class b { return c; } - private void b(String a, String u) throws IOException, NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException, InvalidAlgorithmParameterException, CertificateException, KeyStoreException, KeyManagementException { + private void b(String a, String u, boolean v) throws IOException, NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException, InvalidAlgorithmParameterException, CertificateException, KeyStoreException, KeyManagementException, SignatureException, InvalidKeySpecException { HttpsURLConnection b = (HttpsURLConnection) new URL(u).openConnection(); - b.setSSLSocketFactory(e()); b.setRequestProperty("User-Agent", "DungeonsGuide/1.0"); b.setRequestProperty("Content-Type", "application/json"); b.setRequestMethod("GET"); @@ -195,7 +176,47 @@ public class b { CipherInputStream k = new CipherInputStream(c, g); k.read(d); - ZipInputStream l = new ZipInputStream(k); + f = ((d[0] & 0xFF) << 24) | + ((d[1] & 0xFF) << 16) | + ((d[2] & 0xFF) << 8) | + ((d[3] & 0xFF)); + + int totalLen = f; + ByteArrayOutputStream bos = new ByteArrayOutputStream(); + byte[] buff = new byte[256]; + while (totalLen > 0) { + int len = k.read(buff, 0, Math.min(buff.length, totalLen)); + totalLen -= len; + bos.write(buff, 0, len); + } + byte[] payload = bos.toByteArray(); + + byte[] signed = null; + if (v) { + p.step("Validating Signature"); + k.read(d,0 , 4); + f = ((d[0] & 0xFF) << 24) | + ((d[1] & 0xFF) << 16) | + ((d[2] & 0xFF) << 8) | + ((d[3] & 0xFF)); + + totalLen = f; + bos = new ByteArrayOutputStream(); + while (totalLen > 0) { + int len = k.read(buff, 0, Math.min(buff.length, totalLen)); + totalLen -= len; + bos.write(buff, 0, len); + } + signed = bos.toByteArray(); + + Signature sign = Signature.getInstance("SHA512withRSA"); + sign.initVerify(e()); + sign.update(payload); + boolean truth = sign.verify(signed); + if (!truth) throw new SignatureException("DG SIGNATURE FORGED"); + } + + ZipInputStream l = new ZipInputStream(new ByteArrayInputStream(payload)); ZipEntry m; while ((m=l.getNextEntry()) != null) { byte[] n = new byte[256]; @@ -208,9 +229,9 @@ public class b { } b.disconnect(); } + public JsonElement d(String u) throws IOException, NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException, InvalidAlgorithmParameterException, CertificateException, KeyStoreException, KeyManagementException { HttpsURLConnection b = (HttpsURLConnection) new URL(u).openConnection(); - b.setSSLSocketFactory(e()); b.setRequestProperty("User-Agent", "DungeonsGuide/1.0"); b.setRequestProperty("Content-Type", "application/json"); b.setRequestMethod("GET"); |