org.cloudburstmc.protocol.bedrock.util

Class EncryptionUtils

java.lang.Object

org.cloudburstmc.protocol.bedrock.util.EncryptionUtils

public final class EncryptionUtils
extends java.lang.Object

Field Summary

Fields

Modifier and Type	Field and Description
static java.lang.String	ALGORITHM_TYPE

Method Summary

Modifier and Type	Method and Description
static javax.crypto.Cipher	createCipher(boolean gcm, boolean encrypt, javax.crypto.SecretKey key)
static java.lang.String	createHandshakeJwt(java.security.KeyPair serverKeyPair, byte[] token) Create handshake JWS used in the ServerToClientHandshakePacket which completes the encryption handshake.
static java.security.KeyPair	createKeyPair() Create EC key pair to be used for handshake and encryption
static byte[]	generateRandomToken() Generate 16 bytes of random data for the handshake token using a SecureRandom
static java.security.interfaces.ECPublicKey	getMojangPublicKey() Mojang's public key used to verify the JWT during login.
static javax.crypto.SecretKey	getSecretKey(java.security.PrivateKey localPrivateKey, java.security.PublicKey remotePublicKey, byte[] token) Generate the secret key used to encrypt the connection
static java.security.interfaces.ECPublicKey	parseKey(java.lang.String b64) Generate EC public key from base 64 encoded string
static ChainValidationResult	validateChain(java.util.List<java.lang.String> chain)
static byte[]	verifyClientData(java.lang.String clientDataJwt, java.security.PublicKey identityPublicKey)
static byte[]	verifyClientData(java.lang.String clientDataJwt, java.lang.String identityPublicKey)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

ALGORITHM_TYPE

public static final java.lang.String ALGORITHM_TYPE

See Also:

Constant Field Values

Method Detail

parseKey

public static java.security.interfaces.ECPublicKey parseKey(java.lang.String b64)
                                                     throws java.security.NoSuchAlgorithmException,
                                                            java.security.spec.InvalidKeySpecException

Generate EC public key from base 64 encoded string

Parameters:

b64 - base 64 encoded key

Returns:

key generated

Throws:

java.security.NoSuchAlgorithmException - runtime does not support the EC key spec

java.security.spec.InvalidKeySpecException - input does not conform with EC key spec

createKeyPair

public static java.security.KeyPair createKeyPair()

Create EC key pair to be used for handshake and encryption

Returns:

EC KeyPair

verifyClientData

public static byte[] verifyClientData(java.lang.String clientDataJwt,
                                      java.lang.String identityPublicKey)
                               throws java.security.NoSuchAlgorithmException,
                                      java.security.spec.InvalidKeySpecException,
                                      org.jose4j.lang.JoseException

Throws:

java.security.NoSuchAlgorithmException

java.security.spec.InvalidKeySpecException

org.jose4j.lang.JoseException

verifyClientData

public static byte[] verifyClientData(java.lang.String clientDataJwt,
                                      java.security.PublicKey identityPublicKey)
                               throws org.jose4j.lang.JoseException

Throws:

org.jose4j.lang.JoseException

validateChain

public static ChainValidationResult validateChain(java.util.List<java.lang.String> chain)
                                           throws org.jose4j.lang.JoseException,
                                                  java.security.NoSuchAlgorithmException,
                                                  java.security.spec.InvalidKeySpecException

Throws:

org.jose4j.lang.JoseException

java.security.NoSuchAlgorithmException

java.security.spec.InvalidKeySpecException

getSecretKey

public static javax.crypto.SecretKey getSecretKey(java.security.PrivateKey localPrivateKey,
                                                  java.security.PublicKey remotePublicKey,
                                                  byte[] token)
                                           throws java.security.InvalidKeyException

Generate the secret key used to encrypt the connection

Parameters:

localPrivateKey - local private key

remotePublicKey - remote public key

token - token generated or received from the server

Returns:

secret key used to encrypt connection

Throws:

java.security.InvalidKeyException - keys provided are not EC spec

createHandshakeJwt

public static java.lang.String createHandshakeJwt(java.security.KeyPair serverKeyPair,
                                                  byte[] token)
                                           throws org.jose4j.lang.JoseException

Create handshake JWS used in the ServerToClientHandshakePacket which completes the encryption handshake.

Parameters:

serverKeyPair - used to sign the JWT

token - salt for the encryption handshake

Returns:

signed JWS object

Throws:

org.jose4j.lang.JoseException - invalid key pair provided

generateRandomToken

public static byte[] generateRandomToken()

Generate 16 bytes of random data for the handshake token using a SecureRandom

Returns:

16 byte token

getMojangPublicKey

public static java.security.interfaces.ECPublicKey getMojangPublicKey()

Mojang's public key used to verify the JWT during login.

Returns:

Mojang's public EC key

createCipher

public static javax.crypto.Cipher createCipher(boolean gcm,
                                               boolean encrypt,
                                               javax.crypto.SecretKey key)