2323import io .netty .channel .socket .nio .NioSocketChannel ;
2424import io .netty .handler .codec .LengthFieldBasedFrameDecoder ;
2525import io .netty .handler .codec .LengthFieldPrepender ;
26+ import java .security .InvalidAlgorithmParameterException ;
2627import java .security .InvalidKeyException ;
2728import java .security .MessageDigest ;
2829import java .security .NoSuchAlgorithmException ;
2930import java .security .PublicKey ;
31+ import java .security .spec .MGF1ParameterSpec ;
3032import java .util .ArrayList ;
3133import java .util .Arrays ;
3234import java .util .HashMap ;
3941import javax .crypto .IllegalBlockSizeException ;
4042import javax .crypto .NoSuchPaddingException ;
4143import javax .crypto .SecretKey ;
44+ import javax .crypto .spec .OAEPParameterSpec ;
45+ import javax .crypto .spec .PSource ;
4246import javax .crypto .spec .SecretKeySpec ;
4347import net .minecraft .client .Minecraft ;
4448import net .minecraft .client .User ;
@@ -286,7 +290,7 @@ void setUpEncryption(ChannelHandlerContext ctx, ClientboundEncryptionRequestPack
286290 encrypt (packet .publicKey (), sharedSecret ),
287291 encrypt (packet .publicKey (), packet .verifyToken ())));
288292 } catch (NoSuchAlgorithmException | InvalidKeyException | NoSuchPaddingException | BadPaddingException |
289- IllegalBlockSizeException e ) {
293+ IllegalBlockSizeException | InvalidAlgorithmParameterException e ) {
290294 shutDown ();
291295 throw new RuntimeException (e );
292296 }
@@ -299,9 +303,15 @@ void setUpEncryption(ChannelHandlerContext ctx, ClientboundEncryptionRequestPack
299303 handleEncryptionSuccess ();
300304 }
301305
302- private static byte [] encrypt (PublicKey key , byte [] data ) throws NoSuchPaddingException , NoSuchAlgorithmException , BadPaddingException , IllegalBlockSizeException , InvalidKeyException {
303- Cipher cipher = Cipher .getInstance ("RSA/ECB/PKCS1Padding" );
304- cipher .init (Cipher .ENCRYPT_MODE , key );
306+ private static byte [] encrypt (PublicKey key , byte [] data ) throws NoSuchPaddingException , NoSuchAlgorithmException , BadPaddingException , IllegalBlockSizeException , InvalidKeyException , InvalidAlgorithmParameterException {
307+ Cipher cipher = Cipher .getInstance ("RSA/ECB/OAEPWithSHA-256AndMGF1Padding" );
308+ // https://docs.openssl.org/master/man3/RSA_public_encrypt/#description
309+ cipher .init (Cipher .ENCRYPT_MODE , key , new OAEPParameterSpec (
310+ "SHA-256" ,
311+ "MGF1" ,
312+ new MGF1ParameterSpec ("SHA-256" ),
313+ PSource .PSpecified .DEFAULT
314+ ));
305315 return cipher .doFinal (data );
306316 }
307317}
0 commit comments