public static void EncryptionKeyRequest(MinecraftClient client, IPacket _packet)
{
var packet = (EncryptionKeyRequestPacket)_packet;
var random = RandomNumberGenerator.Create();
client.SharedSecret = new byte[16];
random.GetBytes(client.SharedSecret); // Generate a secure AES key
if (packet.ServerId != "-") // Online mode
{
// Authenticate with minecraft.net
var data = Encoding.ASCII.GetBytes(packet.ServerId)
.Concat(client.SharedSecret)
.Concat(packet.PublicKey).ToArray();
var hash = Cryptography.JavaHexDigest(data);
var webClient = new WebClient();
string result = webClient.DownloadString("http://session.minecraft.net/game/joinserver.jsp?user="******"&sessionId=" + Uri.EscapeUriString(client.Session.SessionId) +
"&serverId=" + Uri.EscapeUriString(hash));
if (result != "OK")
LogProvider.Log("Unable to verify session: " + result);
}
var parser = new AsnKeyParser(packet.PublicKey);
var key = parser.ParseRSAPublicKey();
// Encrypt shared secret and verification token
var crypto = new RSACryptoServiceProvider();
crypto.ImportParameters(key);
var encryptedSharedSecret = crypto.Encrypt(client.SharedSecret, false);
var encryptedVerification = crypto.Encrypt(packet.VerificationToken, false);
var response = new EncryptionKeyResponsePacket(encryptedSharedSecret, encryptedVerification);
client.SendPacket(response);
}
private void HandleEncryption(EncryptionRequestPacket packet)
{
var random = RandomNumberGenerator.Create();
_sharedSecret = new byte[16];
random.GetBytes(_sharedSecret);
if (packet.ServerId != "")
{
throw new NotImplementedException("Online mode is not implemented");
}
var parser = new AsnKeyParser(packet.PublicKey);
var key = parser.ParseRSAPublicKey();
// Encrypt shared secret and verification token
var crypto = new RSACryptoServiceProvider();
crypto.ImportParameters(key);
WritePacket(new EncryptionResponsePacket
{
SharedSecret = crypto.Encrypt(_sharedSecret, false),
VerifyToken = crypto.Encrypt(packet.VerifyToken, false),
});
_baseStream = new AesStream(_networkStream, _sharedSecret);
_writer = new MinecraftStreamWriter(_baseStream);
_reader = new MinecraftStreamReader(_baseStream);
}
internal static void FromPublicString(this RSA rsa, string key)
{
var x509Key = Convert.FromBase64String(key);
AsnKeyParser keyParser = new AsnKeyParser(x509Key);
RSAParameters rsaParameters = keyParser.ParseRSAPublicKey();
rsa.ImportParameters(rsaParameters);
}
internal static void FromPrivateString(this RSA rsa, string key)
{
var PKCS8 = Convert.FromBase64String(key);
AsnKeyParser keyParser = new AsnKeyParser(PKCS8);
RSAParameters rsaParameters = keyParser.ParseRSAPrivateKey();
rsa.ImportParameters(rsaParameters);
}
public override void HandlePacket(Proxy proxy)
{
// Interact with the remote server
proxy.RemoteSharedKey = new byte[16];
RandomNumberGenerator random = RandomNumberGenerator.Create();
random.GetBytes(proxy.RemoteSharedKey);
AsnKeyParser keyParser = new AsnKeyParser(PublicKey);
var key = keyParser.ParseRSAPublicKey();
var cryptoService = new RSACryptoServiceProvider();
cryptoService.ImportParameters(key);
byte[] encryptedSharedSecret = cryptoService.Encrypt(proxy.RemoteSharedKey, false);
byte[] encryptedVerify = cryptoService.Encrypt(VerifyToken, false);
// Construct an 0xFC packet to send the server
proxy.RemoteEncryptionResponse = new byte[] { 0xFC }
.Concat(DataUtility.CreateInt16((short)encryptedSharedSecret.Length))
.Concat(encryptedSharedSecret)
.Concat(DataUtility.CreateInt16((short)encryptedVerify.Length))
.Concat(encryptedVerify).ToArray();
if (ServerId != "-")
{
// Generate session hash
byte[] hashData = Encoding.ASCII.GetBytes(ServerId)
.Concat(proxy.RemoteSharedKey)
.Concat(PublicKey).ToArray();
var hash = Cryptography.JavaHexDigest(hashData);
var webClient = new WebClient();
string result = webClient.DownloadString("http://session.minecraft.net/game/joinserver.jsp?user="******"&sessionId=" + Uri.EscapeUriString(proxy.Settings.UserSession) +
"&serverId=" + Uri.EscapeUriString(hash));
if (result != "OK")
Console.WriteLine("Warning: Unable to login as user " + proxy.Settings.Username + ", expect mixed results.");
}
// Interact with the local client
var verifyToken = new byte[4];
var csp = new RNGCryptoServiceProvider();
csp.GetBytes(verifyToken);
AsnKeyBuilder.AsnMessage encodedKey = AsnKeyBuilder.PublicKeyToX509(Proxy.ServerKey);
// Construct an 0xFD to send the client
byte[] localPacket = new[] { PacketId }
.Concat(DataUtility.CreateString("-"))
.Concat(DataUtility.CreateInt16((short)encodedKey.GetBytes().Length))
.Concat(encodedKey.GetBytes())
.Concat(DataUtility.CreateInt16((short)verifyToken.Length))
.Concat(verifyToken).ToArray();
proxy.LocalSocket.BeginSend(localPacket, 0, localPacket.Length, SocketFlags.None, null, null);
base.HandlePacket(proxy);
}
/// <summary>
/// Reads and Parses the information stored in the ConnectionHandshake
/// </summary>
public override void ReadImplementation()
{
GetClient().State = ClientState.CONNECTED;
ReadByte();
int Length = ReadInt32();
ReadBytes(5);
byte[] Data = ReadBytes(Length - 10);
string RSAStr = Encoding.ASCII.GetString(Data);
byte[] RSAData = new byte[RSAStr.Length / 2];
for (int i = 0; i < RSAStr.Length; i += 2)
{
RSAData[i / 2] = byte.Parse(RSAStr.Substring(i, 2), NumberStyles.HexNumber);
}
byte[] privateKey = new byte[] { 0x30, 0x82, 0x04, 0xBC, 0x02, 0x01, 0x00, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82, 0x04, 0xA6, 0x30, 0x82, 0x04, 0xA2, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, 0xB2, 0x3B, 0x14, 0xD0, 0x60, 0xC3, 0x0D, 0xDB, 0x90, 0x53, 0x29, 0x94, 0xFD, 0x63, 0xF3, 0x57, 0x0D, 0x02, 0x55, 0x41, 0xCD, 0x08, 0x6A, 0x6F, 0xFF, 0x0D, 0x44, 0xE5, 0x19, 0xA8, 0x04, 0xE6, 0x3C, 0x31, 0x28, 0x1C, 0x71, 0x74, 0x40, 0xAD, 0x7B, 0xAB, 0x8F, 0xE3, 0x3E, 0x06, 0xF7, 0xBD, 0x10, 0xF5, 0x3D, 0x8E, 0x0F, 0xA9, 0x00, 0xB8, 0xB6, 0xA0, 0x8F, 0xE4, 0xCB, 0xE4, 0x13, 0x3D, 0x84, 0xBC, 0xE9, 0x19, 0x91, 0x6E, 0xCE, 0x58, 0x84, 0x50, 0xDC, 0x79, 0x15, 0xD3, 0x16, 0xEE, 0x6B, 0x36, 0xEC, 0xDF, 0x81, 0x1E, 0x8F, 0x03, 0x9B, 0x20, 0xB1, 0x8E, 0x56, 0x4E, 0x51, 0x66, 0xED, 0xC7, 0xFC, 0x7E, 0x03, 0xC4, 0xCC, 0xD2, 0xCD, 0x31, 0x1C, 0xAC, 0x1C, 0x17, 0x3E, 0xB3, 0xF6, 0x5F, 0xB8, 0xAA, 0x05, 0x5A, 0xAE, 0xB5, 0xB1, 0x50, 0x3E, 0xE8, 0x90, 0x69, 0x1F, 0xBA, 0x84, 0x0E, 0xDB, 0x62, 0x58, 0x64, 0x4A, 0x4B, 0x64, 0xE7, 0xB6, 0x5A, 0x2D, 0xA3, 0x6C, 0x8E, 0x6C, 0x26, 0x02, 0xF6, 0x08, 0xF6, 0x7A, 0x03, 0x20, 0xC0, 0x68, 0x63, 0xB1, 0x19, 0xEF, 0x18, 0x9A, 0x60, 0xB3, 0xDD, 0x89, 0x21, 0xF6, 0x9A, 0x01, 0x1E, 0x3D, 0x51, 0x8F, 0x03, 0x0E, 0x5D, 0xD8, 0x96, 0x22, 0x06, 0x7C, 0x47, 0x21, 0x66, 0xF1, 0x29, 0xBC, 0x28, 0x3E, 0x8D, 0xBE, 0xEE, 0x4B, 0x6B, 0x7D, 0x57, 0xE1, 0x35, 0x18, 0x6A, 0x87, 0xB5, 0x1F, 0xCC, 0x17, 0xAE, 0xC7, 0x46, 0x73, 0x79, 0x6E, 0xF8, 0xA6, 0xD9, 0xE5, 0x98, 0x52, 0xE9, 0xE6, 0x1D, 0x8A, 0x6D, 0x0E, 0xEE, 0xBC, 0x6B, 0x93, 0xF5, 0xF8, 0x7F, 0x7D, 0x30, 0x69, 0xB6, 0x21, 0x50, 0x3D, 0xA1, 0x27, 0x72, 0x99, 0xC8, 0x22, 0x00, 0x51, 0xB5, 0x95, 0xB9, 0x41, 0x20, 0x7E, 0xFA, 0x93, 0x55, 0x3A, 0x31, 0x02, 0x01, 0x11, 0x02, 0x82, 0x01, 0x00, 0x09, 0x2C, 0x73, 0xE5, 0x14, 0x0A, 0x0A, 0x20, 0x01, 0xC8, 0x0B, 0x8D, 0x50, 0xCE, 0x8E, 0x68, 0x3E, 0xC9, 0x88, 0x27, 0x26, 0xC9, 0xD8, 0x4D, 0x4B, 0x3E, 0xCC, 0xF5, 0x34, 0x24, 0xE2, 0x22, 0x70, 0x46, 0x4B, 0x79, 0xEF, 0x40, 0x56, 0x27, 0x0C, 0x03, 0x2E, 0xEF, 0x76, 0x04, 0x1F, 0x93, 0x24, 0xA3, 0x35, 0xFD, 0xE6, 0x73, 0xFE, 0x27, 0x9F, 0xFC, 0xF8, 0x58, 0xF3, 0xE7, 0xF9, 0x75, 0xFD, 0x6B, 0x9B, 0x0E, 0x7E, 0x12, 0xE1, 0x35, 0x7F, 0x47, 0xED, 0x3A, 0xF0, 0x2E, 0xA1, 0x2E, 0x27, 0x66, 0x97, 0x7C, 0x71, 0xF0, 0xA1, 0xB6, 0xC6, 0x1A, 0x27, 0x41, 0xAD, 0xDA, 0x9E, 0x8A, 0xF1, 0xE2, 0xC3, 0x95, 0x8B, 0x7C, 0xF3, 0xF4, 0x43, 0x08, 0x2C, 0xC5, 0x18, 0x08, 0xB9, 0xD0, 0xCA, 0xCC, 0x74, 0xCC, 0x84, 0x0A, 0x50, 0x85, 0x96, 0x4D, 0x8A, 0xC4, 0x70, 0xD8, 0x3B, 0xFC, 0x56, 0x4C, 0xE6, 0x52, 0xFF, 0x7C, 0x44, 0x2C, 0xAF, 0xCD, 0x01, 0xA2, 0xC1, 0xFB, 0x9B, 0x3A, 0xAF, 0x03, 0xE0, 0x24, 0xB7, 0xEB, 0xE2, 0x55, 0xC0, 0xA7, 0xD6, 0x9A, 0xA4, 0xB3, 0x2C, 0x56, 0x8E, 0x5B, 0x19, 0x7F, 0x4F, 0x2E, 0x77, 0xD1, 0x26, 0x2F, 0x02, 0x87, 0x56, 0xDC, 0xF3, 0x29, 0x13, 0x8D, 0x8C, 0xFA, 0xF0, 0x54, 0x26, 0x7C, 0x89, 0x0B, 0xB3, 0xBC, 0x4A, 0xCE, 0xF7, 0x33, 0x02, 0x56, 0xEB, 0x88, 0x90, 0x94, 0x44, 0x61, 0x53, 0xE0, 0x75, 0x07, 0x6A, 0x70, 0xF5, 0x1A, 0x69, 0x69, 0x71, 0x9A, 0xAA, 0x15, 0xBD, 0x49, 0x38, 0xA1, 0xE5, 0x0A, 0x70, 0x6A, 0x1B, 0x9C, 0xCE, 0x04, 0x39, 0x7C, 0x68, 0xCF, 0xF8, 0x17, 0xEE, 0xA3, 0x9C, 0x40, 0x4A, 0xE1, 0x5A, 0xEE, 0x71, 0x64, 0x5E, 0x64, 0x23, 0xCE, 0xAC, 0x70, 0xFC, 0x39, 0x19, 0x9C, 0x28, 0xBC, 0x3F, 0xA9, 0x02, 0x81, 0x81, 0x00, 0xF0, 0x85, 0x37, 0x1B, 0xC0, 0x64, 0xA9, 0x02, 0xDC, 0x48, 0x21, 0x6E, 0xFC, 0x04, 0x0F, 0x80, 0xC4, 0x3C, 0x7D, 0x5D, 0x58, 0x7B, 0x98, 0x35, 0xBF, 0x3C, 0x3F, 0xC5, 0xA9, 0x11, 0x38, 0xC5, 0x90, 0x75, 0xB7, 0x7F, 0x2A, 0x30, 0x53, 0x9D, 0xAB, 0x65, 0x3E, 0x21, 0x45, 0x04, 0x06, 0xAF, 0xCB, 0x57, 0x2E, 0x34, 0xB6, 0x5B, 0xE3, 0xCB, 0xAF, 0x58, 0x65, 0x9B, 0x7C, 0x86, 0xFC, 0x17, 0x87, 0x50, 0x82, 0x5D, 0x51, 0x44, 0xA1, 0x04, 0x03, 0x93, 0x61, 0x81, 0xFF, 0x23, 0x91, 0xA1, 0x64, 0x06, 0x63, 0xD0, 0x5D, 0x45, 0x1E, 0x9D, 0x0E, 0x4C, 0x2B, 0xA1, 0x14, 0xE1, 0xE2, 0x09, 0x62, 0xD7, 0x2D, 0x27, 0x73, 0x2E, 0xC3, 0xF0, 0x86, 0x9E, 0xE6, 0xC7, 0x63, 0x70, 0x70, 0xA9, 0x41, 0x60, 0xCD, 0x03, 0xF5, 0xA1, 0x95, 0xF4, 0xB6, 0x46, 0x10, 0xAA, 0x48, 0x07, 0x6B, 0xF9, 0x02, 0x81, 0x81, 0x00, 0xBD, 0xB3, 0x97, 0x1E, 0xA1, 0xFF, 0x07, 0x08, 0xE7, 0xEC, 0x07, 0x6C, 0x78, 0xD0, 0x27, 0x74, 0xF1, 0xE7, 0x5E, 0x3D, 0x04, 0x4A, 0xD9, 0x02, 0x30, 0x35, 0x03, 0xBC, 0xF5, 0xDD, 0x58, 0xE5, 0xF3, 0x01, 0x0C, 0xFE, 0x13, 0x6A, 0xD4, 0x41, 0x6F, 0xDE, 0x84, 0xEA, 0xD6, 0xF1, 0x25, 0xB4, 0x91, 0x5C, 0x40, 0xC6, 0x64, 0x1A, 0x9B, 0x03, 0x24, 0x5B, 0xB2, 0x8B, 0xA6, 0xE4, 0x00, 0x1C, 0x4D, 0x82, 0x3F, 0x78, 0xBB, 0x8B, 0x46, 0xDF, 0x01, 0xF4, 0x4A, 0x4C, 0x4D, 0xAF, 0x77, 0x11, 0xA1, 0xBB, 0x90, 0x8F, 0xF3, 0x5C, 0x20, 0x48, 0x1C, 0xE6, 0xA1, 0xB1, 0xA4, 0x59, 0x14, 0x6C, 0x92, 0x66, 0xE5, 0x5D, 0x6C, 0x63, 0x9C, 0x01, 0x34, 0x63, 0x5E, 0xCC, 0x4F, 0xF1, 0xD0, 0x1E, 0x74, 0x37, 0x06, 0x87, 0x5B, 0x40, 0x0E, 0x0C, 0xD4, 0x3B, 0xEA, 0x76, 0x58, 0x72, 0x1D, 0xF9, 0x02, 0x81, 0x81, 0x00, 0xA9, 0xC7, 0x72, 0x31, 0xB4, 0xFB, 0xC2, 0x98, 0x9B, 0x7E, 0x35, 0xB7, 0xC0, 0xF3, 0xCE, 0xB5, 0x3F, 0x39, 0xC1, 0xE7, 0x89, 0xC0, 0xA7, 0xAD, 0x77, 0xEE, 0x4B, 0x22, 0x1C, 0xFD, 0x19, 0x03, 0xED, 0x80, 0x45, 0x4A, 0xB4, 0x5E, 0x59, 0x24, 0x00, 0x83, 0xB3, 0x62, 0xC7, 0x4E, 0x22, 0xD6, 0x71, 0x6A, 0xB7, 0x34, 0x44, 0x7D, 0x19, 0x44, 0x7B, 0xC5, 0xED, 0x5E, 0xB2, 0x41, 0x2A, 0x6A, 0xF6, 0x1A, 0xB6, 0x5F, 0xFD, 0x21, 0x62, 0x99, 0x6B, 0xEF, 0x90, 0x1F, 0x86, 0xEB, 0xEE, 0x53, 0xCE, 0x22, 0xA0, 0xCF, 0x50, 0xE5, 0x7F, 0x05, 0x73, 0x81, 0x0F, 0xBC, 0xFF, 0xAE, 0x81, 0x70, 0x09, 0x88, 0xD4, 0x94, 0x51, 0x4E, 0x2F, 0xF5, 0x13, 0xBB, 0x75, 0xB9, 0xEB, 0xD6, 0xE6, 0x1D, 0x1F, 0x17, 0x27, 0x4E, 0x16, 0xCC, 0x69, 0xD9, 0xEA, 0x13, 0x57, 0x0E, 0xC9, 0x6E, 0xA6, 0x91, 0x02, 0x81, 0x80, 0x2C, 0xA2, 0xBA, 0x25, 0x53, 0x4B, 0x10, 0xB6, 0xCD, 0x28, 0x7A, 0x37, 0xA3, 0xF4, 0xBD, 0xFD, 0x66, 0x18, 0x52, 0x68, 0xB5, 0xB7, 0x42, 0x1E, 0xA1, 0xEE, 0x5B, 0x3B, 0x85, 0x25, 0x05, 0xDB, 0xC0, 0xB4, 0xF3, 0xFF, 0x8C, 0x19, 0x22, 0xE2, 0x38, 0x70, 0x97, 0xBE, 0xC9, 0x29, 0xAE, 0x84, 0xD6, 0xE8, 0x87, 0xB6, 0x35, 0xAB, 0xE8, 0x3C, 0xF9, 0x7E, 0xFC, 0xD5, 0x90, 0xAE, 0x1E, 0x24, 0xC6, 0xF1, 0x78, 0x58, 0xA4, 0x99, 0x3D, 0xDA, 0x1E, 0x93, 0xD5, 0x3F, 0x21, 0x56, 0x76, 0x5E, 0x80, 0x68, 0x5E, 0x3F, 0xFD, 0x06, 0x9E, 0x2F, 0x15, 0xDB, 0xE9, 0xCF, 0x71, 0xF6, 0xD7, 0xA1, 0x13, 0x63, 0x81, 0x43, 0x28, 0x8F, 0xE8, 0x78, 0xC1, 0x08, 0x52, 0x8A, 0x6D, 0x29, 0xD6, 0x9D, 0xC0, 0xFD, 0xE3, 0x6B, 0x24, 0x87, 0x8A, 0xD5, 0xD7, 0x95, 0xA0, 0x94, 0x51, 0x0B, 0xCA, 0xD1, 0x02, 0x81, 0x81, 0x00, 0xD5, 0x44, 0xDE, 0xAB, 0x3A, 0x9F, 0x9D, 0x5C, 0x7E, 0xB4, 0x6F, 0x7C, 0x62, 0xA1, 0x5A, 0x87, 0xB6, 0x30, 0x27, 0xE7, 0xEE, 0x58, 0x86, 0x1D, 0x46, 0x1C, 0x8C, 0x0D, 0x02, 0x8F, 0x1C, 0x33, 0x4C, 0x18, 0xB7, 0xC1, 0xE0, 0x0A, 0xD4, 0x61, 0x8A, 0x0C, 0x00, 0xCE, 0xCC, 0x75, 0x01, 0x91, 0xCE, 0x56, 0xB3, 0xD4, 0xDA, 0x33, 0x50, 0xB1, 0x7D, 0x1B, 0x35, 0x3E, 0xC2, 0x9E, 0x63, 0x80, 0xFD, 0xE8, 0x49, 0x65, 0xEF, 0xD4, 0x01, 0xDA, 0xD0, 0x8F, 0x02, 0x27, 0xC5, 0x24, 0xA2, 0xCD, 0x0D, 0xD5, 0xD8, 0xC5, 0xE0, 0xD0, 0xFD, 0x3F, 0x6A, 0xCB, 0x86, 0x35, 0x5D, 0x56, 0xC5, 0x90, 0xA9, 0xF6, 0x4D, 0xD5, 0xED, 0x93, 0x86, 0x85, 0xD9, 0x29, 0x2F, 0xC8, 0x3C, 0x99, 0xD7, 0xD8, 0xE0, 0xEF, 0x58, 0x89, 0x98, 0x42, 0x65, 0xA6, 0x34, 0x9D, 0x9E, 0x0C, 0xA5, 0x78, 0xE7, 0x80 };
RSACryptoServiceProvider RSAProv = new RSACryptoServiceProvider();
AsnKeyParser keyParser = new AsnKeyParser(privateKey);
RSAParameters privParams = keyParser.ParseRSAPrivateKey();
RSAProv.ImportParameters(privParams);
byte[] decData = RSAProv.Decrypt(RSAData, false);
//Log.Write(LogLevel.Warning, "RSA DATA:\n{0}", decData.ToHEX());
MemoryStream Stream = new MemoryStream(decData);
EndianBinaryReader Reader = new EndianBinaryReader(MiscUtil.Conversion.EndianBitConverter.Little, Stream);
string ConnectionHash = Reader.ReadString(true);
GetClient().Password = Reader.ReadString(true);
GetClient().SalsaKey01 = Reader.ReadBytes(32);
GetClient().SalsaKey02 = Reader.ReadBytes(32);
GetClient().SalsaIV01 = Reader.ReadBytes(8);
GetClient().SalsaIV02 = Reader.ReadBytes(8);
if (TransUserTable.ContainsHash(ConnectionHash))
{
GetClient().Username = TransUserTable.ByHash(ConnectionHash).Username;
TransUserTable.RemoveByHash(ConnectionHash);
Log.Write(LogLevel.Client, "Client '{0}' trying to connect to Shard01", GetClient().Username);
}
else
{
Log.Write(LogLevel.Client, "Client tried to connect with invalid connection hash");
GetClient().ForceKill();
}
}
/// <summary>
/// Loads a certificate given both it's private and public keys - generally used to
/// load keys provided on the OAuth wiki's for verification of implementation correctness.
/// </summary>
/// <param name="privateKey"></param>
/// <param name="certificate"></param>
/// <returns></returns>
public static X509Certificate2 LoadCertificateFromStrings(string privateKey, string certificate)
{
var parser = new AsnKeyParser(Convert.FromBase64String(privateKey));
RSAParameters parameters = parser.ParseRSAPrivateKey();
var x509 = new X509Certificate2(Encoding.ASCII.GetBytes(certificate));
var provider = new RSACryptoServiceProvider();
provider.ImportParameters(parameters);
x509.PrivateKey = provider;
return(x509);
}
private void _MakesureProvider()
{
if (this._provider != null)
{
return;
}
_isPrivate = this._isPrivate;
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(this._key_len);
switch (this._format)
{
case KeyFormat.DER:
{
var b_key = deal_string.decode_hex(this._key);
AsnKeyParser keyParser = new AsnKeyParser(b_key);
RSAParameters key = _isPrivate ? keyParser.ParseRSAPrivateKeyPKCS1() : keyParser.ParseRSAPublicKeyPKCS1();
rsa.ImportParameters(key);
break;
}
case KeyFormat.PEM:
{
this._key = this._key.Replace("-----BEGIN PUBLIC KEY-----", "").Replace("-----END PUBLIC KEY-----", "")
.Replace("-----BEGIN PRIVATE KEY-----", "").Replace("-----END PRIVATE KEY-----", "")
.Replace("\r\n", "");
goto case KeyFormat.ASN;
}
case KeyFormat.ASN:
{
var b_key = deal_string.decode_base64(this._key);
AsnKeyParser keyParser = new AsnKeyParser(b_key);
RSAParameters key = _isPrivate ? keyParser.ParseRSAPrivateKey() : keyParser.ParseRSAPublicKey();
rsa.ImportParameters(key);
break;
}
case KeyFormat.XML:
default:
//_isPrivate = this._key.IndexOf("<D>") > -1;
rsa.FromXmlString(this._key);
break;
}
this._provider = rsa;
}
private static void LoadDsaPrivateKey()
{
//
// Load the Private Key
// PKCS#8 Format
//
AsnKeyParser keyParser = new AsnKeyParser("private.dsa.cs.ber");
DSAParameters privateKey = keyParser.ParseDSAPrivateKey();
//
// Initailize the CSP
// Supresses creation of a new key
//
CspParameters csp = new CspParameters
{
KeyContainerName = "DSA Test (OK to Delete)"
};
// Can't use PROV_DSS_DH for loading. We have lost
// parameters such as seed and j.
// const int PROV_DSS_DH = 13;
const int PROV_DSS = 3;
csp.ProviderType = PROV_DSS;
// const int AT_EXCHANGE = 1;
const int AT_SIGNATURE = 2;
csp.KeyNumber = AT_SIGNATURE;
//
// Initialize the Provider
//
DSACryptoServiceProvider dsa =
new DSACryptoServiceProvider(csp)
{
PersistKeyInCsp = false
};
//
// The moment of truth...
//
dsa.ImportParameters(privateKey);
// See http://blogs.msdn.com/tess/archive/2007/10/31/
// asp-net-crash-system-security-cryptography-cryptographicexception.aspx
dsa.Clear();
}
private static void LoadRsaPublicKey()
{
//
// Load the Public Key
// X.509 Format
//
AsnKeyParser keyParser =
new AsnKeyParser("public.rsa.cs.ber");
RSAParameters publicKey = keyParser.ParseRSAPublicKey();
//
// Initailize the CSP
// Supresses creation of a new key
//
CspParameters csp = new CspParameters
{
KeyContainerName = "RSA Test (OK to Delete)"
};
const int PROV_RSA_FULL = 1;
csp.ProviderType = PROV_RSA_FULL;
const int AT_KEYEXCHANGE = 1;
// const int AT_SIGNATURE = 2;
csp.KeyNumber = AT_KEYEXCHANGE;
//
// Initialize the Provider
//
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(csp)
{
PersistKeyInCsp = false
};
//
// The moment of truth...
//
rsa.ImportParameters(publicKey);
// See http://blogs.msdn.com/tess/archive/2007/10/31/
// asp-net-crash-system-security-cryptography-cryptographicexception.aspx
rsa.Clear();
}
public AsymmetricAlgorithm GetConsumerPublicKey(IConsumer consumer)
{
if (_publicKeyAlgorithm == null)
{
var parser = new AsnKeyParser(Convert.FromBase64String(_publicKey));
RSAParameters parameters = parser.ParseRSAPublicKey();
var provider = new RSACryptoServiceProvider();
provider.ImportParameters(parameters);
_publicKeyAlgorithm = provider;
}
return(_publicKeyAlgorithm);
}
public static void EncryptionKeyRequest(MinecraftClient client, IPacket _packet)
{
var packet = (EncryptionKeyRequestPacket)_packet;
var random = RandomNumberGenerator.Create();
client.SharedSecret = new byte[16];
random.GetBytes(client.SharedSecret); // Generate a secure AES key
if (packet.ServerId != "-") // Online mode
{
// Authenticate with minecraft.net
if (!client.Session.OnlineMode)
{
throw new AuthenticationException("Server is in online mode, but client is in offline mode.");
}
var data = Encoding.ASCII.GetBytes(packet.ServerId)
.Concat(client.SharedSecret)
.Concat(packet.PublicKey).ToArray();
var hash = Cryptography.JavaHexDigest(data);
var webClient = new WebClient();
string result = webClient.DownloadString("http://session.minecraft.net/game/joinserver.jsp?user="******"&sessionId=" + Uri.EscapeUriString(client.Session.SessionId) +
"&serverId=" + Uri.EscapeUriString(hash));
if (result != "OK")
{
// TODO
}
}
var parser = new AsnKeyParser(packet.PublicKey);
var key = parser.ParseRSAPublicKey();
// Encrypt shared secret and verification token
var crypto = new RSACryptoServiceProvider();
crypto.ImportParameters(key);
var encryptedSharedSecret = crypto.Encrypt(client.SharedSecret, false);
var encryptedVerification = crypto.Encrypt(packet.VerificationToken, false);
var response = new EncryptionKeyResponsePacket(encryptedSharedSecret, encryptedVerification);
client.SendPacket(response);
client.FlushPackets();
client.NetworkManager.BaseStream = new AesStream(client.NetworkStream, client.SharedSecret);
}
/// <summary>
/// Verifies the RSA signature.
/// </summary>
/// <returns>True if signature is valid, false otherwise.</returns>
public bool IsSignatureValid()
{
Reader.BaseStream.Position = 0;
var keyParser = new AsnKeyParser(PublicKey);
var rsa = new RSACryptoServiceProvider();
rsa.ImportParameters(keyParser.ParseRSAPublicKey());
var deformatter = new RSAPKCS1SignatureDeformatter(rsa);
deformatter.SetHashAlgorithm("SHA256");
var hash = new SHA256Managed().ComputeHash(Reader.ReadBytes((int)(HeaderSize + TreeSize + FileDataSectionSize + ArchiveMD5SectionSize + OtherMD5SectionSize)));
return(deformatter.VerifySignature(hash, Signature));
}
private void _MakesureProvider()
{
if (this._provider != null)
{
return;
}
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
switch (this._format)
{
case KeyFormat.PEM:
{
this._key = this._key.Replace("-----BEGIN PUBLIC KEY-----", "").Replace("-----END PUBLIC KEY-----", "")
.Replace("-----BEGIN PRIVATE KEY-----", "").Replace("-----END PRIVATE KEY-----", "")
.Replace("\r", "").Replace("\n", "");
goto case KeyFormat.ASN;
}
case KeyFormat.ASN:
{
bool isPrivate = this._key.Length > 500;
AsnKeyParser keyParser = new AsnKeyParser(this._key);
RSAParameters key = isPrivate ? keyParser.ParseRSAPrivateKey() : keyParser.ParseRSAPublicKey();
rsa.ImportParameters(key);
break;
}
case KeyFormat.XML:
{
//_isPrivate = this._key.IndexOf("<D>") > -1;
rsa.FromXmlString(this._key);
break;
}
default:
throw new Exception("no support format");
break;
}
this._provider = rsa;
}
void ProcessHandshake(byte[] pBuffer, int pLength)
{
//Log.Write(LogLevel.Info, "\n{0}", pBuffer.ToHEX(pLength));
PacketStream pStream = new PacketStream(pBuffer, pLength, Client.Decryptor, Client.Inflate, true);
Packet iPacket = pStream.Packets[0];
byte[] privateKey = new byte[] { 0x30, 0x82, 0x04, 0xBC, 0x02, 0x01, 0x00, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82, 0x04, 0xA6, 0x30, 0x82, 0x04, 0xA2, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, 0xB2, 0x3B, 0x14, 0xD0, 0x60, 0xC3, 0x0D, 0xDB, 0x90, 0x53, 0x29, 0x94, 0xFD, 0x63, 0xF3, 0x57, 0x0D, 0x02, 0x55, 0x41, 0xCD, 0x08, 0x6A, 0x6F, 0xFF, 0x0D, 0x44, 0xE5, 0x19, 0xA8, 0x04, 0xE6, 0x3C, 0x31, 0x28, 0x1C, 0x71, 0x74, 0x40, 0xAD, 0x7B, 0xAB, 0x8F, 0xE3, 0x3E, 0x06, 0xF7, 0xBD, 0x10, 0xF5, 0x3D, 0x8E, 0x0F, 0xA9, 0x00, 0xB8, 0xB6, 0xA0, 0x8F, 0xE4, 0xCB, 0xE4, 0x13, 0x3D, 0x84, 0xBC, 0xE9, 0x19, 0x91, 0x6E, 0xCE, 0x58, 0x84, 0x50, 0xDC, 0x79, 0x15, 0xD3, 0x16, 0xEE, 0x6B, 0x36, 0xEC, 0xDF, 0x81, 0x1E, 0x8F, 0x03, 0x9B, 0x20, 0xB1, 0x8E, 0x56, 0x4E, 0x51, 0x66, 0xED, 0xC7, 0xFC, 0x7E, 0x03, 0xC4, 0xCC, 0xD2, 0xCD, 0x31, 0x1C, 0xAC, 0x1C, 0x17, 0x3E, 0xB3, 0xF6, 0x5F, 0xB8, 0xAA, 0x05, 0x5A, 0xAE, 0xB5, 0xB1, 0x50, 0x3E, 0xE8, 0x90, 0x69, 0x1F, 0xBA, 0x84, 0x0E, 0xDB, 0x62, 0x58, 0x64, 0x4A, 0x4B, 0x64, 0xE7, 0xB6, 0x5A, 0x2D, 0xA3, 0x6C, 0x8E, 0x6C, 0x26, 0x02, 0xF6, 0x08, 0xF6, 0x7A, 0x03, 0x20, 0xC0, 0x68, 0x63, 0xB1, 0x19, 0xEF, 0x18, 0x9A, 0x60, 0xB3, 0xDD, 0x89, 0x21, 0xF6, 0x9A, 0x01, 0x1E, 0x3D, 0x51, 0x8F, 0x03, 0x0E, 0x5D, 0xD8, 0x96, 0x22, 0x06, 0x7C, 0x47, 0x21, 0x66, 0xF1, 0x29, 0xBC, 0x28, 0x3E, 0x8D, 0xBE, 0xEE, 0x4B, 0x6B, 0x7D, 0x57, 0xE1, 0x35, 0x18, 0x6A, 0x87, 0xB5, 0x1F, 0xCC, 0x17, 0xAE, 0xC7, 0x46, 0x73, 0x79, 0x6E, 0xF8, 0xA6, 0xD9, 0xE5, 0x98, 0x52, 0xE9, 0xE6, 0x1D, 0x8A, 0x6D, 0x0E, 0xEE, 0xBC, 0x6B, 0x93, 0xF5, 0xF8, 0x7F, 0x7D, 0x30, 0x69, 0xB6, 0x21, 0x50, 0x3D, 0xA1, 0x27, 0x72, 0x99, 0xC8, 0x22, 0x00, 0x51, 0xB5, 0x95, 0xB9, 0x41, 0x20, 0x7E, 0xFA, 0x93, 0x55, 0x3A, 0x31, 0x02, 0x01, 0x11, 0x02, 0x82, 0x01, 0x00, 0x09, 0x2C, 0x73, 0xE5, 0x14, 0x0A, 0x0A, 0x20, 0x01, 0xC8, 0x0B, 0x8D, 0x50, 0xCE, 0x8E, 0x68, 0x3E, 0xC9, 0x88, 0x27, 0x26, 0xC9, 0xD8, 0x4D, 0x4B, 0x3E, 0xCC, 0xF5, 0x34, 0x24, 0xE2, 0x22, 0x70, 0x46, 0x4B, 0x79, 0xEF, 0x40, 0x56, 0x27, 0x0C, 0x03, 0x2E, 0xEF, 0x76, 0x04, 0x1F, 0x93, 0x24, 0xA3, 0x35, 0xFD, 0xE6, 0x73, 0xFE, 0x27, 0x9F, 0xFC, 0xF8, 0x58, 0xF3, 0xE7, 0xF9, 0x75, 0xFD, 0x6B, 0x9B, 0x0E, 0x7E, 0x12, 0xE1, 0x35, 0x7F, 0x47, 0xED, 0x3A, 0xF0, 0x2E, 0xA1, 0x2E, 0x27, 0x66, 0x97, 0x7C, 0x71, 0xF0, 0xA1, 0xB6, 0xC6, 0x1A, 0x27, 0x41, 0xAD, 0xDA, 0x9E, 0x8A, 0xF1, 0xE2, 0xC3, 0x95, 0x8B, 0x7C, 0xF3, 0xF4, 0x43, 0x08, 0x2C, 0xC5, 0x18, 0x08, 0xB9, 0xD0, 0xCA, 0xCC, 0x74, 0xCC, 0x84, 0x0A, 0x50, 0x85, 0x96, 0x4D, 0x8A, 0xC4, 0x70, 0xD8, 0x3B, 0xFC, 0x56, 0x4C, 0xE6, 0x52, 0xFF, 0x7C, 0x44, 0x2C, 0xAF, 0xCD, 0x01, 0xA2, 0xC1, 0xFB, 0x9B, 0x3A, 0xAF, 0x03, 0xE0, 0x24, 0xB7, 0xEB, 0xE2, 0x55, 0xC0, 0xA7, 0xD6, 0x9A, 0xA4, 0xB3, 0x2C, 0x56, 0x8E, 0x5B, 0x19, 0x7F, 0x4F, 0x2E, 0x77, 0xD1, 0x26, 0x2F, 0x02, 0x87, 0x56, 0xDC, 0xF3, 0x29, 0x13, 0x8D, 0x8C, 0xFA, 0xF0, 0x54, 0x26, 0x7C, 0x89, 0x0B, 0xB3, 0xBC, 0x4A, 0xCE, 0xF7, 0x33, 0x02, 0x56, 0xEB, 0x88, 0x90, 0x94, 0x44, 0x61, 0x53, 0xE0, 0x75, 0x07, 0x6A, 0x70, 0xF5, 0x1A, 0x69, 0x69, 0x71, 0x9A, 0xAA, 0x15, 0xBD, 0x49, 0x38, 0xA1, 0xE5, 0x0A, 0x70, 0x6A, 0x1B, 0x9C, 0xCE, 0x04, 0x39, 0x7C, 0x68, 0xCF, 0xF8, 0x17, 0xEE, 0xA3, 0x9C, 0x40, 0x4A, 0xE1, 0x5A, 0xEE, 0x71, 0x64, 0x5E, 0x64, 0x23, 0xCE, 0xAC, 0x70, 0xFC, 0x39, 0x19, 0x9C, 0x28, 0xBC, 0x3F, 0xA9, 0x02, 0x81, 0x81, 0x00, 0xF0, 0x85, 0x37, 0x1B, 0xC0, 0x64, 0xA9, 0x02, 0xDC, 0x48, 0x21, 0x6E, 0xFC, 0x04, 0x0F, 0x80, 0xC4, 0x3C, 0x7D, 0x5D, 0x58, 0x7B, 0x98, 0x35, 0xBF, 0x3C, 0x3F, 0xC5, 0xA9, 0x11, 0x38, 0xC5, 0x90, 0x75, 0xB7, 0x7F, 0x2A, 0x30, 0x53, 0x9D, 0xAB, 0x65, 0x3E, 0x21, 0x45, 0x04, 0x06, 0xAF, 0xCB, 0x57, 0x2E, 0x34, 0xB6, 0x5B, 0xE3, 0xCB, 0xAF, 0x58, 0x65, 0x9B, 0x7C, 0x86, 0xFC, 0x17, 0x87, 0x50, 0x82, 0x5D, 0x51, 0x44, 0xA1, 0x04, 0x03, 0x93, 0x61, 0x81, 0xFF, 0x23, 0x91, 0xA1, 0x64, 0x06, 0x63, 0xD0, 0x5D, 0x45, 0x1E, 0x9D, 0x0E, 0x4C, 0x2B, 0xA1, 0x14, 0xE1, 0xE2, 0x09, 0x62, 0xD7, 0x2D, 0x27, 0x73, 0x2E, 0xC3, 0xF0, 0x86, 0x9E, 0xE6, 0xC7, 0x63, 0x70, 0x70, 0xA9, 0x41, 0x60, 0xCD, 0x03, 0xF5, 0xA1, 0x95, 0xF4, 0xB6, 0x46, 0x10, 0xAA, 0x48, 0x07, 0x6B, 0xF9, 0x02, 0x81, 0x81, 0x00, 0xBD, 0xB3, 0x97, 0x1E, 0xA1, 0xFF, 0x07, 0x08, 0xE7, 0xEC, 0x07, 0x6C, 0x78, 0xD0, 0x27, 0x74, 0xF1, 0xE7, 0x5E, 0x3D, 0x04, 0x4A, 0xD9, 0x02, 0x30, 0x35, 0x03, 0xBC, 0xF5, 0xDD, 0x58, 0xE5, 0xF3, 0x01, 0x0C, 0xFE, 0x13, 0x6A, 0xD4, 0x41, 0x6F, 0xDE, 0x84, 0xEA, 0xD6, 0xF1, 0x25, 0xB4, 0x91, 0x5C, 0x40, 0xC6, 0x64, 0x1A, 0x9B, 0x03, 0x24, 0x5B, 0xB2, 0x8B, 0xA6, 0xE4, 0x00, 0x1C, 0x4D, 0x82, 0x3F, 0x78, 0xBB, 0x8B, 0x46, 0xDF, 0x01, 0xF4, 0x4A, 0x4C, 0x4D, 0xAF, 0x77, 0x11, 0xA1, 0xBB, 0x90, 0x8F, 0xF3, 0x5C, 0x20, 0x48, 0x1C, 0xE6, 0xA1, 0xB1, 0xA4, 0x59, 0x14, 0x6C, 0x92, 0x66, 0xE5, 0x5D, 0x6C, 0x63, 0x9C, 0x01, 0x34, 0x63, 0x5E, 0xCC, 0x4F, 0xF1, 0xD0, 0x1E, 0x74, 0x37, 0x06, 0x87, 0x5B, 0x40, 0x0E, 0x0C, 0xD4, 0x3B, 0xEA, 0x76, 0x58, 0x72, 0x1D, 0xF9, 0x02, 0x81, 0x81, 0x00, 0xA9, 0xC7, 0x72, 0x31, 0xB4, 0xFB, 0xC2, 0x98, 0x9B, 0x7E, 0x35, 0xB7, 0xC0, 0xF3, 0xCE, 0xB5, 0x3F, 0x39, 0xC1, 0xE7, 0x89, 0xC0, 0xA7, 0xAD, 0x77, 0xEE, 0x4B, 0x22, 0x1C, 0xFD, 0x19, 0x03, 0xED, 0x80, 0x45, 0x4A, 0xB4, 0x5E, 0x59, 0x24, 0x00, 0x83, 0xB3, 0x62, 0xC7, 0x4E, 0x22, 0xD6, 0x71, 0x6A, 0xB7, 0x34, 0x44, 0x7D, 0x19, 0x44, 0x7B, 0xC5, 0xED, 0x5E, 0xB2, 0x41, 0x2A, 0x6A, 0xF6, 0x1A, 0xB6, 0x5F, 0xFD, 0x21, 0x62, 0x99, 0x6B, 0xEF, 0x90, 0x1F, 0x86, 0xEB, 0xEE, 0x53, 0xCE, 0x22, 0xA0, 0xCF, 0x50, 0xE5, 0x7F, 0x05, 0x73, 0x81, 0x0F, 0xBC, 0xFF, 0xAE, 0x81, 0x70, 0x09, 0x88, 0xD4, 0x94, 0x51, 0x4E, 0x2F, 0xF5, 0x13, 0xBB, 0x75, 0xB9, 0xEB, 0xD6, 0xE6, 0x1D, 0x1F, 0x17, 0x27, 0x4E, 0x16, 0xCC, 0x69, 0xD9, 0xEA, 0x13, 0x57, 0x0E, 0xC9, 0x6E, 0xA6, 0x91, 0x02, 0x81, 0x80, 0x2C, 0xA2, 0xBA, 0x25, 0x53, 0x4B, 0x10, 0xB6, 0xCD, 0x28, 0x7A, 0x37, 0xA3, 0xF4, 0xBD, 0xFD, 0x66, 0x18, 0x52, 0x68, 0xB5, 0xB7, 0x42, 0x1E, 0xA1, 0xEE, 0x5B, 0x3B, 0x85, 0x25, 0x05, 0xDB, 0xC0, 0xB4, 0xF3, 0xFF, 0x8C, 0x19, 0x22, 0xE2, 0x38, 0x70, 0x97, 0xBE, 0xC9, 0x29, 0xAE, 0x84, 0xD6, 0xE8, 0x87, 0xB6, 0x35, 0xAB, 0xE8, 0x3C, 0xF9, 0x7E, 0xFC, 0xD5, 0x90, 0xAE, 0x1E, 0x24, 0xC6, 0xF1, 0x78, 0x58, 0xA4, 0x99, 0x3D, 0xDA, 0x1E, 0x93, 0xD5, 0x3F, 0x21, 0x56, 0x76, 0x5E, 0x80, 0x68, 0x5E, 0x3F, 0xFD, 0x06, 0x9E, 0x2F, 0x15, 0xDB, 0xE9, 0xCF, 0x71, 0xF6, 0xD7, 0xA1, 0x13, 0x63, 0x81, 0x43, 0x28, 0x8F, 0xE8, 0x78, 0xC1, 0x08, 0x52, 0x8A, 0x6D, 0x29, 0xD6, 0x9D, 0xC0, 0xFD, 0xE3, 0x6B, 0x24, 0x87, 0x8A, 0xD5, 0xD7, 0x95, 0xA0, 0x94, 0x51, 0x0B, 0xCA, 0xD1, 0x02, 0x81, 0x81, 0x00, 0xD5, 0x44, 0xDE, 0xAB, 0x3A, 0x9F, 0x9D, 0x5C, 0x7E, 0xB4, 0x6F, 0x7C, 0x62, 0xA1, 0x5A, 0x87, 0xB6, 0x30, 0x27, 0xE7, 0xEE, 0x58, 0x86, 0x1D, 0x46, 0x1C, 0x8C, 0x0D, 0x02, 0x8F, 0x1C, 0x33, 0x4C, 0x18, 0xB7, 0xC1, 0xE0, 0x0A, 0xD4, 0x61, 0x8A, 0x0C, 0x00, 0xCE, 0xCC, 0x75, 0x01, 0x91, 0xCE, 0x56, 0xB3, 0xD4, 0xDA, 0x33, 0x50, 0xB1, 0x7D, 0x1B, 0x35, 0x3E, 0xC2, 0x9E, 0x63, 0x80, 0xFD, 0xE8, 0x49, 0x65, 0xEF, 0xD4, 0x01, 0xDA, 0xD0, 0x8F, 0x02, 0x27, 0xC5, 0x24, 0xA2, 0xCD, 0x0D, 0xD5, 0xD8, 0xC5, 0xE0, 0xD0, 0xFD, 0x3F, 0x6A, 0xCB, 0x86, 0x35, 0x5D, 0x56, 0xC5, 0x90, 0xA9, 0xF6, 0x4D, 0xD5, 0xED, 0x93, 0x86, 0x85, 0xD9, 0x29, 0x2F, 0xC8, 0x3C, 0x99, 0xD7, 0xD8, 0xE0, 0xEF, 0x58, 0x89, 0x98, 0x42, 0x65, 0xA6, 0x34, 0x9D, 0x9E, 0x0C, 0xA5, 0x78, 0xE7, 0x80 };
RSACryptoServiceProvider RSAProv = new RSACryptoServiceProvider();
AsnKeyParser keyParser = new AsnKeyParser(privateKey);
RSAParameters privParams = keyParser.ParseRSAPrivateKey();
RSAProv.ImportParameters(privParams);
byte[] decData = RSAProv.Decrypt(iPacket.RSAData, false);
//Log.Write(LogLevel.Info, "\n{0}", decData.ToHEX(decData.Length));
MemoryStream Stream = new MemoryStream(decData);
EndianBinaryReader Reader = new EndianBinaryReader(MiscUtil.Conversion.EndianBitConverter.Little, Stream);
Client.Username = Reader.ReadString(true);
Client.Password = Reader.ReadString(true);
Client.SalsaKey01 = Reader.ReadBytes(32);
Client.SalsaKey02 = Reader.ReadBytes(32);
Client.SalsaIV01 = Reader.ReadBytes(8);
Client.SalsaIV02 = Reader.ReadBytes(8);
Client.Init();
TransUser user = new TransUser(Client.Username);
TransUserTable.Add(user);
// TODO: Username / Password check
Client.GotKeys = true;
Log.Write(LogLevel.Info, "User '{0}' logging in with token '0x{1}'", Client.Username, BitConverter.ToString(Encoding.ASCII.GetBytes(Client.Password)).Replace("-", ""));
}
public static byte[] RSAEncrypt(byte[] data, byte[] key)
{
AsnKeyParser keyParser = new AsnKeyParser(key);
RSAParameters publicKey = keyParser.ParseRSAPublicKey();
CspParameters csp = new CspParameters();
csp.ProviderType = 1;
csp.KeyNumber = 1;
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(csp);
rsa.PersistKeyInCsp = false;
rsa.ImportParameters(publicKey);
byte[] enc = rsa.Encrypt(data, false);
rsa.Clear();
return(enc);
}
public static void EncryptionKeyRequest(MinecraftClient client, IPacket _packet)
{
var packet = (EncryptionKeyRequestPacket)_packet;
var random = RandomNumberGenerator.Create();
client.SharedSecret = new byte[16];
random.GetBytes(client.SharedSecret); // Generate a secure AES key
if (packet.ServerId != "-" && client.Session.SessionId != null) // Online mode
{
// Authenticate with minecraft.net
var data = Encoding.ASCII.GetBytes(packet.ServerId)
.Concat(client.SharedSecret)
.Concat(packet.PublicKey).ToArray();
var hash = Cryptography.JavaHexDigest(data);
var webClient = new WebClient();
string result = webClient.DownloadString("http://session.minecraft.net/game/joinserver.jsp?user="******"&sessionId=" + Uri.EscapeUriString(client.Session.SessionId) +
"&serverId=" + Uri.EscapeUriString(hash));
if (result != "OK")
{
LogProvider.Log("Unable to verify session: " + result);
}
}
var parser = new AsnKeyParser(packet.PublicKey);
var key = parser.ParseRSAPublicKey();
// Encrypt shared secret and verification token
var crypto = new RSACryptoServiceProvider();
crypto.ImportParameters(key);
var encryptedSharedSecret = crypto.Encrypt(client.SharedSecret, false);
var encryptedVerification = crypto.Encrypt(packet.VerificationToken, false);
var response = new EncryptionKeyResponsePacket(encryptedSharedSecret, encryptedVerification);
client.SendPacket(response);
}
private void InitializeEncryption(EncryptionKeyRequestPacket packet)
{
// We have to hijack the encryption here to be able to sniff the
// connection. What we do is set up two unrelated crypto streams,
// one for the server, one for the client. We actually act a bit
// more like a real client or a real server in this particular
// stage of the connection, because we generate a shared secret
// as a client and a public key as a server, and liase with each
// end of the connection without tipping them off to this. After
// this is done, we wrap the connection in an AesStream and
// everything works fine.
// Interact with the server (acting as a client)
// Generate our shared secret
var secureRandom = RandomNumberGenerator.Create();
ServerSharedKey = new byte[16];
secureRandom.GetBytes(ServerSharedKey);
// Parse the server public key
var parser = new AsnKeyParser(packet.PublicKey);
var key = parser.ParseRSAPublicKey();
// Encrypt shared secret and verification token
var crypto = new RSACryptoServiceProvider();
crypto.ImportParameters(key);
byte[] encryptedSharedSecret = crypto.Encrypt(ServerSharedKey, false);
byte[] encryptedVerification = crypto.Encrypt(packet.VerificationToken, false);
// Create an 0xFC response to give the server
ServerEncryptionResponse = new EncryptionKeyResponsePacket
{
SharedSecret = encryptedSharedSecret,
VerificationToken = encryptedVerification
};
// Authenticate with minecraft.net if need be
if (packet.ServerId != "-")
{
try
{
var session = Session.DoLogin(Settings.Username, Settings.Password);
// Generate session hash
byte[] hashData = Encoding.ASCII.GetBytes(packet.ServerId)
.Concat(ServerSharedKey)
.Concat(packet.PublicKey).ToArray();
var hash = Cryptography.JavaHexDigest(hashData);
var webClient = new WebClient();
string result = webClient.DownloadString("http://session.minecraft.net/game/joinserver.jsp?user="******"&sessionId=" + Uri.EscapeUriString(session.SessionId) +
"&serverId=" + Uri.EscapeUriString(hash));
if (result != "OK")
{
Console.WriteLine("Warning: Unable to login as user " + Settings.Username + ": " + result);
}
Console.WriteLine("(Session ID is {0})", session.SessionId);
}
catch (Exception e)
{
Console.WriteLine("Warning: Unable to login as user " + Settings.Username + ": " + e.Message);
}
}
// Interact with the client (acting as a server)
// Generate verification token
ClientVerificationToken = new byte[4];
secureRandom.GetBytes(ClientVerificationToken);
// Encode public key as an ASN X509 certificate
var encodedKey = AsnKeyBuilder.PublicKeyToX509(ServerKey);
if (Settings.AuthenticateClients)
{
ClientAuthenticationHash = CreateHash();
}
else
{
ClientAuthenticationHash = "-";
}
ClientEncryptionRequest = new EncryptionKeyRequestPacket
{
VerificationToken = ClientVerificationToken,
ServerId = ClientAuthenticationHash,
PublicKey = encodedKey.GetBytes()
};
FinializeClientEncryption(new EncryptionKeyResponsePacket());
}
void handle()
{
// This packet is complicated, so I will comment the process.
// Let's get the data off the line first..
string serverID = sock.readString();
short keyLength = sock.readShort();
short verifyLength;
byte[] key;
byte[] token;
key = sock.readByteArray(keyLength);
verifyLength = sock.readShort();
token = sock.readByteArray(verifyLength);
//Here, we need some random bytes to use as a shared key with the server.
RandomNumberGenerator random = RandomNumberGenerator.Create();
random.GetBytes(myform.sharedkey);
// AsnKeyParser is a part of the cryptography.dll, which is simply a compiled version
// of SMProxy's Cryptography.cs, with the server side parts stripped out.
// You pass it the key data and ask it to parse, and it will
// Extract the server's public key, then parse that into RSA for us.
AsnKeyParser keyParser = new AsnKeyParser(key);
RSAParameters Dekey = keyParser.ParseRSAPublicKey();
// Now we create an encrypter, and encrypt the token sent to us by the server
// as well as our newly made shared key (Which can then only be decrypted with the server's private key)
// and we send it to the server.
RSACryptoServiceProvider cryptoService = new RSACryptoServiceProvider();
cryptoService.ImportParameters(Dekey);
byte[] EncryptedSecret = cryptoService.Encrypt(myform.sharedkey, false);
byte[] EncryptedVerfy = cryptoService.Encrypt(token, false);
// I pass this information back up (Unencrypted) to the main form.
// This allows me to have it ready for when I need this later.
myform.ServerID = serverID;
myform.token = token;
myform.PublicKey = key;
if (serverID != "-" && myform.onlineMode)
{
// Verify with Minecraft.net, if need be.
// At this point, the server requires a hash containing the server id,
// shared key, and original public key. So we make this, and then pass to Minecraft.net
List <byte> hashlist = new List <byte>();
hashlist.AddRange(System.Text.Encoding.ASCII.GetBytes(serverID));
hashlist.AddRange(myform.sharedkey);
hashlist.AddRange(key);
byte[] hashData = hashlist.ToArray();
string hash = JavaHexDigest(hashData);
myform.serverHash = hash;
Minecraft_Net_Interaction verify = new Minecraft_Net_Interaction();
if (!verify.VerifyName(myform.username, myform.sessionId, hash))
{
myform.puts("Failed to verify name with minecraft.net");
sock._stream.Close();
myform.sessionId = null;
return;
}
}
else
{
// Skip Verification, user is not online.
myform.puts("Skipping verification.");
}
// Sets up the socket for encryption, but does not enable it yet.
sock.InitEncryption(myform.sharedkey);
// Respond to server.
EncResponse Response = new EncResponse(sock, myform, EncryptedVerfy, EncryptedSecret, true);
}
private void InitializeEncryption(EncryptionKeyRequestPacket packet)
{
// We have to hijack the encryption here to be able to sniff the
// connection. What we do is set up two unrelated crypto streams,
// one for the server, one for the client. We actually act a bit
// more like a real client or a real server in this particular
// stage of the connection, because we generate a shared secret
// as a client and a public key as a server, and liase with each
// end of the connection without tipping them off to this. After
// this is done, we wrap the connection in an AesStream and
// everything works fine.
// Interact with the server (acting as a client)
// Generate our shared secret
var secureRandom = RandomNumberGenerator.Create();
ServerSharedKey = new byte[16];
secureRandom.GetBytes(ServerSharedKey);
// Parse the server public key
var parser = new AsnKeyParser(packet.PublicKey);
var key = parser.ParseRSAPublicKey();
// Encrypt shared secret and verification token
var crypto = new RSACryptoServiceProvider();
crypto.ImportParameters(key);
byte[] encryptedSharedSecret = crypto.Encrypt(ServerSharedKey, false);
byte[] encryptedVerification = crypto.Encrypt(packet.VerificationToken, false);
// Create an 0xFC response to give the server
ServerEncryptionResponse = new EncryptionKeyResponsePacket
{
SharedSecret = encryptedSharedSecret,
VerificationToken = encryptedVerification
};
// Authenticate with minecraft.net if need be
if (packet.ServerId != "-")
{
try
{
var session = Session.DoLogin(Settings.Username, Settings.Password);
// Generate session hash
byte[] hashData = Encoding.ASCII.GetBytes(packet.ServerId)
.Concat(ServerSharedKey)
.Concat(packet.PublicKey).ToArray();
var hash = Cryptography.JavaHexDigest(hashData);
var webClient = new WebClient();
string result = webClient.DownloadString("http://session.minecraft.net/game/joinserver.jsp?user="******"&sessionId=" + Uri.EscapeUriString(session.SessionId) +
"&serverId=" + Uri.EscapeUriString(hash));
if (result != "OK")
Console.WriteLine("Warning: Unable to login as user " + Settings.Username + ": " + result);
}
catch (Exception e)
{
Console.WriteLine("Warning: Unable to login as user " + Settings.Username + ": " + e.Message);
}
}
// Interact with the client (acting as a server)
// Generate verification token
ClientVerificationToken = new byte[4];
secureRandom.GetBytes(ClientVerificationToken);
// Encode public key as an ASN X509 certificate
var encodedKey = AsnKeyBuilder.PublicKeyToX509(ServerKey);
if (Settings.AuthenticateClients)
ClientAuthenticationHash = CreateHash();
else
ClientAuthenticationHash = "-";
ClientEncryptionRequest = new EncryptionKeyRequestPacket
{
VerificationToken = ClientVerificationToken,
ServerId = ClientAuthenticationHash,
PublicKey = encodedKey.GetBytes()
};
// Send the client our encryption details and await its response
ClientEncryptionRequest.WritePacket(ClientStream);
ClientStream.Flush();
}
