flewkey
/
cuberite-2a
1
0
Fork 0
Code Releases Activity

Moved the rest of the Crypto objects into their own respective files.

This commit is contained in:
madmaxoft 2014-04-29 17:37:15 +02:00
parent d9f7ae6a4d
commit 6cb2d2461f
17 changed files with 477 additions and 436 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
Tools/ProtoProxy/CMakeLists.txt
View File

@ -36,7 +36,8 @@ set(SHARED_SRC
../../src/StringUtils.cpp
../../src/Log.cpp
../../src/MCLogger.cpp
../../src/Crypto.cpp
../../src/PolarSSL++/AesCfb128Decryptor.cpp
../../src/PolarSSL++/AesCfb128Encryptor.cpp
../../src/PolarSSL++/CtrDrbgContext.cpp
../../src/PolarSSL++/EntropyContext.cpp
../../src/PolarSSL++/PublicKey.cpp
@ -47,7 +48,8 @@ set(SHARED_HDR
../../src/StringUtils.h
../../src/Log.h
../../src/MCLogger.h
../../src/Crypto.h
../../src/PolarSSL++/AesCfb128Decryptor.h
../../src/PolarSSL++/AesCfb128Encryptor.h
../../src/PolarSSL++/CtrDrbgContext.h
../../src/PolarSSL++/EntropyContext.h
../../src/PolarSSL++/PublicKey.h

4
Tools/ProtoProxy/Connection.cpp
View File

@ -472,7 +472,7 @@ bool cConnection::SendData(SOCKET a_Socket, cByteBuffer & a_Data, const char * a
bool cConnection::SendEncryptedData(SOCKET a_Socket, cAESCFBEncryptor & a_Encryptor, const char * a_Data, size_t a_Size, const char * a_Peer)
bool cConnection::SendEncryptedData(SOCKET a_Socket, cAesCfb128Encryptor & a_Encryptor, const char * a_Data, size_t a_Size, const char * a_Peer)
{
DataLog(a_Data, a_Size, "Encrypting %d bytes to %s", a_Size, a_Peer);
const Byte * Data = (const Byte *)a_Data;
@ -496,7 +496,7 @@ bool cConnection::SendEncryptedData(SOCKET a_Socket, cAESCFBEncryptor & a_Encryp
bool cConnection::SendEncryptedData(SOCKET a_Socket, cAESCFBEncryptor & a_Encryptor, cByteBuffer & a_Data, const char * a_Peer)
bool cConnection::SendEncryptedData(SOCKET a_Socket, cAesCfb128Encryptor & a_Encryptor, cByteBuffer & a_Data, const char * a_Peer)
{
AString All;
a_Data.ReadAll(All);

10
Tools/ProtoProxy/Connection.h
View File

@ -11,6 +11,8 @@
#include "ByteBuffer.h"
#include "OSSupport/Timer.h"
#include "PolarSSL++/AesCfb128Decryptor.h"
#include "PolarSSL++/AesCfb128Encryptor.h"
@ -66,8 +68,8 @@ protected:
cByteBuffer m_ClientBuffer;
cByteBuffer m_ServerBuffer;
cAESCFBDecryptor m_ServerDecryptor;
cAESCFBEncryptor m_ServerEncryptor;
cAesCfb128Decryptor m_ServerDecryptor;
cAesCfb128Encryptor m_ServerEncryptor;
AString m_ServerEncryptionBuffer; // Buffer for the data to be sent to the server once encryption is established
@ -109,10 +111,10 @@ protected:
bool SendData(SOCKET a_Socket, cByteBuffer & a_Data, const char * a_Peer);
/// Sends data to the specfied socket, after encrypting it using a_Encryptor. If sending fails, prints a fail message using a_Peer and returns false
bool SendEncryptedData(SOCKET a_Socket, cAESCFBEncryptor & a_Encryptor, const char * a_Data, size_t a_Size, const char * a_Peer);
bool SendEncryptedData(SOCKET a_Socket, cAesCfb128Encryptor & a_Encryptor, const char * a_Data, size_t a_Size, const char * a_Peer);
/// Sends data to the specfied socket, after encrypting it using a_Encryptor. If sending fails, prints a fail message using a_Peer and returns false
bool SendEncryptedData(SOCKET a_Socket, cAESCFBEncryptor & a_Encryptor, cByteBuffer & a_Data, const char * a_Peer);
bool SendEncryptedData(SOCKET a_Socket, cAesCfb128Encryptor & a_Encryptor, cByteBuffer & a_Data, const char * a_Peer);
/// Decodes packets coming from the client, sends appropriate counterparts to the server; returns false if the connection is to be dropped
bool DecodeClientsPackets(const char * a_Data, int a_Size);

6
Tools/ProtoProxy/Globals.h
View File

@ -246,12 +246,6 @@ public:
#include "../../src/Crypto.h"
#define LOGERROR printf
#define LOGINFO printf
#define LOGWARNING printf

257
src/Crypto.cpp
View File

@ -1,257 +0,0 @@
// Crypto.cpp
// Implements classes that wrap the cryptographic code library
#include "Globals.h"
#include "Crypto.h"
#include "polarssl/pk.h"
/*
// Self-test the hash formatting for known values:
// sha1(Notch) : 4ed1f46bbe04bc756bcb17c0c7ce3e4632f06a48
// sha1(jeb_) : -7c9d5b0044c130109a5d7b5fb5c317c02b4e28c1
// sha1(simon) : 88e16a1019277b15d58faf0541e11910eb756f6
class Test
{
public:
Test(void)
{
AString DigestNotch, DigestJeb, DigestSimon;
Byte Digest[20];
cSHA1Checksum Checksum;
Checksum.Update((const Byte *)"Notch", 5);
Checksum.Finalize(Digest);
cSHA1Checksum::DigestToJava(Digest, DigestNotch);
Checksum.Restart();
Checksum.Update((const Byte *)"jeb_", 4);
Checksum.Finalize(Digest);
cSHA1Checksum::DigestToJava(Digest, DigestJeb);
Checksum.Restart();
Checksum.Update((const Byte *)"simon", 5);
Checksum.Finalize(Digest);
cSHA1Checksum::DigestToJava(Digest, DigestSimon);
printf("Notch: \"%s\"\n", DigestNotch.c_str());
printf("jeb_: \"%s\"\n", DigestJeb.c_str());
printf("simon: \"%s\"\n", DigestSimon.c_str());
assert(DigestNotch == "4ed1f46bbe04bc756bcb17c0c7ce3e4632f06a48");
assert(DigestJeb == "-7c9d5b0044c130109a5d7b5fb5c317c02b4e28c1");
assert(DigestSimon == "88e16a1019277b15d58faf0541e11910eb756f6");
}
} test;
*/
///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
// cAESCFBDecryptor:
cAESCFBDecryptor::cAESCFBDecryptor(void) :
m_IVOffset(0),
m_IsValid(false)
{
}
cAESCFBDecryptor::~cAESCFBDecryptor()
{
// Clear the leftover in-memory data, so that they can't be accessed by a backdoor
memset(&m_Aes, 0, sizeof(m_Aes));
}
void cAESCFBDecryptor::Init(const Byte a_Key[16], const Byte a_IV[16])
{
ASSERT(!IsValid()); // Cannot Init twice
memcpy(m_IV, a_IV, 16);
aes_setkey_enc(&m_Aes, a_Key, 128);
m_IsValid = true;
}
void cAESCFBDecryptor::ProcessData(Byte * a_DecryptedOut, const Byte * a_EncryptedIn, size_t a_Length)
{
ASSERT(IsValid()); // Must Init() first
// PolarSSL doesn't support AES-CFB8, need to implement it manually:
for (size_t i = 0; i < a_Length; i++)
{
Byte Buffer[sizeof(m_IV)];
aes_crypt_ecb(&m_Aes, AES_ENCRYPT, m_IV, Buffer);
for (size_t idx = 0; idx < sizeof(m_IV) - 1; idx++)
{
m_IV[idx] = m_IV[idx + 1];
}
m_IV[sizeof(m_IV) - 1] = a_EncryptedIn[i];
a_DecryptedOut[i] = a_EncryptedIn[i] ^ Buffer[0];
}
}
///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
// cAESCFBEncryptor:
cAESCFBEncryptor::cAESCFBEncryptor(void) :
m_IVOffset(0),
m_IsValid(false)
{
}
cAESCFBEncryptor::~cAESCFBEncryptor()
{
// Clear the leftover in-memory data, so that they can't be accessed by a backdoor
memset(&m_Aes, 0, sizeof(m_Aes));
}
void cAESCFBEncryptor::Init(const Byte a_Key[16], const Byte a_IV[16])
{
ASSERT(!IsValid()); // Cannot Init twice
ASSERT(m_IVOffset == 0);
memcpy(m_IV, a_IV, 16);
aes_setkey_enc(&m_Aes, a_Key, 128);
m_IsValid = true;
}
void cAESCFBEncryptor::ProcessData(Byte * a_EncryptedOut, const Byte * a_PlainIn, size_t a_Length)
{
ASSERT(IsValid()); // Must Init() first
// PolarSSL doesn't do AES-CFB8, so we need to implement it ourselves:
for (size_t i = 0; i < a_Length; i++)
{
Byte Buffer[sizeof(m_IV)];
aes_crypt_ecb(&m_Aes, AES_ENCRYPT, m_IV, Buffer);
for (size_t idx = 0; idx < sizeof(m_IV) - 1; idx++)
{
m_IV[idx] = m_IV[idx + 1];
}
a_EncryptedOut[i] = a_PlainIn[i] ^ Buffer[0];
m_IV[sizeof(m_IV) - 1] = a_EncryptedOut[i];
}
}
///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
// cSHA1Checksum:
cSHA1Checksum::cSHA1Checksum(void) :
m_DoesAcceptInput(true)
{
sha1_starts(&m_Sha1);
}
void cSHA1Checksum::Update(const Byte * a_Data, size_t a_Length)
{
ASSERT(m_DoesAcceptInput); // Not Finalize()-d yet, or Restart()-ed
sha1_update(&m_Sha1, a_Data, a_Length);
}
void cSHA1Checksum::Finalize(cSHA1Checksum::Checksum & a_Output)
{
ASSERT(m_DoesAcceptInput); // Not Finalize()-d yet, or Restart()-ed
sha1_finish(&m_Sha1, a_Output);
m_DoesAcceptInput = false;
}
void cSHA1Checksum::DigestToJava(const Checksum & a_Digest, AString & a_Out)
{
Checksum Digest;
memcpy(Digest, a_Digest, sizeof(Digest));
bool IsNegative = (Digest[0] >= 0x80);
if (IsNegative)
{
// Two's complement:
bool carry = true; // Add one to the whole number
for (int i = 19; i >= 0; i--)
{
Digest[i] = ~Digest[i];
if (carry)
{
carry = (Digest[i] == 0xff);
Digest[i]++;
}
}
}
a_Out.clear();
a_Out.reserve(40);
for (int i = 0; i < 20; i++)
{
AppendPrintf(a_Out, "%02x", Digest[i]);
}
while ((a_Out.length() > 0) && (a_Out[0] == '0'))
{
a_Out.erase(0, 1);
}
if (IsNegative)
{
a_Out.insert(0, "-");
}
}
void cSHA1Checksum::Restart(void)
{
sha1_starts(&m_Sha1);
m_DoesAcceptInput = true;
}

124
src/Crypto.h
View File

@ -1,124 +0,0 @@
// Crypto.h
// Declares classes that wrap the cryptographic code library
#pragma once
#include "polarssl/rsa.h"
#include "polarssl/aes.h"
#include "polarssl/entropy.h"
#include "polarssl/ctr_drbg.h"
#include "polarssl/sha1.h"
/** Decrypts data using the AES / CFB (128) algorithm */
class cAESCFBDecryptor
{
public:
Byte test;
cAESCFBDecryptor(void);
~cAESCFBDecryptor();
/** Initializes the decryptor with the specified Key / IV */
void Init(const Byte a_Key[16], const Byte a_IV[16]);
/** Decrypts a_Length bytes of the encrypted data; produces a_Length output bytes */
void ProcessData(Byte * a_DecryptedOut, const Byte * a_EncryptedIn, size_t a_Length);
/** Returns true if the object has been initialized with the Key / IV */
bool IsValid(void) const { return m_IsValid; }
protected:
aes_context m_Aes;
/** The InitialVector, used by the CFB mode decryption */
Byte m_IV[16];
/** Current offset in the m_IV, used by the CFB mode decryption */
size_t m_IVOffset;
/** Indicates whether the object has been initialized with the Key / IV */
bool m_IsValid;
} ;
/** Encrypts data using the AES / CFB (128) algorithm */
class cAESCFBEncryptor
{
public:
cAESCFBEncryptor(void);
~cAESCFBEncryptor();
/** Initializes the decryptor with the specified Key / IV */
void Init(const Byte a_Key[16], const Byte a_IV[16]);
/** Encrypts a_Length bytes of the plain data; produces a_Length output bytes */
void ProcessData(Byte * a_EncryptedOut, const Byte * a_PlainIn, size_t a_Length);
/** Returns true if the object has been initialized with the Key / IV */
bool IsValid(void) const { return m_IsValid; }
protected:
aes_context m_Aes;
/** The InitialVector, used by the CFB mode encryption */
Byte m_IV[16];
/** Current offset in the m_IV, used by the CFB mode encryption */
size_t m_IVOffset;
/** Indicates whether the object has been initialized with the Key / IV */
bool m_IsValid;
} ;
/** Calculates a SHA1 checksum for data stream */
class cSHA1Checksum
{
public:
typedef Byte Checksum[20]; // The type used for storing the checksum
cSHA1Checksum(void);
/** Adds the specified data to the checksum */
void Update(const Byte * a_Data, size_t a_Length);
/** Calculates and returns the final checksum */
void Finalize(Checksum & a_Output);
/** Returns true if the object is accepts more input data, false if Finalize()-d (need to Restart()) */
bool DoesAcceptInput(void) const { return m_DoesAcceptInput; }
/** Converts a raw 160-bit SHA1 digest into a Java Hex representation
According to http://wiki.vg/wiki/index.php?title=Protocol_Encryption&oldid=2802
*/
static void DigestToJava(const Checksum & a_Digest, AString & a_JavaOut);
/** Clears the current context and start a new checksum calculation */
void Restart(void);
protected:
/** True if the object is accepts more input data, false if Finalize()-d (need to Restart()) */
bool m_DoesAcceptInput;
sha1_context m_Sha1;
} ;

67
src/PolarSSL++/AesCfb128Decryptor.cpp Normal file
View File

@ -0,0 +1,67 @@
// AesCfb128Decryptor.cpp
// Implements the cAesCfb128Decryptor class decrypting data using AES CFB-128
#include "Globals.h"
#include "AesCfb128Decryptor.h"
cAesCfb128Decryptor::cAesCfb128Decryptor(void) :
m_IVOffset(0),
m_IsValid(false)
{
}
cAesCfb128Decryptor::~cAesCfb128Decryptor()
{
// Clear the leftover in-memory data, so that they can't be accessed by a backdoor
memset(&m_Aes, 0, sizeof(m_Aes));
}
void cAesCfb128Decryptor::Init(const Byte a_Key[16], const Byte a_IV[16])
{
ASSERT(!IsValid()); // Cannot Init twice
memcpy(m_IV, a_IV, 16);
aes_setkey_enc(&m_Aes, a_Key, 128);
m_IsValid = true;
}
void cAesCfb128Decryptor::ProcessData(Byte * a_DecryptedOut, const Byte * a_EncryptedIn, size_t a_Length)
{
ASSERT(IsValid()); // Must Init() first
// PolarSSL doesn't support AES-CFB8, need to implement it manually:
for (size_t i = 0; i < a_Length; i++)
{
Byte Buffer[sizeof(m_IV)];
aes_crypt_ecb(&m_Aes, AES_ENCRYPT, m_IV, Buffer);
for (size_t idx = 0; idx < sizeof(m_IV) - 1; idx++)
{
m_IV[idx] = m_IV[idx + 1];
}
m_IV[sizeof(m_IV) - 1] = a_EncryptedIn[i];
a_DecryptedOut[i] = a_EncryptedIn[i] ^ Buffer[0];
}
}

52
src/PolarSSL++/AesCfb128Decryptor.h Normal file
View File

@ -0,0 +1,52 @@
// AesCfb128Decryptor.h
// Declares the cAesCfb128Decryptor class decrypting data using AES CFB-128
#pragma once
#include "polarssl/aes.h"
/** Decrypts data using the AES / CFB 128 algorithm */
class cAesCfb128Decryptor
{
public:
Byte test;
cAesCfb128Decryptor(void);
~cAesCfb128Decryptor();
/** Initializes the decryptor with the specified Key / IV */
void Init(const Byte a_Key[16], const Byte a_IV[16]);
/** Decrypts a_Length bytes of the encrypted data; produces a_Length output bytes */
void ProcessData(Byte * a_DecryptedOut, const Byte * a_EncryptedIn, size_t a_Length);
/** Returns true if the object has been initialized with the Key / IV */
bool IsValid(void) const { return m_IsValid; }
protected:
aes_context m_Aes;
/** The InitialVector, used by the CFB mode decryption */
Byte m_IV[16];
/** Current offset in the m_IV, used by the CFB mode decryption */
size_t m_IVOffset;
/** Indicates whether the object has been initialized with the Key / IV */
bool m_IsValid;
} ;

68
src/PolarSSL++/AesCfb128Encryptor.cpp Normal file
View File

@ -0,0 +1,68 @@
// AesCfb128Encryptor.cpp
// Implements the cAesCfb128Encryptor class encrypting data using AES CFB-128
#include "Globals.h"
#include "AesCfb128Encryptor.h"
cAesCfb128Encryptor::cAesCfb128Encryptor(void) :
m_IVOffset(0),
m_IsValid(false)
{
}
cAesCfb128Encryptor::~cAesCfb128Encryptor()
{
// Clear the leftover in-memory data, so that they can't be accessed by a backdoor
memset(&m_Aes, 0, sizeof(m_Aes));
}
void cAesCfb128Encryptor::Init(const Byte a_Key[16], const Byte a_IV[16])
{
ASSERT(!IsValid()); // Cannot Init twice
ASSERT(m_IVOffset == 0);
memcpy(m_IV, a_IV, 16);
aes_setkey_enc(&m_Aes, a_Key, 128);
m_IsValid = true;
}
void cAesCfb128Encryptor::ProcessData(Byte * a_EncryptedOut, const Byte * a_PlainIn, size_t a_Length)
{
ASSERT(IsValid()); // Must Init() first
// PolarSSL doesn't do AES-CFB8, so we need to implement it ourselves:
for (size_t i = 0; i < a_Length; i++)
{
Byte Buffer[sizeof(m_IV)];
aes_crypt_ecb(&m_Aes, AES_ENCRYPT, m_IV, Buffer);
for (size_t idx = 0; idx < sizeof(m_IV) - 1; idx++)
{
m_IV[idx] = m_IV[idx + 1];
}
a_EncryptedOut[i] = a_PlainIn[i] ^ Buffer[0];
m_IV[sizeof(m_IV) - 1] = a_EncryptedOut[i];
}
}

50
src/PolarSSL++/AesCfb128Encryptor.h Normal file
View File

@ -0,0 +1,50 @@
// AesCfb128Encryptor.h
// Declares the cAesCfb128Encryptor class encrypting data using AES CFB-128
#pragma once
#include "polarssl/aes.h"
/** Encrypts data using the AES / CFB (128) algorithm */
class cAesCfb128Encryptor
{
public:
cAesCfb128Encryptor(void);
~cAesCfb128Encryptor();
/** Initializes the decryptor with the specified Key / IV */
void Init(const Byte a_Key[16], const Byte a_IV[16]);
/** Encrypts a_Length bytes of the plain data; produces a_Length output bytes */
void ProcessData(Byte * a_EncryptedOut, const Byte * a_PlainIn, size_t a_Length);
/** Returns true if the object has been initialized with the Key / IV */
bool IsValid(void) const { return m_IsValid; }
protected:
aes_context m_Aes;
/** The InitialVector, used by the CFB mode encryption */
Byte m_IV[16];
/** Current offset in the m_IV, used by the CFB mode encryption */
size_t m_IVOffset;
/** Indicates whether the object has been initialized with the Key / IV */
bool m_IsValid;
} ;

42
src/PolarSSL++/CMakeLists.txt
View File

@ -5,27 +5,33 @@ project (MCServer)
include_directories ("${PROJECT_SOURCE_DIR}/../")
set(SOURCES
"BlockingSslClientSocket.cpp"
"BufferedSslContext.cpp"
"CallbackSslContext.cpp"
"CtrDrbgContext.cpp"
"EntropyContext.cpp"
"PublicKey.cpp"
"RsaPrivateKey.cpp"
"SslContext.cpp"
"X509Cert.cpp"
AesCfb128Decryptor.cpp
AesCfb128Encryptor.cpp
BlockingSslClientSocket.cpp
BufferedSslContext.cpp
CallbackSslContext.cpp
CtrDrbgContext.cpp
EntropyContext.cpp
PublicKey.cpp
RsaPrivateKey.cpp
Sha1Checksum.cpp
SslContext.cpp
X509Cert.cpp
)
set(HEADERS
"BlockingSslClientSocket.h"
"BufferedSslContext.h"
"CallbackSslContext.h"
"CtrDrbgContext.h"
"EntropyContext.h"
"PublicKey.h"
"RsaPrivateKey.h"
"SslContext.h"
"X509Cert.h"
AesCfb128Decryptor.h
AesCfb128Encryptor.h
BlockingSslClientSocket.h
BufferedSslContext.h
CallbackSslContext.h
CtrDrbgContext.h
EntropyContext.h
PublicKey.h
RsaPrivateKey.h
SslContext.h
Sha1Checksum.h
X509Cert.h
)
add_library(PolarSSL++ ${SOURCES} ${HEADERS})

138
src/PolarSSL++/Sha1Checksum.cpp Normal file
View File

@ -0,0 +1,138 @@
// Sha1Checksum.cpp
// Declares the cSha1Checksum class representing the SHA-1 checksum calculator
#include "Globals.h"
#include "Sha1Checksum.h"
/*
// Self-test the hash formatting for known values:
// sha1(Notch) : 4ed1f46bbe04bc756bcb17c0c7ce3e4632f06a48
// sha1(jeb_) : -7c9d5b0044c130109a5d7b5fb5c317c02b4e28c1
// sha1(simon) : 88e16a1019277b15d58faf0541e11910eb756f6
static class Test
{
public:
Test(void)
{
AString DigestNotch, DigestJeb, DigestSimon;
Byte Digest[20];
cSha1Checksum Checksum;
Checksum.Update((const Byte *)"Notch", 5);
Checksum.Finalize(Digest);
cSha1Checksum::DigestToJava(Digest, DigestNotch);
Checksum.Restart();
Checksum.Update((const Byte *)"jeb_", 4);
Checksum.Finalize(Digest);
cSha1Checksum::DigestToJava(Digest, DigestJeb);
Checksum.Restart();
Checksum.Update((const Byte *)"simon", 5);
Checksum.Finalize(Digest);
cSha1Checksum::DigestToJava(Digest, DigestSimon);
printf("Notch: \"%s\"\n", DigestNotch.c_str());
printf("jeb_: \"%s\"\n", DigestJeb.c_str());
printf("simon: \"%s\"\n", DigestSimon.c_str());
assert(DigestNotch == "4ed1f46bbe04bc756bcb17c0c7ce3e4632f06a48");
assert(DigestJeb == "-7c9d5b0044c130109a5d7b5fb5c317c02b4e28c1");
assert(DigestSimon == "88e16a1019277b15d58faf0541e11910eb756f6");
}
} test;
*/
///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
// cSha1Checksum:
cSha1Checksum::cSha1Checksum(void) :
m_DoesAcceptInput(true)
{
sha1_starts(&m_Sha1);
}
void cSha1Checksum::Update(const Byte * a_Data, size_t a_Length)
{
ASSERT(m_DoesAcceptInput); // Not Finalize()-d yet, or Restart()-ed
sha1_update(&m_Sha1, a_Data, a_Length);
}
void cSha1Checksum::Finalize(cSha1Checksum::Checksum & a_Output)
{
ASSERT(m_DoesAcceptInput); // Not Finalize()-d yet, or Restart()-ed
sha1_finish(&m_Sha1, a_Output);
m_DoesAcceptInput = false;
}
void cSha1Checksum::DigestToJava(const Checksum & a_Digest, AString & a_Out)
{
Checksum Digest;
memcpy(Digest, a_Digest, sizeof(Digest));
bool IsNegative = (Digest[0] >= 0x80);
if (IsNegative)
{
// Two's complement:
bool carry = true; // Add one to the whole number
for (int i = 19; i >= 0; i--)
{
Digest[i] = ~Digest[i];
if (carry)
{
carry = (Digest[i] == 0xff);
Digest[i]++;
}
}
}
a_Out.clear();
a_Out.reserve(40);
for (int i = 0; i < 20; i++)
{
AppendPrintf(a_Out, "%02x", Digest[i]);
}
while ((a_Out.length() > 0) && (a_Out[0] == '0'))
{
a_Out.erase(0, 1);
}
if (IsNegative)
{
a_Out.insert(0, "-");
}
}
void cSha1Checksum::Restart(void)
{
sha1_starts(&m_Sha1);
m_DoesAcceptInput = true;
}

52
src/PolarSSL++/Sha1Checksum.h Normal file
View File

@ -0,0 +1,52 @@
// Sha1Checksum.h
// Declares the cSha1Checksum class representing the SHA-1 checksum calculator
#pragma once
#include "polarssl/sha1.h"
/** Calculates a SHA1 checksum for data stream */
class cSha1Checksum
{
public:
typedef Byte Checksum[20]; // The type used for storing the checksum
cSha1Checksum(void);
/** Adds the specified data to the checksum */
void Update(const Byte * a_Data, size_t a_Length);
/** Calculates and returns the final checksum */
void Finalize(Checksum & a_Output);
/** Returns true if the object is accepts more input data, false if Finalize()-d (need to Restart()) */
bool DoesAcceptInput(void) const { return m_DoesAcceptInput; }
/** Converts a raw 160-bit SHA1 digest into a Java Hex representation
According to http://wiki.vg/wiki/index.php?title=Protocol_Encryption&oldid=2802
*/
static void DigestToJava(const Checksum & a_Digest, AString & a_JavaOut);
/** Clears the current context and start a new checksum calculation */
void Restart(void);
protected:
/** True if the object is accepts more input data, false if Finalize()-d (need to Restart()) */
bool m_DoesAcceptInput;
sha1_context m_Sha1;
} ;

18
src/Protocol/Protocol132.cpp
View File

@ -18,19 +18,7 @@
#include "../WorldStorage/FastNBT.h"
#include "../WorldStorage/EnchantmentSerializer.h"
#include "../StringCompression.h"
#ifdef _MSC_VER
#pragma warning(push)
#pragma warning(disable:4127)
#pragma warning(disable:4244)
#pragma warning(disable:4231)
#pragma warning(disable:4189)
#pragma warning(disable:4702)
#endif
#ifdef _MSC_VER
#pragma warning(pop)
#endif
#include "PolarSSL++/Sha1Checksum.h"
@ -876,7 +864,7 @@ void cProtocol132::StartEncryption(const Byte * a_Key)
m_IsEncrypted = true;
// Prepare the m_AuthServerID:
cSHA1Checksum Checksum;
cSha1Checksum Checksum;
cServer * Server = cRoot::Get()->GetServer();
AString ServerID = Server->GetServerID();
Checksum.Update((const Byte *)ServerID.c_str(), ServerID.length());
@ -884,7 +872,7 @@ void cProtocol132::StartEncryption(const Byte * a_Key)
Checksum.Update((const Byte *)Server->GetPublicKeyDER().data(), Server->GetPublicKeyDER().size());
Byte Digest[20];
Checksum.Finalize(Digest);
cSHA1Checksum::DigestToJava(Digest, m_AuthServerID);
cSha1Checksum::DigestToJava(Digest, m_AuthServerID);
}

7
src/Protocol/Protocol132.h
View File

@ -24,7 +24,8 @@
#pragma warning(pop)
#endif
#include "../Crypto.h"
#include "PolarSSL++/AesCfb128Decryptor.h"
#include "PolarSSL++/AesCfb128Encryptor.h"
@ -79,8 +80,8 @@ public:
protected:
bool m_IsEncrypted;
cAESCFBDecryptor m_Decryptor;
cAESCFBEncryptor m_Encryptor;
cAesCfb128Decryptor m_Decryptor;
cAesCfb128Encryptor m_Encryptor;
AString m_DataToSend;

5
src/Protocol/Protocol17x.cpp
View File

@ -33,6 +33,7 @@ Implements the 1.7.x protocol classes:
#include "../CompositeChat.h"
#include "../Entities/ArrowEntity.h"
#include "../Entities/FireworkEntity.h"
#include "PolarSSL++/Sha1Checksum.h"
@ -2293,7 +2294,7 @@ void cProtocol172::StartEncryption(const Byte * a_Key)
m_IsEncrypted = true;
// Prepare the m_AuthServerID:
cSHA1Checksum Checksum;
cSha1Checksum Checksum;
cServer * Server = cRoot::Get()->GetServer();
const AString & ServerID = Server->GetServerID();
Checksum.Update((const Byte *)ServerID.c_str(), ServerID.length());
@ -2301,7 +2302,7 @@ void cProtocol172::StartEncryption(const Byte * a_Key)
Checksum.Update((const Byte *)Server->GetPublicKeyDER().data(), Server->GetPublicKeyDER().size());
Byte Digest[20];
Checksum.Finalize(Digest);
cSHA1Checksum::DigestToJava(Digest, m_AuthServerID);
cSha1Checksum::DigestToJava(Digest, m_AuthServerID);
}

7
src/Protocol/Protocol17x.h
View File

@ -30,7 +30,8 @@ Declares the 1.7.x protocol classes:
#pragma warning(pop)
#endif
#include "../Crypto.h"
#include "PolarSSL++/AesCfb128Decryptor.h"
#include "PolarSSL++/AesCfb128Encryptor.h"
@ -236,8 +237,8 @@ protected:
bool m_IsEncrypted;
cAESCFBDecryptor m_Decryptor;
cAESCFBEncryptor m_Encryptor;
cAesCfb128Decryptor m_Decryptor;
cAesCfb128Decryptor m_Encryptor;
/** The logfile where the comm is logged, when g_ShouldLogComm is true */
cFile m_CommLogFile;