Lanmikeman/Launcher
1
1
Fork 0
mirror of https://github.com/GravitLauncher/Launcher synced 2024-12-22 16:41:46 +03:00
Code Issues Projects Releases Packages Wiki Activity

[FEATURE] AuthRSAPassword AuthAESPassword

Browse source
This commit is contained in:
Gravita 2021-04-07 15:20:09 +07:00
parent 70c2e1c1af
commit 7015d45088
6 changed files with 98 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

61
LaunchServer/src/main/java/pro/gravit/launchserver/socket/response/auth/AuthResponse.java
View file

@ -3,8 +3,8 @@
import io.netty.channel.ChannelHandlerContext;
import pro.gravit.launcher.events.request.AuthRequestEvent;
import pro.gravit.launcher.request.auth.AuthRequest;
import pro.gravit.launcher.request.auth.password.AuthECPassword;
import pro.gravit.launcher.request.auth.password.AuthPlainPassword;
import pro.gravit.launcher.request.auth.password.*;
import pro.gravit.launchserver.LaunchServer;
import pro.gravit.launchserver.auth.AuthException;
import pro.gravit.launchserver.auth.AuthProviderPair;
import pro.gravit.launchserver.auth.provider.AuthProvider;
@ -20,6 +20,7 @@
import pro.gravit.utils.helper.VerifyHelper;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import java.security.SecureRandom;
import java.util.Random;
@ -49,14 +50,7 @@ public void execute(ChannelHandlerContext ctx, Client clientData) throws Excepti
AuthProvider.authError("Don't skip Launcher Update");
return;
}
if (password instanceof AuthECPassword) {
try {
password = new AuthPlainPassword(IOHelper.decode(SecurityHelper.decrypt(server.runtime.passwordEncryptKey
, ((AuthECPassword) password).password)));
} catch (IllegalBlockSizeException | BadPaddingException ignored) {
throw new AuthException("Password decryption error");
}
}
if (clientData.isAuth) {
if (LogHelper.isDevEnabled()) {
LogHelper.warning("Client %s double auth", clientData.username == null ? ip : clientData.username);
@ -75,6 +69,22 @@ public void execute(ChannelHandlerContext ctx, Client clientData) throws Excepti
AuthProvider provider = pair.provider;
server.authHookManager.preHook.hook(context, clientData);
provider.preAuth(login, password, ip);
if(password instanceof Auth2FAPassword) {
AuthPlainPassword first = decryptPassword(server, ((Auth2FAPassword) password).firstPassword);
AuthPlainPassword second = decryptPassword(server, ((Auth2FAPassword) password).secondPassword);
if(first != null) {
((Auth2FAPassword) password).firstPassword = first;
}
if(second != null) {
((Auth2FAPassword) password).secondPassword = second;
}
}
else {
AuthPlainPassword passwd = decryptPassword(server, password);
if(passwd != null) {
password = passwd;
}
}
AuthProviderResult aresult = provider.auth(login, password, ip);
if (!VerifyHelper.isValidUsername(aresult.username)) {
AuthProvider.authError(String.format("Illegal result: '%s'", aresult.username));
@ -120,6 +130,37 @@ public void execute(ChannelHandlerContext ctx, Client clientData) throws Excepti
}
}
@SuppressWarnings("deprecation")
public static AuthPlainPassword decryptPassword(LaunchServer server, AuthRequest.AuthPasswordInterface password) throws Exception {
if (password instanceof AuthECPassword) {
try {
return new AuthPlainPassword(IOHelper.decode(SecurityHelper.decrypt(server.runtime.passwordEncryptKey
, ((AuthECPassword) password).password)));
} catch (IllegalBlockSizeException | BadPaddingException ignored) {
throw new AuthException("Password decryption error");
}
}
if (password instanceof AuthAESPassword) {
try {
return new AuthPlainPassword(IOHelper.decode(SecurityHelper.decrypt(server.runtime.passwordEncryptKey
, ((AuthAESPassword) password).password)));
} catch (IllegalBlockSizeException | BadPaddingException ignored) {
throw new AuthException("Password decryption error");
}
}
if(password instanceof AuthRSAPassword) {
try {
Cipher cipher = SecurityHelper.newRSADecryptCipher(server.keyAgreementManager.rsaPrivateKey);
return new AuthPlainPassword(
IOHelper.decode(cipher.doFinal(((AuthRSAPassword) password).password))
);
} catch (IllegalBlockSizeException | BadPaddingException ignored) {
throw new AuthException("Password decryption error");
}
}
return null;
}
public enum ConnectTypes {
@Deprecated
SERVER,

7
LauncherAPI/src/main/java/pro/gravit/launcher/request/auth/AuthRequest.java
View file

@ -22,6 +22,7 @@ public final class AuthRequest extends Request<AuthRequestEvent> implements WebS
@LauncherNetworkAPI
private final ConnectTypes authType;
@Deprecated
public AuthRequest(String login, byte[] password) {
this.login = VerifyHelper.verify(login, VerifyHelper.NOT_EMPTY, "Login can't be empty");
this.password = new AuthECPassword(password.clone());
@ -30,7 +31,7 @@ public AuthRequest(String login, byte[] password) {
authType = ConnectTypes.CLIENT;
}
@Deprecated
public AuthRequest(String login, byte[] password, String auth_id) {
this.login = VerifyHelper.verify(login, VerifyHelper.NOT_EMPTY, "Login can't be empty");
this.password = new AuthECPassword(password.clone());
@ -39,6 +40,7 @@ public AuthRequest(String login, byte[] password, String auth_id) {
authType = ConnectTypes.CLIENT;
}
@Deprecated
public AuthRequest(String login, byte[] encryptedPassword, String auth_id, ConnectTypes authType) {
this.login = login;
this.password = new AuthECPassword(encryptedPassword.clone());
@ -63,10 +65,13 @@ public AuthRequest(String login, AuthPasswordInterface password, String auth_id,
this.authType = authType;
}
@SuppressWarnings("deprecation")
public static void registerProviders() {
if (!registerProviders) {
providers.register("plain", AuthPlainPassword.class);
providers.register("rsa2", AuthRSAPassword.class);
providers.register("rsa", AuthECPassword.class);
providers.register("aes", AuthAESPassword.class);
providers.register("2fa", Auth2FAPassword.class);
providers.register("signature", AuthSignaturePassword.class);
providers.register("totp", AuthTOTPPassword.class);

18
LauncherAPI/src/main/java/pro/gravit/launcher/request/auth/password/AuthAESPassword.java Normal file
View file

@ -0,0 +1,18 @@
package pro.gravit.launcher.request.auth.password;
import pro.gravit.launcher.LauncherNetworkAPI;
import pro.gravit.launcher.request.auth.AuthRequest;
public class AuthAESPassword implements AuthRequest.AuthPasswordInterface {
@LauncherNetworkAPI
public final byte[] password;
public AuthAESPassword(byte[] aesEncryptedPassword) {
this.password = aesEncryptedPassword;
}
@Override
public boolean check() {
return true;
}
}

2
LauncherAPI/src/main/java/pro/gravit/launcher/request/auth/password/AuthECPassword.java
View file

@ -2,7 +2,7 @@
import pro.gravit.launcher.LauncherNetworkAPI;
import pro.gravit.launcher.request.auth.AuthRequest;
@Deprecated
public class AuthECPassword implements AuthRequest.AuthPasswordInterface {
@LauncherNetworkAPI
public final byte[] password;

16
LauncherAPI/src/main/java/pro/gravit/launcher/request/auth/password/AuthRSAPassword.java Normal file
View file

@ -0,0 +1,16 @@
package pro.gravit.launcher.request.auth.password;
import pro.gravit.launcher.request.auth.AuthRequest;
public class AuthRSAPassword implements AuthRequest.AuthPasswordInterface {
public final byte[] password;
public AuthRSAPassword(byte[] rsaEncryptedPassword) {
this.password = rsaEncryptedPassword;
}
@Override
public boolean check() {
return true;
}
}

6
LauncherAPI/src/main/java/pro/gravit/launcher/request/auth/password/AuthSignaturePassword.java
View file

@ -7,6 +7,12 @@ public class AuthSignaturePassword implements AuthRequest.AuthPasswordInterface
public byte[] publicKey;
public byte[] salt;
public AuthSignaturePassword(byte[] signature, byte[] publicKey, byte[] salt) {
this.signature = signature;
this.publicKey = publicKey;
this.salt = salt;
}
@Override
public boolean check() {
return true;